last executing test programs: 13.459615989s ago: executing program 3 (id=2116): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, &(0x7f0000000380)={0x5, 0x1, 0x8, 0x7, 0x5, 0x7fffffff, 0x8, 0x7, 0x3, 0x9, 0x9, 0x80003, 0x4, 0x200000000001, 0xb4, 0x9, 0x8, 0x10007, 0x7, 0x10000000000, 0x0, 0x3, 0x22000, 0x203, 0x8, 0x84, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, [0x0, 0x0, 0x9, 0x7fffffff, 0x0, 0xbb, 0x6, 0x2, 0x8, 0xfffffffffffffffd, 0x2, 0x3, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x3, 0x10000000000000, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffe, 0x4, 0x2, 0x1, 0x0, 0x9], "024128b4655138607d04696fa0903d4be5ae3cfc78eec62dfea09d894e2f78f16f15d16158a8aea0a7a3e6fd380fd4e72d3cae636e6a7e0d1e8886fd4132970eea800f9061509f9b375fe2419c6c61b1ba57c7bcd3090e22c2b9b8d14cdc8c0770c83198f11924a0c7348c8d66aa9603e10f9031cfd4b960966d07148b8b8b7dfda1c267c4dc75dff514bd42a94930b7a4c1113ee3a17c86c331"}, 0x81, 0x968c) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000e3d9) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/adsp1\x00', 0x101142, 0x0) mmap$auto(0x0, 0x9, 0x5, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0x4040ae77, 0x38) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(0x3, 0x0, 0x80) 11.576120445s ago: executing program 3 (id=2123): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) r0 = socket(0x2b, 0x1, 0x1) r1 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r1, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) munmap$auto(0x8000, 0xffffffff) getrandom$auto(0x0, 0x6000000, 0x3) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) 6.969215934s ago: executing program 3 (id=2133): sigaltstack$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0x2, 0x9, 0x939, 0x6) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3f) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) syz_clone3(&(0x7f0000000400)={0x1045100, 0x0, 0x0, 0x0, {0x31}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x39b8) sendfile$auto(r0, 0xffffffffffffffff, &(0x7f00000001c0)=0x3, 0xa) socket(0x2, 0x80002, 0x73) socket(0x1d, 0x2, 0x7) setsockopt$auto(0x3, 0x6b, 0x1, 0xffffffffffffffff, 0x211) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 6.789541619s ago: executing program 2 (id=2135): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'virt_wifi0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="68000091", @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r1, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r1, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000780)='/proc/sys/net/ipv6/neigh/virt_wifi0/retrans_time\x00', 0x101000, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x40000008000) syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NET_SET(0xffffffffffffffff, 0x0, 0x2) close_range$auto(0x2, 0x8, 0x0) 6.152163961s ago: executing program 2 (id=2138): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/block/nbd6/hctx0/tags_bitmap\x00', 0x60000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x1d, 0x2, 0x6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) socket(0xa, 0x1, 0x84) socket(0x2, 0x1, 0x0) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/trace_marker\x00', 0x0, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0xfffffffc, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, 0x0, 0x1f, 0x0) 6.03384257s ago: executing program 1 (id=2139): mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xfffffffd, 0x401bf, 0x7352, 0x3c, 0xfffff7ffffffffff, 0x1ffde, 0x5, 0xfffffffffffffff4, 0x2, 0x9, 0x9, 0x6, 0x8000000000000004, 0xb2, 0x80000000009, 0x6, 0x10003, 0xb, 0x4, 0x0, 0x8, 0x2000, 0x203, 0xfffffff9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7, 0xfffffffffffffffd, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x59e74468, 0x800000000, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x2, 0x0, 0x0, 0x7, 0x6, 0xffff]}, 0x1fe, 0xd) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf25030000000600070008000000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a00010000000000000000000600060040"], 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40000) ioctl$auto_I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000000380)="e7f84dc05cc7b6e77135ada4667230f056fb31402c103db892216de25036f7db96f7bf0288576dbc7ee39c5a6ffefc92bbad73941766fa550649c7b088973ad552f8747275444edeaa849b756a7771b28a7275d5256bd89494a5c3be87b858211bc1e692a4da539e886b3b") keyctl$auto(0x2000000000000017, 0x8000, 0x2d, 0xc4, 0x20803) write$auto(0xffffffffffffffff, 0x0, 0x7d) unshare$auto(0x40000080) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40000) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x1) r0 = socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) setsockopt$auto_SO_RCVTIMEO_NEW(r0, 0x1, 0x42, &(0x7f0000000040)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x10) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.582531012s ago: executing program 0 (id=2142): r0 = socket(0x21, 0x2, 0x2) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/reboot/cpu\x00', 0x4, 0x0) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x20282, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x9, 0x80}, "6a034a07c7b8edb8fc3b39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0x6}) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) ioctl$auto_UI_SET_SNDBIT(r2, 0x4004556a, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000003f00)=""/46, 0x2e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) swapon$auto(0x0, 0x8) sendfile$auto(r1, r1, &(0x7f0000000180), 0x6) setsockopt$auto_SO_PRIORITY(r1, 0x1, 0xc, &(0x7f0000000140)='+/$:/\x00', 0x1) shutdown$auto(0x200000003, 0x2) getsockopt$auto_SO_KEEPALIVE(r0, 0xfff, 0x9, &(0x7f0000000040)='!\x00', &(0x7f0000000080)) setsockopt$auto(0x3, 0x1000000110, 0x2, 0xffffffffffffffff, 0x1) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/net/ip6_flowlabel\x00', 0x42000, 0x0) read$auto_proc_reg_file_ops_compat_inode(r3, &(0x7f0000002100)=""/15, 0xf) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video24\x00', 0x82, 0x0) 5.517233231s ago: executing program 2 (id=2143): mmap$auto(0x2, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0xa, 0x5, 0x0) pipe$auto(0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x135e, 0x0, 0x0, 0x0, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0xea, 0x4020009, 0x800000000000df, 0xeb1, r1, 0x6) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x102, 0x0) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0) connect$auto(0x3, 0x0, 0x51) signalfd$auto(r0, 0x0, 0xcc0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) socket(0x2, 0x1, 0x106) 5.352024779s ago: executing program 1 (id=2144): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/tty/ttyx8/power/runtime_status\x00', 0x3e52c0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x25, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) socket(0xa, 0x2, 0x88) socket(0x2, 0x3, 0xa) socket(0x11, 0x80003, 0x2ff) socketpair$auto(0x8, 0x0, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0xc7f16bff2a10ba01, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) sendfile$auto(r0, r1, 0x0, 0x8) 5.342874644s ago: executing program 0 (id=2145): mmap$auto(0x0, 0x2020009, 0x8000000003, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r0 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x40400, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r0, 0x43403d05, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x400, 0x0) ioctl$auto(0x3, 0x541b, 0x38) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = memfd_secret$auto(0x0) fsetxattr$auto(r2, &(0x7f00000000c0)='/dev/snd/controlC0\x00', &(0x7f0000000280), 0x1, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = socket(0x15, 0x5, 0x0) socket(0x11, 0x3, 0x9) getsockopt$auto(r3, 0x114, 0x271b, 0xfffffffffffffffc, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) 4.954502438s ago: executing program 1 (id=2146): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x1a, 0x1, 0xfffffffe) mknod$auto(&(0x7f0000000080)='u[,&*}\x00\a\x00\x00\x00?\xa4\x1fN\xa1~5Z\xc7\r\f}M4\xa8m\xe6\x19[11\xab\xff-E\xac9(\xb4O\xa0t4h\x9f-gn\x1f\x01\x00\x00\x00\x00\x00\x00\x00\xaeR\x81\r_\x0e\x19\b\x85\bvv(e\xdax)\t\x15\xf6\xc8\xee\x04\x16\xc1\x9a!\x87I7\x8cD&zg\xb0a\xab|E\xde\x14\xee[\xc8\xc0\xa8Nh\x0f\xa3\xdbT\xb3\xb8\xd2F\xa0\xc4]\xaf\xc43&\xe4\x01\x05\xd2\x15\xf8\xf1!\x9d\x92\xbbH\xd3^aD\x87\xd8\xe7\xd2\xf3[r\xc5S&}D[\x97\xf1\xd9\xf8Y\x1c\x03\x84\xb4\xd7\x16\x19\xe5\x17\x10\xd8fcG:\xfbY8\x17w\x98?\x03@\xe5\x02\x05\x93h\xb9\xf7\xef\x84\x8aGlN\a\x1e\x00\x00\x00\x00\x00\x00\x00\xf1p\xeb\xe9(%\x89\xef\x85\xdfr\xce\x00\x00\x00\x00\xff\x00\xa2M\'d\x12\x1c\x12\xca\xa5_\x8d\xdf\xc5\x8d\x19?\xfc~\xb3X\x14\xa7\xa9M\x87\xfcTW\x1bR\xbci\x8d\x8aNEO\xb3~~\xa8\xa6\x894\x80;s\xb7\xa3V\x1b\x14|\x9e\xd4\x05\x85\x0f!\xab-E\'\x97Y\xb7\xe8fMv_\xf8\xa0S\xef\xb7\b\xe7!T.g\x92\x87\t$\x06\xa4\xfb\x83\x8c\x17^\x82\xe7\xd3\xf6q\x1a\xa0\xf82[W\x90\xdd\xe3\xde\xa9\xde\x94`-\x9a\x1e}\xebO*\xb85,v.\xfc5\xba?vlt\xda%\x06a\x15I\x1f\xe3\x05+\x810T2\xf9\x9b\xc7\xd1\t\x03\xf2\x8d\x8a\x90\xb54\bH<9\xf1\x91 D\x85g,\xaa\xca\xcd\xd5\xcb\x9a\xb1j\xf2F\xce\x14\x92\xf9\xd7\xec\xc5\x1e\x8aq2\xce\x881f\xd7\xd4\x9e\xf6\xb6P\x01\xe8T\xb5X\xb9d-I\xd6\x91\xc3\xe2\x88S\x82l=\x02t$p\t\x8cY\x06\r\x83\xb0\x86\xc6\x84\x1c\xce\xb6\xf0\xdfC\x9fj<\xfe\xa4\x1f\x82L\xe4\x13+H\x00\x00\x00\x00\x00\x00\x00\x01M\x16\xa0\xbeB6\xfb\xa2-\x17\x93Q\x9fKusl5\xa2$M\xb4\x18\x1db\xf3\xce\x8c\xe5Rna\xd5\xbbQ\xc7\xa7+\vH\xc1l\x1bIv\xe8_\x00', 0x1081, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020007, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x40002, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getrandom$auto(0x0, 0x6000000, 0x3) madvise$auto(0x0, 0xf663, 0x15) mmap$auto(0x0, 0x8, 0x9, 0xeb1, 0xffffffffffffffff, 0x8000) madvise$auto(0x0, 0x20499d, 0x9) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100cda4429629bd7100f9db5f2502000000"], 0x24}, 0x1, 0x0, 0x0, 0x404c0c0}, 0x80) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x3, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x8, 0x4008) mount$auto(&(0x7f0000000000)='wlan1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='\x00', 0x10, &(0x7f00000000c0)="3221daa2facf7661220d18d4e71517fbbfdb0a3c852ec5d17d013b2c723db3931b23e7cf46ba56cd5052f824b932eb925be1b69ae8f43b9644665c9728ff95d89c8a3f696f0883cdf756ef4324d7c977f81fbb1a874932a9c1302e8641954360fb6e48cf90c6cbdbfecef90038466352a3ac4acf272f9ed77289e6f3d0386036b98d1957645488793818eaeb8a67c255e2aa93") bind$auto(r0, 0x0, 0x68) 4.838380124s ago: executing program 3 (id=2147): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda1\x00', 0x4040, 0x0) fadvise64$auto(r0, 0x7fffffffffffffff, 0x400000040000005, 0x4) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, r1) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x64000}, 0x18800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x6, 0xffffffffffff0001, 0x15) close_range$auto(0xffffffffffffffff, 0x8, 0x0) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) pread64$auto(r2, 0x0, 0x800003, 0x270) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ttyt5\x00', 0x20102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000440), 0x0) mlockall$auto(0x7) prctl$auto(0x1d, 0xfffffffffffffffb, 0x8, 0x10000005, 0xfffffffffffffff9) ppoll$auto(&(0x7f0000001ac0)={0xffffffffffffffff, 0x9, 0x7}, 0x8, &(0x7f0000001b00)={0xf2, 0x9}, &(0x7f00000002c0)={0x10000}, 0x8) 4.354493407s ago: executing program 2 (id=2148): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000002340)='/dev/binderfs/binder0\x00', 0x0, 0x0) ioctl$auto_BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)='P') unshare$auto(0x40000080) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x1, 0x100) setsockopt$auto(0x400000000000003, 0x29, 0x1b, 0x0, 0x56b) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, &(0x7f00000003c0)) syz_clone(0x800000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x6, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000002) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) rt_tgsigqueueinfo$auto(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={@siginfo_0_0={0x6, 0xe, 0x5, @_sigchld={0x0, 0x0, 0x401, 0x5, 0x3}}}) mmap$auto(0x0, 0x2000d, 0x4080000200df, 0xeb1, 0x404, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x107, 0xc, 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x40) execve$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000100)=&(0x7f0000000080)='\xac\x00', &(0x7f0000000000)=&(0x7f0000000200)=' ') 3.847390248s ago: executing program 0 (id=2149): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) fadvise64$auto(r0, 0x7fff, 0x6, 0x1) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) r1 = fanotify_init$auto(0x1, 0x2) fanotify_mark$auto(r1, 0x205, 0x100002, 0x4, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/fs/cifs/LookupCacheEnabled\x00', 0x48041, 0x0) setrlimit$auto(0x7, &(0x7f0000001380)={0x5, 0x6}) socket(0x22, 0x1, 0x0) socketpair$auto(0x3, 0x5, 0x7, 0x0) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x8029, 0xca, 0x0, 0x567) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0x8138ae83, 0x0) 3.546724102s ago: executing program 2 (id=2150): mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) clock_gettime$auto(0xfffffffffffffff0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x2) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) write$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, &(0x7f0000000180)="f1deefed5ddf77c3086ac06f73353a35cf09d9cab432b2fc686eb8cfacf3f7e0d79f", 0x22) sysfs$auto(0x2, 0x0, 0x0) r1 = socket(0xa, 0x1, 0x84) getsockopt$auto(r1, 0x84, 0x4, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000440)='/sys/devices/virtual/misc/userfaultfd/power/control\x00', 0x668000, 0x0) socket(0x2, 0x1, 0x106) shutdown$auto(0x200000003, 0x2) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/block/ram3/trace/end_lba\x00', 0x2062, 0x0) write$auto(r2, 0x0, 0x98c7) recvmmsg$auto(0x3, 0x0, 0x10000, 0x3ff, 0x0) 3.425643751s ago: executing program 0 (id=2151): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0xb00, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0xa02, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r3, 0xc1105517, &(0x7f00000001c0)={{@inferred=0x0, 0x7, 0x101, 0x7, "aab8e80600080043529f895cf5e8ec8f46cbb766439daa41e1aa00000000001200000000070a00", @raw=0x2}, 0x6, 0x8, 0x6, @raw=0xd7, @enumerated={0x1, 0xffff, "3a451db75512bd3527fc812ba5063f658f3a83495f2f7e8b4b84d579e75c002e35796b745e9f1f32cbfbdc296577c42c2257f3cdba1288075707bcc50e018166", 0x10000000009e, 0x9}, "a4699d30a05edbe0d28473c399a7dc920b153e9b1675451d7de94b4123f970bedd3460c667373fcc59b584d81592f6ab606c276852295e00af49e6de6e768034"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REMOVE(r3, 0xc0405519, &(0x7f00000000c0)={@inferred=r4, 0x7, 0xd, 0xa4, "e3eabf11dce36a2eac9cb4682c339b3ce615a9b97386d4462bc6553245da56e4978f37368e849db4a6e0aa4e", @raw=0xa2cfa1c}) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) fsetxattr$auto(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x3) socket(0x2b, 0x1, 0x0) mmap$auto(0x4, 0x800, 0xd, 0x13, r0, 0xe280) ioctl$auto_TCSBRK2(r2, 0x5409, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/lru_gen_full\x00', 0x200001, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0x200007, 0x19) openat$auto_tracing_total_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/tracing/buffer_total_size_kb\x00', 0x472041, 0x0) 3.25664263s ago: executing program 1 (id=2152): socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4048800}, 0x2004c090) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8ef, 0x0, 0x0, 0xdec, 0x0) madvise$auto(0x0, 0x200007, 0x19) r0 = socket(0xa, 0x5, 0x84) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) setsockopt$auto_SO_TYPE(r0, 0x0, 0x3, &(0x7f0000000380)='!-\x00', 0x10) capset$auto(0x0, &(0x7f0000000000)={0x3, 0x7, 0x2}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nbd(&(0x7f00000027c0), 0xffffffffffffffff) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/self/pagemap\x00', 0x80800, 0x0) read$auto(r2, 0x0, 0x39b8) unshare$auto(0x340e) getdents$auto(0xffffffffffffffff, &(0x7f0000000180)={0xed, 0x63e, 0x1, "655bebb8559d5c0974fc71d92ea8f6f6cf7ad687b17ec1112870dc478cbb9ee6882909bf67c63b7a25fb21fb9bedafcdbf6c1562c93e316af2a0f77f06bcfb0bdbb42d1f73239ab752fe3322b7ca4e66e0549d518757244b137e8ef001feb803351bc6ce101fdf4e3ee8bf8ac3f8a21a2b414372ad5357cea6d6b954b24ade8b402686c2f0661993f270cf7e701fe0ba51ff7e9159d96c8ac54a2aba888c6fd8eee2ec80cded1cdb7acd780c3fe7ba"}, 0x2) 3.206660505s ago: executing program 3 (id=2153): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x42, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\x84q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa24X@\xadD\xf8\x9d\xf3 \xd2]\xc4\x13G\x1d\x04!\xc1\xeb.e$\xfb\xa3KU\xcf\xc1\x7fFD\x99\xf5v\v\x9dS\xc11P\xa3\xe9\xb0SqL\x85\xea\xb2\x9cY\x83.I\xca\x92\x1c\xc4\x13CV=\x92\x17c\x87iOt\x14On\x15=\v\xf0 \xc5\x8b~\xd6\xd4\xc7\xa3a\x1c\x06\x17\xb3\x88\x8c\xf1L\xba\x89a\xfd\xa5\xc6\x7fU\x00\xe5\x9b', 0x5) r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) fchdir$auto(r0) mkdir$auto(0x0, 0x2) bpf$auto_BPF_LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x11, 0x80003, 0xf) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) open$dir(0x0, 0x42, 0x20) select$auto(0xe, 0x0, 0x0, &(0x7f00000000c0)={[0x1ff, 0x6, 0x9, 0x1, 0x3, 0x6, 0x15f4da0a, 0xa, 0x3, 0x0, 0x7ffffffd, 0x7, 0x6d3f, 0x9, 0x1, 0x8000]}, 0x0) 2.096208912s ago: executing program 0 (id=2154): mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, r0, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0xa84, 0x80000001, 0xa, 0x0, 0x46) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) read$auto(0x3, 0x0, 0x400000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x2, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1c003b"], 0x1ac}, 0x1, 0x0, 0x0, 0x800}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.775440758s ago: executing program 1 (id=2155): mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) nanosleep$auto(0x0, 0x0) clock_nanosleep$auto(0x9, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) clock_gettime$auto(0x6, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xc00, 0x2c, 0x2c, 0x3, 0x2}) 640.138033ms ago: executing program 3 (id=2156): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) r0 = io_uring_setup$auto(0x89, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffff9}, 0x6, 0xe27c, 0x8) r1 = socket(0x2b, 0x1, 0x1) r2 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r2, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000040)="b38fc65a6042f2dc99df8ce9af2a56fcfe744238519bceaee0") munmap$auto(0x8000, 0xffffffff) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) 529.800412ms ago: executing program 0 (id=2157): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000000028000) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r1 = open$dir(&(0x7f0000000000)='./file0\x00', 0x42, 0x20) open_tree$auto(r1, 0x0, 0xa0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r2, 0x0, 0x20) socket$nl_generic(0x10, 0x3, 0x10) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) r3 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000180), 0x101, 0x0) ioctl$auto_SNAPSHOT_GET_IMAGE_SIZE(r3, 0x8008330e, 0x0) accept$auto(r2, 0x0, 0x0) write$auto(0xca, 0x0, 0x10) r4 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event1\x00', 0x8000, 0x0) ioctl$auto_EVIOCSMASK(r4, 0x40104593, 0x0) socket(0x10, 0x3, 0x0) symlink$auto(&(0x7f0000000140)='./file0/file0\x00', 0x0) 154.530587ms ago: executing program 1 (id=2158): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/dummy_hcd.3/usb4/4-0:1.0/authorized\x00', 0x10b142, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000200), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_DEL_RADIO(r1, &(0x7f0000003bc0)={0x0, 0x0, &(0x7f0000003b80)={&(0x7f0000003980)={0x24, r0, 0x5, 0x70bd26, 0x25dfdbfd, {}, [@HWSIM_ATTR_RADIO_NAME={0xd, 0x11, '/dev/fb1\x00'}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0xc044) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000980), r2) sendmsg$auto_TIPC_NL_MEDIA_SET(r2, &(0x7f000000a4c0)={0x0, 0x0, &(0x7f000000a480)={&(0x7f0000009800)={0x18, r3, 0x1, 0x70bd29, 0x25dfdbff, {}, [@TIPC_NLA_MEDIA={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000}, 0x20000048) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0xf, 0x3, 0x7c) readlinkat$auto(0x1, 0x0, 0x0, 0x16a) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) fstatfs$auto(0x3, 0x0) ioctl$auto(r4, 0x4b67, 0x1) 0s ago: executing program 2 (id=2159): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x52b841, 0x0) sendmsg$auto_ETHTOOL_MSG_FEC_SET(0xffffffffffffffff, 0x0, 0x20004000) unshare$auto(0x40000080) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x0, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x6a) socket(0xa, 0x2, 0x88) madvise$auto(0x0, 0xffffffffffff0004, 0x19) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise$auto(0x0, 0x200007, 0x8) recvmmsg$auto(0x3, 0x0, 0xfff, 0x2, 0x0) shutdown$auto(0x200000003, 0x2) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x2, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): andle_mm_fault+0x14fd/0x2a50 [ 427.710578][T10486] __handle_mm_fault+0x152a/0x2a50 [ 427.710626][T10486] ? __pfx___handle_mm_fault+0x10/0x10 [ 427.710664][T10486] ? __pte_offset_map_lock+0x174/0x310 [ 427.710713][T10486] ? find_held_lock+0x2b/0x80 [ 427.710760][T10486] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 427.710824][T10486] handle_mm_fault+0x589/0xd10 [ 427.710868][T10486] __get_user_pages+0x551/0x34a0 [ 427.710933][T10486] ? down_read_killable+0x220/0x4b0 [ 427.710987][T10486] ? __pfx___get_user_pages+0x10/0x10 [ 427.711052][T10486] faultin_page_range+0x338/0x940 [ 427.711117][T10486] madvise_do_behavior+0x34c/0x530 [ 427.711172][T10486] ? __pfx_madvise_do_behavior+0x10/0x10 [ 427.711224][T10486] ? down_read+0x13d/0x480 [ 427.711295][T10486] do_madvise+0x176/0x240 [ 427.711350][T10486] ? __pfx_do_madvise+0x10/0x10 [ 427.711396][T10486] ? do_futex+0x122/0x350 [ 427.711469][T10486] ? xfd_validate_state+0x61/0x180 [ 427.711518][T10486] ? __pfx_do_writev+0x10/0x10 [ 427.711563][T10486] __x64_sys_madvise+0xa9/0x110 [ 427.711611][T10486] ? lockdep_hardirqs_on+0x7c/0x110 [ 427.711654][T10486] do_syscall_64+0xcd/0x490 [ 427.711703][T10486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.711737][T10486] RIP: 0033:0x7ff88358ebe9 [ 427.711764][T10486] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.711798][T10486] RSP: 002b:00007ff884367038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 427.711830][T10486] RAX: ffffffffffffffda RBX: 00007ff8837b5fa0 RCX: 00007ff88358ebe9 [ 427.711851][T10486] RDX: 0000000000000017 RSI: 0000000000100000 RDI: 0000000000000000 [ 427.711871][T10486] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 427.711892][T10486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 427.711911][T10486] R13: 00007ff8837b6038 R14: 00007ff8837b5fa0 R15: 00007ffed5f33ca8 [ 427.711956][T10486] [ 428.357967][T10498] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1235'. [ 428.358335][T10500] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1236'. [ 428.641820][T10510] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1238'. [ 429.920964][T10533] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1250'. [ 431.016096][T10549] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1245'. [ 431.056479][T10552] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1245'. [ 431.334764][T10549] netlink: 290 bytes leftover after parsing attributes in process `syz.0.1245'. [ 431.353472][T10549] veth0_macvtap: left promiscuous mode [ 431.384680][T10552] netlink: 290 bytes leftover after parsing attributes in process `syz.0.1245'. [ 431.405037][T10552] veth0_macvtap: entered promiscuous mode [ 432.650504][T10564] FAULT_INJECTION: forcing a failure. [ 432.650504][T10564] name fail_futex, interval 1, probability 0, space 0, times 0 [ 432.703896][T10564] CPU: 1 UID: 0 PID: 10564 Comm: syz.2.1249 Not tainted syzkaller #0 PREEMPT(full) [ 432.703942][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 432.703963][T10564] Call Trace: [ 432.703973][T10564] [ 432.703985][T10564] dump_stack_lvl+0x16c/0x1f0 [ 432.704038][T10564] should_fail_ex+0x512/0x640 [ 432.704094][T10564] get_futex_key+0x1d0/0x1560 [ 432.704141][T10564] ? __pfx_get_futex_key+0x10/0x10 [ 432.704188][T10564] ? stack_trace_save+0x8e/0xc0 [ 432.704231][T10564] futex_wait_setup+0x9d/0x550 [ 432.704292][T10564] __futex_wait+0x194/0x2f0 [ 432.704346][T10564] ? __pfx___futex_wait+0x10/0x10 [ 432.704404][T10564] ? __pfx_futex_wake_mark+0x10/0x10 [ 432.704462][T10564] ? futex_private_hash_put+0x176/0x300 [ 432.704506][T10564] ? futex_private_hash_put+0x18a/0x300 [ 432.704550][T10564] futex_wait+0xe8/0x380 [ 432.704599][T10564] ? __pfx_futex_wait+0x10/0x10 [ 432.704674][T10564] do_futex+0x229/0x350 [ 432.704727][T10564] ? __pfx_do_futex+0x10/0x10 [ 432.704775][T10564] ? __pfx___might_resched+0x10/0x10 [ 432.704815][T10564] __x64_sys_futex+0x1e0/0x4c0 [ 432.704861][T10564] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 432.704904][T10564] ? __pfx___x64_sys_futex+0x10/0x10 [ 432.704951][T10564] ? __pfx___do_sys_close_range+0x10/0x10 [ 432.705007][T10564] do_syscall_64+0xcd/0x490 [ 432.705057][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.705091][T10564] RIP: 0033:0x7fed27b8ebe9 [ 432.705117][T10564] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.705152][T10564] RSP: 002b:00007fed2896b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 432.705184][T10564] RAX: ffffffffffffffda RBX: 00007fed27db6098 RCX: 00007fed27b8ebe9 [ 432.705207][T10564] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fed27db6098 [ 432.705227][T10564] RBP: 00007fed27db6090 R08: 0000000000000000 R09: 0000000000000000 [ 432.705249][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 432.705269][T10564] R13: 00007fed27db6128 R14: 00007ffdf53791c0 R15: 00007ffdf53792a8 [ 432.705313][T10564] [ 434.195266][T10600] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1259'. [ 434.218750][T10600] netlink: 13 bytes leftover after parsing attributes in process `syz.2.1259'. [ 434.281781][T10602] HfR: entered promiscuous mode [ 434.342676][T10602] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1260'. [ 434.375195][T10602] openvswitch: HfR: Dropping previously announced user features [ 435.727150][T10613] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input11 [ 437.301847][T10633] netlink: 246 bytes leftover after parsing attributes in process `syz.0.1266'. [ 437.535041][T10631] ERROR: Out of memory at tomoyo_memory_ok. [ 438.549739][T10653] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 438.577337][T10653] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 439.651244][T10669] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 439.658345][T10669] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 440.482339][T10682] FAULT_INJECTION: forcing a failure. [ 440.482339][T10682] name failslab, interval 1, probability 0, space 0, times 0 [ 440.558342][T10682] CPU: 0 UID: 0 PID: 10682 Comm: syz.1.1281 Not tainted syzkaller #0 PREEMPT(full) [ 440.558379][T10682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 440.558395][T10682] Call Trace: [ 440.558402][T10682] [ 440.558412][T10682] dump_stack_lvl+0x16c/0x1f0 [ 440.558449][T10682] should_fail_ex+0x512/0x640 [ 440.558484][T10682] ? __build_skb_around+0x278/0x3b0 [ 440.558521][T10682] should_failslab+0xc2/0x120 [ 440.558554][T10682] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 440.558582][T10682] ? sctp_bind_addrs_to_raw+0x2c9/0x3e0 [ 440.558607][T10682] ? sctp_chunkify+0x51/0x2d0 [ 440.558634][T10682] sctp_chunkify+0x51/0x2d0 [ 440.558658][T10682] _sctp_make_chunk+0x148/0x270 [ 440.558684][T10682] sctp_make_control+0x2f/0x2d0 [ 440.558708][T10682] sctp_make_init+0x6f0/0xdc0 [ 440.558741][T10682] ? __pfx_sctp_make_init+0x10/0x10 [ 440.558767][T10682] ? kernel_text_address+0x8d/0x100 [ 440.558789][T10682] ? fib_lookup.constprop.0+0x214/0x530 [ 440.558818][T10682] ? unwind_get_return_address+0x59/0xa0 [ 440.558843][T10682] ? arch_stack_walk+0xa6/0x100 [ 440.558871][T10682] ? sctp_sm_lookup_event+0x15b/0x570 [ 440.558897][T10682] ? __pfx_sctp_sm_lookup_event+0x10/0x10 [ 440.558954][T10682] sctp_sf_do_prm_asoc+0xbf/0x360 [ 440.559005][T10682] ? __pfx_sctp_pname+0x10/0x10 [ 440.559040][T10682] sctp_do_sm+0x17e/0x5c80 [ 440.559103][T10682] ? kasan_save_stack+0x42/0x60 [ 440.559141][T10682] ? kasan_save_stack+0x33/0x60 [ 440.559177][T10682] ? kasan_save_track+0x14/0x30 [ 440.559212][T10682] ? __pfx_sctp_do_sm+0x10/0x10 [ 440.559268][T10682] ? sctp_sendmsg+0xea2/0x1e10 [ 440.559316][T10682] ? ____sys_sendmsg+0x973/0xc70 [ 440.559345][T10682] ? ___sys_sendmsg+0x134/0x1d0 [ 440.559387][T10682] ? __sys_sendmmsg+0x200/0x420 [ 440.559430][T10682] ? __x64_sys_sendmmsg+0x9c/0x100 [ 440.559474][T10682] ? do_syscall_64+0xcd/0x490 [ 440.559570][T10682] ? sk_leave_memory_pressure+0xdd/0x130 [ 440.559606][T10682] ? __sk_mem_raise_allocated+0x94d/0x1670 [ 440.559667][T10682] sctp_primitive_ASSOCIATE+0x9c/0xd0 [ 440.559727][T10682] sctp_sendmsg_to_asoc+0xa45/0x1bf0 [ 440.559773][T10682] ? sctp_assoc_set_primary+0x177/0x300 [ 440.559821][T10682] ? sctp_assoc_add_peer+0x252/0x1550 [ 440.559878][T10682] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 440.559922][T10682] ? sctp_connect_new_asoc+0x41e/0x770 [ 440.559993][T10682] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 440.560053][T10682] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 440.560109][T10682] sctp_sendmsg+0xea2/0x1e10 [ 440.560172][T10682] ? __pfx_sctp_sendmsg+0x10/0x10 [ 440.560221][T10682] ? __pfx___might_resched+0x10/0x10 [ 440.560254][T10682] ? do_user_addr_fault+0x843/0x1370 [ 440.560318][T10682] ? aa_sk_perm+0x2f4/0xb10 [ 440.560367][T10682] ? __pfx_aa_sk_perm+0x10/0x10 [ 440.560424][T10682] ? __pfx_sctp_sendmsg+0x10/0x10 [ 440.560474][T10682] inet_sendmsg+0x11c/0x140 [ 440.560512][T10682] ____sys_sendmsg+0x973/0xc70 [ 440.560548][T10682] ? __pfx_____sys_sendmsg+0x10/0x10 [ 440.560586][T10682] ? find_held_lock+0x2b/0x80 [ 440.560621][T10682] ? futex_unqueue+0x133/0x2c0 [ 440.560668][T10682] ___sys_sendmsg+0x134/0x1d0 [ 440.560716][T10682] ? __pfx____sys_sendmsg+0x10/0x10 [ 440.560785][T10682] ? find_held_lock+0x2b/0x80 [ 440.560846][T10682] __sys_sendmmsg+0x200/0x420 [ 440.560898][T10682] ? __pfx___sys_sendmmsg+0x10/0x10 [ 440.560974][T10682] ? __pfx_do_futex+0x10/0x10 [ 440.561040][T10682] ? __pfx___x64_sys_futex+0x10/0x10 [ 440.561085][T10682] ? xfd_validate_state+0x61/0x180 [ 440.561145][T10682] __x64_sys_sendmmsg+0x9c/0x100 [ 440.561191][T10682] ? lockdep_hardirqs_on+0x7c/0x110 [ 440.561235][T10682] do_syscall_64+0xcd/0x490 [ 440.561284][T10682] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.561318][T10682] RIP: 0033:0x7f8dcf18ebe9 [ 440.561345][T10682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 440.561378][T10682] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 440.561410][T10682] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 440.561432][T10682] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000005 [ 440.561452][T10682] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 440.561472][T10682] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 440.561492][T10682] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 440.561534][T10682] [ 441.792177][T10686] ERROR: Out of memory at tomoyo_memory_ok. [ 441.977751][T10685] ERROR: Out of memory at tomoyo_memory_ok. [ 443.199226][T10700] random: crng reseeded on system resumption [ 443.227751][ T4090] ERROR: Out of memory at tomoyo_memory_ok. [ 443.251992][ T13] ERROR: Out of memory at tomoyo_memory_ok. [ 444.614614][T10712] FAULT_INJECTION: forcing a failure. [ 444.614614][T10712] name failslab, interval 1, probability 0, space 0, times 0 [ 444.681519][T10712] CPU: 0 UID: 0 PID: 10712 Comm: syz.1.1288 Not tainted syzkaller #0 PREEMPT(full) [ 444.681562][T10712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 444.681582][T10712] Call Trace: [ 444.681593][T10712] [ 444.681604][T10712] dump_stack_lvl+0x16c/0x1f0 [ 444.681653][T10712] should_fail_ex+0x512/0x640 [ 444.681700][T10712] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 444.681740][T10712] should_failslab+0xc2/0x120 [ 444.681785][T10712] __kmalloc_cache_noprof+0x6a/0x3e0 [ 444.681818][T10712] ? find_held_lock+0x2b/0x80 [ 444.681849][T10712] ? alloc_fdtable+0xbd/0x2d0 [ 444.681897][T10712] alloc_fdtable+0xbd/0x2d0 [ 444.681933][T10712] dup_fd+0x83b/0xb90 [ 444.681975][T10712] ? apparmor_task_alloc+0x2c2/0x3b0 [ 444.682017][T10712] copy_process+0x230c/0x7690 [ 444.682062][T10712] ? __pfx___futex_wait+0x10/0x10 [ 444.682128][T10712] ? __pfx_copy_process+0x10/0x10 [ 444.682170][T10712] ? futex_private_hash_put+0x176/0x300 [ 444.682221][T10712] ? futex_private_hash_put+0x18a/0x300 [ 444.682270][T10712] kernel_clone+0xfc/0x930 [ 444.682315][T10712] ? __pfx_kernel_clone+0x10/0x10 [ 444.682383][T10712] __do_sys_clone+0xce/0x120 [ 444.682426][T10712] ? __pfx___do_sys_clone+0x10/0x10 [ 444.682490][T10712] ? xfd_validate_state+0x61/0x180 [ 444.682556][T10712] do_syscall_64+0xcd/0x490 [ 444.682605][T10712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 444.682723][T10712] RIP: 0033:0x7f8dcf18ebe9 [ 444.682753][T10712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 444.682787][T10712] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 444.682819][T10712] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 444.682841][T10712] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000001 [ 444.682858][T10712] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 444.682877][T10712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 444.682896][T10712] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 444.682938][T10712] [ 445.527065][ T51] Bluetooth: hci1: Malformed Event: 0x02 [ 446.211770][T10732] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1294'. [ 446.253227][T10732] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1294'. [ 448.101534][T10714] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 448.122529][T10714] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 448.180670][T10714] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 448.188205][T10714] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 448.891107][T10757] ERROR: Out of memory at tomoyo_memory_ok. [ 448.902224][T10763] ERROR: Out of memory at tomoyo_memory_ok. [ 450.177765][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 450.177818][ T5873] Bluetooth: hci2: command 0x0c1a tx timeout [ 450.247066][ T5873] Bluetooth: hci3: command 0x0c1a tx timeout [ 450.253281][ T5873] Bluetooth: hci0: command 0x0c1a tx timeout [ 450.529480][T10769] zswap: compressor not available [ 450.822822][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 450.829372][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 453.608374][T10804] ERROR: Out of memory at tomoyo_memory_ok. [ 454.597791][T10808] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1311'. [ 455.192578][T10814] ERROR: Out of memory at tomoyo_memory_ok. [ 455.388667][T10822] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 455.396055][T10822] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 456.054971][T10842] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1322'. [ 461.300907][T10891] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1333'. [ 463.844061][T10918] FAULT_INJECTION: forcing a failure. [ 463.844061][T10918] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 463.897482][T10918] CPU: 0 UID: 0 PID: 10918 Comm: syz.1.1343 Not tainted syzkaller #0 PREEMPT(full) [ 463.897526][T10918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 463.897547][T10918] Call Trace: [ 463.897558][T10918] [ 463.897571][T10918] dump_stack_lvl+0x16c/0x1f0 [ 463.897621][T10918] should_fail_ex+0x512/0x640 [ 463.897675][T10918] _copy_from_user+0x2e/0xd0 [ 463.897732][T10918] get_timespec64+0x8b/0x1b0 [ 463.897774][T10918] ? __pfx_get_timespec64+0x10/0x10 [ 463.897828][T10918] __x64_sys_utimensat+0x17a/0x290 [ 463.897874][T10918] ? __do_sys_openat2+0x1c8/0x2d0 [ 463.897927][T10918] ? __pfx___x64_sys_utimensat+0x10/0x10 [ 463.897989][T10918] do_syscall_64+0xcd/0x490 [ 463.898039][T10918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 463.898073][T10918] RIP: 0033:0x7f8dcf18ebe9 [ 463.898099][T10918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.898132][T10918] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000118 [ 463.898165][T10918] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 463.898195][T10918] RDX: 0000200000001400 RSI: 0000000000000000 RDI: ffffffffffffffff [ 463.898217][T10918] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 463.898238][T10918] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 463.898259][T10918] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 463.898303][T10918] [ 465.907345][T10928] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 465.977782][ T5218] ERROR: Out of memory at tomoyo_memory_ok. [ 466.953906][T10946] FAULT_INJECTION: forcing a failure. [ 466.953906][T10946] name failslab, interval 1, probability 0, space 0, times 0 [ 466.966816][T10946] CPU: 1 UID: 0 PID: 10946 Comm: syz.0.1350 Not tainted syzkaller #0 PREEMPT(full) [ 466.966860][T10946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 466.966881][T10946] Call Trace: [ 466.966893][T10946] [ 466.966907][T10946] dump_stack_lvl+0x16c/0x1f0 [ 466.966979][T10946] should_fail_ex+0x512/0x640 [ 466.967027][T10946] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 466.967069][T10946] should_failslab+0xc2/0x120 [ 466.967115][T10946] __kmalloc_cache_noprof+0x6a/0x3e0 [ 466.967152][T10946] ? trace_pid_list_alloc+0x1b0/0x3f0 [ 466.967204][T10946] trace_pid_list_alloc+0x1b0/0x3f0 [ 466.967255][T10946] trace_pid_write+0x10e/0x480 [ 466.967311][T10946] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 466.967361][T10946] ? __pfx_trace_pid_write+0x10/0x10 [ 466.967413][T10946] ? __pfx___mutex_lock+0x10/0x10 [ 466.967456][T10946] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 466.967532][T10946] event_pid_write.isra.0+0x1e4/0x7f0 [ 466.967583][T10946] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 466.967642][T10946] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 466.967687][T10946] vfs_write+0x2a0/0x11d0 [ 466.967733][T10946] ? __pfx___mutex_lock+0x10/0x10 [ 466.967779][T10946] ? __pfx_vfs_write+0x10/0x10 [ 466.967822][T10946] ? __fget_files+0x20e/0x3c0 [ 466.967863][T10946] ksys_write+0x12a/0x250 [ 466.967895][T10946] ? __pfx_ksys_write+0x10/0x10 [ 466.967937][T10946] do_syscall_64+0xcd/0x490 [ 466.967985][T10946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.968013][T10946] RIP: 0033:0x7ff88358ebe9 [ 466.968035][T10946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 466.968063][T10946] RSP: 002b:00007ff884367038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 466.968090][T10946] RAX: ffffffffffffffda RBX: 00007ff8837b5fa0 RCX: 00007ff88358ebe9 [ 466.968108][T10946] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 466.968125][T10946] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 466.968141][T10946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.968158][T10946] R13: 00007ff8837b6038 R14: 00007ff8837b5fa0 R15: 00007ffed5f33ca8 [ 466.968193][T10946] [ 470.255654][T10980] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1359'. [ 471.269832][T10994] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1361'. [ 471.667763][T10998] FAULT_INJECTION: forcing a failure. [ 471.667763][T10998] name failslab, interval 1, probability 0, space 0, times 0 [ 471.687052][T10998] CPU: 1 UID: 0 PID: 10998 Comm: syz.1.1362 Not tainted syzkaller #0 PREEMPT(full) [ 471.687098][T10998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 471.687119][T10998] Call Trace: [ 471.687130][T10998] [ 471.687142][T10998] dump_stack_lvl+0x16c/0x1f0 [ 471.687193][T10998] should_fail_ex+0x512/0x640 [ 471.687241][T10998] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 471.687290][T10998] should_failslab+0xc2/0x120 [ 471.687337][T10998] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 471.687380][T10998] ? radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 471.687424][T10998] radix_tree_node_alloc.constprop.0+0x7c/0x350 [ 471.687473][T10998] radix_tree_insert+0x247/0x630 [ 471.687522][T10998] qrtr_node_enqueue+0x1077/0x12e0 [ 471.687581][T10998] ? __asan_memcpy+0x3c/0x60 [ 471.687625][T10998] ? __pfx_qrtr_node_enqueue+0x10/0x10 [ 471.687675][T10998] ? skb_set_owner_w+0x31f/0x710 [ 471.687713][T10998] ? skb_copy_header+0x20/0x2b0 [ 471.687754][T10998] ? __pfx_skb_set_owner_w+0x10/0x10 [ 471.687793][T10998] ? __pskb_copy_fclone+0x48e/0xb50 [ 471.687844][T10998] ? __pfx__copy_from_iter+0x10/0x10 [ 471.687907][T10998] qrtr_bcast_enqueue+0xc7/0x1b0 [ 471.687975][T10998] qrtr_sendmsg+0x444/0x7b0 [ 471.688026][T10998] ? __pfx_qrtr_bcast_enqueue+0x10/0x10 [ 471.688076][T10998] ? __pfx_qrtr_sendmsg+0x10/0x10 [ 471.688131][T10998] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 471.688181][T10998] sock_write_iter+0x4ff/0x5b0 [ 471.688215][T10998] ? __pfx_sock_write_iter+0x10/0x10 [ 471.688266][T10998] ? __futex_wait+0x24c/0x2f0 [ 471.688328][T10998] ? copy_iovec_from_user+0x131/0x170 [ 471.688396][T10998] do_iter_readv_writev+0x65f/0x9e0 [ 471.688438][T10998] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 471.688483][T10998] ? bpf_lsm_file_permission+0x9/0x10 [ 471.688561][T10998] ? security_file_permission+0x71/0x210 [ 471.688622][T10998] ? rw_verify_area+0xcf/0x6c0 [ 471.688660][T10998] vfs_writev+0x35f/0xde0 [ 471.688703][T10998] ? __lock_acquire+0x62e/0x1ce0 [ 471.688752][T10998] ? __pfx_vfs_writev+0x10/0x10 [ 471.688822][T10998] ? __fget_files+0x20e/0x3c0 [ 471.688870][T10998] ? do_writev+0x28c/0x340 [ 471.688903][T10998] do_writev+0x28c/0x340 [ 471.688940][T10998] ? __pfx_do_writev+0x10/0x10 [ 471.688990][T10998] do_syscall_64+0xcd/0x490 [ 471.689039][T10998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 471.689073][T10998] RIP: 0033:0x7f8dcf18ebe9 [ 471.689099][T10998] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 471.689133][T10998] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 471.689165][T10998] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 471.689188][T10998] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 471.689209][T10998] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 471.689229][T10998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 471.689250][T10998] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 471.689294][T10998] [ 472.233168][T11000] openvswitch: netlink: Message has 8 unknown bytes. [ 477.203155][T11063] program syz.3.1378 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 478.189584][T11077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1388'. [ 480.051948][T11094] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1383'. [ 481.177939][T11104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1394'. [ 481.272361][T11104] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1394'. [ 485.873562][T11153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'. [ 485.962159][T11153] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'. [ 486.728367][T11170] FAULT_INJECTION: forcing a failure. [ 486.728367][T11170] name failslab, interval 1, probability 0, space 0, times 0 [ 486.856025][T11170] CPU: 0 UID: 1 PID: 11170 Comm: syz.2.1401 Not tainted syzkaller #0 PREEMPT(full) [ 486.856069][T11170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 486.856090][T11170] Call Trace: [ 486.856101][T11170] [ 486.856115][T11170] dump_stack_lvl+0x16c/0x1f0 [ 486.856168][T11170] should_fail_ex+0x512/0x640 [ 486.856221][T11170] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 486.856261][T11170] should_failslab+0xc2/0x120 [ 486.856307][T11170] __kmalloc_cache_noprof+0x6a/0x3e0 [ 486.856344][T11170] ? trace_pid_list_alloc+0x1b0/0x3f0 [ 486.856397][T11170] trace_pid_list_alloc+0x1b0/0x3f0 [ 486.856447][T11170] trace_pid_write+0x10e/0x480 [ 486.856502][T11170] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 486.856553][T11170] ? __pfx_trace_pid_write+0x10/0x10 [ 486.856606][T11170] ? __pfx___mutex_lock+0x10/0x10 [ 486.856650][T11170] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 486.856727][T11170] event_pid_write.isra.0+0x1e4/0x7f0 [ 486.856779][T11170] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 486.856839][T11170] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 486.856888][T11170] vfs_write+0x2a0/0x11d0 [ 486.856933][T11170] ? __pfx___mutex_lock+0x10/0x10 [ 486.856986][T11170] ? __pfx_vfs_write+0x10/0x10 [ 486.857036][T11170] ? __fget_files+0x20e/0x3c0 [ 486.857087][T11170] ksys_write+0x12a/0x250 [ 486.857126][T11170] ? __pfx_ksys_write+0x10/0x10 [ 486.857181][T11170] do_syscall_64+0xcd/0x490 [ 486.857232][T11170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 486.857267][T11170] RIP: 0033:0x7fed27b8ebe9 [ 486.857294][T11170] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 486.857340][T11170] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 486.857371][T11170] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 486.857394][T11170] RDX: 000000000000fdf3 RSI: 0000000000000000 RDI: 0000000000000003 [ 486.857414][T11170] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 486.857435][T11170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 486.857455][T11170] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 486.857518][T11170] [ 487.443730][T11177] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1403'. [ 487.503500][T11177] mac80211_hwsim hwsim3 wlan1: entered allmulticast mode [ 489.314002][T11183] kexec: Could not allocate control_code_buffer [ 492.134846][T11247] [U]  [ 492.137905][T11247] [U] [ 492.140660][T11247] [U] [ 492.143413][T11247] [U] [ 492.196425][T11247] [U] [ 492.199216][T11247] [U] [ 492.201950][T11247] [U] [ 492.204674][T11247] [U] [ 492.208824][T11247] [U] [ 492.211597][T11247] [U] [ 492.214345][T11247] [U] [ 492.217095][T11247] [U] [ 492.220267][T11247] [U] [ 492.223049][T11247] [U] [ 492.225803][T11247] [U] [ 492.228595][T11247] [U] [ 492.231756][T11247] [U] [ 492.234516][T11247] [U] [ 492.237271][T11247] [U] [ 492.240023][T11247] [U] [ 492.246274][T11247] [U] [ 492.249031][T11247] [U] [ 492.251780][T11247] [U] [ 492.254521][T11247] [U] [ 492.262434][T11247] [U] [ 492.265195][T11247] [U] [ 492.267954][T11247] [U] [ 492.270689][T11247] [U] [ 492.282825][T11247] [U] [ 492.285626][T11247] [U] [ 492.288357][T11247] [U] [ 492.291083][T11247] [U] [ 492.295033][T11247] [U] [ 492.297794][T11247] [U] [ 492.300549][T11247] [U] [ 492.303301][T11247] [U] [ 492.310623][T11247] [U] [ 492.313359][T11247] [U] [ 492.316096][T11247] [U] [ 492.318847][T11247] [U] [ 492.325481][T11247] [U] [ 492.328269][T11247] [U] [ 492.331041][T11247] [U] [ 492.333799][T11247] [U] [ 492.337302][T11247] [U] [ 492.340070][T11247] [U] [ 492.342815][T11247] [U] [ 492.345562][T11247] [U] [ 492.348768][T11247] [U] [ 492.351492][T11247] [U] [ 492.354227][T11247] [U] [ 492.356975][T11247] [U] [ 492.360221][T11247] [U] [ 492.362989][T11247] [U] [ 492.365740][T11247] [U] [ 492.368476][T11247] [U] [ 492.372278][T11247] [U] [ 492.375048][T11247] [U] [ 492.377807][T11247] [U] [ 492.380566][T11247] [U] [ 492.399997][T11247] [U] [ 492.402795][T11247] [U] [ 492.405552][T11247] [U] [ 492.408310][T11247] [U] [ 492.457245][T11247] [U] [ 492.459997][T11247] [U] [ 492.462722][T11247] [U] [ 492.465431][T11247] [U] [ 492.502057][T11247] [U] [ 493.637973][T11284] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1424'. [ 493.767746][T11284] netlink: 354 bytes leftover after parsing attributes in process `syz.1.1424'. [ 500.827356][T11345] ubi0: attaching mtd0 [ 500.851999][T11340] FAULT_INJECTION: forcing a failure. [ 500.851999][T11340] name failslab, interval 1, probability 0, space 0, times 0 [ 500.867181][T11345] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 501.074992][T11340] CPU: 1 UID: 0 PID: 11340 Comm: syz.3.1438 Not tainted syzkaller #0 PREEMPT(full) [ 501.075036][T11340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 501.075057][T11340] Call Trace: [ 501.075070][T11340] [ 501.075084][T11340] dump_stack_lvl+0x16c/0x1f0 [ 501.075133][T11340] should_fail_ex+0x512/0x640 [ 501.075182][T11340] ? fs_reclaim_acquire+0xae/0x150 [ 501.075248][T11340] ? tomoyo_encode2+0x100/0x3e0 [ 501.075294][T11340] should_failslab+0xc2/0x120 [ 501.075337][T11340] __kmalloc_noprof+0xd2/0x510 [ 501.075375][T11340] ? d_absolute_path+0x136/0x1a0 [ 501.075433][T11340] tomoyo_encode2+0x100/0x3e0 [ 501.075487][T11340] tomoyo_encode+0x29/0x50 [ 501.075532][T11340] tomoyo_realpath_from_path+0x18f/0x6e0 [ 501.075594][T11340] tomoyo_mkdev_perm+0x22b/0x570 [ 501.075632][T11340] ? tomoyo_mkdev_perm+0x217/0x570 [ 501.075676][T11340] ? __pfx_tomoyo_mkdev_perm+0x10/0x10 [ 501.075717][T11340] ? __lock_acquire+0xb97/0x1ce0 [ 501.075771][T11340] ? do_raw_spin_lock+0x12c/0x2b0 [ 501.075848][T11340] ? __pfx_current_check_access_path+0x10/0x10 [ 501.075901][T11340] ? simple_lookup+0x105/0x1d0 [ 501.075951][T11340] tomoyo_path_mknod+0x12a/0x190 [ 501.075983][T11340] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 501.076019][T11340] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 501.076077][T11340] security_path_mknod+0x161/0x310 [ 501.076141][T11340] do_mknodat+0x239/0x5d0 [ 501.076186][T11340] ? __pfx_do_mknodat+0x10/0x10 [ 501.076224][T11340] ? getname_flags.part.0+0x1c5/0x550 [ 501.076288][T11340] __x64_sys_mknod+0x87/0xb0 [ 501.076330][T11340] do_syscall_64+0xcd/0x490 [ 501.076380][T11340] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.076415][T11340] RIP: 0033:0x7f277f78ebe9 [ 501.076442][T11340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.076477][T11340] RSP: 002b:00007f278058b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 501.076508][T11340] RAX: ffffffffffffffda RBX: 00007f277f9b5fa0 RCX: 00007f277f78ebe9 [ 501.076530][T11340] RDX: 0000000000000103 RSI: 00000000000020e9 RDI: 00002000000003c0 [ 501.076550][T11340] RBP: 00007f277f811e19 R08: 0000000000000000 R09: 0000000000000000 [ 501.076570][T11340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 501.076589][T11340] R13: 00007f277f9b6038 R14: 00007f277f9b5fa0 R15: 00007ffce0a6fef8 [ 501.076634][T11340] [ 501.332093][T11340] ERROR: Out of memory at tomoyo_realpath_from_path. [ 502.860670][ T30] audit: type=1804 audit(4294967446.324:10): pid=11364 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1443" name="/newroot/356/file0" dev="tmpfs" ino=1875 res=1 errno=0 [ 503.257121][ T30] audit: type=1804 audit(4294967446.724:11): pid=11358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1443" name="/newroot/356/file0" dev="tmpfs" ino=1875 res=1 errno=0 [ 504.229348][T11378] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 504.643152][ T5218] ERROR: Out of memory at tomoyo_memory_ok. [ 505.827066][T11381] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 506.339791][T11395] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1450'. [ 506.366750][T11395] bridge0: port 3(vlan1) entered disabled state [ 507.400157][T11395] vlan1 (unregistering): left allmulticast mode [ 507.413907][T11395] veth0_vlan: left allmulticast mode [ 507.438237][T11395] vlan1 (unregistering): left promiscuous mode [ 507.446585][T11395] bridge0: port 3(vlan1) entered disabled state [ 509.218772][T11434] FAULT_INJECTION: forcing a failure. [ 509.218772][T11434] name failslab, interval 1, probability 0, space 0, times 0 [ 509.307143][T11434] CPU: 1 UID: 0 PID: 11434 Comm: syz.2.1459 Not tainted syzkaller #0 PREEMPT(full) [ 509.307187][T11434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 509.307208][T11434] Call Trace: [ 509.307219][T11434] [ 509.307234][T11434] dump_stack_lvl+0x16c/0x1f0 [ 509.307287][T11434] should_fail_ex+0x512/0x640 [ 509.307333][T11434] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 509.307371][T11434] should_failslab+0xc2/0x120 [ 509.307413][T11434] __kmalloc_cache_noprof+0x6a/0x3e0 [ 509.307450][T11434] ? sctp_endpoint_new+0x7c/0xcd0 [ 509.307499][T11434] sctp_endpoint_new+0x7c/0xcd0 [ 509.307548][T11434] sctp_init_sock+0xe2d/0x1330 [ 509.307588][T11434] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 509.307630][T11434] sctp_v6_init_sock+0x16/0x70 [ 509.307668][T11434] ? __pfx_sctp_v6_init_sock+0x10/0x10 [ 509.307709][T11434] inet6_create+0xb30/0x12b0 [ 509.307745][T11434] ? inet6_create+0x7f/0x12b0 [ 509.307781][T11434] __sock_create+0x335/0x8d0 [ 509.307823][T11434] __sys_socket+0x14d/0x260 [ 509.307860][T11434] ? __pfx___sys_socket+0x10/0x10 [ 509.307896][T11434] ? xfd_validate_state+0x61/0x180 [ 509.307944][T11434] ? __pfx_ksys_write+0x10/0x10 [ 509.308004][T11434] __x64_sys_socket+0x72/0xb0 [ 509.308039][T11434] ? lockdep_hardirqs_on+0x7c/0x110 [ 509.308083][T11434] do_syscall_64+0xcd/0x490 [ 509.308135][T11434] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 509.308169][T11434] RIP: 0033:0x7fed27b8ebe9 [ 509.308196][T11434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 509.308230][T11434] RSP: 002b:00007fed2896b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 509.308262][T11434] RAX: ffffffffffffffda RBX: 00007fed27db6090 RCX: 00007fed27b8ebe9 [ 509.308285][T11434] RDX: 0000000000000084 RSI: 0000000000000005 RDI: 000000000000000a [ 509.308305][T11434] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 509.308323][T11434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 509.308344][T11434] R13: 00007fed27db6128 R14: 00007fed27db6090 R15: 00007ffdf53792a8 [ 509.308387][T11434] [ 509.567075][T11428] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 510.663057][T11451] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1465'. [ 510.698113][T11451] bridge0: port 3(vlan1) entered disabled state [ 510.831422][T11451] vlan1 (unregistering): left allmulticast mode [ 510.847493][T11451] veth0_vlan: left allmulticast mode [ 510.873470][T11451] vlan1 (unregistering): left promiscuous mode [ 510.912773][T11451] bridge0: port 3(vlan1) entered disabled state [ 511.323469][T11455] FAULT_INJECTION: forcing a failure. [ 511.323469][T11455] name failslab, interval 1, probability 0, space 0, times 0 [ 511.466467][T11455] CPU: 1 UID: 0 PID: 11455 Comm: syz.1.1473 Not tainted syzkaller #0 PREEMPT(full) [ 511.466514][T11455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 511.466540][T11455] Call Trace: [ 511.466552][T11455] [ 511.466565][T11455] dump_stack_lvl+0x16c/0x1f0 [ 511.466617][T11455] should_fail_ex+0x512/0x640 [ 511.466666][T11455] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 511.466712][T11455] should_failslab+0xc2/0x120 [ 511.466760][T11455] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 511.466803][T11455] ? __kernfs_new_node+0xd2/0x8e0 [ 511.466854][T11455] __kernfs_new_node+0xd2/0x8e0 [ 511.466903][T11455] ? __pfx___kernfs_new_node+0x10/0x10 [ 511.466955][T11455] ? find_held_lock+0x2b/0x80 [ 511.466989][T11455] ? kernfs_root+0xee/0x2a0 [ 511.467041][T11455] kernfs_new_node+0x13c/0x1e0 [ 511.467107][T11455] __kernfs_create_file+0x53/0x350 [ 511.467149][T11455] sysfs_add_file_mode_ns+0x207/0x3c0 [ 511.467203][T11455] internal_create_group+0x578/0xf30 [ 511.467260][T11455] ? __pfx_internal_create_group+0x10/0x10 [ 511.467325][T11455] sysfs_slab_add+0x1a3/0x1e0 [ 511.467366][T11455] do_kmem_cache_create+0x529/0x720 [ 511.467409][T11455] ? __kmem_cache_create_args+0x205/0x390 [ 511.467454][T11455] __kmem_cache_create_args+0x225/0x390 [ 511.467497][T11455] mon_text_open+0x313/0x4f0 [ 511.467537][T11455] ? __pfx_mon_text_open+0x10/0x10 [ 511.467573][T11455] ? __debugfs_file_get+0x1fe/0x840 [ 511.467626][T11455] ? __pfx_mon_text_ctor+0x10/0x10 [ 511.467663][T11455] ? __pfx_apparmor_file_open+0x10/0x10 [ 511.467700][T11455] ? lockdown_is_locked_down+0x3f/0x130 [ 511.467733][T11455] ? bpf_lsm_locked_down+0x9/0x10 [ 511.467771][T11455] ? __pfx_mon_text_open+0x10/0x10 [ 511.467807][T11455] full_proxy_open_regular+0x1b9/0x360 [ 511.467845][T11455] do_dentry_open+0x982/0x1530 [ 511.467888][T11455] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 511.467933][T11455] vfs_open+0x82/0x3f0 [ 511.467990][T11455] path_openat+0x1de4/0x2cb0 [ 511.468046][T11455] ? __pfx_path_openat+0x10/0x10 [ 511.468105][T11455] do_filp_open+0x20b/0x470 [ 511.468148][T11455] ? __pfx_do_filp_open+0x10/0x10 [ 511.468223][T11455] ? alloc_fd+0x471/0x7d0 [ 511.468274][T11455] do_sys_openat2+0x11b/0x1d0 [ 511.468327][T11455] ? __pfx_do_sys_openat2+0x10/0x10 [ 511.468378][T11455] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 511.468449][T11455] __x64_sys_openat+0x174/0x210 [ 511.468503][T11455] ? __pfx___x64_sys_openat+0x10/0x10 [ 511.468575][T11455] do_syscall_64+0xcd/0x490 [ 511.468626][T11455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 511.468661][T11455] RIP: 0033:0x7f8dcf18ebe9 [ 511.468688][T11455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 511.468722][T11455] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 511.468755][T11455] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 511.468777][T11455] RDX: 0000000000101080 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 511.468798][T11455] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 511.468818][T11455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 511.468838][T11455] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 511.468882][T11455] [ 512.324607][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.357080][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.505420][T11455] SLUB: Unable to add cache mon_text_ffff88805cb75c00 to sysfs [ 516.719943][T11510] size and base must be multiples of 4 kiB [ 516.733960][T11510] CPU: 1 UID: 0 PID: 11510 Comm: syz.0.1476 Not tainted syzkaller #0 PREEMPT(full) [ 516.734004][T11510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 516.734025][T11510] Call Trace: [ 516.734035][T11510] [ 516.734047][T11510] dump_stack_lvl+0x16c/0x1f0 [ 516.734097][T11510] mtrr_add+0xdf/0x110 [ 516.734144][T11510] mtrr_ioctl+0x7ef/0xcf0 [ 516.734193][T11510] ? __pfx_mtrr_ioctl+0x10/0x10 [ 516.734258][T11510] ? find_held_lock+0x2b/0x80 [ 516.734303][T11510] ? __fget_files+0x20e/0x3c0 [ 516.734418][T11510] ? __pfx_mtrr_ioctl+0x10/0x10 [ 516.734465][T11510] proc_reg_unlocked_ioctl+0x226/0x320 [ 516.734511][T11510] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 516.734562][T11510] __x64_sys_ioctl+0x18e/0x210 [ 516.734701][T11510] do_syscall_64+0xcd/0x490 [ 516.734755][T11510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 516.734789][T11510] RIP: 0033:0x7ff88358ebe9 [ 516.734816][T11510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 516.734850][T11510] RSP: 002b:00007ff884367038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 516.734884][T11510] RAX: ffffffffffffffda RBX: 00007ff8837b5fa0 RCX: 00007ff88358ebe9 [ 516.734906][T11510] RDX: 0000000000000004 RSI: 00000000400c4d01 RDI: 0000000000000004 [ 516.734925][T11510] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 516.734944][T11510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 516.734964][T11510] R13: 00007ff8837b6038 R14: 00007ff8837b5fa0 R15: 00007ffed5f33ca8 [ 516.735006][T11510] [ 517.194266][T11518] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1477'. [ 518.244567][T11537] [U]  [ 518.247443][T11537] [U] [ 518.250198][T11537] [U] [ 518.252954][T11537] [U] [ 518.440371][T11537] [U] [ 518.443175][T11537] [U] [ 518.445930][T11537] [U] [ 518.448681][T11537] [U] [ 518.455667][T11537] [U] [ 518.458433][T11537] [U] [ 518.461219][T11537] [U] [ 518.463943][T11537] [U] [ 518.510573][T11537] [U] [ 518.513378][T11537] [U] [ 518.516125][T11537] [U] [ 518.518852][T11537] [U] [ 518.769062][T11543] [U] [ 519.885319][ T5873] Bluetooth: hci2: SCO packet for unknown connection handle 0 [ 521.661299][T11566] FAULT_INJECTION: forcing a failure. [ 521.661299][T11566] name failslab, interval 1, probability 0, space 0, times 0 [ 521.681806][T11566] CPU: 0 UID: 0 PID: 11566 Comm: syz.2.1493 Not tainted syzkaller #0 PREEMPT(full) [ 521.681850][T11566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 521.681869][T11566] Call Trace: [ 521.681880][T11566] [ 521.681892][T11566] dump_stack_lvl+0x16c/0x1f0 [ 521.681940][T11566] should_fail_ex+0x512/0x640 [ 521.681999][T11566] ? __kmalloc_noprof+0xbf/0x510 [ 521.682044][T11566] ? kvm_set_irq_routing+0xf3/0x970 [ 521.682091][T11566] should_failslab+0xc2/0x120 [ 521.682138][T11566] __kmalloc_noprof+0xd2/0x510 [ 521.682195][T11566] kvm_set_irq_routing+0xf3/0x970 [ 521.682248][T11566] ? kvm_ioapic_init+0x445/0x590 [ 521.682292][T11566] kvm_arch_vm_ioctl+0x8e8/0x1860 [ 521.682336][T11566] ? register_lock_class+0x41/0x4c0 [ 521.682383][T11566] ? find_held_lock+0x2b/0x80 [ 521.682417][T11566] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 521.682470][T11566] ? __lock_acquire+0x62e/0x1ce0 [ 521.682522][T11566] ? __lock_acquire+0x62e/0x1ce0 [ 521.682578][T11566] ? __lock_acquire+0x62e/0x1ce0 [ 521.682633][T11566] ? __lock_acquire+0x62e/0x1ce0 [ 521.682706][T11566] ? is_bpf_text_address+0x8a/0x1a0 [ 521.682749][T11566] ? bpf_ksym_find+0x124/0x1c0 [ 521.682781][T11566] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 521.682822][T11566] ? is_bpf_text_address+0x94/0x1a0 [ 521.682866][T11566] ? kernel_text_address+0x8d/0x100 [ 521.682897][T11566] ? __kernel_text_address+0xd/0x40 [ 521.682927][T11566] ? unwind_get_return_address+0x59/0xa0 [ 521.682972][T11566] ? arch_stack_walk+0xa6/0x100 [ 521.683025][T11566] ? stack_trace_save+0x8e/0xc0 [ 521.683063][T11566] ? __pfx_stack_trace_save+0x10/0x10 [ 521.683103][T11566] ? stack_depot_save_flags+0x29/0x9c0 [ 521.683152][T11566] ? __lock_acquire+0xb97/0x1ce0 [ 521.683202][T11566] ? kasan_save_stack+0x42/0x60 [ 521.683239][T11566] ? kasan_save_stack+0x33/0x60 [ 521.683275][T11566] ? kasan_save_track+0x14/0x30 [ 521.683312][T11566] ? kasan_save_free_info+0x3b/0x60 [ 521.683365][T11566] ? __kasan_slab_free+0x60/0x70 [ 521.683403][T11566] ? kfree+0x2b4/0x4d0 [ 521.683439][T11566] kvm_vm_ioctl+0x1a91/0x4000 [ 521.683489][T11566] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 521.683549][T11566] ? kasan_quarantine_put+0x10a/0x240 [ 521.683587][T11566] ? lockdep_hardirqs_on+0x7c/0x110 [ 521.683636][T11566] ? find_held_lock+0x2b/0x80 [ 521.683670][T11566] ? tomoyo_path_number_perm+0x295/0x580 [ 521.683719][T11566] ? tomoyo_path_number_perm+0x18d/0x580 [ 521.683765][T11566] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 521.683824][T11566] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 521.683878][T11566] ? do_vfs_ioctl+0x128/0x14f0 [ 521.683931][T11566] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 521.684017][T11566] ? find_held_lock+0x2b/0x80 [ 521.684049][T11566] ? hook_file_ioctl_common+0x145/0x410 [ 521.684106][T11566] ? __fget_files+0x20e/0x3c0 [ 521.684150][T11566] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 521.684186][T11566] __x64_sys_ioctl+0x18e/0x210 [ 521.684243][T11566] do_syscall_64+0xcd/0x490 [ 521.684292][T11566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 521.684327][T11566] RIP: 0033:0x7fed27b8ebe9 [ 521.684355][T11566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 521.684389][T11566] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 521.684421][T11566] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 521.684444][T11566] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 521.684465][T11566] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 521.684484][T11566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 521.684504][T11566] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 521.684548][T11566] [ 526.315752][T11613] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1502'. [ 528.576575][ T30] audit: type=1804 audit(4294967472.044:12): pid=11640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1508" name="/newroot/396/file0" dev="tmpfs" ino=2097 res=1 errno=0 [ 529.531298][ T30] audit: type=1804 audit(4294967472.994:13): pid=11638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1508" name="/newroot/396/file0" dev="tmpfs" ino=2097 res=1 errno=0 [ 530.370509][T11652] FAULT_INJECTION: forcing a failure. [ 530.370509][T11652] name failslab, interval 1, probability 0, space 0, times 0 [ 530.383385][T11652] CPU: 1 UID: 0 PID: 11652 Comm: syz.1.1511 Not tainted syzkaller #0 PREEMPT(full) [ 530.383435][T11652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 530.383456][T11652] Call Trace: [ 530.383467][T11652] [ 530.383479][T11652] dump_stack_lvl+0x16c/0x1f0 [ 530.383526][T11652] should_fail_ex+0x512/0x640 [ 530.383574][T11652] ? __kmalloc_noprof+0xbf/0x510 [ 530.383617][T11652] ? do_sys_poll+0x24a/0xdf0 [ 530.383649][T11652] should_failslab+0xc2/0x120 [ 530.383693][T11652] __kmalloc_noprof+0xd2/0x510 [ 530.383743][T11652] do_sys_poll+0x24a/0xdf0 [ 530.383792][T11652] ? __pfx_do_sys_poll+0x10/0x10 [ 530.383833][T11652] ? __pfx___schedule+0x10/0x10 [ 530.383907][T11652] ? __futex_wait+0x24c/0x2f0 [ 530.384036][T11652] ? __pfx_timespec64_add_safe+0x10/0x10 [ 530.384156][T11652] ? ktime_get_ts64+0x2d2/0x400 [ 530.384200][T11652] ? read_tsc+0x9/0x20 [ 530.384239][T11652] ? ktime_get_ts64+0x256/0x400 [ 530.384292][T11652] __x64_sys_poll+0x1a6/0x450 [ 530.384330][T11652] ? __pfx___x64_sys_poll+0x10/0x10 [ 530.384380][T11652] do_syscall_64+0xcd/0x490 [ 530.384436][T11652] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 530.384469][T11652] RIP: 0033:0x7f8dcf18ebe9 [ 530.384496][T11652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 530.384530][T11652] RSP: 002b:00007f8dd006f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000007 [ 530.384562][T11652] RAX: ffffffffffffffda RBX: 00007f8dcf3b6090 RCX: 00007f8dcf18ebe9 [ 530.384585][T11652] RDX: 000000000000800a RSI: 000000000000007f RDI: 0000000000000000 [ 530.384604][T11652] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 530.384625][T11652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 530.384645][T11652] R13: 00007f8dcf3b6128 R14: 00007f8dcf3b6090 R15: 00007ffe09a4dcc8 [ 530.384688][T11652] [ 534.872714][T11700] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1529'. [ 535.811785][ T30] audit: type=1804 audit(4294967479.284:14): pid=11709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1521" name="/newroot/369/file0" dev="tmpfs" ino=1951 res=1 errno=0 [ 535.895328][ T30] audit: type=1804 audit(4294967479.344:15): pid=11710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1521" name="/newroot/369/file0" dev="tmpfs" ino=1951 res=1 errno=0 [ 535.946490][ T30] audit: type=1800 audit(4294967479.414:16): pid=11709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1521" name="file0" dev="tmpfs" ino=1951 res=0 errno=0 [ 537.166256][T11724] blktrace: Concurrent blktraces are not allowed on loop2 [ 537.231416][T11724] vmstat_refresh: nr_hugetlb -15360 [ 539.975807][ T30] audit: type=1804 audit(4294967483.444:17): pid=11766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1539" name="/newroot/379/file0" dev="tmpfs" ino=2018 res=1 errno=0 [ 540.377002][ T30] audit: type=1804 audit(4294967483.844:18): pid=11761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1539" name="/newroot/379/file0" dev="tmpfs" ino=2018 res=1 errno=0 [ 543.642414][T11795] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1547'. [ 550.631918][ T30] audit: type=1326 audit(4294967494.104:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11882 comm="syz.1.1569" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8dcf18ebe9 code=0x0 [ 550.693166][T11886] FAULT_INJECTION: forcing a failure. [ 550.693166][T11886] name failslab, interval 1, probability 0, space 0, times 0 [ 550.789733][T11886] CPU: 1 UID: 0 PID: 11886 Comm: syz.1.1569 Not tainted syzkaller #0 PREEMPT(full) [ 550.789778][T11886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 550.789799][T11886] Call Trace: [ 550.789810][T11886] [ 550.789823][T11886] dump_stack_lvl+0x16c/0x1f0 [ 550.789873][T11886] should_fail_ex+0x512/0x640 [ 550.789920][T11886] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 550.789962][T11886] should_failslab+0xc2/0x120 [ 550.790008][T11886] __kmalloc_cache_noprof+0x6a/0x3e0 [ 550.790044][T11886] ? snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 550.790089][T11886] snd_pcm_oss_change_params_locked+0x1db/0x3a30 [ 550.790129][T11886] ? trace_contention_end+0xdd/0x130 [ 550.790179][T11886] ? __mutex_lock+0x1c5/0x1060 [ 550.790233][T11886] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 550.790272][T11886] ? __pfx___mutex_lock+0x10/0x10 [ 550.790330][T11886] ? __fsnotify_parent+0x24b/0xc40 [ 550.790390][T11886] snd_pcm_oss_make_ready+0xe6/0x1b0 [ 550.790428][T11886] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 550.790461][T11886] snd_pcm_oss_sync+0x1de/0x840 [ 550.790501][T11886] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 550.790535][T11886] snd_pcm_oss_release+0x28b/0x310 [ 550.790572][T11886] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 550.790605][T11886] __fput+0x402/0xb70 [ 550.790663][T11886] task_work_run+0x14d/0x240 [ 550.790719][T11886] ? __pfx_task_work_run+0x10/0x10 [ 550.790774][T11886] ? __pfx___do_sys_close_range+0x10/0x10 [ 550.790827][T11886] exit_to_user_mode_loop+0xeb/0x110 [ 550.790881][T11886] do_syscall_64+0x3f6/0x490 [ 550.790931][T11886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 550.790966][T11886] RIP: 0033:0x7f8dcf18ebe9 [ 550.790991][T11886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 550.791025][T11886] RSP: 002b:00007f8dd006f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 550.791056][T11886] RAX: 0000000000000000 RBX: 00007f8dcf3b6090 RCX: 00007f8dcf18ebe9 [ 550.791077][T11886] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 550.791098][T11886] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 550.791119][T11886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 550.791139][T11886] R13: 00007f8dcf3b6128 R14: 00007f8dcf3b6090 R15: 00007ffe09a4dcc8 [ 550.791184][T11886] [ 557.276577][T11952] ALSA: mixer_oss: invalid OSS volume '' [ 560.172533][T11969] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1592'. [ 561.831207][T11981] ima: policy update failed [ 561.851618][ T30] audit: type=1802 audit(4294967505.304:20): pid=11981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1595" res=0 errno=0 [ 562.942792][T12000] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1599'. [ 563.487415][T12003] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1600'. [ 565.033784][T12013] FAULT_INJECTION: forcing a failure. [ 565.033784][T12013] name failslab, interval 1, probability 0, space 0, times 0 [ 565.067663][T12013] CPU: 0 UID: 0 PID: 12013 Comm: syz.2.1604 Not tainted syzkaller #0 PREEMPT(full) [ 565.067708][T12013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 565.067730][T12013] Call Trace: [ 565.067741][T12013] [ 565.067754][T12013] dump_stack_lvl+0x16c/0x1f0 [ 565.067803][T12013] should_fail_ex+0x512/0x640 [ 565.067852][T12013] ? fs_reclaim_acquire+0xae/0x150 [ 565.067906][T12013] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 565.067955][T12013] should_failslab+0xc2/0x120 [ 565.068001][T12013] __kmalloc_noprof+0xd2/0x510 [ 565.068051][T12013] tomoyo_realpath_from_path+0xc2/0x6e0 [ 565.068104][T12013] ? tomoyo_profile+0x47/0x60 [ 565.068128][T12013] tomoyo_path_number_perm+0x245/0x580 [ 565.068169][T12013] ? tomoyo_path_number_perm+0x237/0x580 [ 565.068202][T12013] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 565.068262][T12013] ? find_held_lock+0x2b/0x80 [ 565.068285][T12013] ? hook_file_ioctl_common+0x145/0x410 [ 565.068324][T12013] ? __fget_files+0x20e/0x3c0 [ 565.068355][T12013] security_file_ioctl+0x9b/0x240 [ 565.068387][T12013] __x64_sys_ioctl+0xb7/0x210 [ 565.068428][T12013] do_syscall_64+0xcd/0x490 [ 565.068463][T12013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.068487][T12013] RIP: 0033:0x7fed27b8ebe9 [ 565.068505][T12013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.068528][T12013] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 565.068549][T12013] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 565.068565][T12013] RDX: 0000000000000004 RSI: 00000000000089a0 RDI: 0000000000000008 [ 565.068579][T12013] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 565.068593][T12013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.068606][T12013] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 565.068636][T12013] [ 565.068677][T12013] ERROR: Out of memory at tomoyo_realpath_from_path. [ 565.207675][T12009] FAULT_INJECTION: forcing a failure. [ 565.207675][T12009] name failslab, interval 1, probability 0, space 0, times 0 [ 565.419080][T12009] CPU: 1 UID: 0 PID: 12009 Comm: syz.1.1603 Not tainted syzkaller #0 PREEMPT(full) [ 565.419114][T12009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 565.419128][T12009] Call Trace: [ 565.419136][T12009] [ 565.419145][T12009] dump_stack_lvl+0x16c/0x1f0 [ 565.419206][T12009] should_fail_ex+0x512/0x640 [ 565.419248][T12009] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 565.419276][T12009] should_failslab+0xc2/0x120 [ 565.419309][T12009] __kmalloc_cache_noprof+0x6a/0x3e0 [ 565.419333][T12009] ? lockdep_init_map_type+0x5c/0x280 [ 565.419366][T12009] ? register_netdevice+0x4eb/0x2270 [ 565.419408][T12009] register_netdevice+0x4eb/0x2270 [ 565.419448][T12009] ? idr_alloc+0xdd/0x130 [ 565.419475][T12009] ? __pfx_register_netdevice+0x10/0x10 [ 565.419519][T12009] ppp_dev_configure+0xa1e/0xd40 [ 565.419564][T12009] ppp_ioctl+0x17e0/0x2670 [ 565.419599][T12009] ? find_held_lock+0x2b/0x80 [ 565.419622][T12009] ? __pfx_ppp_ioctl+0x10/0x10 [ 565.419660][T12009] ? __fget_files+0x20e/0x3c0 [ 565.419691][T12009] ? __pfx_ppp_ioctl+0x10/0x10 [ 565.419726][T12009] __x64_sys_ioctl+0x18e/0x210 [ 565.419768][T12009] do_syscall_64+0xcd/0x490 [ 565.419803][T12009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 565.419828][T12009] RIP: 0033:0x7f8dcf18ebe9 [ 565.419846][T12009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 565.419870][T12009] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 565.419892][T12009] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 565.419908][T12009] RDX: 0000000000000000 RSI: 00000000c004743e RDI: 0000000000000007 [ 565.419922][T12009] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 565.419937][T12009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 565.419951][T12009] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 565.419981][T12009] [ 573.692403][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.698920][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 573.828006][T12104] FAULT_INJECTION: forcing a failure. [ 573.828006][T12104] name failslab, interval 1, probability 0, space 0, times 0 [ 573.896993][T12104] CPU: 0 UID: 0 PID: 12104 Comm: syz.2.1619 Not tainted syzkaller #0 PREEMPT(full) [ 573.897041][T12104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 573.897062][T12104] Call Trace: [ 573.897074][T12104] [ 573.897087][T12104] dump_stack_lvl+0x16c/0x1f0 [ 573.897141][T12104] should_fail_ex+0x512/0x640 [ 573.897192][T12104] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 573.897234][T12104] should_failslab+0xc2/0x120 [ 573.897281][T12104] __kmalloc_cache_noprof+0x6a/0x3e0 [ 573.897315][T12104] ? lockdep_init_map_type+0x5c/0x280 [ 573.897363][T12104] ? nci_hci_allocate+0x45/0x330 [ 573.897415][T12104] nci_hci_allocate+0x45/0x330 [ 573.897461][T12104] nci_allocate_device+0x26f/0x430 [ 573.897501][T12104] virtual_ncidev_open+0x6f/0x220 [ 573.897541][T12104] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 573.897579][T12104] misc_open+0x35a/0x420 [ 573.897616][T12104] ? __pfx_misc_open+0x10/0x10 [ 573.897652][T12104] chrdev_open+0x234/0x6a0 [ 573.897707][T12104] ? __pfx_apparmor_file_open+0x10/0x10 [ 573.897747][T12104] ? __pfx_chrdev_open+0x10/0x10 [ 573.897795][T12104] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 573.897844][T12104] do_dentry_open+0x982/0x1530 [ 573.897888][T12104] ? __pfx_chrdev_open+0x10/0x10 [ 573.897942][T12104] vfs_open+0x82/0x3f0 [ 573.898000][T12104] path_openat+0x1de4/0x2cb0 [ 573.898056][T12104] ? __pfx_path_openat+0x10/0x10 [ 573.898110][T12104] do_filp_open+0x20b/0x470 [ 573.898153][T12104] ? __pfx_do_filp_open+0x10/0x10 [ 573.898226][T12104] ? alloc_fd+0x471/0x7d0 [ 573.898276][T12104] do_sys_openat2+0x11b/0x1d0 [ 573.898329][T12104] ? __pfx_do_sys_openat2+0x10/0x10 [ 573.898400][T12104] __x64_sys_openat+0x174/0x210 [ 573.898454][T12104] ? __pfx___x64_sys_openat+0x10/0x10 [ 573.898527][T12104] do_syscall_64+0xcd/0x490 [ 573.898578][T12104] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.898612][T12104] RIP: 0033:0x7fed27b8ebe9 [ 573.898640][T12104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.898674][T12104] RSP: 002b:00007fed2896b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 573.898713][T12104] RAX: ffffffffffffffda RBX: 00007fed27db6090 RCX: 00007fed27b8ebe9 [ 573.898735][T12104] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 573.898757][T12104] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 573.898777][T12104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.898796][T12104] R13: 00007fed27db6128 R14: 00007fed27db6090 R15: 00007ffdf53792a8 [ 573.898840][T12104] [ 573.917448][T12107] netlink: 'syz.3.1621': attribute type 4 has an invalid length. [ 574.527006][T12107] netlink: 314 bytes leftover after parsing attributes in process `syz.3.1621'. [ 575.053738][T12077] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 576.909456][T12143] lo: entered allmulticast mode [ 576.954407][T12145] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1627'. [ 577.030502][T12146] lo: left allmulticast mode [ 578.315961][T12167] Process accounting resumed [ 578.354443][T12164] Process accounting resumed [ 581.778515][T12197] Process accounting resumed [ 581.947146][T12193] Process accounting resumed [ 582.509068][T12207] FAULT_INJECTION: forcing a failure. [ 582.509068][T12207] name failslab, interval 1, probability 0, space 0, times 0 [ 582.536974][T12207] CPU: 1 UID: 0 PID: 12207 Comm: syz.3.1644 Not tainted syzkaller #0 PREEMPT(full) [ 582.537023][T12207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 582.537043][T12207] Call Trace: [ 582.537053][T12207] [ 582.537065][T12207] dump_stack_lvl+0x16c/0x1f0 [ 582.537116][T12207] should_fail_ex+0x512/0x640 [ 582.537167][T12207] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 582.537215][T12207] should_failslab+0xc2/0x120 [ 582.537263][T12207] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 582.537307][T12207] ? shmem_alloc_inode+0x25/0x50 [ 582.537363][T12207] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 582.537410][T12207] shmem_alloc_inode+0x25/0x50 [ 582.537457][T12207] alloc_inode+0x64/0x240 [ 582.537508][T12207] new_inode+0x22/0x1c0 [ 582.537563][T12207] shmem_get_inode+0x19a/0xfb0 [ 582.537634][T12207] shmem_mknod+0x1a8/0x450 [ 582.537696][T12207] vfs_create+0x4e0/0x7a0 [ 582.537734][T12207] do_mknodat+0x3d3/0x5d0 [ 582.537779][T12207] ? __pfx_do_mknodat+0x10/0x10 [ 582.537817][T12207] ? getname_flags.part.0+0x1c5/0x550 [ 582.537880][T12207] __x64_sys_mknod+0x87/0xb0 [ 582.537923][T12207] do_syscall_64+0xcd/0x490 [ 582.537973][T12207] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 582.538008][T12207] RIP: 0033:0x7f277f78ebe9 [ 582.538036][T12207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 582.538070][T12207] RSP: 002b:00007f278056a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 582.538102][T12207] RAX: ffffffffffffffda RBX: 00007f277f9b6090 RCX: 00007f277f78ebe9 [ 582.538125][T12207] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000180 [ 582.538147][T12207] RBP: 00007f277f811e19 R08: 0000000000000000 R09: 0000000000000000 [ 582.538168][T12207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 582.538189][T12207] R13: 00007f277f9b6128 R14: 00007f277f9b6090 R15: 00007ffce0a6fef8 [ 582.538234][T12207] [ 585.822741][T12254] Process accounting resumed [ 585.948790][T12245] Process accounting resumed [ 586.570984][T12260] netlink: zone id is out of range [ 586.594470][T12260] netlink: del zone limit has 4 unknown bytes [ 589.887209][ T5873] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9 [ 590.794255][T12347] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1673'. [ 590.803967][T12347] hsr_slave_0: left promiscuous mode [ 590.821372][T12347] hsr_slave_1: left promiscuous mode [ 591.676594][T12360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1668'. [ 591.694762][T12359] FAULT_INJECTION: forcing a failure. [ 591.694762][T12359] name failslab, interval 1, probability 0, space 0, times 0 [ 591.750268][T12359] CPU: 1 UID: 0 PID: 12359 Comm: syz.0.1669 Not tainted syzkaller #0 PREEMPT(full) [ 591.750310][T12359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 591.750330][T12359] Call Trace: [ 591.750342][T12359] [ 591.750354][T12359] dump_stack_lvl+0x16c/0x1f0 [ 591.750403][T12359] should_fail_ex+0x512/0x640 [ 591.750449][T12359] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 591.750485][T12359] should_failslab+0xc2/0x120 [ 591.750529][T12359] __kmalloc_cache_noprof+0x6a/0x3e0 [ 591.750566][T12359] ? kvm_dev_ioctl+0x15f6/0x1af0 [ 591.750603][T12359] kvm_dev_ioctl+0x15f6/0x1af0 [ 591.750649][T12359] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 591.750689][T12359] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 591.750720][T12359] __x64_sys_ioctl+0x18e/0x210 [ 591.750767][T12359] do_syscall_64+0xcd/0x490 [ 591.750811][T12359] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.750845][T12359] RIP: 0033:0x7ff88358ebe9 [ 591.750872][T12359] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.750907][T12359] RSP: 002b:00007ff884367038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 591.750937][T12359] RAX: ffffffffffffffda RBX: 00007ff8837b5fa0 RCX: 00007ff88358ebe9 [ 591.750959][T12359] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000002 [ 591.750977][T12359] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 591.750997][T12359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 591.751018][T12359] R13: 00007ff8837b6038 R14: 00007ff8837b5fa0 R15: 00007ffed5f33ca8 [ 591.751058][T12359] [ 592.397257][T12367] random: crng reseeded on system resumption [ 592.409514][ T5941] ERROR: Out of memory at tomoyo_memory_ok. [ 592.431922][ T4090] ERROR: Out of memory at tomoyo_memory_ok. [ 599.319214][ T30] audit: type=1804 audit(4294967542.794:21): pid=12418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1685" name="/newroot/407/file0" dev="tmpfs" ino=2150 res=1 errno=0 [ 599.571008][ T30] audit: type=1804 audit(4294967542.894:22): pid=12421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1685" name="/newroot/407/file0" dev="tmpfs" ino=2150 res=1 errno=0 [ 599.954991][ T30] audit: type=1800 audit(4294967542.894:23): pid=12418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1685" name="file0" dev="tmpfs" ino=2150 res=0 errno=0 [ 600.980857][T12439] syz.3.1689 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 601.074562][T12439] FAULT_INJECTION: forcing a failure. [ 601.074562][T12439] name failslab, interval 1, probability 0, space 0, times 0 [ 601.074654][T12439] CPU: 1 UID: 0 PID: 12439 Comm: syz.3.1689 Not tainted syzkaller #0 PREEMPT(full) [ 601.074699][T12439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 601.074719][T12439] Call Trace: [ 601.074731][T12439] [ 601.074744][T12439] dump_stack_lvl+0x16c/0x1f0 [ 601.074795][T12439] should_fail_ex+0x512/0x640 [ 601.074844][T12439] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 601.074883][T12439] should_failslab+0xc2/0x120 [ 601.074929][T12439] __kmalloc_cache_noprof+0x6a/0x3e0 [ 601.074966][T12439] ? kernfs_fop_open+0x244/0xda0 [ 601.075006][T12439] kernfs_fop_open+0x244/0xda0 [ 601.075057][T12439] do_dentry_open+0x982/0x1530 [ 601.075103][T12439] ? __pfx_kernfs_fop_open+0x10/0x10 [ 601.075145][T12439] vfs_open+0x82/0x3f0 [ 601.075203][T12439] path_openat+0x1de4/0x2cb0 [ 601.075259][T12439] ? __pfx_path_openat+0x10/0x10 [ 601.075312][T12439] do_filp_open+0x20b/0x470 [ 601.075355][T12439] ? __pfx_do_filp_open+0x10/0x10 [ 601.075429][T12439] ? alloc_fd+0x471/0x7d0 [ 601.075479][T12439] do_sys_openat2+0x11b/0x1d0 [ 601.075533][T12439] ? __pfx_do_sys_openat2+0x10/0x10 [ 601.075604][T12439] __x64_sys_openat+0x174/0x210 [ 601.075659][T12439] ? __pfx___x64_sys_openat+0x10/0x10 [ 601.075732][T12439] do_syscall_64+0xcd/0x490 [ 601.075790][T12439] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.075826][T12439] RIP: 0033:0x7f277f78ebe9 [ 601.075852][T12439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.075887][T12439] RSP: 002b:00007f278058b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 601.075920][T12439] RAX: ffffffffffffffda RBX: 00007f277f9b5fa0 RCX: 00007f277f78ebe9 [ 601.075942][T12439] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 601.075963][T12439] RBP: 00007f277f811e19 R08: 0000000000000000 R09: 0000000000000000 [ 601.075982][T12439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.076002][T12439] R13: 00007f277f9b6038 R14: 00007f277f9b5fa0 R15: 00007ffce0a6fef8 [ 601.076058][T12439] [ 601.144726][T12437] FAULT_INJECTION: forcing a failure. [ 601.144726][T12437] name fail_futex, interval 1, probability 0, space 0, times 0 [ 601.144777][T12437] CPU: 1 UID: 1 PID: 12437 Comm: syz.1.1687 Not tainted syzkaller #0 PREEMPT(full) [ 601.144818][T12437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 601.144838][T12437] Call Trace: [ 601.144850][T12437] [ 601.144863][T12437] dump_stack_lvl+0x16c/0x1f0 [ 601.144914][T12437] should_fail_ex+0x512/0x640 [ 601.144968][T12437] get_futex_key+0x1d0/0x1560 [ 601.145108][T12437] ? __pfx_get_futex_key+0x10/0x10 [ 601.145165][T12437] futex_wait_setup+0x9d/0x550 [ 601.145242][T12437] __futex_wait+0x194/0x2f0 [ 601.145302][T12437] ? __pfx___futex_wait+0x10/0x10 [ 601.145366][T12437] ? __pfx_futex_wake_mark+0x10/0x10 [ 601.145430][T12437] ? futex_private_hash_put+0x176/0x300 [ 601.145478][T12437] ? futex_private_hash_put+0x18a/0x300 [ 601.145523][T12437] futex_wait+0xe8/0x380 [ 601.145574][T12437] ? __pfx_futex_wait+0x10/0x10 [ 601.145635][T12437] ? __lock_acquire+0xb97/0x1ce0 [ 601.145690][T12437] do_futex+0x229/0x350 [ 601.145734][T12437] ? __pfx_do_futex+0x10/0x10 [ 601.145791][T12437] __x64_sys_futex+0x1e0/0x4c0 [ 601.145837][T12437] ? __pfx___x64_sys_open_tree_attr+0x10/0x10 [ 601.145888][T12437] ? __pfx___x64_sys_futex+0x10/0x10 [ 601.145933][T12437] ? xfd_validate_state+0x61/0x180 [ 601.145982][T12437] ? up_write+0x1b2/0x520 [ 601.146048][T12437] do_syscall_64+0xcd/0x490 [ 601.146099][T12437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.146134][T12437] RIP: 0033:0x7f8dcf18ebe9 [ 601.146159][T12437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 601.146195][T12437] RSP: 002b:00007f8dd006f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 601.146227][T12437] RAX: ffffffffffffffda RBX: 00007f8dcf3b6098 RCX: 00007f8dcf18ebe9 [ 601.146251][T12437] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8dcf3b6098 [ 601.146272][T12437] RBP: 00007f8dcf3b6090 R08: 0000000000000000 R09: 0000000000000000 [ 601.146292][T12437] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 601.146311][T12437] R13: 00007f8dcf3b6128 R14: 00007ffe09a4dbe0 R15: 00007ffe09a4dcc8 [ 601.146354][T12437] [ 603.301138][ T5873] Bluetooth: hci2: unexpected subevent 0x03 length: 253 > 9 [ 604.084826][T12461] zswap: compressor not available [ 605.517859][T12482] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1698'. [ 606.192855][T12488] usbcore.quirks: string doesn't fit in 127 chars. [ 607.333351][T12494] ERROR: Out of memory at tomoyo_memory_ok. [ 607.706979][ T30] audit: type=1800 audit(4294967551.174:24): pid=12499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1703" name="members" dev="configfs" ino=39269 res=0 errno=0 [ 608.114198][T12473] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 609.654443][T12510] Process accounting paused [ 611.565071][T12534] random: crng reseeded on system resumption [ 611.578460][ T5973] ERROR: Out of memory at tomoyo_memory_ok. [ 611.598399][ T5941] ERROR: Out of memory at tomoyo_memory_ok. [ 612.627035][ T5873] Bluetooth: hci2: ISO packet for unknown connection handle 0 [ 613.063669][T12543] Process accounting paused [ 615.245485][T12563] FAULT_INJECTION: forcing a failure. [ 615.245485][T12563] name failslab, interval 1, probability 0, space 0, times 0 [ 615.268854][T12563] CPU: 0 UID: 0 PID: 12563 Comm: syz.3.1716 Not tainted syzkaller #0 PREEMPT(full) [ 615.268901][T12563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 615.268921][T12563] Call Trace: [ 615.268933][T12563] [ 615.268946][T12563] dump_stack_lvl+0x16c/0x1f0 [ 615.268997][T12563] should_fail_ex+0x512/0x640 [ 615.269047][T12563] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 615.269102][T12563] should_failslab+0xc2/0x120 [ 615.269154][T12563] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 615.269197][T12563] ? __kernfs_new_node+0xd2/0x8e0 [ 615.269248][T12563] __kernfs_new_node+0xd2/0x8e0 [ 615.269298][T12563] ? __pfx___kernfs_new_node+0x10/0x10 [ 615.269353][T12563] ? find_held_lock+0x2b/0x80 [ 615.269387][T12563] ? kernfs_root+0xee/0x2a0 [ 615.269439][T12563] kernfs_new_node+0x13c/0x1e0 [ 615.269496][T12563] __kernfs_create_file+0x53/0x350 [ 615.269536][T12563] sysfs_add_file_mode_ns+0x207/0x3c0 [ 615.269593][T12563] internal_create_group+0x578/0xf30 [ 615.269663][T12563] ? __pfx_internal_create_group+0x10/0x10 [ 615.269728][T12563] sysfs_slab_add+0x1a3/0x1e0 [ 615.269768][T12563] do_kmem_cache_create+0x529/0x720 [ 615.269811][T12563] ? __kmem_cache_create_args+0x205/0x390 [ 615.269856][T12563] __kmem_cache_create_args+0x225/0x390 [ 615.269899][T12563] mon_text_open+0x313/0x4f0 [ 615.269939][T12563] ? __pfx_mon_text_open+0x10/0x10 [ 615.269974][T12563] ? __debugfs_file_get+0x1fe/0x840 [ 615.270027][T12563] ? __pfx_mon_text_ctor+0x10/0x10 [ 615.270064][T12563] ? __pfx_apparmor_file_open+0x10/0x10 [ 615.270106][T12563] ? lockdown_is_locked_down+0x3f/0x130 [ 615.270138][T12563] ? bpf_lsm_locked_down+0x9/0x10 [ 615.270175][T12563] ? __pfx_mon_text_open+0x10/0x10 [ 615.270210][T12563] full_proxy_open_regular+0x1b9/0x360 [ 615.270248][T12563] do_dentry_open+0x982/0x1530 [ 615.270290][T12563] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 615.270333][T12563] vfs_open+0x82/0x3f0 [ 615.270382][T12563] path_openat+0x1de4/0x2cb0 [ 615.270432][T12563] ? __pfx_path_openat+0x10/0x10 [ 615.270482][T12563] do_filp_open+0x20b/0x470 [ 615.270522][T12563] ? __pfx_do_filp_open+0x10/0x10 [ 615.270589][T12563] ? alloc_fd+0x471/0x7d0 [ 615.270635][T12563] do_sys_openat2+0x11b/0x1d0 [ 615.270679][T12563] ? __pfx_do_sys_openat2+0x10/0x10 [ 615.270736][T12563] __x64_sys_openat+0x174/0x210 [ 615.270783][T12563] ? __pfx___x64_sys_openat+0x10/0x10 [ 615.270855][T12563] do_syscall_64+0xcd/0x490 [ 615.270905][T12563] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 615.270939][T12563] RIP: 0033:0x7f277f78ebe9 [ 615.270966][T12563] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 615.271001][T12563] RSP: 002b:00007f278058b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 615.271034][T12563] RAX: ffffffffffffffda RBX: 00007f277f9b5fa0 RCX: 00007f277f78ebe9 [ 615.271056][T12563] RDX: 0000000000026040 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 615.271079][T12563] RBP: 00007f277f811e19 R08: 0000000000000000 R09: 0000000000000000 [ 615.271109][T12563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 615.271130][T12563] R13: 00007f277f9b6038 R14: 00007f277f9b5fa0 R15: 00007ffce0a6fef8 [ 615.271175][T12563] [ 615.275625][T12563] SLUB: Unable to add cache mon_text_ffff88805bdc5000 to sysfs [ 618.658260][T12560] Process accounting paused [ 620.638313][T12620] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1730'. [ 620.841246][T12618] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 620.851391][T12618] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 620.857953][T12618] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 620.864329][T12618] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 622.334705][ T5873] Bluetooth: hci2: command 0x0c1a tx timeout [ 622.887213][ T5873] Bluetooth: hci3: command 0x0c1a tx timeout [ 622.893311][ T5873] Bluetooth: hci0: command 0x0c1a tx timeout [ 622.902683][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 626.874208][T12685] FAULT_INJECTION: forcing a failure. [ 626.874208][T12685] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 626.907976][T12685] CPU: 1 UID: 0 PID: 12685 Comm: syz.1.1742 Not tainted syzkaller #0 PREEMPT(full) [ 626.908020][T12685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 626.908041][T12685] Call Trace: [ 626.908052][T12685] [ 626.908065][T12685] dump_stack_lvl+0x16c/0x1f0 [ 626.908124][T12685] should_fail_ex+0x512/0x640 [ 626.908180][T12685] should_fail_alloc_page+0xe7/0x130 [ 626.908230][T12685] prepare_alloc_pages+0x3c2/0x610 [ 626.908282][T12685] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.908323][T12685] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 626.908385][T12685] ? __lock_acquire+0xb97/0x1ce0 [ 626.908430][T12685] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 626.908489][T12685] ? __pfx___mutex_trylock_common+0x10/0x10 [ 626.908539][T12685] ? __pfx___might_resched+0x10/0x10 [ 626.908575][T12685] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 626.908629][T12685] ? policy_nodemask+0xea/0x4e0 [ 626.908699][T12685] alloc_pages_mpol+0x1fb/0x550 [ 626.908747][T12685] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 626.908792][T12685] ? __pfx___mutex_lock+0x10/0x10 [ 626.908850][T12685] ___kmalloc_large_node+0xed/0x160 [ 626.908909][T12685] __kmalloc_large_noprof+0x1c/0x70 [ 626.908964][T12685] uhid_char_open+0x24/0x250 [ 626.908995][T12685] ? __pfx_uhid_char_open+0x10/0x10 [ 626.909036][T12685] misc_open+0x35a/0x420 [ 626.909075][T12685] ? __pfx_misc_open+0x10/0x10 [ 626.909117][T12685] chrdev_open+0x234/0x6a0 [ 626.909160][T12685] ? __pfx_apparmor_file_open+0x10/0x10 [ 626.909202][T12685] ? __pfx_chrdev_open+0x10/0x10 [ 626.909249][T12685] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 626.909297][T12685] do_dentry_open+0x982/0x1530 [ 626.909341][T12685] ? __pfx_chrdev_open+0x10/0x10 [ 626.909393][T12685] vfs_open+0x82/0x3f0 [ 626.909450][T12685] path_openat+0x1de4/0x2cb0 [ 626.909505][T12685] ? __pfx_path_openat+0x10/0x10 [ 626.909558][T12685] do_filp_open+0x20b/0x470 [ 626.909599][T12685] ? __pfx_do_filp_open+0x10/0x10 [ 626.909683][T12685] ? alloc_fd+0x471/0x7d0 [ 626.909733][T12685] do_sys_openat2+0x11b/0x1d0 [ 626.909786][T12685] ? __pfx_do_sys_openat2+0x10/0x10 [ 626.909853][T12685] __x64_sys_openat+0x174/0x210 [ 626.909913][T12685] ? __pfx___x64_sys_openat+0x10/0x10 [ 626.909984][T12685] do_syscall_64+0xcd/0x490 [ 626.910035][T12685] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 626.910068][T12685] RIP: 0033:0x7f8dcf18ebe9 [ 626.910102][T12685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 626.910137][T12685] RSP: 002b:00007f8dd006f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 626.910167][T12685] RAX: ffffffffffffffda RBX: 00007f8dcf3b6090 RCX: 00007f8dcf18ebe9 [ 626.910190][T12685] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 626.910212][T12685] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 626.910233][T12685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 626.910254][T12685] R13: 00007f8dcf3b6128 R14: 00007f8dcf3b6090 R15: 00007ffe09a4dcc8 [ 626.910298][T12685] [ 628.953272][T12696] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1745'. [ 629.157665][T12705] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1747'. [ 630.037740][ T5873] Bluetooth: hci3: ISO packet for unknown connection handle 0 [ 634.570052][T12764] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 635.142279][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 635.153638][ T5218] ERROR: Out of memory at tomoyo_memory_ok. [ 635.159780][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 639.163141][ T4090] ERROR: Out of memory at tomoyo_memory_ok. [ 639.182586][ T5973] ERROR: Out of memory at tomoyo_memory_ok. [ 639.633800][T12809] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 639.640762][T12809] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 639.676286][T12809] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 639.683293][T12809] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 640.292176][T12819] Process accounting resumed [ 640.592057][T12834] serio: Serial port ttyS0 [ 641.293198][ T5873] Bluetooth: hci2: command 0x0c1a tx timeout [ 641.687192][ T5873] Bluetooth: hci3: command 0x0c1a tx timeout [ 641.693362][T12638] Bluetooth: hci0: command 0x0c1a tx timeout [ 641.699466][T12638] Bluetooth: hci1: command 0x0c1a tx timeout [ 642.973789][T12859] FAULT_INJECTION: forcing a failure. [ 642.973789][T12859] name fail_futex, interval 1, probability 0, space 0, times 0 [ 643.001382][T12859] CPU: 1 UID: 0 PID: 12859 Comm: syz.0.1778 Not tainted syzkaller #0 PREEMPT(full) [ 643.001426][T12859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 643.001445][T12859] Call Trace: [ 643.001455][T12859] [ 643.001464][T12859] dump_stack_lvl+0x16c/0x1f0 [ 643.001502][T12859] should_fail_ex+0x512/0x640 [ 643.001541][T12859] get_futex_key+0x1d0/0x1560 [ 643.001574][T12859] ? __pfx_get_futex_key+0x10/0x10 [ 643.001613][T12859] futex_wake+0xea/0x530 [ 643.001649][T12859] ? rcu_is_watching+0x12/0xc0 [ 643.001681][T12859] ? __pfx_futex_wake+0x10/0x10 [ 643.001720][T12859] ? kmem_cache_free+0x2d1/0x4d0 [ 643.001746][T12859] ? fd_install+0x225/0x750 [ 643.001769][T12859] ? putname+0x154/0x1a0 [ 643.001808][T12859] do_futex+0x1e3/0x350 [ 643.001839][T12859] ? __pfx_do_futex+0x10/0x10 [ 643.001876][T12859] __x64_sys_futex+0x1e0/0x4c0 [ 643.001909][T12859] ? __x64_sys_openat+0x174/0x210 [ 643.001947][T12859] ? __pfx___x64_sys_futex+0x10/0x10 [ 643.001990][T12859] do_syscall_64+0xcd/0x490 [ 643.002024][T12859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.002048][T12859] RIP: 0033:0x7ff88358ebe9 [ 643.002066][T12859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 643.002090][T12859] RSP: 002b:00007ff8843460e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 643.002112][T12859] RAX: ffffffffffffffda RBX: 00007ff8837b6098 RCX: 00007ff88358ebe9 [ 643.002128][T12859] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff8837b609c [ 643.002147][T12859] RBP: 00007ff8837b6090 R08: 00007ff884368000 R09: 0000000000000000 [ 643.002166][T12859] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 643.002186][T12859] R13: 00007ff8837b6128 R14: 00007ffed5f33bc0 R15: 00007ffed5f33ca8 [ 643.002221][T12859] [ 643.625500][T12868] Process accounting resumed [ 644.865618][T12853] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 648.531120][T12917] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 648.611250][T12923] FAULT_INJECTION: forcing a failure. [ 648.611250][T12923] name fail_futex, interval 1, probability 0, space 0, times 0 [ 648.817347][T12923] CPU: 0 UID: 0 PID: 12923 Comm: syz.3.1789 Not tainted syzkaller #0 PREEMPT(full) [ 648.817396][T12923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 648.817417][T12923] Call Trace: [ 648.817428][T12923] [ 648.817441][T12923] dump_stack_lvl+0x16c/0x1f0 [ 648.817493][T12923] should_fail_ex+0x512/0x640 [ 648.817549][T12923] get_futex_key+0x1d0/0x1560 [ 648.817597][T12923] ? __pfx_get_futex_key+0x10/0x10 [ 648.817658][T12923] futex_wake+0xea/0x530 [ 648.817710][T12923] ? rcu_is_watching+0x12/0xc0 [ 648.817746][T12923] ? __pfx_futex_wake+0x10/0x10 [ 648.817802][T12923] ? kmem_cache_free+0x2d1/0x4d0 [ 648.817840][T12923] ? fd_install+0x225/0x750 [ 648.817874][T12923] ? putname+0x154/0x1a0 [ 648.817929][T12923] do_futex+0x1e3/0x350 [ 648.817974][T12923] ? __pfx_do_futex+0x10/0x10 [ 648.818031][T12923] __x64_sys_futex+0x1e0/0x4c0 [ 648.818079][T12923] ? __x64_sys_openat+0x174/0x210 [ 648.818143][T12923] ? __pfx___x64_sys_futex+0x10/0x10 [ 648.818205][T12923] do_syscall_64+0xcd/0x490 [ 648.818256][T12923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.818291][T12923] RIP: 0033:0x7f277f78ebe9 [ 648.818318][T12923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.818352][T12923] RSP: 002b:00007f278056a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 648.818384][T12923] RAX: ffffffffffffffda RBX: 00007f277f9b6098 RCX: 00007f277f78ebe9 [ 648.818405][T12923] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f277f9b609c [ 648.818425][T12923] RBP: 00007f277f9b6090 R08: 00007f278058c000 R09: 0000000000000000 [ 648.818446][T12923] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 648.818465][T12923] R13: 00007f277f9b6128 R14: 00007ffce0a6fe10 R15: 00007ffce0a6fef8 [ 648.818508][T12923] [ 649.636791][T12916] Process accounting resumed [ 652.192914][ T51] Bluetooth: hci0: unexpected subevent 0x0c length: 0 < 5 [ 657.641227][T13042] ERROR: Out of memory at tomoyo_memory_ok. [ 657.737205][T13042] FAULT_INJECTION: forcing a failure. [ 657.737205][T13042] name failslab, interval 1, probability 0, space 0, times 0 [ 657.750735][T13042] CPU: 1 UID: 0 PID: 13042 Comm: syz.2.1819 Not tainted syzkaller #0 PREEMPT(full) [ 657.750778][T13042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 657.750799][T13042] Call Trace: [ 657.750809][T13042] [ 657.750821][T13042] dump_stack_lvl+0x16c/0x1f0 [ 657.750872][T13042] should_fail_ex+0x512/0x640 [ 657.750919][T13042] ? __kvmalloc_node_noprof+0x124/0x620 [ 657.750961][T13042] should_failslab+0xc2/0x120 [ 657.751006][T13042] __kvmalloc_node_noprof+0x137/0x620 [ 657.751044][T13042] ? lockdep_init_map_type+0x5c/0x280 [ 657.751091][T13042] ? alloc_netdev_mqs+0xc82/0x1530 [ 657.751147][T13042] ? alloc_netdev_mqs+0xc82/0x1530 [ 657.751191][T13042] alloc_netdev_mqs+0xc82/0x1530 [ 657.751248][T13042] internal_dev_create+0x8a/0x520 [ 657.751301][T13042] ovs_vport_add+0x144/0x4d0 [ 657.751351][T13042] new_vport+0x16/0x1d0 [ 657.751401][T13042] ovs_dp_cmd_new+0x6ba/0xe60 [ 657.751454][T13042] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 657.751506][T13042] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 657.751564][T13042] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 657.751631][T13042] genl_family_rcv_msg_doit+0x206/0x2f0 [ 657.751689][T13042] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 657.751759][T13042] ? bpf_lsm_capable+0x9/0x10 [ 657.751790][T13042] ? security_capable+0x7e/0x260 [ 657.751827][T13042] ? ns_capable+0xd7/0x110 [ 657.751868][T13042] genl_rcv_msg+0x55c/0x800 [ 657.751926][T13042] ? __pfx_genl_rcv_msg+0x10/0x10 [ 657.751981][T13042] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 657.752038][T13042] netlink_rcv_skb+0x155/0x420 [ 657.752082][T13042] ? __pfx_genl_rcv_msg+0x10/0x10 [ 657.752138][T13042] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 657.752206][T13042] ? netlink_deliver_tap+0x1ae/0xd30 [ 657.752259][T13042] genl_rcv+0x28/0x40 [ 657.752307][T13042] netlink_unicast+0x5aa/0x870 [ 657.752362][T13042] ? __pfx_netlink_unicast+0x10/0x10 [ 657.752416][T13042] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 657.752462][T13042] ? __lock_acquire+0xb97/0x1ce0 [ 657.752519][T13042] netlink_sendmsg+0x8d1/0xdd0 [ 657.752574][T13042] ? __pfx_netlink_sendmsg+0x10/0x10 [ 657.752627][T13042] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 657.752672][T13042] ____sys_sendmsg+0xa95/0xc70 [ 657.752705][T13042] ? copy_msghdr_from_user+0x10a/0x160 [ 657.752752][T13042] ? __pfx_____sys_sendmsg+0x10/0x10 [ 657.752806][T13042] ___sys_sendmsg+0x134/0x1d0 [ 657.752855][T13042] ? __pfx____sys_sendmsg+0x10/0x10 [ 657.752956][T13042] __sys_sendmsg+0x16d/0x220 [ 657.753002][T13042] ? __pfx___sys_sendmsg+0x10/0x10 [ 657.753047][T13042] ? __x64_sys_futex+0x1e0/0x4c0 [ 657.753118][T13042] do_syscall_64+0xcd/0x490 [ 657.753170][T13042] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 657.753204][T13042] RIP: 0033:0x7fed27b8ebe9 [ 657.753230][T13042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 657.753263][T13042] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 657.753294][T13042] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 657.753316][T13042] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 657.753336][T13042] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 657.753356][T13042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 657.753383][T13042] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 657.753429][T13042] [ 659.623700][T13037] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 660.421790][T13078] [U]  [ 660.424660][T13078] [U] [ 660.427417][T13078] [U] [ 660.430166][T13078] [U] [ 660.491474][T13078] [U] [ 660.494255][T13078] [U] [ 660.497024][T13078] [U] [ 660.499740][T13078] [U] [ 660.533461][T13078] [U] [ 660.536229][T13078] [U] [ 660.538981][T13078] [U] [ 660.541724][T13078] [U] [ 660.585408][T13078] [U] [ 660.588182][T13078] [U] [ 660.590922][T13078] [U] [ 660.593659][T13078] [U] [ 660.606865][T13078] [U] [ 660.609667][T13078] [U] [ 660.612422][T13078] [U] [ 660.615193][T13078] [U] [ 660.659581][T13078] [U] [ 660.662366][T13078] [U] [ 660.665126][T13078] [U] [ 660.667885][T13078] [U] [ 660.689528][T13078] [U] [ 660.692324][T13078] [U] [ 660.695077][T13078] [U] [ 660.697839][T13078] [U] [ 660.724432][T13078] [U] [ 660.727215][T13078] [U] [ 660.729971][T13078] [U] [ 660.732715][T13078] [U] [ 660.776236][T13078] [U] [ 660.779015][T13078] [U] [ 660.781768][T13078] [U] [ 660.784526][T13078] [U] [ 660.814568][T13078] [U] [ 660.817373][T13078] [U] [ 660.820133][T13078] [U] [ 660.822880][T13078] [U] [ 660.866039][T13078] [U] [ 660.868820][T13078] [U] [ 660.871547][T13078] [U] [ 660.874257][T13078] [U] [ 660.877427][T13078] [U] [ 660.880185][T13078] [U] [ 660.882924][T13078] [U] [ 660.885663][T13078] [U] [ 660.939779][T13078] [U] [ 660.942557][T13078] [U] [ 660.945271][T13078] [U] [ 660.948008][T13078] [U] [ 661.102716][T13078] [U] [ 665.473849][T13120] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 665.724085][T13146] random: crng reseeded on system resumption [ 665.760099][ T5973] ERROR: Out of memory at tomoyo_memory_ok. [ 665.784685][ T12] ERROR: Out of memory at tomoyo_memory_ok. [ 667.130688][T13158] syz.1.1848 (13158): /proc/13151/oom_adj is deprecated, please use /proc/13151/oom_score_adj instead. [ 670.725581][T13196] Process accounting paused [ 671.809158][T13228] vhci_hcd: invalid port number 16 [ 671.814358][T13228] vhci_hcd: USB_PORT_FEAT_U1/2_TIMEOUT req not supported for USB 2.0 roothub [ 672.274528][T13229] Process accounting resumed [ 672.628645][T13246] blktrace: Concurrent blktraces are not allowed on loop2 [ 675.958506][T13278] kexec: Could not allocate control_code_buffer [ 680.398484][T13309] Process accounting paused [ 681.633125][T13335] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1891'. [ 683.297482][T13364] FAULT_INJECTION: forcing a failure. [ 683.297482][T13364] name fail_futex, interval 1, probability 0, space 0, times 0 [ 683.360632][T13364] CPU: 1 UID: 0 PID: 13364 Comm: syz.1.1896 Not tainted syzkaller #0 PREEMPT(full) [ 683.360674][T13364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 683.360693][T13364] Call Trace: [ 683.360703][T13364] [ 683.360714][T13364] dump_stack_lvl+0x16c/0x1f0 [ 683.360757][T13364] should_fail_ex+0x512/0x640 [ 683.360804][T13364] get_futex_key+0x1d0/0x1560 [ 683.360841][T13364] ? __pfx_get_futex_key+0x10/0x10 [ 683.360873][T13364] ? futex_private_hash_put+0x176/0x300 [ 683.360917][T13364] futex_wake+0xea/0x530 [ 683.360961][T13364] ? futex_wait+0x120/0x380 [ 683.361008][T13364] ? __pfx_futex_wait+0x10/0x10 [ 683.361049][T13364] ? __pfx_futex_wake+0x10/0x10 [ 683.361089][T13364] ? __lock_acquire+0x62e/0x1ce0 [ 683.361163][T13364] do_futex+0x1e3/0x350 [ 683.361201][T13364] ? __pfx_do_futex+0x10/0x10 [ 683.361238][T13364] ? __fget_files+0x204/0x3c0 [ 683.361272][T13364] __x64_sys_futex+0x1e0/0x4c0 [ 683.361312][T13364] ? __pfx___x64_sys_futex+0x10/0x10 [ 683.361349][T13364] ? fdget_raw+0x14a/0x1d0 [ 683.361380][T13364] ? __x64_sys_quotactl_fd+0x378/0x540 [ 683.361415][T13364] do_syscall_64+0xcd/0x490 [ 683.361454][T13364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.361483][T13364] RIP: 0033:0x7f8dcf18ebe9 [ 683.361506][T13364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 683.361535][T13364] RSP: 002b:00007f8dd006f0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 683.361562][T13364] RAX: ffffffffffffffda RBX: 00007f8dcf3b6098 RCX: 00007f8dcf18ebe9 [ 683.361581][T13364] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8dcf3b609c [ 683.361599][T13364] RBP: 00007f8dcf3b6090 R08: 00007f8dd0091000 R09: 0000000000000000 [ 683.361616][T13364] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 683.361633][T13364] R13: 00007f8dcf3b6128 R14: 00007ffe09a4dbe0 R15: 00007ffe09a4dcc8 [ 683.361669][T13364] [ 683.811536][T13370] HfR: entered promiscuous mode [ 683.928335][T13370] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1898'. [ 683.937628][T13370] HfR: left promiscuous mode [ 684.055675][T13371] HfR: entered promiscuous mode [ 684.336675][T13379] rnbd_client L213: map_device: Parameters missing [ 684.740545][T13380] Process accounting resumed [ 685.575735][T13404] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1907'. [ 685.802171][T13401] zswap: compressor 000 not available [ 686.299420][T13423] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 687.617276][T13443] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 688.474242][T13456] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1916'. [ 690.393832][T13473] zswap: compressor 000 not available [ 691.253287][T13492] zswap: compressor 000 not available [ 691.674430][T13494] FAULT_INJECTION: forcing a failure. [ 691.674430][T13494] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 691.712530][T13509] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1926'. [ 691.723863][T13494] CPU: 1 UID: 0 PID: 13494 Comm: syz.1.1925 Not tainted syzkaller #0 PREEMPT(full) [ 691.723914][T13494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 691.723933][T13494] Call Trace: [ 691.723945][T13494] [ 691.723958][T13494] dump_stack_lvl+0x16c/0x1f0 [ 691.724010][T13494] should_fail_ex+0x512/0x640 [ 691.724065][T13494] should_fail_alloc_page+0xe7/0x130 [ 691.724114][T13494] prepare_alloc_pages+0x3c2/0x610 [ 691.724184][T13494] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 691.724232][T13494] ? find_held_lock+0x2b/0x80 [ 691.724267][T13494] ? page_table_check_set+0x627/0x750 [ 691.724315][T13494] ? page_table_check_set+0x631/0x750 [ 691.724356][T13494] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 691.724400][T13494] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 691.724450][T13494] ? const_folio_flags+0x5b/0x100 [ 691.724500][T13494] ? const_folio_flags+0x5b/0x100 [ 691.724557][T13494] ? folio_remove_rmap_pmd+0x2eb/0x7d0 [ 691.724598][T13494] ? split_huge_pmd_locked+0x116/0x3a10 [ 691.724649][T13494] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 691.724704][T13494] ? policy_nodemask+0xea/0x4e0 [ 691.724752][T13494] alloc_pages_mpol+0x1fb/0x550 [ 691.724799][T13494] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 691.724844][T13494] ? __split_huge_pmd+0x203/0x350 [ 691.724902][T13494] folio_alloc_mpol_noprof+0x36/0x2f0 [ 691.724957][T13494] vma_alloc_folio_noprof+0xed/0x1e0 [ 691.725010][T13494] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 691.725064][T13494] ? rcu_read_unlock+0x2d/0xb0 [ 691.725110][T13494] do_wp_page+0x1e5b/0x4f00 [ 691.725173][T13494] ? __pfx_do_wp_page+0x10/0x10 [ 691.725236][T13494] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 691.725289][T13494] ? ___pte_offset_map+0x2ad/0x4f0 [ 691.725342][T13494] __handle_mm_fault+0x1b2d/0x2a50 [ 691.725390][T13494] ? __pfx___handle_mm_fault+0x10/0x10 [ 691.725433][T13494] ? __lock_acquire+0xb97/0x1ce0 [ 691.725505][T13494] handle_mm_fault+0x589/0xd10 [ 691.725550][T13494] __get_user_pages+0x551/0x34a0 [ 691.725620][T13494] ? __pfx___get_user_pages+0x10/0x10 [ 691.725684][T13494] __gup_longterm_locked+0xa92/0x17e0 [ 691.725741][T13494] ? is_bpf_text_address+0x8a/0x1a0 [ 691.725787][T13494] ? __pfx___gup_longterm_locked+0x10/0x10 [ 691.725845][T13494] ? find_held_lock+0x2b/0x80 [ 691.725887][T13494] gup_fast_fallback+0xf78/0x23f0 [ 691.725947][T13494] ? __pfx_stack_trace_save+0x10/0x10 [ 691.726000][T13494] ? __kasan_kmalloc+0xaa/0xb0 [ 691.726039][T13494] ? __pfx_gup_fast_fallback+0x10/0x10 [ 691.726089][T13494] ? __x64_sys_futex+0x1e0/0x4c0 [ 691.726132][T13494] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.726194][T13494] get_user_pages_fast+0xa7/0xf0 [ 691.726249][T13494] ? __pfx_get_user_pages_fast+0x10/0x10 [ 691.726315][T13494] get_futex_key+0x2c6/0x1560 [ 691.726359][T13494] ? __pfx_get_futex_key+0x10/0x10 [ 691.726404][T13494] ? kasan_save_track+0x14/0x30 [ 691.726442][T13494] ? __kasan_kmalloc+0xaa/0xb0 [ 691.726484][T13494] futex_lock_pi+0x1cc/0x7c0 [ 691.726540][T13494] ? __pfx_futex_lock_pi+0x10/0x10 [ 691.726586][T13494] ? __futex_wait+0x24c/0x2f0 [ 691.726640][T13494] ? lockdep_hardirqs_on+0x7c/0x110 [ 691.726710][T13494] ? futex_private_hash_put+0x18a/0x300 [ 691.726754][T13494] ? __pfx_futex_wake_mark+0x10/0x10 [ 691.726821][T13494] ? do_writev+0x218/0x340 [ 691.726865][T13494] do_futex+0x11a/0x350 [ 691.726908][T13494] ? __pfx_do_futex+0x10/0x10 [ 691.726948][T13494] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 691.727006][T13494] __x64_sys_futex+0x1e0/0x4c0 [ 691.727055][T13494] ? __pfx___x64_sys_futex+0x10/0x10 [ 691.727100][T13494] ? xfd_validate_state+0x61/0x180 [ 691.727147][T13494] ? __pfx_do_writev+0x10/0x10 [ 691.727199][T13494] do_syscall_64+0xcd/0x490 [ 691.727242][T13494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 691.727271][T13494] RIP: 0033:0x7f8dcf18ebe9 [ 691.727293][T13494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 691.727321][T13494] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 691.727348][T13494] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 691.727367][T13494] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 691.727383][T13494] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000006 [ 691.727400][T13494] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 691.727417][T13494] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 691.727454][T13494] [ 693.282022][T13518] ALSA: mixer_oss: invalid OSS volume '' [ 696.570220][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.576589][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 697.360041][T13563] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1939'. [ 700.591673][T13604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1949'. [ 701.918905][T13614] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 702.013566][T13604] team0 (unregistering): Port device team_slave_0 removed [ 702.120989][T13604] team0 (unregistering): Port device team_slave_1 removed [ 702.230078][T13605] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1950'. [ 702.401137][T13612] zswap: compressor 000 not available [ 702.688571][T13626] FAULT_INJECTION: forcing a failure. [ 702.688571][T13626] name failslab, interval 1, probability 0, space 0, times 0 [ 702.780676][T13626] CPU: 1 UID: 0 PID: 13626 Comm: syz.2.1954 Not tainted syzkaller #0 PREEMPT(full) [ 702.780718][T13626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 702.780733][T13626] Call Trace: [ 702.780742][T13626] [ 702.780751][T13626] dump_stack_lvl+0x16c/0x1f0 [ 702.780787][T13626] should_fail_ex+0x512/0x640 [ 702.780822][T13626] ? __kmalloc_noprof+0xbf/0x510 [ 702.780852][T13626] ? unregister_netdevice_many_notify+0x626/0x24c0 [ 702.780890][T13626] should_failslab+0xc2/0x120 [ 702.780923][T13626] __kmalloc_noprof+0xd2/0x510 [ 702.780958][T13626] unregister_netdevice_many_notify+0x626/0x24c0 [ 702.780997][T13626] ? __pfx___might_resched+0x10/0x10 [ 702.781026][T13626] ? trace_contention_end+0xdd/0x130 [ 702.781061][T13626] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 702.781100][T13626] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 702.781156][T13626] ? __fsnotify_parent+0x24b/0xc40 [ 702.781186][T13626] ? __pfx___mutex_lock+0x10/0x10 [ 702.781233][T13626] unregister_netdevice_queue+0x305/0x3f0 [ 702.781272][T13626] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 702.781310][T13626] ? __pfx_locks_remove_file+0x10/0x10 [ 702.781339][T13626] ? __pfx_ppp_release+0x10/0x10 [ 702.781371][T13626] ppp_release+0x209/0x230 [ 702.781404][T13626] __fput+0x402/0xb70 [ 702.781452][T13626] task_work_run+0x14d/0x240 [ 702.781492][T13626] ? __pfx_task_work_run+0x10/0x10 [ 702.781531][T13626] ? __pfx___do_sys_close_range+0x10/0x10 [ 702.781567][T13626] exit_to_user_mode_loop+0xeb/0x110 [ 702.781604][T13626] do_syscall_64+0x3f6/0x490 [ 702.781640][T13626] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 702.781665][T13626] RIP: 0033:0x7fed27b8ebe9 [ 702.781687][T13626] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 702.781712][T13626] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 702.781734][T13626] RAX: 0000000000000000 RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 702.781750][T13626] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 702.781764][T13626] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 702.781778][T13626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 702.781793][T13626] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 702.781823][T13626] [ 703.639407][T13620] Process accounting paused [ 703.942682][T13600] Process accounting resumed [ 704.042470][T13634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1957'. [ 704.642247][T13646] : Can't lookup blockdev [ 705.137815][ T30] audit: type=1800 audit(4294967648.614:25): pid=13660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1965" name="dbroot" dev="configfs" ino=45208 res=0 errno=0 [ 706.906212][T13688] program syz.3.1969 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 708.048159][T13720] ptrace attach of "./syz-executor exec"[5860] was attempted by ""[13720] [ 708.481603][T13736] ERROR: Out of memory at tomoyo_memory_ok. [ 708.604948][T13736] openvswitch: HfR: Dropping previously announced user features [ 710.595549][ T5973] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm kworker/u8:9: bg 2: bad block bitmap checksum [ 710.610134][ T5973] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 965 with max blocks 4 with error 74 [ 710.624171][ T5973] EXT4-fs (sda1): This should not happen!! Data will be lost [ 710.624171][ T5973] [ 710.639517][T13771] tipc: Started in network mode [ 710.665271][T13771] tipc: Node identity ee00, cluster identity 4711 [ 710.741241][T13761] Process accounting resumed [ 710.810078][T13771] tipc: Node number set to 60928 [ 711.264114][T13768] netlink: 17 bytes leftover after parsing attributes in process `syz.2.1988'. [ 711.356777][T13767] ima: policy update failed [ 711.387607][ T30] audit: type=1802 audit(4294967654.834:26): pid=13767 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1988" res=0 errno=0 [ 712.205026][T13798] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1995'. [ 712.737035][T13798] team0 (unregistering): Port device team_slave_0 removed [ 712.760424][T13798] team0 (unregistering): Port device team_slave_1 removed [ 713.152168][T13811] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2001'. [ 714.989716][T13843] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2008'. [ 715.240230][T13843] team0 (unregistering): Port device team_slave_0 removed [ 715.258617][T13843] team0 (unregistering): Port device team_slave_1 removed [ 715.397626][T13835] Process accounting paused [ 715.535799][ T30] audit: type=1804 audit(4294967659.004:27): pid=13854 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2011" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 715.599836][T13858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2012'. [ 715.611895][T13858] netlink: 354 bytes leftover after parsing attributes in process `syz.0.2012'. [ 716.087673][T12638] Bluetooth: hci4: command 0x1003 tx timeout [ 716.094330][ T51] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 716.207456][T13865] mkiss: ax0: crc mode is auto. [ 716.601975][T13879] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 720.214127][T13912] FAULT_INJECTION: forcing a failure. [ 720.214127][T13912] name failslab, interval 1, probability 0, space 0, times 0 [ 720.227073][T13912] CPU: 0 UID: 0 PID: 13912 Comm: syz.2.2024 Not tainted syzkaller #0 PREEMPT(full) [ 720.227123][T13912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 720.227143][T13912] Call Trace: [ 720.227154][T13912] [ 720.227167][T13912] dump_stack_lvl+0x16c/0x1f0 [ 720.227217][T13912] should_fail_ex+0x512/0x640 [ 720.227264][T13912] ? __kvmalloc_node_noprof+0x124/0x620 [ 720.227307][T13912] should_failslab+0xc2/0x120 [ 720.227353][T13912] __kvmalloc_node_noprof+0x137/0x620 [ 720.227393][T13912] ? alloc_fdtable+0x175/0x2d0 [ 720.227433][T13912] ? alloc_fdtable+0x175/0x2d0 [ 720.227466][T13912] alloc_fdtable+0x175/0x2d0 [ 720.227503][T13912] dup_fd+0x83b/0xb90 [ 720.227546][T13912] ? apparmor_task_alloc+0x2c2/0x3b0 [ 720.227587][T13912] copy_process+0x230c/0x7690 [ 720.227633][T13912] ? __pfx___futex_wait+0x10/0x10 [ 720.227699][T13912] ? __pfx_copy_process+0x10/0x10 [ 720.227741][T13912] ? futex_private_hash_put+0x176/0x300 [ 720.227788][T13912] ? futex_private_hash_put+0x18a/0x300 [ 720.227838][T13912] kernel_clone+0xfc/0x930 [ 720.227885][T13912] ? __pfx_kernel_clone+0x10/0x10 [ 720.227955][T13912] __do_sys_clone+0xce/0x120 [ 720.228009][T13912] ? __pfx___do_sys_clone+0x10/0x10 [ 720.228073][T13912] ? xfd_validate_state+0x61/0x180 [ 720.228139][T13912] do_syscall_64+0xcd/0x490 [ 720.228188][T13912] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.228222][T13912] RIP: 0033:0x7fed27b8ebe9 [ 720.228249][T13912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 720.228283][T13912] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 720.228314][T13912] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 720.228336][T13912] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 0000000000000001 [ 720.228357][T13912] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 720.228378][T13912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.228399][T13912] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 720.228442][T13912] [ 721.837961][T13938] netlink: 338 bytes leftover after parsing attributes in process `syz.0.2029'. [ 723.475046][T13957] Invalid ELF header magic: != ELF [ 725.997754][T13998] vhci_hcd: invalid port number 16 [ 726.013258][T13998] vhci_hcd: invalid port number 16 [ 729.456375][T14027] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 731.920837][T14059] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 731.927945][T14059] CPU: 1 UID: 0 PID: 14059 Comm: syz.0.2061 Not tainted syzkaller #0 PREEMPT(full) [ 731.927986][T14059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 731.928004][T14059] Call Trace: [ 731.928014][T14059] [ 731.928025][T14059] dump_stack_lvl+0x16c/0x1f0 [ 731.928070][T14059] sysfs_warn_dup+0x7f/0xa0 [ 731.928108][T14059] sysfs_create_dir_ns+0x24b/0x2b0 [ 731.928147][T14059] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 731.928179][T14059] ? find_held_lock+0x2b/0x80 [ 731.928214][T14059] ? nfs_netns_namespace+0xd/0x40 [ 731.928244][T14059] kobject_add_internal+0x2c4/0x9b0 [ 731.928292][T14059] kobject_init_and_add+0x11b/0x190 [ 731.928336][T14059] ? __pfx_kobject_init_and_add+0x10/0x10 [ 731.928399][T14059] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 731.928432][T14059] nfs_net_init+0x10a/0x340 [ 731.928466][T14059] ? __pfx_nfs_net_init+0x10/0x10 [ 731.928498][T14059] ops_init+0x1e2/0x5f0 [ 731.928541][T14059] setup_net+0x10f/0x380 [ 731.928577][T14059] ? lockdep_init_map_type+0x5c/0x280 [ 731.928616][T14059] ? __pfx_setup_net+0x10/0x10 [ 731.928657][T14059] ? debug_mutex_init+0x37/0x70 [ 731.928697][T14059] copy_net_ns+0x2a6/0x5f0 [ 731.928744][T14059] create_new_namespaces+0x3ea/0xa90 [ 731.928786][T14059] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 731.928822][T14059] ksys_unshare+0x45b/0xa40 [ 731.928861][T14059] ? __pfx_ksys_unshare+0x10/0x10 [ 731.928902][T14059] ? do_user_addr_fault+0x843/0x1370 [ 731.928956][T14059] __x64_sys_unshare+0x31/0x40 [ 731.928993][T14059] do_syscall_64+0xcd/0x490 [ 731.929033][T14059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.929062][T14059] RIP: 0033:0x7ff88358ebe9 [ 731.929085][T14059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.929119][T14059] RSP: 002b:00007ff884367038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 731.929146][T14059] RAX: ffffffffffffffda RBX: 00007ff8837b5fa0 RCX: 00007ff88358ebe9 [ 731.929165][T14059] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 731.929182][T14059] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 731.929200][T14059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.929216][T14059] R13: 00007ff8837b6038 R14: 00007ff8837b5fa0 R15: 00007ffed5f33ca8 [ 731.929257][T14059] [ 731.929423][T14059] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 734.590122][T14067] Process accounting resumed [ 734.673507][T14086] Process accounting paused [ 737.794584][ T51] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 741.182490][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 741.193931][T14147] Process accounting paused [ 741.740200][T14171] zswap: compressor not available [ 742.387892][T14187] vhci_hcd: invalid port number 23 [ 742.393239][T14187] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 742.845912][T14196] Invalid ELF header magic: != ELF [ 743.166115][T14196] FAULT_INJECTION: forcing a failure. [ 743.166115][T14196] name failslab, interval 1, probability 0, space 0, times 0 [ 743.183530][T14196] CPU: 1 UID: 0 PID: 14196 Comm: syz.1.2091 Not tainted syzkaller #0 PREEMPT(full) [ 743.183579][T14196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 743.183601][T14196] Call Trace: [ 743.183612][T14196] [ 743.183625][T14196] dump_stack_lvl+0x16c/0x1f0 [ 743.183679][T14196] should_fail_ex+0x512/0x640 [ 743.183726][T14196] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 743.183767][T14196] should_failslab+0xc2/0x120 [ 743.183814][T14196] __kmalloc_cache_noprof+0x6a/0x3e0 [ 743.183850][T14196] ? __kasan_kmalloc+0xaa/0xb0 [ 743.183886][T14196] ? vhost_task_create+0xe5/0x2e0 [ 743.183937][T14196] ? __pfx_vhost_worker_killed+0x10/0x10 [ 743.183993][T14196] ? __pfx_vhost_run_work_list+0x10/0x10 [ 743.184040][T14196] vhost_task_create+0xe5/0x2e0 [ 743.184089][T14196] ? __pfx_vhost_task_create+0x10/0x10 [ 743.184139][T14196] ? vsnprintf+0x318/0x1160 [ 743.184189][T14196] ? __pfx_vhost_task_fn+0x10/0x10 [ 743.184247][T14196] ? snprintf+0xc7/0x100 [ 743.184290][T14196] vhost_task_worker_create+0x8d/0x200 [ 743.184336][T14196] ? __pfx_vhost_task_worker_create+0x10/0x10 [ 743.184381][T14196] ? lockdep_init_map_type+0x5c/0x280 [ 743.184438][T14196] ? lockdep_init_map_type+0x5c/0x280 [ 743.184491][T14196] vhost_worker_create+0x240/0x310 [ 743.184535][T14196] ? rcu_is_watching+0x12/0xc0 [ 743.184570][T14196] ? __pfx_vhost_worker_create+0x10/0x10 [ 743.184615][T14196] ? __kmalloc_noprof+0x242/0x510 [ 743.184665][T14196] vhost_dev_set_owner+0x742/0xa50 [ 743.184713][T14196] vhost_dev_ioctl+0x2eb/0xe20 [ 743.184745][T14196] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 743.184802][T14196] ? __pfx_vhost_dev_ioctl+0x10/0x10 [ 743.184852][T14196] vhost_vsock_dev_ioctl+0x3a5/0xb30 [ 743.184903][T14196] ? hook_file_ioctl_common+0x145/0x410 [ 743.184956][T14196] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 743.185022][T14196] ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10 [ 743.185074][T14196] __x64_sys_ioctl+0x18e/0x210 [ 743.185132][T14196] do_syscall_64+0xcd/0x490 [ 743.185181][T14196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 743.185215][T14196] RIP: 0033:0x7f8dcf18ebe9 [ 743.185243][T14196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 743.185276][T14196] RSP: 002b:00007f8dd0090038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 743.185309][T14196] RAX: ffffffffffffffda RBX: 00007f8dcf3b5fa0 RCX: 00007f8dcf18ebe9 [ 743.185331][T14196] RDX: 0000000000000000 RSI: 000000000000af01 RDI: 0000000000000003 [ 743.185350][T14196] RBP: 00007f8dcf211e19 R08: 0000000000000000 R09: 0000000000000000 [ 743.185370][T14196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 743.185389][T14196] R13: 00007f8dcf3b6038 R14: 00007f8dcf3b5fa0 R15: 00007ffe09a4dcc8 [ 743.185431][T14196] [ 743.584045][T14210] netlink: 122 bytes leftover after parsing attributes in process `syz.2.2096'. [ 743.991332][T14218] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2097'. [ 744.082867][T14224] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2097'. [ 744.378634][ T4090] EXT4-fs (sda1): Delayed block allocation failed for inode 2027 at logical offset 935 with max blocks 34 with error 117 [ 744.392588][ T4090] EXT4-fs (sda1): This should not happen!! Data will be lost [ 744.392588][ T4090] [ 745.603229][T14228] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2099'. [ 746.019588][T14244] Invalid ELF header magic: != ELF [ 747.683495][T14222] Process accounting resumed [ 747.798635][ T5973] ERROR: Out of memory at tomoyo_memory_ok. [ 747.815018][T12613] ERROR: Out of memory at tomoyo_memory_ok. [ 748.115495][T14260] serio: Serial port pty6 [ 748.995012][T14280] __vm_enough_memory: pid: 14280, comm: syz.3.2113, bytes: 4398046511104 not enough memory for the allocation [ 749.169225][T14276] sp0: Synchronizing with TNC [ 749.355642][T14262] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 749.368082][T14262] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 749.374337][T14262] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 749.396032][T14262] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 749.571464][T14262] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 749.586207][T14262] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 749.927125][T12638] Bluetooth: hci2: command 0x0c1a tx timeout [ 751.497002][T12638] Bluetooth: hci0: command 0x0c1a tx timeout [ 751.503099][T12638] Bluetooth: hci1: command 0x0c1a tx timeout [ 751.606921][T12638] Bluetooth: hci3: command 0x0c1a tx timeout [ 752.057342][T14311] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 752.087387][T14311] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 752.105592][T14311] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 752.187253][T14311] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 753.606491][T14332] QAT: Stopping all acceleration devices. [ 754.104792][T12638] Bluetooth: hci2: command 0x0c1a tx timeout [ 754.167072][ T51] Bluetooth: hci1: command 0x0c1a tx timeout [ 754.173200][T12638] Bluetooth: hci0: command 0x0c1a tx timeout [ 754.247039][T12638] Bluetooth: hci3: command 0x0c1a tx timeout [ 754.776605][T14343] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2128'. [ 755.054129][T14351] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2131'. [ 756.266593][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805c92f800: rx timeout, send abort [ 756.276872][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805c92f800: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 756.497931][ T5215] ERROR: Out of memory at tomoyo_memory_ok. [ 757.046677][T14370] netlink: 330 bytes leftover after parsing attributes in process `syz.2.2135'. [ 757.096953][T14370] net veth1_virt_wifi : renamed from virt_wifi0 [ 757.241784][T14372] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2136'. [ 757.347226][T14380] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2137'. [ 757.509733][T14380] bridge0: port 2(bridge_slave_1) entered disabled state [ 757.568956][T14380] bridge_slave_1 (unregistering): left allmulticast mode [ 757.576291][T14380] bridge_slave_1 (unregistering): left promiscuous mode [ 757.583688][T14380] bridge0: port 2(bridge_slave_1) entered disabled state [ 758.013230][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 758.023203][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.038613][T14392] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2139'. [ 758.259762][T14385] could not allocate digest TFM handle [ 758.287985][T14396] input: jJǸ;9%vlQ J86 as /devices/virtual/input/input23 [ 758.305029][ T5218] ERROR: Out of memory at tomoyo_memory_ok. [ 758.487632][T14400] ubi0: attaching mtd0 [ 758.499551][T14400] ubi0: scanning is finished [ 758.505930][T14400] ubi0 error: ubi_read_volume_table: the layout volume was not found [ 758.879505][T14400] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd0, error -22 [ 759.496337][T14415] binder: 14414:14415 unknown command 4294967282 [ 759.506888][T14415] binder: 14414:14415 ioctl c0306201 2000000000c0 returned -22 [ 759.559963][T14415] sysfs: cannot create duplicate filename '/fs/nfs/net' [ 759.597127][T14415] CPU: 1 UID: 0 PID: 14415 Comm: syz.2.2148 Not tainted syzkaller #0 PREEMPT(full) [ 759.597190][T14415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 759.597211][T14415] Call Trace: [ 759.597222][T14415] [ 759.597236][T14415] dump_stack_lvl+0x16c/0x1f0 [ 759.597285][T14415] sysfs_warn_dup+0x7f/0xa0 [ 759.597326][T14415] sysfs_create_dir_ns+0x24b/0x2b0 [ 759.597444][T14415] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 759.597485][T14415] ? find_held_lock+0x2b/0x80 [ 759.597527][T14415] ? nfs_netns_namespace+0xd/0x40 [ 759.597564][T14415] kobject_add_internal+0x2c4/0x9b0 [ 759.597621][T14415] kobject_init_and_add+0x11b/0x190 [ 759.597673][T14415] ? __pfx_kobject_init_and_add+0x10/0x10 [ 759.597748][T14415] nfs_netns_sysfs_setup+0xf9/0x1f0 [ 759.597787][T14415] nfs_net_init+0x10a/0x340 [ 759.597829][T14415] ? __pfx_nfs_net_init+0x10/0x10 [ 759.597868][T14415] ops_init+0x1e2/0x5f0 [ 759.597920][T14415] setup_net+0x10f/0x380 [ 759.597963][T14415] ? lockdep_init_map_type+0x5c/0x280 [ 759.598010][T14415] ? __pfx_setup_net+0x10/0x10 [ 759.598059][T14415] ? debug_mutex_init+0x37/0x70 [ 759.598098][T14415] copy_net_ns+0x2a6/0x5f0 [ 759.598154][T14415] create_new_namespaces+0x3ea/0xa90 [ 759.598202][T14415] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 759.598245][T14415] ksys_unshare+0x45b/0xa40 [ 759.598293][T14415] ? __pfx_ksys_unshare+0x10/0x10 [ 759.598342][T14415] ? xfd_validate_state+0x61/0x180 [ 759.598412][T14415] __x64_sys_unshare+0x31/0x40 [ 759.598460][T14415] do_syscall_64+0xcd/0x490 [ 759.598509][T14415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.598543][T14415] RIP: 0033:0x7fed27b8ebe9 [ 759.598568][T14415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 759.598602][T14415] RSP: 002b:00007fed2898c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 759.598635][T14415] RAX: ffffffffffffffda RBX: 00007fed27db5fa0 RCX: 00007fed27b8ebe9 [ 759.598656][T14415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 759.598677][T14415] RBP: 00007fed27c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 759.598697][T14415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 759.598717][T14415] R13: 00007fed27db6038 R14: 00007fed27db5fa0 R15: 00007ffdf53792a8 [ 759.598762][T14415] [ 759.900194][T14415] kobject: kobject_add_internal failed for net with -EEXIST, don't try to register things with the same name in the same directory. [ 760.197739][T14415] ERROR: Out of memory at tomoyo_memory_ok. [ 762.859764][T14446] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2154'. [ 763.605884][T14454] random: crng reseeded on system resumption [ 763.637457][T14454] FAULT_INJECTION: forcing a failure. [ 763.637457][T14454] name failslab, interval 1, probability 0, space 0, times 0 [ 763.716910][T14454] CPU: 1 UID: 0 PID: 14454 Comm: syz.0.2157 Not tainted syzkaller #0 PREEMPT(full) [ 763.716957][T14454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 763.716978][T14454] Call Trace: [ 763.716989][T14454] [ 763.717002][T14454] dump_stack_lvl+0x16c/0x1f0 [ 763.717056][T14454] should_fail_ex+0x512/0x640 [ 763.717113][T14454] should_failslab+0xc2/0x120 [ 763.717166][T14454] __kmalloc_cache_noprof+0x6a/0x3e0 [ 763.717201][T14454] ? do_raw_spin_lock+0x12c/0x2b0 [ 763.717266][T14454] ? find_held_lock+0x2b/0x80 [ 763.717296][T14454] ? async_schedule_node_domain+0x54/0x120 [ 763.717342][T14454] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 763.717386][T14454] async_schedule_node_domain+0x54/0x120 [ 763.717430][T14454] dev_cache_fw_image+0x38e/0x490 [ 763.717475][T14454] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 763.717523][T14454] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 763.717564][T14454] dpm_for_each_dev+0x5a/0xb0 [ 763.717601][T14454] fw_pm_notify+0x81/0x150 [ 763.717637][T14454] notifier_call_chain+0xbc/0x410 [ 763.717679][T14454] ? __pfx_fw_pm_notify+0x10/0x10 [ 763.717725][T14454] blocking_notifier_call_chain_robust+0xc8/0x160 [ 763.717773][T14454] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 763.717836][T14454] pm_notifier_call_chain_robust+0x27/0x60 [ 763.717883][T14454] snapshot_open+0x218/0x2b0 [ 763.717922][T14454] ? __pfx_snapshot_open+0x10/0x10 [ 763.717965][T14454] misc_open+0x35a/0x420 [ 763.718004][T14454] ? __pfx_misc_open+0x10/0x10 [ 763.718040][T14454] chrdev_open+0x234/0x6a0 [ 763.718084][T14454] ? __pfx_apparmor_file_open+0x10/0x10 [ 763.718121][T14454] ? __pfx_chrdev_open+0x10/0x10 [ 763.718168][T14454] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 763.718216][T14454] do_dentry_open+0x982/0x1530 [ 763.718266][T14454] ? __pfx_chrdev_open+0x10/0x10 [ 763.718321][T14454] vfs_open+0x82/0x3f0 [ 763.718389][T14454] path_openat+0x1de4/0x2cb0 [ 763.718462][T14454] ? __pfx_path_openat+0x10/0x10 [ 763.718515][T14454] do_filp_open+0x20b/0x470 [ 763.718557][T14454] ? __pfx_do_filp_open+0x10/0x10 [ 763.718631][T14454] ? alloc_fd+0x471/0x7d0 [ 763.718681][T14454] do_sys_openat2+0x11b/0x1d0 [ 763.718733][T14454] ? __pfx_do_sys_openat2+0x10/0x10 [ 763.718804][T14454] __x64_sys_openat+0x174/0x210 [ 763.718859][T14454] ? __pfx___x64_sys_openat+0x10/0x10 [ 763.718942][T14454] do_syscall_64+0xcd/0x490 [ 763.718991][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 763.719024][T14454] RIP: 0033:0x7ff88358ebe9 [ 763.719051][T14454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 763.719083][T14454] RSP: 002b:00007ff884346038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 763.719115][T14454] RAX: ffffffffffffffda RBX: 00007ff8837b6090 RCX: 00007ff88358ebe9 [ 763.719136][T14454] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 763.719157][T14454] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 763.719176][T14454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 763.719196][T14454] R13: 00007ff8837b6128 R14: 00007ff8837b6090 R15: 00007ffed5f33ca8 [ 763.719240][T14454] [ 763.723591][T14454] [ 764.036383][T14454] ====================================================== [ 764.043418][T14454] WARNING: possible circular locking dependency detected [ 764.050452][T14454] syzkaller #0 Not tainted [ 764.054875][T14454] ------------------------------------------------------ [ 764.061901][T14454] syz.0.2157/14454 is trying to acquire lock: [ 764.067977][T14454] ffff8880779eab08 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}, at: process_measurement+0x7e0/0x23e0 [ 764.078645][T14454] [ 764.078645][T14454] but task is already holding lock: [ 764.086042][T14454] ffffffff8f5174a8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 764.094962][T14454] [ 764.094962][T14454] which lock already depends on the new lock. [ 764.094962][T14454] [ 764.105402][T14454] [ 764.105402][T14454] the existing dependency chain (in reverse order) is: [ 764.114436][T14454] [ 764.114436][T14454] -> #4 (dpm_list_mtx){+.+.}-{4:4}: [ 764.121864][T14454] __mutex_lock+0x193/0x1060 [ 764.127044][T14454] device_pm_add+0x87/0x3e0 [ 764.132105][T14454] device_add+0x9cd/0x1aa0 [ 764.137060][T14454] device_create_groups_vargs+0x1f8/0x270 [ 764.143324][T14454] device_create+0xed/0x130 [ 764.148377][T14454] msr_device_create+0x31/0x70 [ 764.153893][T14454] cpuhp_invoke_callback+0x3d5/0xa10 [ 764.159726][T14454] cpuhp_thread_fun+0x47e/0x6f0 [ 764.165131][T14454] smpboot_thread_fn+0x3f4/0xae0 [ 764.170624][T14454] kthread+0x3c5/0x780 [ 764.175256][T14454] ret_from_fork+0x5d4/0x6f0 [ 764.180409][T14454] ret_from_fork_asm+0x1a/0x30 [ 764.185810][T14454] [ 764.185810][T14454] -> #3 (cpuhp_state-up){+.+.}-{0:0}: [ 764.193397][T14454] cpuhp_thread_fun+0x193/0x6f0 [ 764.198789][T14454] smpboot_thread_fn+0x3f4/0xae0 [ 764.204270][T14454] kthread+0x3c5/0x780 [ 764.208977][T14454] ret_from_fork+0x5d4/0x6f0 [ 764.214124][T14454] ret_from_fork_asm+0x1a/0x30 [ 764.219434][T14454] [ 764.219434][T14454] -> #2 (cpu_hotplug_lock){++++}-{0:0}: [ 764.227198][T14454] cpus_read_lock+0x42/0x160 [ 764.232335][T14454] ring_buffer_resize+0x105/0x15c0 [ 764.238036][T14454] tracing_update_buffers+0x15e/0x1f0 [ 764.243982][T14454] event_pid_write.isra.0+0xf8/0x7f0 [ 764.249832][T14454] vfs_write+0x2a0/0x11d0 [ 764.254741][T14454] ksys_write+0x12a/0x250 [ 764.259616][T14454] do_syscall_64+0xcd/0x490 [ 764.264688][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.271124][T14454] [ 764.271124][T14454] -> #1 (trace_types_lock){+.+.}-{4:4}: [ 764.278893][T14454] __mutex_lock+0x193/0x1060 [ 764.284037][T14454] tracing_check_open_get_tr.part.0+0x49/0x190 [ 764.290745][T14454] tracing_open_generic_tr+0x66/0xf0 [ 764.296582][T14454] do_dentry_open+0x982/0x1530 [ 764.301917][T14454] vfs_open+0x82/0x3f0 [ 764.306634][T14454] dentry_open+0x71/0xd0 [ 764.311429][T14454] ima_calc_file_hash+0x2b6/0x490 [ 764.316998][T14454] ima_collect_measurement+0x899/0xa40 [ 764.323006][T14454] process_measurement+0x11fa/0x23e0 [ 764.328832][T14454] ima_file_check+0xc5/0x110 [ 764.333962][T14454] security_file_post_open+0x8e/0x210 [ 764.339886][T14454] path_openat+0x1404/0x2cb0 [ 764.345026][T14454] do_filp_open+0x20b/0x470 [ 764.350086][T14454] do_sys_openat2+0x11b/0x1d0 [ 764.355334][T14454] __x64_sys_openat+0x174/0x210 [ 764.360755][T14454] do_syscall_64+0xcd/0x490 [ 764.365823][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.372262][T14454] [ 764.372262][T14454] -> #0 (&ima_iint_mutex_key[depth]){+.+.}-{4:4}: [ 764.380894][T14454] __lock_acquire+0x12a6/0x1ce0 [ 764.386308][T14454] lock_acquire+0x179/0x350 [ 764.391376][T14454] __mutex_lock+0x193/0x1060 [ 764.396514][T14454] process_measurement+0x7e0/0x23e0 [ 764.402255][T14454] ima_file_check+0xc5/0x110 [ 764.407387][T14454] security_file_post_open+0x8e/0x210 [ 764.413308][T14454] path_openat+0x1404/0x2cb0 [ 764.418442][T14454] do_file_open_root+0x322/0x610 [ 764.423927][T14454] file_open_root+0x2a7/0x450 [ 764.429148][T14454] kernel_read_file_from_path_initns+0x189/0x260 [ 764.436032][T14454] _request_firmware+0x744/0x1470 [ 764.441604][T14454] __async_dev_cache_fw_image+0xb1/0x340 [ 764.447786][T14454] async_schedule_node_domain+0xd1/0x120 [ 764.453965][T14454] dev_cache_fw_image+0x38e/0x490 [ 764.459531][T14454] dpm_for_each_dev+0x5a/0xb0 [ 764.464749][T14454] fw_pm_notify+0x81/0x150 [ 764.469703][T14454] notifier_call_chain+0xbc/0x410 [ 764.475276][T14454] blocking_notifier_call_chain_robust+0xc8/0x160 [ 764.482245][T14454] pm_notifier_call_chain_robust+0x27/0x60 [ 764.488607][T14454] snapshot_open+0x218/0x2b0 [ 764.493742][T14454] misc_open+0x35a/0x420 [ 764.498527][T14454] chrdev_open+0x234/0x6a0 [ 764.503495][T14454] do_dentry_open+0x982/0x1530 [ 764.508806][T14454] vfs_open+0x82/0x3f0 [ 764.513430][T14454] path_openat+0x1de4/0x2cb0 [ 764.518562][T14454] do_filp_open+0x20b/0x470 [ 764.523608][T14454] do_sys_openat2+0x11b/0x1d0 [ 764.528837][T14454] __x64_sys_openat+0x174/0x210 [ 764.534251][T14454] do_syscall_64+0xcd/0x490 [ 764.539309][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.545739][T14454] [ 764.545739][T14454] other info that might help us debug this: [ 764.545739][T14454] [ 764.555977][T14454] Chain exists of: [ 764.555977][T14454] &ima_iint_mutex_key[depth] --> cpuhp_state-up --> dpm_list_mtx [ 764.555977][T14454] [ 764.569661][T14454] Possible unsafe locking scenario: [ 764.569661][T14454] [ 764.577122][T14454] CPU0 CPU1 [ 764.582495][T14454] ---- ---- [ 764.587868][T14454] lock(dpm_list_mtx); [ 764.592044][T14454] lock(cpuhp_state-up); [ 764.598910][T14454] lock(dpm_list_mtx); [ 764.605621][T14454] lock(&ima_iint_mutex_key[depth]); [ 764.611009][T14454] [ 764.611009][T14454] *** DEADLOCK *** [ 764.611009][T14454] [ 764.619159][T14454] 5 locks held by syz.0.2157/14454: [ 764.624364][T14454] #0: ffffffff8f307028 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x63/0x420 [ 764.632851][T14454] #1: ffffffff8e484808 (system_transition_mutex){+.+.}-{4:4}, at: lock_system_sleep+0x87/0xa0 [ 764.643252][T14454] #2: ffffffff8e4c4c70 ((pm_chain_head).rwsem){++++}-{4:4}, at: blocking_notifier_call_chain_robust+0xa8/0x160 [ 764.655152][T14454] #3: ffffffff8f51caa8 (fw_lock){+.+.}-{4:4}, at: fw_pm_notify+0x69/0x150 [ 764.663818][T14454] #4: ffffffff8f5174a8 (dpm_list_mtx){+.+.}-{4:4}, at: dpm_for_each_dev+0x2d/0xb0 [ 764.673177][T14454] [ 764.673177][T14454] stack backtrace: [ 764.679081][T14454] CPU: 1 UID: 0 PID: 14454 Comm: syz.0.2157 Not tainted syzkaller #0 PREEMPT(full) [ 764.679117][T14454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 764.679133][T14454] Call Trace: [ 764.679143][T14454] [ 764.679154][T14454] dump_stack_lvl+0x116/0x1f0 [ 764.679193][T14454] print_circular_bug+0x275/0x350 [ 764.679229][T14454] check_noncircular+0x14c/0x170 [ 764.679268][T14454] __lock_acquire+0x12a6/0x1ce0 [ 764.679309][T14454] lock_acquire+0x179/0x350 [ 764.679344][T14454] ? process_measurement+0x7e0/0x23e0 [ 764.679373][T14454] ? __pfx___might_resched+0x10/0x10 [ 764.679403][T14454] ? process_measurement+0x7e0/0x23e0 [ 764.679429][T14454] __mutex_lock+0x193/0x1060 [ 764.679466][T14454] ? process_measurement+0x7e0/0x23e0 [ 764.679497][T14454] ? __pfx___mutex_lock+0x10/0x10 [ 764.679534][T14454] ? __pfx___might_resched+0x10/0x10 [ 764.679561][T14454] ? find_held_lock+0x2b/0x80 [ 764.679587][T14454] ? down_write+0x14d/0x200 [ 764.679630][T14454] ? process_measurement+0x7e0/0x23e0 [ 764.679658][T14454] process_measurement+0x7e0/0x23e0 [ 764.679690][T14454] ? __pfx_process_measurement+0x10/0x10 [ 764.679721][T14454] ? find_held_lock+0x2b/0x80 [ 764.679747][T14454] ? fscrypt_file_open+0x47c/0x590 [ 764.679796][T14454] ? __pfx___fsnotify_parent+0x10/0x10 [ 764.679824][T14454] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 764.679858][T14454] ima_file_check+0xc5/0x110 [ 764.679885][T14454] ? __pfx_ima_file_check+0x10/0x10 [ 764.679920][T14454] ? vfs_open+0x2e3/0x3f0 [ 764.679961][T14454] security_file_post_open+0x8e/0x210 [ 764.679998][T14454] path_openat+0x1404/0x2cb0 [ 764.680033][T14454] ? trace_kmem_cache_alloc+0x28/0xc0 [ 764.680076][T14454] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 764.680113][T14454] ? __pfx_path_openat+0x10/0x10 [ 764.680145][T14454] ? __asan_memcpy+0x3c/0x60 [ 764.680175][T14454] do_file_open_root+0x322/0x610 [ 764.680209][T14454] ? __pfx_do_file_open_root+0x10/0x10 [ 764.680257][T14454] ? vsnprintf+0x318/0x1160 [ 764.680291][T14454] file_open_root+0x2a7/0x450 [ 764.680325][T14454] ? __pfx_file_open_root+0x10/0x10 [ 764.680358][T14454] ? find_held_lock+0x2b/0x80 [ 764.680384][T14454] ? kernel_read_file_from_path_initns+0x17a/0x260 [ 764.680429][T14454] kernel_read_file_from_path_initns+0x189/0x260 [ 764.680473][T14454] ? __pfx_kernel_read_file_from_path_initns+0x10/0x10 [ 764.680515][T14454] ? trace_kmem_cache_alloc+0x28/0xc0 [ 764.680557][T14454] ? _request_firmware+0x503/0x1470 [ 764.680593][T14454] _request_firmware+0x744/0x1470 [ 764.680630][T14454] ? __pfx__request_firmware+0x10/0x10 [ 764.680665][T14454] ? dump_stack_lvl+0x1a3/0x1f0 [ 764.680701][T14454] __async_dev_cache_fw_image+0xb1/0x340 [ 764.680736][T14454] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 764.680773][T14454] ? mark_held_locks+0x49/0x80 [ 764.680807][T14454] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 764.680840][T14454] ? __pfx___async_dev_cache_fw_image+0x10/0x10 [ 764.680877][T14454] async_schedule_node_domain+0xd1/0x120 [ 764.680916][T14454] dev_cache_fw_image+0x38e/0x490 [ 764.680948][T14454] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 764.680982][T14454] ? __pfx_dev_cache_fw_image+0x10/0x10 [ 764.681013][T14454] dpm_for_each_dev+0x5a/0xb0 [ 764.681040][T14454] fw_pm_notify+0x81/0x150 [ 764.681068][T14454] notifier_call_chain+0xbc/0x410 [ 764.681107][T14454] ? __pfx_fw_pm_notify+0x10/0x10 [ 764.681138][T14454] blocking_notifier_call_chain_robust+0xc8/0x160 [ 764.681178][T14454] ? __pfx_blocking_notifier_call_chain_robust+0x10/0x10 [ 764.681222][T14454] pm_notifier_call_chain_robust+0x27/0x60 [ 764.681260][T14454] snapshot_open+0x218/0x2b0 [ 764.681292][T14454] ? __pfx_snapshot_open+0x10/0x10 [ 764.681325][T14454] misc_open+0x35a/0x420 [ 764.681354][T14454] ? __pfx_misc_open+0x10/0x10 [ 764.681382][T14454] chrdev_open+0x234/0x6a0 [ 764.681416][T14454] ? __pfx_apparmor_file_open+0x10/0x10 [ 764.681446][T14454] ? __pfx_chrdev_open+0x10/0x10 [ 764.681482][T14454] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 764.681516][T14454] do_dentry_open+0x982/0x1530 [ 764.681549][T14454] ? __pfx_chrdev_open+0x10/0x10 [ 764.681588][T14454] vfs_open+0x82/0x3f0 [ 764.681629][T14454] path_openat+0x1de4/0x2cb0 [ 764.681665][T14454] ? __pfx_path_openat+0x10/0x10 [ 764.681701][T14454] do_filp_open+0x20b/0x470 [ 764.681732][T14454] ? __pfx_do_filp_open+0x10/0x10 [ 764.681776][T14454] ? alloc_fd+0x471/0x7d0 [ 764.681807][T14454] do_sys_openat2+0x11b/0x1d0 [ 764.681849][T14454] ? __pfx_do_sys_openat2+0x10/0x10 [ 764.681902][T14454] __x64_sys_openat+0x174/0x210 [ 764.681946][T14454] ? __pfx___x64_sys_openat+0x10/0x10 [ 764.681996][T14454] do_syscall_64+0xcd/0x490 [ 764.682034][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 764.682062][T14454] RIP: 0033:0x7ff88358ebe9 [ 764.682084][T14454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 764.682113][T14454] RSP: 002b:00007ff884346038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 764.682138][T14454] RAX: ffffffffffffffda RBX: 00007ff8837b6090 RCX: 00007ff88358ebe9 [ 764.682158][T14454] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 764.682175][T14454] RBP: 00007ff883611e19 R08: 0000000000000000 R09: 0000000000000000 [ 764.682192][T14454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 764.682207][T14454] R13: 00007ff8837b6128 R14: 00007ff8837b6090 R15: 00007ffed5f33ca8 [ 764.682233][T14454]