last executing test programs: 7m29.076392924s ago: executing program 1 (id=4230): mmap$auto(0x0, 0x2020008, 0x1000000000000007, 0xeb1, 0x0, 0x1008000) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x0, 0x1, 0x3, 0x0, 0x2) io_uring_enter$auto(0x3, 0x1, 0x2688, 0x5, 0x0, 0x7) 7m28.062378512s ago: executing program 1 (id=4233): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r0, 0x0, 0xfffffdf1) fcntl$auto_F_ADD_SEALS(r0, 0x409, 0x9) linkat$auto(r0, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r0, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) 7m27.070995171s ago: executing program 1 (id=4239): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x88042, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22241, 0x155) socket(0xa, 0x5, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x19, 0x0, 0x8) 7m26.847502404s ago: executing program 1 (id=4241): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 7m26.207607909s ago: executing program 1 (id=4245): shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) unshare$auto(0x40000080) mmap$auto(0x100007fffffff, 0x1000000002020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0x0, 0x7, 0x4cbd5d) rename$auto(&(0x7f0000000480)='./file0\x00', &(0x7f0000000100)='./file1\x00') mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x7e) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00', &(0x7f0000000080)='nfsd\x00', 0x7, 0x0) 7m24.595692992s ago: executing program 1 (id=4248): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x25, 0x1, 0x4) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) 7m24.157434601s ago: executing program 32 (id=4248): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x6a1, 0x2000000000002) socket(0x26, 0x80805, 0x0) socket(0x25, 0x1, 0x4) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) fanotify_mark$auto(0x0, 0x1, 0x9, 0x4, 0x0) close_range$auto(0x2, 0x8, 0x0) 6m29.856479346s ago: executing program 3 (id=4498): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) get_robust_list$auto(0x1, 0x0, 0x0) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x8006, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSFLAGS(r0, 0x40047459, 0x0) write$auto(0x3, 0x0, 0xfdef) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xeffd}, 0x1) 6m29.532109508s ago: executing program 3 (id=4500): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x5, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000081, 0x402}]}) 6m29.09827074s ago: executing program 3 (id=4505): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptya1\x00', 0x20080, 0x0) socket(0x2, 0x5, 0x0) io_uring_setup$auto(0x101, 0x0) ioctl$auto(0x3, 0x5420, 0x38) socket(0x29, 0x2, 0x0) socket(0x2, 0x5, 0x0) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x0, 0xd, 0x2, 0x948b, 0x3, 0x15f4da0a, 0x1, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x6, 0x5, 0x5]}, 0x0) ioctl$auto_SNDCTL_TMR_CONTINUE(r0, 0x402c542b, 0x0) 6m28.683781312s ago: executing program 3 (id=4508): r0 = socket(0x11, 0x3, 0x0) r1 = open(&(0x7f00000000c0)='./file0\x00', 0x108242, 0x78e22799f4a46f8e) flock$auto(r1, 0x6) r2 = open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e) flock$auto(r2, 0x1) r3 = open(&(0x7f0000000000)='./file0\x00', 0x148640, 0x78e22799f4a46f8e) flock$auto(r3, 0x2) flock$auto(r3, 0x2) close_range$auto(r0, 0xffffffffffffffff, 0x0) 6m28.282958473s ago: executing program 3 (id=4510): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 6m28.037752491s ago: executing program 3 (id=4512): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram1/integrity/tag_size\x00', 0x68e00, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xdb) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) 6m12.757036224s ago: executing program 33 (id=4512): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram1/integrity/tag_size\x00', 0x68e00, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0xdb) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x800000001, &(0x7f0000000280)={&(0x7f0000000080), 0x1ffffffff}, 0x6, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, 0x0, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x1, 0x0, 0x14) 7.164896152s ago: executing program 0 (id=6383): mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0xfffff004, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x88) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bond0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x8, 0xff, r0, @relative_fd, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x1}, 0x4) r4 = bpf$auto(0x1, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xb) ioctl$auto_SNDCTL_DSP_PROFILE(r4, 0x5411, 0x0) 6.793363811s ago: executing program 0 (id=6386): r0 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) mmap$auto(0x3, 0x4020009, 0x400000000000dc, 0x7fff, r0, 0x8000) pidfd_open$auto(0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x1) sendmsg$auto_IPVS_CMD_SET_SERVICE(0xffffffffffffffff, 0x0, 0x4000000) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0xfffffdef) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_PNETID_DEL(r1, 0x0, 0x20000000) getpid() lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 4.73006492s ago: executing program 5 (id=6396): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) socket(0xa, 0x80002, 0x73) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptya3\x00', 0x2000, 0x0) sendmsg$auto_NL80211_CMD_FLUSH_PMKSA(0xffffffffffffffff, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000740)={0x2c, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@NL80211_ATTR_BEACON_HEAD={0x16, 0xe, "3da840d4165431f88e040965bea610e8a539"}]}, 0x2c}}, 0x48010) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000840)="13") ioctl$auto_TIOCSTI2(r0, 0x5412, 0x0) 4.687857535s ago: executing program 4 (id=6397): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) swapon$auto(0x0, 0x8000004) 4.219601351s ago: executing program 5 (id=6398): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2b, 0x1, 0x1) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/fs/orangefs/getattr_timeout_msecs\x00', 0x8a82b6a56f18970a, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 4.135543799s ago: executing program 0 (id=6399): socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x801, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) unshare$auto(0x40000080) shmctl$auto_IPC_SET(0x4, 0x1, &(0x7f0000000280)={{0x80, 0xee00, 0xee00, 0xca6d, 0x8, 0x4bd6, 0x5}, 0xd21, 0x5, 0x8000000000000000, 0x1, @inferred=0xffffffffffffffff, @inferred=0xffffffffffffffff, 0x9, 0x0, &(0x7f0000000140)="4f0d6995e9", &(0x7f0000000200)="e3ac9b01ee8d985b677531eeeee5cb5bf774d2df4d9ae6dccbc98def20b72c7c2826a585ba3a8d67815abade214708a4ade77c6faa2f2889ca3e7989f32645dd597a3ae1b46e8d8c7e03ae6b8aaa49"}) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x60042, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) 4.02071947s ago: executing program 5 (id=6400): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) io_uring_setup$auto(0x2, &(0x7f0000000080)={0x80000003, 0x9, 0x4002, 0x6, 0x4, 0x8, 0xffffffffffffffff, [], {0x9, 0x4, 0xf, 0x29f, 0x100, 0x7f, 0x101, 0x4000006, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x104, 0x8, 0x100000000}}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, r0, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4040aea0, 0x0) 3.653728732s ago: executing program 5 (id=6402): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) fcntl$auto(0x3, 0x8, 0x9ebfffffffffffff) fcntl$auto(0x3, 0x4, 0xa553) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu0/cache/index0/type\x00', 0x183142, 0x0) getrlimit$auto(0x8, 0x0) keyctl$auto(0x7ff, 0xfffffffe, 0xffffffffffffffff, 0x0, 0x7) ioctl$auto_FS_IOC_UNRESVSP(0xffffffffffffffff, 0x40305829, 0x100) statmount$auto(0x0, 0x0, 0x1fe, 0x5) close_range$auto(0x2, 0x8, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) 3.608640875s ago: executing program 2 (id=6403): r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) pipe$auto(0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) write$auto(0x6, 0x0, 0x100000001) setsockopt$auto(0x3, 0x1, 0x10, 0x0, 0x9) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0xbb, 0x0, 0x8, &(0x7f0000000040), 0x81, 0x9}, 0xfffffffb}, 0x5, 0x6586, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.772067509s ago: executing program 4 (id=6404): openat$auto_tracing_saved_cmdlines_fops_trace(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/saved_cmdlines\x00', 0x143382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0x14) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x8) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00"}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0x409, 0xeb1e, 0x34}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f00000001c0)={0x0, 0x8, 0x5, @raw=0x80, 0x0, "5059d005d689f01a18c00f29b5fa494a0200f0fced42bcfab54dc63a1562e39e060000007c7fd574bccc61a93bf6de84233c"}) close_range$auto(0x2, 0x8, 0x0) 2.771950461s ago: executing program 5 (id=6405): mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x9, 0xdf, 0x1000000eb1, 0x401, 0x8000) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x2, {0x1, 0x0, 0x2}}, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xc, 0x0, 0x13c, 0x0, 0x0, 0xd}, 0x5af}, 0x40, 0x100) 2.586324183s ago: executing program 2 (id=6406): open(0x0, 0x22240, 0x147) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0xffffffffffffffff, 0x20007, 0x0, 0x0, 0x0, 0xffffffff) syz_clone(0x12000, 0x0, 0x0, 0x0, 0x0, 0x0) setresgid$auto(0x0, 0x0, 0x0) r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x2000, 0x0) ioctl$auto(r0, 0x961064a0, 0x600000000200007) shmctl$auto_SHM_STAT(0x8b1, 0xd, 0x0) waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x35c9, &(0x7f00000004c0)={{0x800, 0x3ff}, {0x9, 0x3}, 0xff69, 0x3d, 0x7ff, 0x9, 0x1, 0x6, 0x7, 0x5, 0x7, 0xfffffffffffffffc, 0x5, 0x7f, 0x4, 0xf08}) shmctl$auto_SHM_STAT(0x1, 0xd, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS2\x00', 0x101e81, 0x0) write$auto_tty_fops_tty_io(r1, &(0x7f00000001c0)="45064c26a9b623d4d4f71bb38a2b23ee98135322dc51f0e04ef14299b57662a5a410faf47410dae85937debd718bfb464adeac10a5b80dd3cadca6bd35837809c12f54724b31f83cdc41ca60cc9c9403aabdf3426ebeb25870e527235f", 0x5d) 2.401972697s ago: executing program 5 (id=6407): unshare$auto(0x40000080) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) unshare$auto(0x97) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8802, 0x0) writev$auto(r1, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r3 = prctl$auto_PR_SET_SECCOMP(0x16, 0x1, 0x6, 0x7ff, 0x9) read$auto_proc_single_file_operations_base(r3, &(0x7f0000000100)=""/236, 0xec) preadv2$auto(r2, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) 2.34827244s ago: executing program 2 (id=6408): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r0 = socket(0x18, 0x5, 0x1) connect$auto(r0, 0x0, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) 2.200758119s ago: executing program 4 (id=6409): statx$auto(0x2, 0x0, 0x1000, 0x8, 0x0) socket(0x18, 0xa, 0x1) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) shmget$auto(0x5, 0x7, 0xfffffff7) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0) socket(0xa, 0x3, 0x3b) socket(0x15, 0x5, 0x0) socket(0x2, 0x3, 0xa) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd5, 0x948b, 0x3, 0x15f4da0a, 0x4, 0x3, 0x62, 0x80000002, 0x7, 0x1, 0x9, 0x3, 0xfffffffffefffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd40, 0x1, 0x948f, 0x5, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x6, 0x6d3f, 0x9, 0x8, 0x6]}, 0x0) 2.132113874s ago: executing program 0 (id=6410): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x5) open(&(0x7f0000000000)='./file0\x00', 0x101800, 0xbf) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r0 = socket(0x21, 0x2, 0x2) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f80, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, r0) 2.057366756s ago: executing program 2 (id=6411): sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4018aee1, &(0x7f00000000c0)={0x2}) 1.768022163s ago: executing program 2 (id=6412): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0xa901, 0x0) ioctl$auto(r0, 0x4004550c, r0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) mlock$auto(0xfbea, 0x7fffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) madvise$auto(0x0, 0x22, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) madvise$auto(0x0, 0x2003f0, 0x11) madvise$auto(0x1, 0x1000, 0x10000) personality$auto(0xfffffffc) 928.596298ms ago: executing program 0 (id=6413): socket(0x1d, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x55) r0 = socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) close_range$auto(r0, 0xfffffffffffff000, 0x4000000000002) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) write$auto(0x3, 0x0, 0x5c8) 718.14352ms ago: executing program 4 (id=6414): socket(0xa, 0x1, 0x84) socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, 0x0, 0x60048040) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000080)={0x2, 0x0, [{0x1b, 0x400, 0x9}]}) 497.21193ms ago: executing program 2 (id=6415): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) 280.915155ms ago: executing program 4 (id=6416): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x400000000000401, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 181.398504ms ago: executing program 0 (id=6417): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) r2 = openat$auto_lockdown_ops_lockdown(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pread64$auto(r2, 0x0, 0x8, 0x7) ioctl$auto_KVM_CREATE_VM(r0, 0x4004ae86, 0x0) 0s ago: executing program 4 (id=6418): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0xb, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000100)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x7, 0x0) kernel console output (not intermixed with test programs): 33:0x7f561f79c799 [ 888.989199][T20927] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 888.989224][T20927] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 888.989249][T20927] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 888.989266][T20927] RDX: 0000000000000801 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 888.989283][T20927] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 888.989299][T20927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 888.989314][T20927] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 888.989347][T20927] [ 889.326783][T20933] ERROR: Out of memory at tomoyo_memory_ok. [ 889.584358][T20941] ERROR: Out of memory at tomoyo_memory_ok. [ 889.798069][T20945] netlink: 306 bytes leftover after parsing attributes in process `syz.5.5353'. [ 890.541593][T20956] vivid-001: ================= START STATUS ================= [ 890.592916][T20956] vivid-001: Radio HW Seek Mode: Bounded [ 890.632461][T20956] vivid-001: Radio Programmable HW Seek: false [ 890.682177][T20956] vivid-001: RDS Rx I/O Mode: Block I/O [ 890.712563][T20956] vivid-001: Generate RBDS Instead of RDS: false [ 890.766525][T20956] vivid-001: RDS Reception: true [ 890.772322][T20956] vivid-001: RDS Program Type: 0 inactive [ 890.787349][T20959] FAULT_INJECTION: forcing a failure. [ 890.787349][T20959] name failslab, interval 1, probability 0, space 0, times 0 [ 890.873114][T20956] vivid-001: RDS PS Name: inactive [ 890.879349][T20959] CPU: 0 UID: 0 PID: 20959 Comm: syz.4.5358 Tainted: G U L syzkaller #0 PREEMPT(full) [ 890.879395][T20959] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 890.879405][T20959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 890.879422][T20959] Call Trace: [ 890.879430][T20959] [ 890.879440][T20959] dump_stack_lvl+0x100/0x190 [ 890.879484][T20959] should_fail_ex.cold+0x5/0xa [ 890.879514][T20959] should_failslab+0xc2/0x120 [ 890.879541][T20959] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 890.879585][T20959] ? fib_notifier_ops_register+0x32/0x270 [ 890.879618][T20959] ? __debug_object_init+0x2de/0x3d0 [ 890.879660][T20959] kmemdup_noprof+0x29/0x60 [ 890.879701][T20959] fib_notifier_ops_register+0x32/0x270 [ 890.879738][T20959] fib4_notifier_init+0x4f/0xd0 [ 890.879770][T20959] fib_net_init+0xbf/0x3f0 [ 890.879801][T20959] ? is_module_address+0x69/0xf0 [ 890.879834][T20959] ? __pfx_fib_net_init+0x10/0x10 [ 890.879868][T20959] ? timer_init_key+0x150/0x340 [ 890.879899][T20959] ? devinet_init_net+0x56c/0x8d0 [ 890.879947][T20959] ? __pfx_fib_net_init+0x10/0x10 [ 890.879978][T20959] ops_init+0x1e2/0x5f0 [ 890.880015][T20959] setup_net+0x118/0x3a0 [ 890.880048][T20959] ? __pfx_setup_net+0x10/0x10 [ 890.880079][T20959] ? lockdep_init_map_type+0x5c/0x250 [ 890.880114][T20959] ? mutex_init_lockep+0x110/0x150 [ 890.880154][T20959] copy_net_ns+0x46f/0x7c0 [ 890.880193][T20959] create_new_namespaces+0x3ea/0xac0 [ 890.880227][T20959] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 890.880257][T20959] ksys_unshare+0x473/0xad0 [ 890.880291][T20959] ? __pfx_ksys_unshare+0x10/0x10 [ 890.880335][T20959] __x64_sys_unshare+0x31/0x40 [ 890.880367][T20959] do_syscall_64+0x106/0xf80 [ 890.880397][T20959] ? clear_bhb_loop+0x40/0x90 [ 890.880430][T20959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 890.880456][T20959] RIP: 0033:0x7f561f79c799 [ 890.880478][T20959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 890.880512][T20959] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 890.880537][T20959] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 890.880555][T20959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 890.880570][T20959] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 890.880587][T20959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 890.880603][T20959] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 890.880637][T20959] [ 890.883061][T20962] vivid-007: ================= START STATUS ================= [ 891.194750][T20956] vivid-001: RDS Radio Text: inactive [ 891.224562][T20956] vivid-001: RDS Traffic Announcement: false inactive [ 891.232068][T20956] vivid-001: RDS Traffic Program: false inactive [ 891.365427][T20956] vivid-001: RDS Music: false inactive [ 891.371251][T20956] vivid-001: ================== END STATUS ================== [ 891.867412][T20967] sp0: Synchronizing with TNC [ 892.500434][T20962] vivid-007: Generate PTS: true [ 892.539068][T20962] vivid-007: Generate SCR: true [ 892.544230][T20962] tpg source WxH: 320x240 (Y'CbCr) [ 892.556325][T20981] netlink: 'syz.5.5366': attribute type 2 has an invalid length. [ 892.601930][ T29] audit: type=1326 audit(1772362703.804:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20980 comm="syz.5.5366" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb5b3f9c799 code=0x0 [ 892.634037][T20962] tpg field: 1 [ 892.658711][T20962] tpg crop: (0,0)/320x240 [ 892.680887][T20962] tpg compose: (0,0)/320x240 [ 892.717768][T20962] tpg colorspace: 8 [ 892.733106][T20962] tpg transfer function: 0/0 [ 892.755829][T20962] tpg Y'CbCr encoding: 0/0 [ 892.817642][T20962] tpg quantization: 0/0 [ 892.833613][T20962] tpg RGB range: 0/2 [ 892.849825][T20962] vivid-007: ================== END STATUS ================== [ 894.200077][T21006] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5373'. [ 895.210851][T21020] vivid-007: ================= START STATUS ================= [ 895.341024][T21020] vivid-007: Enable Output Cropping: true [ 895.380066][T21019] Invalid ELF header magic: != ELF [ 895.426874][T21020] vivid-007: Enable Output Composing: true [ 895.581361][T21020] vivid-007: Enable Output Scaler: true [ 895.696966][T21020] vivid-007: Tx RGB Quantization Range: Automatic [ 895.721304][T21020] vivid-007: Transmit Mode: HDMI [ 895.822052][T21020] vivid-007: Hotplug Present: 0x00000000 [ 895.912198][T21020] vivid-007: RxSense Present: 0x00000000 [ 895.986751][T21020] vivid-007: EDID Present: 0x00000000 [ 896.033005][T21020] vivid-007: ================== END STATUS ================== [ 896.935284][T21050] netlink: 326 bytes leftover after parsing attributes in process `syz.0.5390'. [ 897.222096][T21048] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5389'. [ 897.280917][T21048] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5389'. [ 899.578061][T21094] FAULT_INJECTION: forcing a failure. [ 899.578061][T21094] name failslab, interval 1, probability 0, space 0, times 0 [ 899.692118][T21094] CPU: 0 UID: 0 PID: 21094 Comm: syz.5.5407 Tainted: G U L syzkaller #0 PREEMPT(full) [ 899.692165][T21094] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 899.692175][T21094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 899.692192][T21094] Call Trace: [ 899.692200][T21094] [ 899.692210][T21094] dump_stack_lvl+0x100/0x190 [ 899.692255][T21094] should_fail_ex.cold+0x5/0xa [ 899.692286][T21094] should_failslab+0xc2/0x120 [ 899.692314][T21094] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 899.692358][T21094] ? __d_alloc+0x34/0xa80 [ 899.692387][T21094] ? security_inode_alloc+0xcf/0x2c0 [ 899.692432][T21094] __d_alloc+0x34/0xa80 [ 899.692458][T21094] ? __ns_ref_active_get+0x9f/0x1b0 [ 899.692496][T21094] path_from_stashed+0x427/0x750 [ 899.692524][T21094] ? do_raw_spin_unlock+0x145/0x1e0 [ 899.692571][T21094] ns_get_path+0x60/0x80 [ 899.692598][T21094] proc_ns_get_link+0x121/0x230 [ 899.692636][T21094] ? __pfx_proc_ns_get_link+0x10/0x10 [ 899.692677][T21094] ? atime_needs_update+0x8b/0x6b0 [ 899.692718][T21094] pick_link+0xd17/0x13c0 [ 899.692756][T21094] ? __pfx_proc_ns_get_link+0x10/0x10 [ 899.692799][T21094] step_into_slowpath+0x9ba/0xf90 [ 899.692846][T21094] ? __pfx_step_into_slowpath+0x10/0x10 [ 899.692886][T21094] ? find_held_lock+0x2b/0x80 [ 899.692921][T21094] path_openat+0xf95/0x31a0 [ 899.692966][T21094] ? __pfx_path_openat+0x10/0x10 [ 899.693004][T21094] do_file_open+0x20e/0x430 [ 899.693033][T21094] ? __pfx_do_file_open+0x10/0x10 [ 899.693309][T21094] ? alloc_fd+0x476/0x790 [ 899.693366][T21094] ? do_getname+0x191/0x390 [ 899.693409][T21094] do_sys_openat2+0x10d/0x1e0 [ 899.693447][T21094] ? __pfx_do_sys_openat2+0x10/0x10 [ 899.693504][T21094] __x64_sys_openat+0x12d/0x210 [ 899.693541][T21094] ? __pfx___x64_sys_openat+0x10/0x10 [ 899.693591][T21094] do_syscall_64+0x106/0xf80 [ 899.693624][T21094] ? clear_bhb_loop+0x40/0x90 [ 899.693659][T21094] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 899.693776][T21094] RIP: 0033:0x7fb5b3f5cfce [ 899.693799][T21094] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 899.693827][T21094] RSP: 002b:00007fb5b4effec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 899.693852][T21094] RAX: ffffffffffffffda RBX: 00007fb5b4f006c0 RCX: 00007fb5b3f5cfce [ 899.693871][T21094] RDX: 0000000000000002 RSI: 00007fb5b4efff90 RDI: ffffffffffffff9c [ 899.693888][T21094] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 899.693905][T21094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 899.693920][T21094] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 899.693955][T21094] [ 900.558860][T21103] ERROR: Out of memory at tomoyo_memory_ok. [ 901.960762][T21118] FAULT_INJECTION: forcing a failure. [ 901.960762][T21118] name failslab, interval 1, probability 0, space 0, times 0 [ 902.050525][T21118] CPU: 0 UID: 0 PID: 21118 Comm: syz.5.5413 Tainted: G U L syzkaller #0 PREEMPT(full) [ 902.050569][T21118] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 902.050579][T21118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 902.050594][T21118] Call Trace: [ 902.050602][T21118] [ 902.050612][T21118] dump_stack_lvl+0x100/0x190 [ 902.050654][T21118] should_fail_ex.cold+0x5/0xa [ 902.050683][T21118] ? tomoyo_encode2+0xfb/0x3c0 [ 902.050708][T21118] should_failslab+0xc2/0x120 [ 902.050737][T21118] __kmalloc_noprof+0xe0/0x850 [ 902.050782][T21118] tomoyo_encode2+0xfb/0x3c0 [ 902.050814][T21118] tomoyo_encode+0x29/0x50 [ 902.050840][T21118] tomoyo_path_perm+0x3a7/0x460 [ 902.050882][T21118] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 902.050926][T21118] ? do_raw_spin_lock+0x128/0x260 [ 902.050971][T21118] ? do_raw_spin_unlock+0x145/0x1e0 [ 902.051023][T21118] ? __pfx_current_check_access_path+0x10/0x10 [ 902.051052][T21118] ? simple_lookup+0x105/0x1d0 [ 902.051099][T21118] ? lookup_one_qstr_excl+0xb3/0x250 [ 902.051135][T21118] tomoyo_path_symlink+0x97/0xe0 [ 902.051167][T21118] ? __pfx_tomoyo_path_symlink+0x10/0x10 [ 902.051207][T21118] security_path_symlink+0x152/0x2d0 [ 902.051248][T21118] filename_symlinkat+0x122/0x560 [ 902.051280][T21118] ? __pfx_filename_symlinkat+0x10/0x10 [ 902.051309][T21118] ? strncpy_from_user+0x19d/0x2d0 [ 902.051353][T21118] ? do_getname+0x191/0x390 [ 902.051386][T21118] __x64_sys_symlink+0x79/0xb0 [ 902.051416][T21118] do_syscall_64+0x106/0xf80 [ 902.051445][T21118] ? clear_bhb_loop+0x40/0x90 [ 902.051476][T21118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 902.051502][T21118] RIP: 0033:0x7fb5b3f9c799 [ 902.051523][T21118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 902.051547][T21118] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 902.051570][T21118] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 902.051586][T21118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 902.051601][T21118] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 902.051616][T21118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 902.051631][T21118] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 902.051663][T21118] [ 903.157955][T21131] FAULT_INJECTION: forcing a failure. [ 903.157955][T21131] name failslab, interval 1, probability 0, space 0, times 0 [ 903.235363][T21131] CPU: 0 UID: 0 PID: 21131 Comm: syz.0.5419 Tainted: G U L syzkaller #0 PREEMPT(full) [ 903.235409][T21131] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 903.235419][T21131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 903.235436][T21131] Call Trace: [ 903.235445][T21131] [ 903.235455][T21131] dump_stack_lvl+0x100/0x190 [ 903.235502][T21131] should_fail_ex.cold+0x5/0xa [ 903.235534][T21131] should_failslab+0xc2/0x120 [ 903.235562][T21131] __kmalloc_cache_noprof+0x7a/0x6f0 [ 903.235599][T21131] ? trace_pid_list_alloc+0x2fe/0x480 [ 903.235650][T21131] trace_pid_list_alloc+0x2fe/0x480 [ 903.235705][T21131] trace_pid_write+0x110/0x460 [ 903.235752][T21131] ? __pfx_trace_pid_write+0x10/0x10 [ 903.235835][T21131] event_pid_write.isra.0+0x1e4/0x800 [ 903.235883][T21131] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 903.235938][T21131] vfs_write+0x2aa/0x1070 [ 903.235982][T21131] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 903.236039][T21131] ? __pfx_vfs_write+0x10/0x10 [ 903.236081][T21131] ? __fget_files+0x215/0x3d0 [ 903.236112][T21131] ? __fget_files+0x21f/0x3d0 [ 903.236164][T21131] ksys_write+0x12a/0x250 [ 903.236206][T21131] ? __pfx_ksys_write+0x10/0x10 [ 903.236259][T21131] do_syscall_64+0x106/0xf80 [ 903.236290][T21131] ? clear_bhb_loop+0x40/0x90 [ 903.236321][T21131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 903.236349][T21131] RIP: 0033:0x7ff61539c799 [ 903.236370][T21131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 903.236396][T21131] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 903.236421][T21131] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 903.236439][T21131] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 903.236455][T21131] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 903.236471][T21131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 903.236487][T21131] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 903.236521][T21131] [ 903.514569][T21134] ERROR: Out of memory at tomoyo_memory_ok. [ 903.860600][T21136] netlink: 'syz.5.5420': attribute type 21 has an invalid length. [ 903.899601][T21136] netlink: 326 bytes leftover after parsing attributes in process `syz.5.5420'. [ 903.931504][T21136] IPv6: NLM_F_CREATE should be specified when creating new route [ 904.744523][T21145] nvme_fabrics: missing parameter 'transport=%s' [ 904.751147][T21145] nvme_fabrics: missing parameter 'nqn=%s' [ 905.869701][T21163] netlink: 18 bytes leftover after parsing attributes in process `syz.0.5428'. [ 906.252664][T21169] FAULT_INJECTION: forcing a failure. [ 906.252664][T21169] name failslab, interval 1, probability 0, space 0, times 0 [ 906.281899][T21167] FAULT_INJECTION: forcing a failure. [ 906.281899][T21167] name failslab, interval 1, probability 0, space 0, times 0 [ 906.310175][T21169] CPU: 0 UID: 0 PID: 21169 Comm: syz.0.5430 Tainted: G U L syzkaller #0 PREEMPT(full) [ 906.310218][T21169] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 906.310227][T21169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 906.310243][T21169] Call Trace: [ 906.310251][T21169] [ 906.310260][T21169] dump_stack_lvl+0x100/0x190 [ 906.310302][T21169] should_fail_ex.cold+0x5/0xa [ 906.310331][T21169] should_failslab+0xc2/0x120 [ 906.310356][T21169] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 906.310394][T21169] ? dup_fd+0x4d/0xd10 [ 906.310416][T21169] ? do_futex+0x192/0x350 [ 906.310452][T21169] dup_fd+0x4d/0xd10 [ 906.310474][T21169] ? bpf_lsm_capable+0x9/0x10 [ 906.310499][T21169] ? security_capable+0x80/0x260 [ 906.310547][T21169] __x64_sys_close_range+0x405/0x5d0 [ 906.310581][T21169] ? __pfx___x64_sys_close_range+0x10/0x10 [ 906.310618][T21169] do_syscall_64+0x106/0xf80 [ 906.310646][T21169] ? clear_bhb_loop+0x40/0x90 [ 906.310677][T21169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.310702][T21169] RIP: 0033:0x7ff61539c799 [ 906.310722][T21169] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 906.310747][T21169] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 906.310769][T21169] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 906.310786][T21169] RDX: 0000000000000002 RSI: fffffffffffff001 RDI: 0000000000000000 [ 906.310801][T21169] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 906.310816][T21169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 906.310831][T21169] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 906.310862][T21169] [ 906.501187][T21171] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5431'. [ 906.782667][T21167] CPU: 0 UID: 0 PID: 21167 Comm: syz.5.5429 Tainted: G U L syzkaller #0 PREEMPT(full) [ 906.782713][T21167] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 906.782730][T21167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 906.782746][T21167] Call Trace: [ 906.782755][T21167] [ 906.782764][T21167] dump_stack_lvl+0x100/0x190 [ 906.782809][T21167] should_fail_ex.cold+0x5/0xa [ 906.782839][T21167] ? ima_alloc_init_template+0xb6/0x6d0 [ 906.782878][T21167] should_failslab+0xc2/0x120 [ 906.782905][T21167] __kmalloc_noprof+0xe0/0x850 [ 906.782944][T21167] ? find_held_lock+0x2b/0x80 [ 906.782967][T21167] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 906.783008][T21167] ima_alloc_init_template+0xb6/0x6d0 [ 906.783057][T21167] ? take_dentry_name_snapshot+0x310/0x7c0 [ 906.783096][T21167] ima_store_measurement+0x1e3/0x5b0 [ 906.783143][T21167] ? __pfx_ima_store_measurement+0x10/0x10 [ 906.783196][T21167] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 906.783235][T21167] process_measurement+0x19cc/0x2350 [ 906.783279][T21167] ? stack_trace_save+0x8e/0xc0 [ 906.783305][T21167] ? __pfx_process_measurement+0x10/0x10 [ 906.783341][T21167] ? __lock_acquire+0x4a5/0x2630 [ 906.783373][T21167] ? __kasan_slab_alloc+0x89/0x90 [ 906.783395][T21167] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 906.783433][T21167] ? init_file+0x95/0x480 [ 906.783460][T21167] ? alloc_empty_file+0x73/0x1c0 [ 906.783491][T21167] ? alloc_file_pseudo+0x13a/0x230 [ 906.783522][T21167] ? ksys_mmap_pgoff+0x232/0x650 [ 906.783546][T21167] ? __x64_sys_mmap+0x125/0x190 [ 906.783584][T21167] ? do_syscall_64+0x106/0xf80 [ 906.783655][T21167] ? __pfx_aa_file_perm+0x10/0x10 [ 906.783693][T21167] ima_file_mmap+0x1c4/0x1f0 [ 906.783737][T21167] ? __pfx_ima_file_mmap+0x10/0x10 [ 906.783780][T21167] security_mmap_file+0x278/0x9b0 [ 906.783806][T21167] vm_mmap_pgoff+0xec/0x470 [ 906.783838][T21167] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 906.783863][T21167] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 906.783898][T21167] ? hugetlbfs_get_inode+0x36e/0x750 [ 906.783931][T21167] ksys_mmap_pgoff+0x273/0x650 [ 906.783957][T21167] ? __x64_sys_futex+0x358/0x4d0 [ 906.783991][T21167] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 906.784017][T21167] ? xfd_validate_state+0x129/0x190 [ 906.784059][T21167] __x64_sys_mmap+0x125/0x190 [ 906.784100][T21167] do_syscall_64+0x106/0xf80 [ 906.784128][T21167] ? clear_bhb_loop+0x40/0x90 [ 906.784159][T21167] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 906.784185][T21167] RIP: 0033:0x7fb5b3f9c799 [ 906.784205][T21167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 906.784231][T21167] RSP: 002b:00007fb5b4ebe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 906.784255][T21167] RAX: ffffffffffffffda RBX: 00007fb5b4216180 RCX: 00007fb5b3f9c799 [ 906.784272][T21167] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 906.784288][T21167] RBP: 00007fb5b4032bd9 R08: ffffffffffffffff R09: 0000300000020000 [ 906.784305][T21167] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 906.784321][T21167] R13: 00007fb5b4216218 R14: 00007fb5b4216180 R15: 00007ffc25ea4ba8 [ 906.784352][T21167] [ 907.932791][ T29] audit: type=1804 audit(1772362719.126:17): pid=21167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.5.5429" name="anon_hugepage" dev="hugetlbfs" ino=80436 res=0 errno=0 [ 908.074571][T21171] macvtap0: entered promiscuous mode [ 908.081350][T21171] macvtap0: entered allmulticast mode [ 908.089938][T21171] veth0_macvtap: entered allmulticast mode [ 909.370683][T21192] netlink: 326 bytes leftover after parsing attributes in process `syz.0.5439'. [ 911.768642][T21232] ERROR: Out of memory at tomoyo_memory_ok. [ 913.091960][T21254] netlink: 334 bytes leftover after parsing attributes in process `syz.5.5463'. [ 913.268346][T21256] netlink: 244 bytes leftover after parsing attributes in process `syz.0.5464'. [ 914.000333][T21270] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5468'. [ 914.085927][T21271] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5469'. [ 914.479172][T21273] sp0: Synchronizing with TNC [ 915.998597][T21301] random: crng reseeded on system resumption [ 916.100553][T21301] Restarting kernel threads ... [ 916.123432][T21301] Done restarting kernel threads. [ 916.198532][T21301] sp0: Synchronizing with TNC [ 916.655212][T21315] FAULT_INJECTION: forcing a failure. [ 916.655212][T21315] name failslab, interval 1, probability 0, space 0, times 0 [ 916.746916][T21315] CPU: 0 UID: 0 PID: 21315 Comm: syz.0.5486 Tainted: G U L syzkaller #0 PREEMPT(full) [ 916.746960][T21315] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 916.746980][T21315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 916.746996][T21315] Call Trace: [ 916.747004][T21315] [ 916.747013][T21315] dump_stack_lvl+0x100/0x190 [ 916.747057][T21315] should_fail_ex.cold+0x5/0xa [ 916.747086][T21315] should_failslab+0xc2/0x120 [ 916.747112][T21315] __kmalloc_cache_noprof+0x7a/0x6f0 [ 916.747145][T21315] ? sctp_add_bind_addr+0xae/0x3e0 [ 916.747170][T21315] ? __sctp_v6_cmp_addr+0x206/0x530 [ 916.747207][T21315] sctp_add_bind_addr+0xae/0x3e0 [ 916.747236][T21315] sctp_copy_local_addr_list+0x349/0x550 [ 916.747272][T21315] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 916.747307][T21315] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 916.747342][T21315] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 916.747391][T21315] sctp_bind_addr_copy+0xe0/0x530 [ 916.747425][T21315] sctp_connect_new_asoc+0x1c9/0x770 [ 916.747465][T21315] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 916.747506][T21315] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 916.747554][T21315] __sctp_connect+0x3e7/0xc70 [ 916.747598][T21315] ? __pfx___sctp_connect+0x10/0x10 [ 916.747637][T21315] ? __pfx_sctp_inet_connect+0x10/0x10 [ 916.747676][T21315] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 916.747720][T21315] ? __pfx_sctp_inet_connect+0x10/0x10 [ 916.747755][T21315] sctp_inet_connect+0x15f/0x220 [ 916.747795][T21315] __sys_connect_file+0x141/0x1a0 [ 916.747823][T21315] __sys_connect+0x141/0x170 [ 916.747848][T21315] ? __pfx___sys_connect+0x10/0x10 [ 916.747892][T21315] __x64_sys_connect+0x72/0xb0 [ 916.747916][T21315] ? lockdep_hardirqs_on+0x78/0x100 [ 916.747946][T21315] do_syscall_64+0x106/0xf80 [ 916.747981][T21315] ? clear_bhb_loop+0x40/0x90 [ 916.748012][T21315] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.748038][T21315] RIP: 0033:0x7ff61539c799 [ 916.748058][T21315] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 916.748083][T21315] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 916.748106][T21315] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 916.748123][T21315] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 916.748139][T21315] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 916.748154][T21315] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.748168][T21315] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 916.748201][T21315] [ 917.459009][T21323] netlink: 17 bytes leftover after parsing attributes in process `syz.5.5496'. [ 917.743118][T21324] netlink: 93 bytes leftover after parsing attributes in process `syz.2.5489'. [ 917.868377][T21322] netlink: 93 bytes leftover after parsing attributes in process `syz.2.5489'. [ 918.685058][T21338] ERROR: Out of memory at tomoyo_memory_ok. [ 918.755688][T21344] ERROR: Out of memory at tomoyo_memory_ok. [ 918.882109][T21347] FAULT_INJECTION: forcing a failure. [ 918.882109][T21347] name failslab, interval 1, probability 0, space 0, times 0 [ 918.953116][T21347] CPU: 0 UID: 0 PID: 21347 Comm: syz.5.5497 Tainted: G U L syzkaller #0 PREEMPT(full) [ 918.953160][T21347] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 918.953170][T21347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 918.953185][T21347] Call Trace: [ 918.953193][T21347] [ 918.953203][T21347] dump_stack_lvl+0x100/0x190 [ 918.953245][T21347] should_fail_ex.cold+0x5/0xa [ 918.953273][T21347] should_failslab+0xc2/0x120 [ 918.953299][T21347] __kmalloc_cache_noprof+0x7a/0x6f0 [ 918.953331][T21347] ? tomoyo_write_log2+0x333/0xbc0 [ 918.953364][T21347] tomoyo_write_log2+0x333/0xbc0 [ 918.953413][T21347] tomoyo_supervisor+0x15e/0x1340 [ 918.953450][T21347] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 918.953487][T21347] ? tomoyo_realpath_from_path+0x19c/0x690 [ 918.953527][T21347] ? tomoyo_realpath_from_path+0x19c/0x690 [ 918.953554][T21347] ? kfree+0x1f6/0x6b0 [ 918.953587][T21347] ? tomoyo_check_path_number_acl+0x1e6/0x2f0 [ 918.953637][T21347] tomoyo_path_number_perm+0x445/0x580 [ 918.953679][T21347] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 918.953719][T21347] ? futex_wait+0x125/0x380 [ 918.953784][T21347] ? find_held_lock+0x2b/0x80 [ 918.953812][T21347] ? __fget_files+0x215/0x3d0 [ 918.953833][T21347] ? hook_file_ioctl_common+0x146/0x410 [ 918.953881][T21347] ? __fget_files+0x21f/0x3d0 [ 918.953908][T21347] security_file_ioctl+0xd3/0x230 [ 918.953950][T21347] __x64_sys_ioctl+0xb7/0x210 [ 918.953989][T21347] do_syscall_64+0x106/0xf80 [ 918.954018][T21347] ? clear_bhb_loop+0x40/0x90 [ 918.954049][T21347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 918.954075][T21347] RIP: 0033:0x7fb5b3f9c799 [ 918.954096][T21347] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 918.954120][T21347] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 918.954150][T21347] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 918.954166][T21347] RDX: 0000000000000006 RSI: 00000000000007a0 RDI: 0000000000000004 [ 918.954181][T21347] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 918.954196][T21347] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 918.954211][T21347] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 918.954242][T21347] [ 919.415249][T21357] netlink: 338 bytes leftover after parsing attributes in process `syz.2.5500'. [ 920.875174][T21385] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5511'. [ 920.917221][T21377] netlink: 330 bytes leftover after parsing attributes in process `syz.4.5509'. [ 921.017310][T21377] gretap0: refused to change device tx_queue_len [ 921.507477][T21397] netlink: 202 bytes leftover after parsing attributes in process `syz.4.5516'. [ 921.770025][T21389] FAULT_INJECTION: forcing a failure. [ 921.770025][T21389] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 921.824329][T21389] CPU: 0 UID: 0 PID: 21389 Comm: syz.5.5513 Tainted: G U L syzkaller #0 PREEMPT(full) [ 921.824371][T21389] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 921.824381][T21389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 921.824411][T21389] Call Trace: [ 921.824419][T21389] [ 921.824429][T21389] dump_stack_lvl+0x100/0x190 [ 921.824476][T21389] should_fail_ex.cold+0x5/0xa [ 921.824500][T21389] ? prepare_alloc_pages+0x16d/0x5f0 [ 921.824537][T21389] should_fail_alloc_page+0xeb/0x140 [ 921.824565][T21389] prepare_alloc_pages+0x1f0/0x5f0 [ 921.824598][T21389] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 921.824641][T21389] ? stack_trace_save+0x8e/0xc0 [ 921.824664][T21389] ? __pfx_stack_trace_save+0x10/0x10 [ 921.824689][T21389] ? stack_depot_save_flags+0x27/0x9d0 [ 921.824714][T21389] ? trace_pelt_se_tp+0x159/0x1b0 [ 921.824751][T21389] ? kasan_save_stack+0x3f/0x50 [ 921.824788][T21389] ? kasan_save_stack+0x30/0x50 [ 921.824827][T21389] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 921.824864][T21389] ? __pmd_alloc+0xbf/0x9c0 [ 921.824891][T21389] ? __handle_mm_fault+0xa99/0x2b60 [ 921.824928][T21389] ? handle_mm_fault+0x36d/0xa20 [ 921.824964][T21389] ? exc_page_fault+0x6f/0xd0 [ 921.824992][T21389] ? strncpy_from_user+0xfd/0x2d0 [ 921.825030][T21389] ? do_getname+0x78/0x390 [ 921.825059][T21389] ? do_sys_openat2+0xc5/0x1e0 [ 921.825089][T21389] ? __x64_sys_open+0xfe/0x1d0 [ 921.825120][T21389] ? do_syscall_64+0x106/0xf80 [ 921.825149][T21389] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.825189][T21389] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 921.825233][T21389] ? policy_nodemask+0xed/0x4f0 [ 921.825261][T21389] alloc_pages_mpol+0x1fb/0x550 [ 921.825288][T21389] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 921.825322][T21389] alloc_pages_noprof+0x131/0x390 [ 921.825349][T21389] pte_alloc_one+0x1e/0x3e0 [ 921.825378][T21389] do_fault+0x8cc/0x1950 [ 921.825412][T21389] ? __pmd_alloc+0x6aa/0x9c0 [ 921.825443][T21389] __handle_mm_fault+0x180f/0x2b60 [ 921.825482][T21389] ? mt_find+0x45e/0x8e0 [ 921.825536][T21389] ? __pfx___handle_mm_fault+0x10/0x10 [ 921.825568][T21389] ? __pfx_mt_find+0x10/0x10 [ 921.825616][T21389] ? find_vma+0xbf/0x140 [ 921.825639][T21389] ? __pfx_find_vma+0x10/0x10 [ 921.825666][T21389] handle_mm_fault+0x36d/0xa20 [ 921.825706][T21389] do_user_addr_fault+0x74c/0x12f0 [ 921.825755][T21389] exc_page_fault+0x6f/0xd0 [ 921.825784][T21389] asm_exc_page_fault+0x26/0x30 [ 921.825809][T21389] RIP: 0010:strncpy_from_user+0xfd/0x2d0 [ 921.825849][T21389] Code: 00 4d 89 64 1d 00 48 83 ed 08 bf 07 00 00 00 48 83 c3 08 48 89 ee e8 f2 48 e0 fc 48 83 fd 07 0f 86 bb 00 00 00 e8 03 4e e0 fc <4d> 8b 24 1e e8 fa 4d e0 fc 4c 89 e2 31 ff 4d 8d 7c 1d 00 48 b8 ff [ 921.825873][T21389] RSP: 0018:ffffc90004ec7d08 EFLAGS: 00050283 [ 921.825893][T21389] RAX: 0000000000000037 RBX: 0000000000000000 RCX: ffffc9000faf1000 [ 921.825909][T21389] RDX: 0000000000080000 RSI: ffffffff8527ac9d RDI: ffff888079e31e40 [ 921.825926][T21389] RBP: 00000000000000a8 R08: 0000000000000007 R09: 0000000000000007 [ 921.825941][T21389] R10: 00000000000000a8 R11: 0000000000000000 R12: 0000000000000000 [ 921.825956][T21389] R13: ffff88807b757018 R14: 0000000000000000 R15: 00000000000000a8 [ 921.825980][T21389] ? strncpy_from_user+0xfd/0x2d0 [ 921.826022][T21389] ? strncpy_from_user+0xfd/0x2d0 [ 921.826065][T21389] do_getname+0x78/0x390 [ 921.826098][T21389] do_sys_openat2+0xc5/0x1e0 [ 921.826130][T21389] ? __pfx_do_sys_openat2+0x10/0x10 [ 921.826174][T21389] __x64_sys_open+0xfe/0x1d0 [ 921.826206][T21389] ? __pfx___x64_sys_open+0x10/0x10 [ 921.826250][T21389] do_syscall_64+0x106/0xf80 [ 921.826278][T21389] ? clear_bhb_loop+0x40/0x90 [ 921.826309][T21389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 921.826334][T21389] RIP: 0033:0x7fb5b3f9c799 [ 921.826354][T21389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 921.826378][T21389] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 921.826407][T21389] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 921.826424][T21389] RDX: e1d2b27bdc14aabc RSI: 0000000000004242 RDI: 0000000000000000 [ 921.826440][T21389] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 921.826455][T21389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 921.826470][T21389] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 921.826520][T21389] [ 922.729419][T21405] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5519'. [ 923.345338][T21413] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5523'. [ 925.440621][T21450] ERROR: Out of memory at tomoyo_memory_ok. [ 926.057770][T21455] netlink: 330 bytes leftover after parsing attributes in process `syz.2.5537'. [ 926.377136][T21459] netlink: 'syz.2.5540': attribute type 21 has an invalid length. [ 926.428150][T21459] netlink: 326 bytes leftover after parsing attributes in process `syz.2.5540'. [ 927.369353][T21479] FAULT_INJECTION: forcing a failure. [ 927.369353][T21479] name failslab, interval 1, probability 0, space 0, times 0 [ 927.464595][T21479] CPU: 0 UID: 0 PID: 21479 Comm: syz.4.5548 Tainted: G U L syzkaller #0 PREEMPT(full) [ 927.464637][T21479] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 927.464646][T21479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 927.464662][T21479] Call Trace: [ 927.464670][T21479] [ 927.464679][T21479] dump_stack_lvl+0x100/0x190 [ 927.464721][T21479] should_fail_ex.cold+0x5/0xa [ 927.464750][T21479] should_failslab+0xc2/0x120 [ 927.464776][T21479] __kmalloc_cache_noprof+0x7a/0x6f0 [ 927.464809][T21479] ? snd_seq_queue_alloc+0x56/0x590 [ 927.464841][T21479] snd_seq_queue_alloc+0x56/0x590 [ 927.464877][T21479] snd_seq_ioctl_create_queue+0xa9/0x370 [ 927.464914][T21479] call_seq_client_ctl+0xa3/0x130 [ 927.464950][T21479] snd_seq_kernel_client_ctl+0x77/0xd0 [ 927.464988][T21479] alloc_seq_queue+0xdb/0x180 [ 927.465026][T21479] ? __pfx_alloc_seq_queue+0x10/0x10 [ 927.465078][T21479] ? mark_held_locks+0x40/0x70 [ 927.465109][T21479] ? _raw_spin_unlock_irq+0x23/0x50 [ 927.465134][T21479] ? lockdep_hardirqs_on+0x78/0x100 [ 927.465167][T21479] snd_seq_oss_open+0x2b2/0xa10 [ 927.465210][T21479] odev_open+0x79/0xc0 [ 927.465242][T21479] ? __pfx_odev_open+0x10/0x10 [ 927.465276][T21479] soundcore_open+0x2e3/0x5a0 [ 927.465314][T21479] ? __pfx_soundcore_open+0x10/0x10 [ 927.465349][T21479] chrdev_open+0x234/0x6a0 [ 927.465373][T21479] ? __pfx_apparmor_file_open+0x10/0x10 [ 927.465410][T21479] ? __pfx_chrdev_open+0x10/0x10 [ 927.465436][T21479] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 927.465468][T21479] do_dentry_open+0x6d8/0x1660 [ 927.465491][T21479] ? __pfx_chrdev_open+0x10/0x10 [ 927.465523][T21479] vfs_open+0x82/0x3f0 [ 927.465557][T21479] path_openat+0x208c/0x31a0 [ 927.465591][T21479] ? __pfx_path_openat+0x10/0x10 [ 927.465637][T21479] do_file_open+0x20e/0x430 [ 927.465665][T21479] ? __pfx_do_file_open+0x10/0x10 [ 927.465711][T21479] ? alloc_fd+0x476/0x790 [ 927.465742][T21479] ? do_getname+0x191/0x390 [ 927.465775][T21479] do_sys_openat2+0x10d/0x1e0 [ 927.465808][T21479] ? __pfx_do_sys_openat2+0x10/0x10 [ 927.465843][T21479] ? __fget_files+0x21f/0x3d0 [ 927.465878][T21479] __x64_sys_openat+0x12d/0x210 [ 927.465912][T21479] ? __pfx___x64_sys_openat+0x10/0x10 [ 927.465957][T21479] do_syscall_64+0x106/0xf80 [ 927.465986][T21479] ? clear_bhb_loop+0x40/0x90 [ 927.466017][T21479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 927.466043][T21479] RIP: 0033:0x7f561f79c799 [ 927.466063][T21479] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 927.466088][T21479] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 927.466111][T21479] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 927.466128][T21479] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 927.466144][T21479] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 927.466159][T21479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 927.466174][T21479] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 927.466205][T21479] [ 927.797030][T21483] binder: 21482:21483 ioctl c0485619 38 returned -22 [ 928.022707][T21487] netlink: 330 bytes leftover after parsing attributes in process `syz.5.5553'. [ 928.405071][T21497] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5556'. [ 928.939049][T21507] net_ratelimit: 204 callbacks suppressed [ 928.939163][T21507] openvswitch: netlink: IP tunnel dst address not specified [ 929.283871][T21513] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5562'. [ 929.732031][T21513] team0 (unregistering): Port device team_slave_0 removed [ 929.761332][T21513] team0 (unregistering): Port device team_slave_1 removed [ 931.777929][T21522] syz.5.5563 (21522): /proc/21521/oom_adj is deprecated, please use /proc/21521/oom_score_adj instead. [ 931.984903][T21549] FAULT_INJECTION: forcing a failure. [ 931.984903][T21549] name failslab, interval 1, probability 0, space 0, times 0 [ 932.015865][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 932.022522][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 932.099129][T21549] CPU: 0 UID: 0 PID: 21549 Comm: syz.0.5572 Tainted: G U L syzkaller #0 PREEMPT(full) [ 932.099173][T21549] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 932.099182][T21549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 932.099198][T21549] Call Trace: [ 932.099206][T21549] [ 932.099215][T21549] dump_stack_lvl+0x100/0x190 [ 932.099258][T21549] should_fail_ex.cold+0x5/0xa [ 932.099286][T21549] should_failslab+0xc2/0x120 [ 932.099312][T21549] __kmalloc_cache_noprof+0x7a/0x6f0 [ 932.099345][T21549] ? snd_seq_queue_alloc+0x56/0x590 [ 932.099377][T21549] snd_seq_queue_alloc+0x56/0x590 [ 932.099407][T21549] snd_seq_ioctl_create_queue+0xa9/0x370 [ 932.099444][T21549] call_seq_client_ctl+0xa3/0x130 [ 932.099481][T21549] snd_seq_kernel_client_ctl+0x77/0xd0 [ 932.099519][T21549] alloc_seq_queue+0xdb/0x180 [ 932.099556][T21549] ? __pfx_alloc_seq_queue+0x10/0x10 [ 932.099619][T21549] ? mark_held_locks+0x40/0x70 [ 932.099652][T21549] ? _raw_spin_unlock_irq+0x23/0x50 [ 932.099678][T21549] ? lockdep_hardirqs_on+0x78/0x100 [ 932.099711][T21549] snd_seq_oss_open+0x2b2/0xa10 [ 932.099761][T21549] odev_open+0x79/0xc0 [ 932.099794][T21549] ? __pfx_odev_open+0x10/0x10 [ 932.099829][T21549] soundcore_open+0x2e3/0x5a0 [ 932.099868][T21549] ? __pfx_soundcore_open+0x10/0x10 [ 932.099904][T21549] chrdev_open+0x234/0x6a0 [ 932.099928][T21549] ? __pfx_apparmor_file_open+0x10/0x10 [ 932.099964][T21549] ? __pfx_chrdev_open+0x10/0x10 [ 932.099991][T21549] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 932.100023][T21549] do_dentry_open+0x6d8/0x1660 [ 932.100046][T21549] ? __pfx_chrdev_open+0x10/0x10 [ 932.100078][T21549] vfs_open+0x82/0x3f0 [ 932.100113][T21549] path_openat+0x208c/0x31a0 [ 932.100147][T21549] ? __pfx_path_openat+0x10/0x10 [ 932.100183][T21549] do_file_open+0x20e/0x430 [ 932.100210][T21549] ? __pfx_do_file_open+0x10/0x10 [ 932.100257][T21549] ? alloc_fd+0x476/0x790 [ 932.100283][T21549] ? do_getname+0x191/0x390 [ 932.100316][T21549] do_sys_openat2+0x10d/0x1e0 [ 932.100348][T21549] ? __pfx_do_sys_openat2+0x10/0x10 [ 932.100382][T21549] ? __fget_files+0x21f/0x3d0 [ 932.100411][T21549] __x64_sys_openat+0x12d/0x210 [ 932.100444][T21549] ? __pfx___x64_sys_openat+0x10/0x10 [ 932.100489][T21549] do_syscall_64+0x106/0xf80 [ 932.100517][T21549] ? clear_bhb_loop+0x40/0x90 [ 932.100548][T21549] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 932.100573][T21549] RIP: 0033:0x7ff61539c799 [ 932.100593][T21549] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 932.100624][T21549] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 932.100648][T21549] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 932.100665][T21549] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 932.100681][T21549] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 932.100696][T21549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 932.100711][T21549] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 932.100744][T21549] [ 932.632716][T21555] netlink: 266 bytes leftover after parsing attributes in process `syz.5.5576'. [ 932.641934][T21555] IPv6: NLM_F_CREATE should be specified when creating new route [ 932.704080][T21557] FAULT_INJECTION: forcing a failure. [ 932.704080][T21557] name failslab, interval 1, probability 0, space 0, times 0 [ 932.717618][T21557] CPU: 0 UID: 0 PID: 21557 Comm: syz.0.5575 Tainted: G U L syzkaller #0 PREEMPT(full) [ 932.717661][T21557] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 932.717670][T21557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 932.717686][T21557] Call Trace: [ 932.717694][T21557] [ 932.717703][T21557] dump_stack_lvl+0x100/0x190 [ 932.717747][T21557] should_fail_ex.cold+0x5/0xa [ 932.717775][T21557] ? process_preds+0x4c2/0x1d90 [ 932.717823][T21557] should_failslab+0xc2/0x120 [ 932.717852][T21557] __kmalloc_noprof+0xe0/0x850 [ 932.717897][T21557] process_preds+0x4c2/0x1d90 [ 932.717940][T21557] ? create_filter_start.constprop.0+0x134/0x310 [ 932.717983][T21557] create_filter+0x140/0x210 [ 932.718022][T21557] ? __pfx_create_filter+0x10/0x10 [ 932.718062][T21557] ? find_held_lock+0x2b/0x80 [ 932.718089][T21557] apply_event_filter+0x220/0x500 [ 932.718130][T21557] ? __pfx_apply_event_filter+0x10/0x10 [ 932.718177][T21557] event_filter_write+0x16d/0x290 [ 932.718208][T21557] vfs_write+0x2aa/0x1070 [ 932.718248][T21557] ? __pfx_event_filter_write+0x10/0x10 [ 932.718280][T21557] ? __pfx_vfs_write+0x10/0x10 [ 932.718318][T21557] ? __fget_files+0x215/0x3d0 [ 932.718348][T21557] ? __fget_files+0x21f/0x3d0 [ 932.718379][T21557] ksys_write+0x12a/0x250 [ 932.718420][T21557] ? __pfx_ksys_write+0x10/0x10 [ 932.718487][T21557] do_syscall_64+0x106/0xf80 [ 932.718517][T21557] ? clear_bhb_loop+0x40/0x90 [ 932.718549][T21557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 932.718575][T21557] RIP: 0033:0x7ff61539c799 [ 932.718596][T21557] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 932.718622][T21557] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 932.718646][T21557] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 932.718663][T21557] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 932.718679][T21557] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 932.718695][T21557] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 932.718711][T21557] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 932.718743][T21557] [ 933.523925][T21564] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 933.557668][T21564] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 933.595187][T21564] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 933.643056][T21564] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 934.427101][T21574] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 934.546396][T21574] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 934.660058][T21574] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 934.696237][T21578] netlink: 330 bytes leftover after parsing attributes in process `syz.0.5582'. [ 934.752784][T21574] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 935.015603][T21580] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 935.184578][T21580] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 935.274597][T21586] vhci_hcd vhci_hcd.2: invalid port number 194 [ 935.295284][T21580] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 935.349388][T21586] vhci_hcd vhci_hcd.2: invalid port number 194 [ 935.407007][T21580] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 935.726790][T21591] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 935.855966][T21591] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 935.945715][T21591] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 936.039555][T21591] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 936.394848][T21602] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 936.503658][T21602] EXT4-fs error (device sda1): htree_dirblock_to_tree:1051: inode #268: comm dhcpcd-run-hook: Directory block failed checksum [ 936.587400][T21602] EXT4-fs warning (device sda1): ext4_dirblock_csum_verify:375: inode #268: comm dhcpcd-run-hook: No space for directory leaf checksum. Please run e2fsck -D. [ 936.683297][T21602] EXT4-fs error (device sda1): __ext4_find_entry:1624: inode #268: comm dhcpcd-run-hook: checksumming directory block 0 [ 936.710952][T21607] ERROR: Out of memory at tomoyo_memory_ok. [ 937.121218][T21613] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5593'. [ 937.311291][T21613] team0 (unregistering): Port device team_slave_0 removed [ 937.411165][T21613] team0 (unregistering): Port device team_slave_1 removed [ 940.071325][T21656] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5607'. [ 940.147147][T21656] netlink: 25 bytes leftover after parsing attributes in process `syz.4.5607'. [ 940.761536][T21658] FAULT_INJECTION: forcing a failure. [ 940.761536][T21658] name failslab, interval 1, probability 0, space 0, times 0 [ 940.838486][T21658] CPU: 0 UID: 0 PID: 21658 Comm: syz.4.5608 Tainted: G U L syzkaller #0 PREEMPT(full) [ 940.838530][T21658] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 940.838541][T21658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 940.838557][T21658] Call Trace: [ 940.838565][T21658] [ 940.838576][T21658] dump_stack_lvl+0x100/0x190 [ 940.838619][T21658] should_fail_ex.cold+0x5/0xa [ 940.838649][T21658] should_failslab+0xc2/0x120 [ 940.838675][T21658] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 940.838715][T21658] ? sk_prot_alloc+0x60/0x2a0 [ 940.838757][T21658] sk_prot_alloc+0x60/0x2a0 [ 940.838797][T21658] sk_alloc+0x36/0xe80 [ 940.838825][T21658] rds_create+0x9e/0x5f0 [ 940.838866][T21658] __sock_create+0x339/0x860 [ 940.838911][T21658] __sys_socket+0x14d/0x260 [ 940.838958][T21658] ? __pfx___sys_socket+0x10/0x10 [ 940.839008][T21658] __x64_sys_socket+0x72/0xb0 [ 940.839048][T21658] ? lockdep_hardirqs_on+0x78/0x100 [ 940.839078][T21658] do_syscall_64+0x106/0xf80 [ 940.839108][T21658] ? clear_bhb_loop+0x40/0x90 [ 940.839139][T21658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 940.839165][T21658] RIP: 0033:0x7f561f79c799 [ 940.839187][T21658] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 940.839211][T21658] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 940.839241][T21658] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 940.839258][T21658] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 940.839274][T21658] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 940.839290][T21658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 940.839306][T21658] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 940.839338][T21658] [ 943.690069][ C0] vcan0: j1939_tp_rxtimer: 0xffff888032dfa000: rx timeout, send abort [ 943.701569][ T5175] ERROR: Out of memory at tomoyo_memory_ok. [ 944.198635][ C0] vcan0: j1939_tp_rxtimer: 0xffff888032dfa000: abort rx timeout. Force session deactivation [ 946.838592][T21735] netlink: 'syz.0.5635': attribute type 7 has an invalid length. [ 946.908789][T21735] netlink: 17 bytes leftover after parsing attributes in process `syz.0.5635'. [ 947.075314][T21741] netlink: 186 bytes leftover after parsing attributes in process `syz.2.5637'. [ 947.906513][T21755] ERROR: Out of memory at tomoyo_memory_ok. [ 948.094611][T21759] netlink: 338 bytes leftover after parsing attributes in process `syz.5.5645'. [ 948.146762][T21759] bond_slave_0: entered allmulticast mode [ 948.448587][T21769] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5649'. [ 948.877041][ T5840] Bluetooth: hci3: unexpected event 0x08 length: 435 > 4 [ 949.064920][T21778] netlink: 266 bytes leftover after parsing attributes in process `syz.2.5653'. [ 949.155998][T21778] IPv6: NLM_F_CREATE should be specified when creating new route [ 951.161438][T21814] netlink: 'syz.0.5664': attribute type 27 has an invalid length. [ 951.187609][T21814] netlink: 'syz.0.5664': attribute type 28 has an invalid length. [ 951.218213][T21814] netlink: 'syz.0.5664': attribute type 29 has an invalid length. [ 951.245855][T21814] netlink: 'syz.0.5664': attribute type 30 has an invalid length. [ 951.302427][T21814] netlink: 'syz.0.5664': attribute type 31 has an invalid length. [ 951.327196][T21814] netlink: 'syz.0.5664': attribute type 32 has an invalid length. [ 951.374900][T21814] netlink: 'syz.0.5664': attribute type 33 has an invalid length. [ 951.412925][T21814] netlink: 'syz.0.5664': attribute type 35 has an invalid length. [ 951.446466][T21814] netlink: 'syz.0.5664': attribute type 37 has an invalid length. [ 951.507316][T21814] netlink: 18 bytes leftover after parsing attributes in process `syz.0.5664'. [ 951.848027][T21819] FAULT_INJECTION: forcing a failure. [ 951.848027][T21819] name failslab, interval 1, probability 0, space 0, times 0 [ 951.915233][T21819] CPU: 0 UID: 8 PID: 21819 Comm: syz.0.5666 Tainted: G U L syzkaller #0 PREEMPT(full) [ 951.915276][T21819] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 951.915287][T21819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 951.915303][T21819] Call Trace: [ 951.915312][T21819] [ 951.915323][T21819] dump_stack_lvl+0x100/0x190 [ 951.915367][T21819] should_fail_ex.cold+0x5/0xa [ 951.915396][T21819] should_failslab+0xc2/0x120 [ 951.915423][T21819] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 951.915461][T21819] ? cred_alloc_blank+0x1c/0xa0 [ 951.915500][T21819] ? __x64_sys_futex+0x34f/0x4d0 [ 951.915533][T21819] ? __x64_sys_futex+0x358/0x4d0 [ 951.915570][T21819] cred_alloc_blank+0x1c/0xa0 [ 951.915625][T21819] keyctl_session_to_parent+0x55/0xae0 [ 951.915671][T21819] __do_sys_keyctl+0x2b1/0x5a0 [ 951.915710][T21819] do_syscall_64+0x106/0xf80 [ 951.915740][T21819] ? clear_bhb_loop+0x40/0x90 [ 951.915771][T21819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.915798][T21819] RIP: 0033:0x7ff61539c799 [ 951.915819][T21819] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 951.915845][T21819] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 951.915869][T21819] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 951.915887][T21819] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000012 [ 951.915904][T21819] RBP: 00007ff615432bd9 R08: 0000000000000001 R09: 0000000000000000 [ 951.915920][T21819] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 951.915937][T21819] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 951.915969][T21819] [ 954.488137][T21859] binder: 21857:21859 ioctl 4018620d 9 returned -22 [ 955.618168][T21879] FAULT_INJECTION: forcing a failure. [ 955.618168][T21879] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 955.647777][T21879] CPU: 0 UID: 0 PID: 21879 Comm: syz.5.5689 Tainted: G U L syzkaller #0 PREEMPT(full) [ 955.647829][T21879] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 955.647839][T21879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 955.647856][T21879] Call Trace: [ 955.647864][T21879] [ 955.647874][T21879] dump_stack_lvl+0x100/0x190 [ 955.647918][T21879] should_fail_ex.cold+0x5/0xa [ 955.647943][T21879] ? prepare_alloc_pages+0x16d/0x5f0 [ 955.647974][T21879] should_fail_alloc_page+0xeb/0x140 [ 955.648003][T21879] prepare_alloc_pages+0x1f0/0x5f0 [ 955.648031][T21879] ? workingset_test_recent+0x42d/0xe90 [ 955.648075][T21879] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 955.648116][T21879] ? workingset_test_recent+0x143/0xe90 [ 955.648158][T21879] ? local_lock_release+0x99/0x130 [ 955.648191][T21879] ? __lock_acquire+0x4a5/0x2630 [ 955.648226][T21879] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 955.648267][T21879] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 955.648315][T21879] ? __lock_acquire+0x4a5/0x2630 [ 955.648357][T21879] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 955.648402][T21879] ? policy_nodemask+0xed/0x4f0 [ 955.648430][T21879] alloc_pages_mpol+0x1fb/0x550 [ 955.648457][T21879] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 955.648483][T21879] ? swap_entry_swapped+0x1ff/0x2b0 [ 955.648508][T21879] ? __pfx_swap_entry_swapped+0x10/0x10 [ 955.648537][T21879] folio_alloc_mpol_noprof+0x36/0x340 [ 955.648570][T21879] swap_cache_alloc_folio+0x1a8/0x300 [ 955.648609][T21879] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 955.648645][T21879] ? __pfx_get_swap_device+0x10/0x10 [ 955.648688][T21879] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 955.648732][T21879] read_swap_cache_async+0xd9/0x480 [ 955.648770][T21879] ? __pfx_read_swap_cache_async+0x10/0x10 [ 955.648807][T21879] ? find_held_lock+0x2b/0x80 [ 955.648835][T21879] ? find_held_lock+0x2b/0x80 [ 955.648857][T21879] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 955.648885][T21879] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 955.648920][T21879] swapin_walk_pmd_entry+0x2fd/0x640 [ 955.648954][T21879] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 955.648984][T21879] ? __lock_acquire+0x4a5/0x2630 [ 955.649017][T21879] ? tomoyo_path_perm+0x29c/0x460 [ 955.649059][T21879] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 955.649090][T21879] walk_pgd_range+0xc04/0x1eb0 [ 955.649150][T21879] ? __pfx_walk_pgd_range+0x10/0x10 [ 955.649193][T21879] ? __lock_acquire+0x4a5/0x2630 [ 955.649228][T21879] __walk_page_range+0x163/0x820 [ 955.649282][T21879] walk_page_range_vma_unsafe+0x209/0x8f0 [ 955.649328][T21879] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 955.649371][T21879] ? lock_acquire+0x1cf/0x380 [ 955.649405][T21879] ? finish_task_switch.isra.0+0x200/0xb80 [ 955.649434][T21879] ? rcu_is_watching+0x12/0xc0 [ 955.649477][T21879] walk_page_range_vma+0x63/0x90 [ 955.649520][T21879] madvise_vma_behavior+0x1e14/0x3050 [ 955.649555][T21879] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 955.649585][T21879] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 955.649621][T21879] ? mas_prev+0x9b/0xf0 [ 955.649653][T21879] ? __pfx_mas_prev+0x10/0x10 [ 955.649693][T21879] ? find_vma_prev+0xd8/0x150 [ 955.649719][T21879] ? futex_unqueue+0x133/0x2c0 [ 955.649751][T21879] ? __pfx_find_vma_prev+0x10/0x10 [ 955.649786][T21879] ? __futex_wait+0x256/0x300 [ 955.649837][T21879] madvise_walk_vmas+0x2fe/0xa90 [ 955.649872][T21879] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 955.649910][T21879] madvise_do_behavior+0x1ea/0x510 [ 955.649943][T21879] ? __pfx_madvise_do_behavior+0x10/0x10 [ 955.649974][T21879] ? down_read+0x13b/0x460 [ 955.650024][T21879] do_madvise+0x195/0x240 [ 955.650053][T21879] ? __pfx_do_madvise+0x10/0x10 [ 955.650081][T21879] ? do_futex+0x192/0x350 [ 955.650121][T21879] ? __fget_files+0x21f/0x3d0 [ 955.650163][T21879] __x64_sys_madvise+0xa9/0x110 [ 955.650193][T21879] ? lockdep_hardirqs_on+0x78/0x100 [ 955.650223][T21879] do_syscall_64+0x106/0xf80 [ 955.650252][T21879] ? clear_bhb_loop+0x40/0x90 [ 955.650284][T21879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 955.650310][T21879] RIP: 0033:0x7fb5b3f9c799 [ 955.650332][T21879] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 955.650356][T21879] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 955.650380][T21879] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 955.650398][T21879] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 955.650414][T21879] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 955.650430][T21879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 955.650445][T21879] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 955.650478][T21879] [ 959.187684][T21924] ERROR: Out of memory at tomoyo_memory_ok. [ 960.787283][T21951] netlink: 138 bytes leftover after parsing attributes in process `syz.0.5711'. [ 963.733199][T21997] FAULT_INJECTION: forcing a failure. [ 963.733199][T21997] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 963.831226][T21997] CPU: 0 UID: 0 PID: 21997 Comm: syz.0.5723 Tainted: G U L syzkaller #0 PREEMPT(full) [ 963.831270][T21997] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 963.831281][T21997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 963.831297][T21997] Call Trace: [ 963.831306][T21997] [ 963.831316][T21997] dump_stack_lvl+0x100/0x190 [ 963.831360][T21997] should_fail_ex.cold+0x5/0xa [ 963.831385][T21997] ? prepare_alloc_pages+0x16d/0x5f0 [ 963.831417][T21997] should_fail_alloc_page+0xeb/0x140 [ 963.831445][T21997] prepare_alloc_pages+0x1f0/0x5f0 [ 963.831473][T21997] ? workingset_test_recent+0x42d/0xe90 [ 963.831518][T21997] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 963.831560][T21997] ? workingset_test_recent+0x143/0xe90 [ 963.831602][T21997] ? local_lock_release+0x99/0x130 [ 963.831635][T21997] ? __lock_acquire+0x4a5/0x2630 [ 963.831666][T21997] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 963.831707][T21997] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 963.831759][T21997] ? __lock_acquire+0x4a5/0x2630 [ 963.831801][T21997] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 963.831846][T21997] ? policy_nodemask+0xed/0x4f0 [ 963.831874][T21997] alloc_pages_mpol+0x1fb/0x550 [ 963.831901][T21997] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 963.831928][T21997] ? swap_entry_swapped+0x1ff/0x2b0 [ 963.831953][T21997] ? __pfx_swap_entry_swapped+0x10/0x10 [ 963.831982][T21997] folio_alloc_mpol_noprof+0x36/0x340 [ 963.832015][T21997] swap_cache_alloc_folio+0x1a8/0x300 [ 963.832054][T21997] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 963.832090][T21997] ? __pfx_get_swap_device+0x10/0x10 [ 963.832132][T21997] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 963.832185][T21997] read_swap_cache_async+0xd9/0x480 [ 963.832223][T21997] ? __pfx_read_swap_cache_async+0x10/0x10 [ 963.832261][T21997] ? find_held_lock+0x2b/0x80 [ 963.832284][T21997] ? find_held_lock+0x2b/0x80 [ 963.832307][T21997] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 963.832336][T21997] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 963.832371][T21997] swapin_walk_pmd_entry+0x2fd/0x640 [ 963.832417][T21997] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 963.832446][T21997] ? __lock_acquire+0x4a5/0x2630 [ 963.832478][T21997] ? tomoyo_path_perm+0x29c/0x460 [ 963.832517][T21997] ? kasan_save_stack+0x3f/0x50 [ 963.832553][T21997] ? kasan_save_stack+0x30/0x50 [ 963.832592][T21997] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 963.832621][T21997] walk_pgd_range+0xc04/0x1eb0 [ 963.832677][T21997] ? __pfx_walk_pgd_range+0x10/0x10 [ 963.832719][T21997] ? __lock_acquire+0x4a5/0x2630 [ 963.832753][T21997] __walk_page_range+0x163/0x820 [ 963.832823][T21997] walk_page_range_vma_unsafe+0x209/0x8f0 [ 963.832869][T21997] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 963.832912][T21997] ? lock_acquire+0x1cf/0x380 [ 963.832946][T21997] ? finish_task_switch.isra.0+0x200/0xb80 [ 963.832974][T21997] ? rcu_is_watching+0x12/0xc0 [ 963.833018][T21997] walk_page_range_vma+0x63/0x90 [ 963.833061][T21997] madvise_vma_behavior+0x1e14/0x3050 [ 963.833096][T21997] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 963.833125][T21997] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 963.833166][T21997] ? mas_prev+0x9b/0xf0 [ 963.833198][T21997] ? __pfx_mas_prev+0x10/0x10 [ 963.833238][T21997] ? find_vma_prev+0xd8/0x150 [ 963.833264][T21997] ? futex_unqueue+0x133/0x2c0 [ 963.833295][T21997] ? __pfx_find_vma_prev+0x10/0x10 [ 963.833331][T21997] ? __futex_wait+0x256/0x300 [ 963.833375][T21997] madvise_walk_vmas+0x2fe/0xa90 [ 963.833410][T21997] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 963.833448][T21997] madvise_do_behavior+0x1ea/0x510 [ 963.833480][T21997] ? __pfx_madvise_do_behavior+0x10/0x10 [ 963.833513][T21997] ? down_read+0x13b/0x460 [ 963.833561][T21997] do_madvise+0x195/0x240 [ 963.833590][T21997] ? __pfx_do_madvise+0x10/0x10 [ 963.833618][T21997] ? do_futex+0x192/0x350 [ 963.833656][T21997] ? __fget_files+0x21f/0x3d0 [ 963.833698][T21997] __x64_sys_madvise+0xa9/0x110 [ 963.833728][T21997] ? lockdep_hardirqs_on+0x78/0x100 [ 963.833757][T21997] do_syscall_64+0x106/0xf80 [ 963.833786][T21997] ? clear_bhb_loop+0x40/0x90 [ 963.833817][T21997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 963.833844][T21997] RIP: 0033:0x7ff61539c799 [ 963.833865][T21997] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 963.833891][T21997] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 963.833916][T21997] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 963.833934][T21997] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 963.833951][T21997] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 963.833968][T21997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 963.833984][T21997] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 963.834017][T21997] [ 964.536894][T22003] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5726'. [ 964.547921][T22003] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5726'. [ 964.558677][T22003] netlink: 290 bytes leftover after parsing attributes in process `syz.4.5726'. [ 965.057301][T22012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5730'. [ 965.119240][T22012] netlink: 13 bytes leftover after parsing attributes in process `syz.0.5730'. [ 965.149018][T22014] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5731'. [ 965.218330][T22017] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5731'. [ 967.753468][T22069] ERROR: Out of memory at tomoyo_memory_ok. [ 968.401421][T22078] ERROR: Out of memory at tomoyo_memory_ok. [ 968.919668][T22087] netlink: 266 bytes leftover after parsing attributes in process `syz.2.5753'. [ 971.120439][T22099] ERROR: Out of memory at tomoyo_memory_ok. [ 971.173821][T22103] netlink: 342 bytes leftover after parsing attributes in process `syz.0.5761'. [ 972.150025][ T29] audit: type=1800 audit(1772362783.314:18): pid=22118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.5766" name="trace_marker" dev="tracefs" ino=663 res=0 errno=0 [ 976.315353][T22157] Invalid ELF header magic: != ELF [ 978.008838][T22185] netlink: 334 bytes leftover after parsing attributes in process `syz.4.5792'. [ 980.710412][T22234] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5809'. [ 980.765432][T22234] veth0_vlan: entered allmulticast mode [ 980.858531][ T5840] Bluetooth: hci0: unexpected event 0x20 length: 123 > 7 [ 982.428693][T22263] ERROR: Out of memory at tomoyo_memory_ok. [ 982.924697][ T5840] Bluetooth: hci4: unexpected event 0x20 length: 123 > 7 [ 984.789520][ T5840] Bluetooth: hci1: unexpected event 0x20 length: 123 > 7 [ 985.336874][T22321] netlink: 338 bytes leftover after parsing attributes in process `syz.0.5845'. [ 985.401199][T22321] netlink: 338 bytes leftover after parsing attributes in process `syz.0.5845'. [ 985.451422][T22321] netlink: 170 bytes leftover after parsing attributes in process `syz.0.5845'. [ 985.878251][T22325] zero sized request [ 987.045893][T22337] zswap: compressor not available [ 989.339666][T22370] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 992.976449][T22433] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5883'. [ 993.469830][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.477325][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.725243][T22446] ERROR: Out of memory at tomoyo_memory_ok. [ 993.946308][ T29] audit: type=1804 audit(1772362805.103:19): pid=22442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.5885" name="/newroot/373/file0" dev="tmpfs" ino=1931 res=1 errno=0 [ 994.068215][ T29] audit: type=1804 audit(1772362805.153:20): pid=22447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.5885" name="/newroot/373/file0" dev="tmpfs" ino=1931 res=1 errno=0 [ 995.337569][T22465] netlink: 122 bytes leftover after parsing attributes in process `syz.0.5892'. [ 995.397776][T22465] smc: net device dummy0 applied user defined pnetid DUMMY0 [ 996.534141][T22485] netlink: 20 bytes leftover after parsing attributes in process `syz.2.5899'. [ 996.758518][T22487] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5900'. [ 996.776873][T22487] netlink: 294 bytes leftover after parsing attributes in process `syz.4.5900'. [ 996.858435][T22489] netlink: 194 bytes leftover after parsing attributes in process `syz.0.5901'. [ 997.082462][T22495] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5904'. [ 997.083200][T22495] netlink: 13 bytes leftover after parsing attributes in process `syz.0.5904'. [ 999.552642][T22533] netlink: 186 bytes leftover after parsing attributes in process `syz.5.5918'. [ 1000.173271][T22541] sp0: Synchronizing with TNC [ 1000.203692][T22544] sp0: Found TNC [ 1001.893779][T22571] netlink: 186 bytes leftover after parsing attributes in process `syz.0.5931'. [ 1004.988860][T22614] ERROR: Out of memory at tomoyo_memory_ok. [ 1008.244330][T22676] FAULT_INJECTION: forcing a failure. [ 1008.244330][T22676] name failslab, interval 1, probability 0, space 0, times 0 [ 1008.317404][T22676] CPU: 0 UID: 0 PID: 22676 Comm: syz.0.5968 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1008.317449][T22676] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1008.317460][T22676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1008.317476][T22676] Call Trace: [ 1008.317486][T22676] [ 1008.317496][T22676] dump_stack_lvl+0x100/0x190 [ 1008.317540][T22676] should_fail_ex.cold+0x5/0xa [ 1008.317570][T22676] should_failslab+0xc2/0x120 [ 1008.317596][T22676] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1008.317630][T22676] ? cgroup_file_open+0x90/0x470 [ 1008.317658][T22676] ? lockdep_init_map_type+0x5c/0x250 [ 1008.317697][T22676] cgroup_file_open+0x90/0x470 [ 1008.317723][T22676] ? __pfx_cgroup_file_open+0x10/0x10 [ 1008.317752][T22676] kernfs_fop_open+0x8b5/0xd50 [ 1008.317787][T22676] do_dentry_open+0x6d8/0x1660 [ 1008.317819][T22676] ? __pfx_kernfs_fop_open+0x10/0x10 [ 1008.317854][T22676] vfs_open+0x82/0x3f0 [ 1008.317890][T22676] path_openat+0x208c/0x31a0 [ 1008.317925][T22676] ? __pfx_path_openat+0x10/0x10 [ 1008.317962][T22676] do_file_open+0x20e/0x430 [ 1008.317990][T22676] ? __pfx_do_file_open+0x10/0x10 [ 1008.318038][T22676] ? alloc_fd+0x476/0x790 [ 1008.318067][T22676] ? do_getname+0x191/0x390 [ 1008.318101][T22676] do_sys_openat2+0x10d/0x1e0 [ 1008.318135][T22676] ? __pfx_do_sys_openat2+0x10/0x10 [ 1008.318170][T22676] ? apparmor_capable+0x1d7/0x4d0 [ 1008.318215][T22676] __x64_sys_openat+0x12d/0x210 [ 1008.318250][T22676] ? __pfx___x64_sys_openat+0x10/0x10 [ 1008.318295][T22676] do_syscall_64+0x106/0xf80 [ 1008.318326][T22676] ? clear_bhb_loop+0x40/0x90 [ 1008.318357][T22676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1008.318383][T22676] RIP: 0033:0x7ff61539c799 [ 1008.318405][T22676] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1008.318430][T22676] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1008.318454][T22676] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 1008.318473][T22676] RDX: 0000000000182b02 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 1008.318490][T22676] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1008.318506][T22676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1008.318522][T22676] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 1008.318561][T22676] [ 1009.643109][T22689] FAULT_INJECTION: forcing a failure. [ 1009.643109][T22689] name failslab, interval 1, probability 0, space 0, times 0 [ 1009.733814][T22689] CPU: 0 UID: 0 PID: 22689 Comm: syz.4.5970 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1009.733863][T22689] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1009.733874][T22689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1009.733891][T22689] Call Trace: [ 1009.733907][T22689] [ 1009.733917][T22689] dump_stack_lvl+0x100/0x190 [ 1009.733960][T22689] should_fail_ex.cold+0x5/0xa [ 1009.733990][T22689] should_failslab+0xc2/0x120 [ 1009.734016][T22689] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1009.734057][T22689] ? __alloc_skb+0x140/0x710 [ 1009.734090][T22689] __alloc_skb+0x140/0x710 [ 1009.734117][T22689] ? __alloc_skb+0x5b7/0x710 [ 1009.734144][T22689] ? __pfx___alloc_skb+0x10/0x10 [ 1009.734180][T22689] alloc_skb_with_frags+0xe0/0x810 [ 1009.734223][T22689] sock_alloc_send_pskb+0x801/0x980 [ 1009.734252][T22689] ? find_held_lock+0x2b/0x80 [ 1009.734281][T22689] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1009.734308][T22689] ? ip6_output+0x2eb/0xa60 [ 1009.734347][T22689] ? __pfx_ip6_output+0x10/0x10 [ 1009.734391][T22689] __ip6_append_data+0x2c4c/0x4de0 [ 1009.734435][T22689] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1009.734470][T22689] ? find_held_lock+0x2b/0x80 [ 1009.734500][T22689] ? __pfx___ip6_append_data+0x10/0x10 [ 1009.734537][T22689] ? __pfx_ip6_mtu+0x10/0x10 [ 1009.734566][T22689] ? ip6_setup_cork+0x5be/0x14c0 [ 1009.734606][T22689] ip6_make_skb+0x2a3/0x3b0 [ 1009.734648][T22689] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1009.734681][T22689] ? __pfx_ip6_make_skb+0x10/0x10 [ 1009.734728][T22689] ? sk_dst_check+0x1de/0x550 [ 1009.734761][T22689] ? udpv6_sendmsg+0x2499/0x2f60 [ 1009.734786][T22689] udpv6_sendmsg+0x2499/0x2f60 [ 1009.734816][T22689] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 1009.734856][T22689] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1009.734888][T22689] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1009.734952][T22689] ? __pfx___might_resched+0x10/0x10 [ 1009.735009][T22689] ? __import_iovec+0x1d2/0x640 [ 1009.735035][T22689] ? __pfx_udpv6_sendmsg+0x10/0x10 [ 1009.735064][T22689] ? inet6_sendmsg+0x105/0x140 [ 1009.735091][T22689] inet6_sendmsg+0x105/0x140 [ 1009.735121][T22689] ____sys_sendmsg+0x704/0xc30 [ 1009.735162][T22689] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1009.735205][T22689] ? rcu_is_watching+0x12/0xc0 [ 1009.735243][T22689] ? ___sys_sendmsg+0x19d/0x1e0 [ 1009.735280][T22689] ? kfree+0x2ec/0x6b0 [ 1009.735309][T22689] ? trace_ignore_this_task+0x6b/0x100 [ 1009.735353][T22689] ___sys_sendmsg+0x190/0x1e0 [ 1009.735395][T22689] ? __pfx____sys_sendmsg+0x10/0x10 [ 1009.735461][T22689] ? __pfx___might_resched+0x10/0x10 [ 1009.735504][T22689] __sys_sendmmsg+0x205/0x430 [ 1009.735538][T22689] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1009.735568][T22689] ? __local_bh_enable_ip+0x9e/0x120 [ 1009.735603][T22689] ? __pfx_do_futex+0x10/0x10 [ 1009.735650][T22689] ? xfd_validate_state+0x129/0x190 [ 1009.735694][T22689] __x64_sys_sendmmsg+0x9c/0x100 [ 1009.735724][T22689] ? lockdep_hardirqs_on+0x78/0x100 [ 1009.735755][T22689] do_syscall_64+0x106/0xf80 [ 1009.735784][T22689] ? clear_bhb_loop+0x40/0x90 [ 1009.735815][T22689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1009.735842][T22689] RIP: 0033:0x7f561f79c799 [ 1009.735863][T22689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1009.735888][T22689] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1009.735920][T22689] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1009.735937][T22689] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1009.735953][T22689] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1009.735969][T22689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1009.735984][T22689] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1009.736017][T22689] [ 1010.395978][T22682] zswap: compressor not available [ 1011.420493][T22706] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5977'. [ 1011.545418][T22709] usb usb2: usbfs: process 22709 (syz.5.5977) did not claim interface 4 before use [ 1012.488548][T22721] mkiss: ax0: crc mode is auto. [ 1016.079339][T22773] netlink: 318 bytes leftover after parsing attributes in process `syz.0.5998'. [ 1016.316075][T22776] ERROR: Out of memory at tomoyo_memory_ok. [ 1016.685928][T22782] netlink: 338 bytes leftover after parsing attributes in process `syz.0.6003'. [ 1019.771627][ T5840] Bluetooth: hci3: unexpected event 0x09 length: 435 > 3 [ 1019.819447][T22819] netlink: 18 bytes leftover after parsing attributes in process `syz.5.6016'. [ 1024.627817][T22901] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 1024.667513][T22901] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 1028.037572][T22931] ERROR: Out of memory at tomoyo_memory_ok. [ 1028.435197][T22933] binder: 22932:22933 ioctl 40046205 0 returned -22 [ 1028.580178][T22937] sp0: Synchronizing with TNC [ 1028.976278][T22945] netlink: 50 bytes leftover after parsing attributes in process `syz.5.6059'. [ 1030.049376][T22959] FAULT_INJECTION: forcing a failure. [ 1030.049376][T22959] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.164925][T22959] CPU: 0 UID: 0 PID: 22959 Comm: syz.4.6064 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1030.164983][T22959] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1030.164993][T22959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1030.165009][T22959] Call Trace: [ 1030.165018][T22959] [ 1030.165028][T22959] dump_stack_lvl+0x100/0x190 [ 1030.165088][T22959] should_fail_ex.cold+0x5/0xa [ 1030.165123][T22959] ? process_preds+0x4c2/0x1d90 [ 1030.165161][T22959] should_failslab+0xc2/0x120 [ 1030.165188][T22959] __kmalloc_noprof+0xe0/0x850 [ 1030.165234][T22959] process_preds+0x4c2/0x1d90 [ 1030.165279][T22959] ? create_filter_start.constprop.0+0x134/0x310 [ 1030.165324][T22959] create_filter+0x140/0x210 [ 1030.165363][T22959] ? __pfx_create_filter+0x10/0x10 [ 1030.165405][T22959] ? find_held_lock+0x2b/0x80 [ 1030.165432][T22959] apply_event_filter+0x220/0x500 [ 1030.165474][T22959] ? __pfx_apply_event_filter+0x10/0x10 [ 1030.165523][T22959] event_filter_write+0x16d/0x290 [ 1030.165555][T22959] vfs_write+0x2aa/0x1070 [ 1030.165596][T22959] ? __pfx_event_filter_write+0x10/0x10 [ 1030.165629][T22959] ? __pfx_vfs_write+0x10/0x10 [ 1030.165668][T22959] ? __fget_files+0x215/0x3d0 [ 1030.165698][T22959] ? __fget_files+0x21f/0x3d0 [ 1030.165730][T22959] ksys_write+0x12a/0x250 [ 1030.165771][T22959] ? __pfx_ksys_write+0x10/0x10 [ 1030.165821][T22959] do_syscall_64+0x106/0xf80 [ 1030.165851][T22959] ? clear_bhb_loop+0x40/0x90 [ 1030.165883][T22959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.165910][T22959] RIP: 0033:0x7f561f79c799 [ 1030.165931][T22959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1030.165963][T22959] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1030.165988][T22959] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1030.166006][T22959] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1030.166022][T22959] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1030.166037][T22959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.166052][T22959] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1030.166086][T22959] [ 1031.820669][T22978] mkiss: ax0: crc mode is auto. [ 1033.004799][T22990] futex_wake_op: syz.5.6075 tries to shift op by -2048; fix this program [ 1033.195860][T22990] futex_wake_op: syz.5.6075 tries to shift op by -2048; fix this program [ 1033.948284][T23006] sp0: Synchronizing with TNC [ 1034.685003][T23014] [U]  [ 1034.687897][T23014] [U] [ 1034.690613][T23014] [U] [ 1034.693333][T23014] [U] [ 1034.735355][T23014] [U] [ 1034.738116][T23014] [U] [ 1034.740833][T23014] [U] [ 1034.743547][T23014] [U] [ 1034.765828][T23014] [U] [ 1034.768604][T23014] [U] [ 1034.771331][T23014] [U] [ 1034.774046][T23014] [U] [ 1034.808300][T23014] [U] [ 1034.811061][T23014] [U] [ 1034.813778][T23014] [U] [ 1034.816491][T23014] [U] [ 1034.844280][T23014] [U] [ 1034.847041][T23014] [U] [ 1034.849760][T23014] [U] [ 1034.852479][T23014] [U] [ 1034.886413][T23014] [U] [ 1034.889167][T23014] [U] [ 1034.891877][T23014] [U] [ 1034.894589][T23014] [U] [ 1034.906737][T23014] [U] [ 1034.909493][T23014] [U] [ 1034.912210][T23014] [U] [ 1034.914927][T23014] [U] [ 1034.936805][T23014] [U] [ 1034.939565][T23014] [U] [ 1034.942282][T23014] [U] [ 1034.945012][T23014] [U] [ 1034.956827][T23014] [U] [ 1034.959585][T23014] [U] [ 1034.962303][T23014] [U] [ 1034.965029][T23014] [U] [ 1034.986892][T23014] [U] [ 1034.989659][T23014] [U] [ 1034.992375][T23014] [U] [ 1034.995091][T23014] [U] [ 1035.009276][T23014] [U] [ 1035.012039][T23014] [U] [ 1035.014760][T23014] [U] [ 1035.017500][T23014] [U] [ 1035.037610][T23014] [U] [ 1035.040376][T23014] [U] [ 1035.043102][T23014] [U] [ 1035.045844][T23014] [U] [ 1035.059929][T23014] [U] [ 1035.062702][T23014] [U] [ 1035.065425][T23014] [U] [ 1035.068139][T23014] [U] [ 1035.092486][T23014] [U] [ 1035.095257][T23014] [U] [ 1035.097973][T23014] [U] [ 1035.100703][T23014] [U] [ 1035.115534][T23014] [U] [ 1035.118322][T23014] [U] [ 1035.121038][T23014] [U] [ 1035.123757][T23014] [U] [ 1035.147591][T23014] [U] [ 1035.150378][T23014] [U] [ 1035.153097][T23014] [U] [ 1035.155813][T23014] [U] [ 1035.167685][T23014] [U] [ 1035.170477][T23014] [U] [ 1035.173191][T23014] [U] [ 1035.175904][T23014] [U] [ 1035.196872][T23014] [U] [ 1035.199634][T23014] [U] [ 1035.202343][T23014] [U] [ 1035.205062][T23014] [U] [ 1035.239136][T23014] [U] [ 1035.241893][T23014] [U] [ 1035.244620][T23014] [U] [ 1035.247352][T23014] [U] [ 1035.287309][T23014] [U] [ 1038.157856][T23051] sp0: Synchronizing with TNC [ 1038.376902][T23052] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6095'. [ 1039.292529][T23066] ERROR: Out of memory at tomoyo_memory_ok. [ 1039.417339][T23072] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1039.434096][T23072] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1039.472384][T23072] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1039.511746][T23072] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1040.217679][T23085] netlink: 12 bytes leftover after parsing attributes in process `syz.0.6106'. [ 1040.312701][T23085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6106'. [ 1040.463233][T23091] FAULT_INJECTION: forcing a failure. [ 1040.463233][T23091] name failslab, interval 1, probability 0, space 0, times 0 [ 1040.476866][T23093] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6107'. [ 1040.536836][T23091] CPU: 0 UID: 0 PID: 23091 Comm: syz.4.6108 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1040.536877][T23091] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1040.536887][T23091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1040.536903][T23091] Call Trace: [ 1040.536912][T23091] [ 1040.536922][T23091] dump_stack_lvl+0x100/0x190 [ 1040.536966][T23091] should_fail_ex.cold+0x5/0xa [ 1040.536997][T23091] should_failslab+0xc2/0x120 [ 1040.537023][T23091] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1040.537066][T23091] ? sysctl_core_net_init+0x42/0x290 [ 1040.537114][T23091] kmemdup_noprof+0x29/0x60 [ 1040.537155][T23091] sysctl_core_net_init+0x42/0x290 [ 1040.537198][T23091] ? __pfx_sysctl_core_net_init+0x10/0x10 [ 1040.537240][T23091] ops_init+0x1e2/0x5f0 [ 1040.537275][T23091] setup_net+0x118/0x3a0 [ 1040.537307][T23091] ? __pfx_setup_net+0x10/0x10 [ 1040.537338][T23091] ? lockdep_init_map_type+0x5c/0x250 [ 1040.537390][T23091] ? mutex_init_lockep+0x110/0x150 [ 1040.537430][T23091] copy_net_ns+0x46f/0x7c0 [ 1040.537468][T23091] create_new_namespaces+0x3ea/0xac0 [ 1040.537502][T23091] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1040.537532][T23091] ksys_unshare+0x473/0xad0 [ 1040.537567][T23091] ? __pfx_ksys_unshare+0x10/0x10 [ 1040.537610][T23091] __x64_sys_unshare+0x31/0x40 [ 1040.537641][T23091] do_syscall_64+0x106/0xf80 [ 1040.537671][T23091] ? clear_bhb_loop+0x40/0x90 [ 1040.537703][T23091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1040.537729][T23091] RIP: 0033:0x7f561f79c799 [ 1040.537750][T23091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1040.537776][T23091] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1040.537808][T23091] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1040.537826][T23091] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1040.537842][T23091] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1040.537858][T23091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1040.537874][T23091] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1040.537906][T23091] [ 1041.498408][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 1041.506027][ T5840] Bluetooth: hci3: command 0x0406 tx timeout [ 1041.512920][ T5840] Bluetooth: hci0: command 0x0406 tx timeout [ 1041.573925][T23109] Bluetooth: hci4: command 0x0c1a tx timeout [ 1042.294013][T23118] lo: entered allmulticast mode [ 1042.331936][T23118] lo: left allmulticast mode [ 1042.696091][T23126] futex_wake_op: syz.5.6117 tries to shift op by -2048; fix this program [ 1042.729359][T23118] zswap: compressor not available [ 1042.737333][T23122] Setting dangerous option i915.mitigations - tainting kernel [ 1042.760578][T23126] futex_wake_op: syz.5.6117 tries to shift op by -2048; fix this program [ 1042.776155][T23123] Setting dangerous option i915.mitigations - tainting kernel [ 1042.797623][T23126] 0x001c00000000-0x100002c00000200 : "" [ 1042.828672][T23126] mtd: partition "" is out of reach -- disabled [ 1042.907708][T23126] ftl_cs: FTL header not found. [ 1043.236552][T23130] ERROR: Out of memory at tomoyo_memory_ok. [ 1043.468186][T23133] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6120'. [ 1044.363083][T23155] netlink: 'syz.5.6127': attribute type 1 has an invalid length. [ 1044.370861][T23155] netlink: 'syz.5.6127': attribute type 6 has an invalid length. [ 1044.779418][T23161] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6129'. [ 1046.653616][T23196] netlink: 62 bytes leftover after parsing attributes in process `syz.2.6141'. [ 1050.416263][T23245] FAULT_INJECTION: forcing a failure. [ 1050.416263][T23245] name failslab, interval 1, probability 0, space 0, times 0 [ 1050.526952][T23248] ERROR: Out of memory at tomoyo_memory_ok. [ 1050.542167][T23245] CPU: 0 UID: 0 PID: 23245 Comm: syz.4.6155 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1050.542211][T23245] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1050.542224][T23245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1050.542239][T23245] Call Trace: [ 1050.542248][T23245] [ 1050.542258][T23245] dump_stack_lvl+0x100/0x190 [ 1050.542300][T23245] should_fail_ex.cold+0x5/0xa [ 1050.542330][T23245] should_failslab+0xc2/0x120 [ 1050.542355][T23245] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1050.542393][T23245] ? __ksm_enter+0x3c/0x650 [ 1050.542435][T23245] __ksm_enter+0x3c/0x650 [ 1050.542476][T23245] ksm_enable_merge_any+0xbf/0x120 [ 1050.542514][T23245] __do_sys_prctl+0xef9/0x2330 [ 1050.542552][T23245] ? __pfx___do_sys_prctl+0x10/0x10 [ 1050.542609][T23245] do_syscall_64+0x106/0xf80 [ 1050.542640][T23245] ? clear_bhb_loop+0x40/0x90 [ 1050.542672][T23245] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1050.542698][T23245] RIP: 0033:0x7f561f79c799 [ 1050.542719][T23245] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1050.542743][T23245] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 1050.542769][T23245] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1050.542788][T23245] RDX: 0000000000000000 RSI: 0000000000000017 RDI: 0000000000000043 [ 1050.542805][T23245] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1050.542822][T23245] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1050.542838][T23245] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1050.542870][T23245] [ 1054.715616][T23291] FAULT_INJECTION: forcing a failure. [ 1054.715616][T23291] name failslab, interval 1, probability 0, space 0, times 0 [ 1054.737022][T23293] FAULT_INJECTION: forcing a failure. [ 1054.737022][T23293] name failslab, interval 1, probability 0, space 0, times 0 [ 1054.846539][T23293] CPU: 0 UID: 0 PID: 23293 Comm: syz.5.6168 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1054.846583][T23293] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1054.846594][T23293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1054.846610][T23293] Call Trace: [ 1054.846619][T23293] [ 1054.846629][T23293] dump_stack_lvl+0x100/0x190 [ 1054.846673][T23293] should_fail_ex.cold+0x5/0xa [ 1054.846702][T23293] ? ops_init+0x77/0x5f0 [ 1054.846731][T23293] should_failslab+0xc2/0x120 [ 1054.846757][T23293] __kmalloc_noprof+0xe0/0x850 [ 1054.846796][T23293] ? __raw_spin_lock_init+0x3a/0x110 [ 1054.846839][T23293] ops_init+0x77/0x5f0 [ 1054.846873][T23293] setup_net+0x118/0x3a0 [ 1054.846905][T23293] ? __pfx_setup_net+0x10/0x10 [ 1054.846936][T23293] ? lockdep_init_map_type+0x5c/0x250 [ 1054.846971][T23293] ? mutex_init_lockep+0x110/0x150 [ 1054.847011][T23293] copy_net_ns+0x46f/0x7c0 [ 1054.847049][T23293] create_new_namespaces+0x3ea/0xac0 [ 1054.847082][T23293] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1054.847112][T23293] ksys_unshare+0x473/0xad0 [ 1054.847146][T23293] ? __pfx_ksys_unshare+0x10/0x10 [ 1054.847189][T23293] __x64_sys_unshare+0x31/0x40 [ 1054.847221][T23293] do_syscall_64+0x106/0xf80 [ 1054.847259][T23293] ? clear_bhb_loop+0x40/0x90 [ 1054.847292][T23293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.847318][T23293] RIP: 0033:0x7fb5b3f9c799 [ 1054.847338][T23293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1054.847363][T23293] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1054.847388][T23293] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 1054.847406][T23293] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1054.847422][T23293] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1054.847438][T23293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1054.847454][T23293] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 1054.847486][T23293] [ 1055.283526][T23291] CPU: 0 UID: 0 PID: 23291 Comm: syz.4.6176 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1055.283576][T23291] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1055.283587][T23291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1055.283603][T23291] Call Trace: [ 1055.283612][T23291] [ 1055.283622][T23291] dump_stack_lvl+0x100/0x190 [ 1055.283667][T23291] should_fail_ex.cold+0x5/0xa [ 1055.283696][T23291] should_failslab+0xc2/0x120 [ 1055.283726][T23291] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1055.283765][T23291] ? __kernfs_new_node+0xd2/0x960 [ 1055.283807][T23291] __kernfs_new_node+0xd2/0x960 [ 1055.283847][T23291] ? __pfx___kernfs_new_node+0x10/0x10 [ 1055.283891][T23291] ? find_held_lock+0x2b/0x80 [ 1055.283914][T23291] ? kernfs_root+0xee/0x2a0 [ 1055.283947][T23291] ? kernfs_root+0xee/0x2a0 [ 1055.283989][T23291] kernfs_new_node+0x11b/0x1a0 [ 1055.284034][T23291] __kernfs_create_file+0x53/0x350 [ 1055.284067][T23291] sysfs_add_file_mode_ns+0x207/0x3c0 [ 1055.284108][T23291] internal_create_group+0x593/0xf40 [ 1055.284153][T23291] ? __pfx_internal_create_group+0x10/0x10 [ 1055.284196][T23291] ? kernfs_create_link+0x1bd/0x240 [ 1055.284235][T23291] internal_create_groups+0x9d/0x150 [ 1055.284276][T23291] device_add+0x71a/0x1950 [ 1055.284319][T23291] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1055.284363][T23291] ? __pfx_device_add+0x10/0x10 [ 1055.284405][T23291] ? lockdep_init_map_type+0x5c/0x250 [ 1055.284439][T23291] ? __init_waitqueue_head+0xca/0x150 [ 1055.284485][T23291] netdev_register_kobject+0x1a9/0x3d0 [ 1055.284526][T23291] register_netdevice+0x12e0/0x2210 [ 1055.284566][T23291] ? __pfx_register_netdevice+0x10/0x10 [ 1055.284606][T23291] ? __pfx_loopback_net_init+0x10/0x10 [ 1055.284645][T23291] register_netdev+0x34/0x50 [ 1055.284677][T23291] loopback_net_init+0x7a/0x170 [ 1055.284716][T23291] ? __pfx_loopback_net_init+0x10/0x10 [ 1055.284752][T23291] ops_init+0x1e2/0x5f0 [ 1055.284788][T23291] setup_net+0x118/0x3a0 [ 1055.284820][T23291] ? __pfx_setup_net+0x10/0x10 [ 1055.284851][T23291] ? lockdep_init_map_type+0x5c/0x250 [ 1055.284886][T23291] ? mutex_init_lockep+0x110/0x150 [ 1055.284925][T23291] copy_net_ns+0x46f/0x7c0 [ 1055.284964][T23291] create_new_namespaces+0x3ea/0xac0 [ 1055.284998][T23291] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1055.285028][T23291] ksys_unshare+0x473/0xad0 [ 1055.285062][T23291] ? __pfx_ksys_unshare+0x10/0x10 [ 1055.285105][T23291] __x64_sys_unshare+0x31/0x40 [ 1055.285137][T23291] do_syscall_64+0x106/0xf80 [ 1055.285167][T23291] ? clear_bhb_loop+0x40/0x90 [ 1055.285199][T23291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1055.285233][T23291] RIP: 0033:0x7f561f79c799 [ 1055.285255][T23291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1055.285281][T23291] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1055.285305][T23291] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1055.285323][T23291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1055.285339][T23291] RBP: 00007f561f832bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1055.285356][T23291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1055.285372][T23291] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1055.285404][T23291] [ 1055.625636][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.632082][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.068153][T23304] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6172'. [ 1057.248408][T23324] netlink: 'syz.2.6179': attribute type 1 has an invalid length. [ 1057.294388][T23326] netlink: 86 bytes leftover after parsing attributes in process `syz.0.6181'. [ 1057.303688][T23324] nbd: error processing sock list [ 1057.477260][T23322] sp0: Synchronizing with TNC [ 1057.923513][T23332] FAULT_INJECTION: forcing a failure. [ 1057.923513][T23332] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.061890][T23332] CPU: 0 UID: 0 PID: 23332 Comm: syz.0.6183 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1058.061933][T23332] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1058.061944][T23332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1058.061965][T23332] Call Trace: [ 1058.061974][T23332] [ 1058.061984][T23332] dump_stack_lvl+0x100/0x190 [ 1058.062028][T23332] should_fail_ex.cold+0x5/0xa [ 1058.062059][T23332] should_failslab+0xc2/0x120 [ 1058.062085][T23332] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1058.062129][T23332] ? __proc_create+0x2cb/0x8c0 [ 1058.062176][T23332] __proc_create+0x2cb/0x8c0 [ 1058.062218][T23332] ? __pfx___proc_create+0x10/0x10 [ 1058.062265][T23332] ? __pfx_netdev_run_todo+0x10/0x10 [ 1058.062304][T23332] proc_create_reg+0x75/0x170 [ 1058.062328][T23332] ? __pfx_psched_show+0x10/0x10 [ 1058.062364][T23332] proc_create_single_data+0x86/0x130 [ 1058.062390][T23332] ? __pfx_proc_create_single_data+0x10/0x10 [ 1058.062423][T23332] ? __pfx_psched_net_init+0x10/0x10 [ 1058.062459][T23332] psched_net_init+0x4a/0x70 [ 1058.062493][T23332] ops_init+0x1e2/0x5f0 [ 1058.062529][T23332] setup_net+0x118/0x3a0 [ 1058.062562][T23332] ? __pfx_setup_net+0x10/0x10 [ 1058.062592][T23332] ? lockdep_init_map_type+0x5c/0x250 [ 1058.062627][T23332] ? mutex_init_lockep+0x110/0x150 [ 1058.062667][T23332] copy_net_ns+0x46f/0x7c0 [ 1058.062705][T23332] create_new_namespaces+0x3ea/0xac0 [ 1058.062738][T23332] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1058.062769][T23332] ksys_unshare+0x473/0xad0 [ 1058.062803][T23332] ? __pfx_ksys_unshare+0x10/0x10 [ 1058.062863][T23332] __x64_sys_unshare+0x31/0x40 [ 1058.062895][T23332] do_syscall_64+0x106/0xf80 [ 1058.062926][T23332] ? clear_bhb_loop+0x40/0x90 [ 1058.062957][T23332] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.062984][T23332] RIP: 0033:0x7ff61539c799 [ 1058.063005][T23332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1058.063031][T23332] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1058.063055][T23332] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 1058.063080][T23332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1058.063103][T23332] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1058.063123][T23332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1058.063139][T23332] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 1058.063173][T23332] [ 1060.347241][T23349] openvswitch: : Dropping previously announced user features [ 1062.054093][T23368] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6194'. [ 1062.078042][T23365] ERROR: Out of memory at tomoyo_memory_ok. [ 1062.385617][T23373] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6197'. [ 1062.556544][T23374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6196'. [ 1062.629653][T23373] team_slave_0: entered allmulticast mode [ 1062.637497][T23374] netlink: 'syz.0.6196': attribute type 1 has an invalid length. [ 1062.741944][T23374] netlink: 13 bytes leftover after parsing attributes in process `syz.0.6196'. [ 1065.263384][T23402] netlink: 'syz.5.6206': attribute type 27 has an invalid length. [ 1065.293679][T23402] netlink: 146 bytes leftover after parsing attributes in process `syz.5.6206'. [ 1066.694760][T23420] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6213'. [ 1066.927091][T23420] team0 (unregistering): Port device team_slave_0 removed [ 1067.001452][T23420] team0 (unregistering): Port device team_slave_1 removed [ 1068.113787][T23444] netlink: 330 bytes leftover after parsing attributes in process `syz.0.6221'. [ 1068.715781][T23454] netlink: 'syz.0.6224': attribute type 1 has an invalid length. [ 1068.785431][T23454] netlink: 330 bytes leftover after parsing attributes in process `syz.0.6224'. [ 1069.599698][T23465] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6228'. [ 1069.659817][T23465] netdevsim netdevsim2 netdevsim1: left allmulticast mode [ 1069.695514][T23465] netdevsim netdevsim2 netdevsim1: left promiscuous mode [ 1069.702913][T23465] bridge0: port 3(netdevsim1) entered disabled state [ 1069.798548][T23465] bridge_slave_1: left allmulticast mode [ 1069.824155][T23465] bridge_slave_1: left promiscuous mode [ 1069.851391][T23465] bridge0: port 2(bridge_slave_1) entered disabled state [ 1069.915043][T23465] bridge_slave_0: left allmulticast mode [ 1069.940411][T23465] bridge_slave_0: left promiscuous mode [ 1069.984697][T23465] bridge0: port 1(bridge_slave_0) entered disabled state [ 1070.379909][T23473] netlink: 252 bytes leftover after parsing attributes in process `syz.0.6231'. [ 1070.463651][T23478] netlink: 252 bytes leftover after parsing attributes in process `syz.0.6231'. [ 1070.625281][T23480] FAULT_INJECTION: forcing a failure. [ 1070.625281][T23480] name failslab, interval 1, probability 0, space 0, times 0 [ 1070.821947][T23480] CPU: 0 UID: 0 PID: 23480 Comm: syz.4.6240 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1070.821992][T23480] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1070.822002][T23480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1070.822019][T23480] Call Trace: [ 1070.822028][T23480] [ 1070.822039][T23480] dump_stack_lvl+0x100/0x190 [ 1070.822090][T23480] should_fail_ex.cold+0x5/0xa [ 1070.822119][T23480] ? lsm_blob_alloc+0x68/0x90 [ 1070.822148][T23480] should_failslab+0xc2/0x120 [ 1070.822174][T23480] __kmalloc_noprof+0xe0/0x850 [ 1070.822212][T23480] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1070.822244][T23480] lsm_blob_alloc+0x68/0x90 [ 1070.822275][T23480] security_prepare_creds+0x2d/0x290 [ 1070.822304][T23480] prepare_creds+0x5d6/0x950 [ 1070.822345][T23480] lookup_user_key+0xfb2/0x1300 [ 1070.822389][T23480] ? __pfx_lookup_user_key+0x10/0x10 [ 1070.822433][T23480] ? do_raw_spin_lock+0x128/0x260 [ 1070.822473][T23480] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1070.822518][T23480] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1070.822545][T23480] ? do_sigaltstack.constprop.0+0x4c0/0x670 [ 1070.822587][T23480] keyctl_restrict_keyring+0x99/0x250 [ 1070.822625][T23480] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 1070.822674][T23480] __do_sys_keyctl+0x2e8/0x5a0 [ 1070.822713][T23480] do_syscall_64+0x106/0xf80 [ 1070.822743][T23480] ? clear_bhb_loop+0x40/0x90 [ 1070.822774][T23480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1070.822801][T23480] RIP: 0033:0x7f561f79c799 [ 1070.822821][T23480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1070.822846][T23480] RSP: 002b:00007f56206d1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1070.822870][T23480] RAX: ffffffffffffffda RBX: 00007f561fa15fa0 RCX: 00007f561f79c799 [ 1070.822888][T23480] RDX: 0000000000000002 RSI: fffffffffffffffd RDI: 000000000000001d [ 1070.822905][T23480] RBP: 00007f561f832bd9 R08: fffffffffffffffd R09: 0000000000000000 [ 1070.822921][T23480] R10: 0000000000000628 R11: 0000000000000246 R12: 0000000000000000 [ 1070.822938][T23480] R13: 00007f561fa16038 R14: 00007f561fa15fa0 R15: 00007ffc91031c38 [ 1070.822975][T23480] [ 1071.880914][T23491] netlink: 25 bytes leftover after parsing attributes in process `syz.4.6235'. [ 1071.950606][T23496] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6237'. [ 1072.070276][T23496] vlan1: entered promiscuous mode [ 1072.118179][T23496] vlan1: entered allmulticast mode [ 1072.276329][T23496] veth0_vlan: entered allmulticast mode [ 1073.237240][T23507] FAULT_INJECTION: forcing a failure. [ 1073.237240][T23507] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1073.348102][T23506] ERROR: Out of memory at tomoyo_memory_ok. [ 1073.560621][T23507] CPU: 0 UID: 0 PID: 23507 Comm: syz.0.6241 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1073.560666][T23507] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1073.560676][T23507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1073.560693][T23507] Call Trace: [ 1073.560702][T23507] [ 1073.560712][T23507] dump_stack_lvl+0x100/0x190 [ 1073.560757][T23507] should_fail_ex.cold+0x5/0xa [ 1073.560787][T23507] get_futex_key+0x1d2/0x1620 [ 1073.560821][T23507] ? __pfx_get_futex_key+0x10/0x10 [ 1073.560868][T23507] futex_wake+0xea/0x530 [ 1073.560910][T23507] ? __pfx_futex_wake+0x10/0x10 [ 1073.560953][T23507] ? putname+0xb1/0x110 [ 1073.560978][T23507] ? kmem_cache_free+0x124/0x6a0 [ 1073.561019][T23507] do_futex+0x32b/0x350 [ 1073.561052][T23507] ? __pfx_do_futex+0x10/0x10 [ 1073.561083][T23507] ? __pfx_do_sys_openat2+0x10/0x10 [ 1073.561119][T23507] ? __fget_files+0x21f/0x3d0 [ 1073.561145][T23507] __x64_sys_futex+0x34f/0x4d0 [ 1073.561180][T23507] ? __x64_sys_openat+0x12d/0x210 [ 1073.561214][T23507] ? __pfx___x64_sys_futex+0x10/0x10 [ 1073.561260][T23507] do_syscall_64+0x106/0xf80 [ 1073.561290][T23507] ? clear_bhb_loop+0x40/0x90 [ 1073.561321][T23507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1073.561348][T23507] RIP: 0033:0x7ff61539c799 [ 1073.561368][T23507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1073.561395][T23507] RSP: 002b:00007ff6161a50e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1073.561419][T23507] RAX: ffffffffffffffda RBX: 00007ff615616188 RCX: 00007ff61539c799 [ 1073.561436][T23507] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007ff61561618c [ 1073.561453][T23507] RBP: 00007ff615616180 R08: 0000000000000000 R09: 0000000000000000 [ 1073.561469][T23507] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1073.561485][T23507] R13: 00007ff615616218 R14: 00007ffe19ef2f30 R15: 00007ffe19ef3018 [ 1073.561517][T23507] [ 1073.561780][ T29] audit: type=1326 audit(1772362884.683:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=23502 comm="syz.0.6241" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff61539c799 code=0x0 [ 1075.978273][T23531] netlink: 50 bytes leftover after parsing attributes in process `syz.5.6248'. [ 1076.182777][T23534] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6249'. [ 1077.448449][T23546] netlink: 25 bytes leftover after parsing attributes in process `syz.0.6255'. [ 1077.817787][T23554] netlink: 246 bytes leftover after parsing attributes in process `syz.0.6256'. [ 1078.620756][T23549] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1079.759371][T23566] netlink: 'syz.2.6258': attribute type 10 has an invalid length. [ 1079.811614][T23566] netlink: 230 bytes leftover after parsing attributes in process `syz.2.6258'. [ 1079.991375][T23566] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1080.272521][T23573] sp0: Synchronizing with TNC [ 1081.700162][T23595] netlink: 226 bytes leftover after parsing attributes in process `syz.2.6268'. [ 1081.774534][T23595] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6268'. [ 1081.869257][T23595] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 1084.163572][T23614] ima: policy update failed [ 1084.195637][ T29] audit: type=1802 audit(1772362895.308:22): pid=23614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.5.6275" res=0 errno=0 [ 1084.534965][T23628] ERROR: Out of memory at tomoyo_memory_ok. [ 1088.254957][T23676] bond0: option all_slaves_active: invalid value () [ 1090.623822][T23720] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6305'. [ 1090.692295][T23720] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6305'. [ 1091.452708][T23727] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 1091.507702][T23733] netlink: 334 bytes leftover after parsing attributes in process `syz.4.6310'. [ 1091.841134][ T5178] ERROR: Out of memory at tomoyo_memory_ok. [ 1092.551847][T23748] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6314'. [ 1093.050671][T23753] FAULT_INJECTION: forcing a failure. [ 1093.050671][T23753] name failslab, interval 1, probability 0, space 0, times 0 [ 1093.124549][T23753] CPU: 0 UID: 0 PID: 23753 Comm: syz.5.6315 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1093.124593][T23753] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1093.124603][T23753] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1093.124619][T23753] Call Trace: [ 1093.124628][T23753] [ 1093.124638][T23753] dump_stack_lvl+0x100/0x190 [ 1093.124681][T23753] should_fail_ex.cold+0x5/0xa [ 1093.124711][T23753] should_failslab+0xc2/0x120 [ 1093.124737][T23753] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1093.124770][T23753] ? tracing_open+0x371/0xef0 [ 1093.124799][T23753] ? seq_open+0x116/0x170 [ 1093.124836][T23753] tracing_open+0x371/0xef0 [ 1093.124871][T23753] do_dentry_open+0x6d8/0x1660 [ 1093.124895][T23753] ? __pfx_tracing_open+0x10/0x10 [ 1093.124932][T23753] vfs_open+0x82/0x3f0 [ 1093.124967][T23753] path_openat+0x208c/0x31a0 [ 1093.125002][T23753] ? __pfx_path_openat+0x10/0x10 [ 1093.125038][T23753] do_file_open+0x20e/0x430 [ 1093.125067][T23753] ? __pfx_do_file_open+0x10/0x10 [ 1093.125114][T23753] ? alloc_fd+0x476/0x790 [ 1093.125140][T23753] ? do_getname+0x191/0x390 [ 1093.125174][T23753] do_sys_openat2+0x10d/0x1e0 [ 1093.125207][T23753] ? __pfx_do_sys_openat2+0x10/0x10 [ 1093.125243][T23753] ? __fget_files+0x21f/0x3d0 [ 1093.125271][T23753] __x64_sys_openat+0x12d/0x210 [ 1093.125305][T23753] ? __pfx___x64_sys_openat+0x10/0x10 [ 1093.125351][T23753] do_syscall_64+0x106/0xf80 [ 1093.125381][T23753] ? clear_bhb_loop+0x40/0x90 [ 1093.125413][T23753] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1093.125446][T23753] RIP: 0033:0x7fb5b3f9c799 [ 1093.125468][T23753] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1093.125497][T23753] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1093.125522][T23753] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 1093.125539][T23753] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1093.125557][T23753] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1093.125573][T23753] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1093.125588][T23753] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 1093.125621][T23753] [ 1094.332945][ T29] audit: type=1107 audit(1772362905.433:23): pid=23756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1094.385729][ T29] audit: type=1107 audit(1772362905.483:24): pid=23756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1095.170220][T23768] netlink: 25 bytes leftover after parsing attributes in process `syz.5.6320'. [ 1095.752645][T23777] ERROR: Out of memory at tomoyo_memory_ok. [ 1096.077783][T23772] zswap: compressor not available [ 1096.337361][T23788] netlink: 504 bytes leftover after parsing attributes in process `syz.5.6325'. [ 1096.968999][ T29] audit: type=1107 audit(1772362908.072:25): pid=23789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1097.048123][ T29] audit: type=1107 audit(1772362908.081:26): pid=23789 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1097.245434][T23800] netlink: 62 bytes leftover after parsing attributes in process `syz.2.6329'. [ 1100.186424][T23841] FAULT_INJECTION: forcing a failure. [ 1100.186424][T23841] name failslab, interval 1, probability 0, space 0, times 0 [ 1100.243361][T23841] CPU: 0 UID: 0 PID: 23841 Comm: syz.5.6342 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1100.243405][T23841] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1100.243415][T23841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1100.243432][T23841] Call Trace: [ 1100.243441][T23841] [ 1100.243452][T23841] dump_stack_lvl+0x100/0x190 [ 1100.243495][T23841] should_fail_ex.cold+0x5/0xa [ 1100.243525][T23841] ? vkms_crtc_atomic_check+0x38a/0x7c0 [ 1100.243550][T23841] should_failslab+0xc2/0x120 [ 1100.243581][T23841] __kmalloc_noprof+0xe0/0x850 [ 1100.243619][T23841] ? drm_atomic_add_affected_planes+0x32b/0x3f0 [ 1100.243670][T23841] vkms_crtc_atomic_check+0x38a/0x7c0 [ 1100.243702][T23841] ? __pfx_vkms_crtc_atomic_check+0x10/0x10 [ 1100.243727][T23841] drm_atomic_helper_check_planes+0x4dc/0x900 [ 1100.243780][T23841] drm_atomic_helper_check+0xae/0x190 [ 1100.243815][T23841] vkms_atomic_check+0x1d9/0x250 [ 1100.243852][T23841] ? __pfx_vkms_atomic_check+0x10/0x10 [ 1100.243891][T23841] drm_atomic_check_only+0x19ea/0x31b0 [ 1100.243931][T23841] drm_atomic_commit+0x132/0x300 [ 1100.243956][T23841] ? __pfx_drm_atomic_commit+0x10/0x10 [ 1100.243980][T23841] ? __pfx___drm_printfn_info+0x10/0x10 [ 1100.244013][T23841] ? drm_client_rotation+0x451/0x6a0 [ 1100.244047][T23841] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 1100.244086][T23841] ? __mutex_lock+0x26a/0x1b90 [ 1100.244118][T23841] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1100.244151][T23841] ? drm_master_internal_acquire+0x21/0x80 [ 1100.244207][T23841] drm_client_modeset_commit_locked+0x14d/0x580 [ 1100.244244][T23841] drm_client_modeset_commit+0x4f/0x80 [ 1100.244276][T23841] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1100.244311][T23841] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1100.244345][T23841] drm_fbdev_client_restore+0x1b/0x30 [ 1100.244385][T23841] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1100.244426][T23841] drm_client_dev_restore+0x205/0x2a0 [ 1100.244461][T23841] drm_release+0x2c6/0x360 [ 1100.244488][T23841] ? __pfx_drm_release+0x10/0x10 [ 1100.244515][T23841] __fput+0x3ff/0xb40 [ 1100.244551][T23841] task_work_run+0x150/0x240 [ 1100.244590][T23841] ? __pfx_task_work_run+0x10/0x10 [ 1100.244636][T23841] exit_to_user_mode_loop+0x100/0x4a0 [ 1100.244673][T23841] do_syscall_64+0x668/0xf80 [ 1100.244703][T23841] ? clear_bhb_loop+0x40/0x90 [ 1100.244735][T23841] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1100.244761][T23841] RIP: 0033:0x7fb5b3f9c799 [ 1100.244783][T23841] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1100.244816][T23841] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1100.244840][T23841] RAX: 0000000000000000 RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 1100.244857][T23841] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1100.244872][T23841] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1100.244888][T23841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1100.244904][T23841] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 1100.244938][T23841] [ 1101.262591][T23848] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input12 [ 1101.412453][ T5178] ERROR: Out of memory at tomoyo_memory_ok. [ 1103.111948][T23869] netlink: 330 bytes leftover after parsing attributes in process `syz.4.6351'. [ 1103.877197][T23877] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6354'. [ 1104.093926][T23881] netlink: 342 bytes leftover after parsing attributes in process `syz.4.6355'. [ 1104.534678][T23885] FAULT_INJECTION: forcing a failure. [ 1104.534678][T23885] name failslab, interval 1, probability 0, space 0, times 0 [ 1104.689694][T23885] CPU: 0 UID: 0 PID: 23885 Comm: syz.5.6356 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1104.689738][T23885] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1104.689749][T23885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1104.689766][T23885] Call Trace: [ 1104.689775][T23885] [ 1104.689785][T23885] dump_stack_lvl+0x100/0x190 [ 1104.689830][T23885] should_fail_ex.cold+0x5/0xa [ 1104.689860][T23885] should_failslab+0xc2/0x120 [ 1104.689886][T23885] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 1104.689926][T23885] ? alloc_inode+0x68/0x250 [ 1104.689960][T23885] ? simple_start_creating+0xb0/0x110 [ 1104.690003][T23885] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 1104.690043][T23885] alloc_inode+0x68/0x250 [ 1104.690076][T23885] new_inode+0x22/0x1c0 [ 1104.690112][T23885] __debugfs_create_file+0x105/0x4f0 [ 1104.690155][T23885] debugfs_create_file_full+0x41/0x60 [ 1104.690198][T23885] kvm_dev_ioctl+0x1491/0x1a50 [ 1104.690238][T23885] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1104.690277][T23885] ? __pfx_kvm_dev_ioctl+0x10/0x10 [ 1104.690308][T23885] __x64_sys_ioctl+0x18e/0x210 [ 1104.690347][T23885] do_syscall_64+0x106/0xf80 [ 1104.690377][T23885] ? clear_bhb_loop+0x40/0x90 [ 1104.690409][T23885] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1104.690435][T23885] RIP: 0033:0x7fb5b3f9c799 [ 1104.690455][T23885] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1104.690481][T23885] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1104.690505][T23885] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 1104.690522][T23885] RDX: 0000000000000000 RSI: 000000000000ae01 RDI: 0000000000000005 [ 1104.690538][T23885] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1104.690562][T23885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1104.690578][T23885] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 1104.690610][T23885] [ 1104.690621][T23885] debugfs: out of free dentries, can not create file 'max_mmu_page_hash_collisions' [ 1106.374592][T23904] FAULT_INJECTION: forcing a failure. [ 1106.374592][T23904] name failslab, interval 1, probability 0, space 0, times 0 [ 1106.420645][T23907] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input13 [ 1106.540809][T23904] CPU: 0 UID: 0 PID: 23904 Comm: syz.0.6364 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1106.540851][T23904] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1106.540861][T23904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1106.540877][T23904] Call Trace: [ 1106.540886][T23904] [ 1106.540896][T23904] dump_stack_lvl+0x100/0x190 [ 1106.540938][T23904] should_fail_ex.cold+0x5/0xa [ 1106.540968][T23904] should_failslab+0xc2/0x120 [ 1106.540995][T23904] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1106.541028][T23904] ? acpi_ds_create_walk_state+0x95/0x300 [ 1106.541069][T23904] ? acpi_ut_status_exit+0x111/0x1c0 [ 1106.541100][T23904] acpi_ds_create_walk_state+0x95/0x300 [ 1106.541145][T23904] acpi_ds_call_control_method+0x226/0xab0 [ 1106.541185][T23904] acpi_ps_parse_aml+0xacd/0x1120 [ 1106.541232][T23904] acpi_ps_execute_method+0x5c4/0xe90 [ 1106.541265][T23904] acpi_ns_evaluate+0x640/0x1670 [ 1106.541300][T23904] acpi_evaluate_object+0x420/0xe00 [ 1106.541337][T23904] ? kasan_save_stack+0x30/0x50 [ 1106.541375][T23904] ? kasan_save_track+0x14/0x30 [ 1106.541419][T23904] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1106.541467][T23904] acpi_evaluate_integer+0xdf/0x220 [ 1106.541499][T23904] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1106.541544][T23904] ? __pfx_status_show+0x10/0x10 [ 1106.541580][T23904] status_show+0xa0/0x120 [ 1106.541622][T23904] ? __pfx_status_show+0x10/0x10 [ 1106.541668][T23904] dev_attr_show+0x52/0xa0 [ 1106.541692][T23904] ? __pfx_dev_attr_show+0x10/0x10 [ 1106.541716][T23904] sysfs_kf_seq_show+0x217/0x3a0 [ 1106.541754][T23904] seq_read_iter+0x32f/0x1270 [ 1106.541807][T23904] kernfs_fop_read_iter+0x46c/0x610 [ 1106.541841][T23904] ? rw_verify_area+0xce/0x6d0 [ 1106.541876][T23904] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1106.541907][T23904] vfs_read+0x825/0xb30 [ 1106.541951][T23904] ? __pfx_vfs_read+0x10/0x10 [ 1106.542011][T23904] ksys_read+0x12a/0x250 [ 1106.542051][T23904] ? __pfx_ksys_read+0x10/0x10 [ 1106.542100][T23904] do_syscall_64+0x106/0xf80 [ 1106.542130][T23904] ? clear_bhb_loop+0x40/0x90 [ 1106.542161][T23904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1106.542188][T23904] RIP: 0033:0x7ff61539c799 [ 1106.542208][T23904] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1106.542233][T23904] RSP: 002b:00007ff6161e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1106.542258][T23904] RAX: ffffffffffffffda RBX: 00007ff615615fa0 RCX: 00007ff61539c799 [ 1106.542275][T23904] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 1106.542291][T23904] RBP: 00007ff615432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1106.542307][T23904] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1106.542323][T23904] R13: 00007ff615616038 R14: 00007ff615615fa0 R15: 00007ffe19ef3018 [ 1106.542357][T23904] [ 1107.347773][T23910] ERROR: Out of memory at tomoyo_memory_ok. [ 1107.997283][T23921] FAULT_INJECTION: forcing a failure. [ 1107.997283][T23921] name failslab, interval 1, probability 0, space 0, times 0 [ 1108.076177][T23921] CPU: 0 UID: 0 PID: 23921 Comm: syz.5.6369 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1108.076221][T23921] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1108.076231][T23921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1108.076248][T23921] Call Trace: [ 1108.076256][T23921] [ 1108.076266][T23921] dump_stack_lvl+0x100/0x190 [ 1108.076313][T23921] should_fail_ex.cold+0x5/0xa [ 1108.076343][T23921] should_failslab+0xc2/0x120 [ 1108.076369][T23921] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 1108.076413][T23921] ? __alloc_skb+0x140/0x710 [ 1108.076446][T23921] __alloc_skb+0x140/0x710 [ 1108.076472][T23921] ? __alloc_skb+0x5b7/0x710 [ 1108.076499][T23921] ? __pfx___alloc_skb+0x10/0x10 [ 1108.076528][T23921] ? aa_label_sk_perm+0x194/0x5f0 [ 1108.076575][T23921] alloc_skb_with_frags+0xe0/0x810 [ 1108.076611][T23921] ? __lock_acquire+0x4a5/0x2630 [ 1108.076647][T23921] sock_alloc_send_pskb+0x801/0x980 [ 1108.076682][T23921] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 1108.076710][T23921] ? __pfx_autoremove_wake_function+0x10/0x10 [ 1108.076742][T23921] ? finish_task_switch.isra.0+0x205/0xb80 [ 1108.076776][T23921] caif_stream_sendmsg+0x446/0x800 [ 1108.076814][T23921] ? __pfx_caif_stream_sendmsg+0x10/0x10 [ 1108.076845][T23921] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1108.076885][T23921] sock_write_iter+0x566/0x610 [ 1108.076924][T23921] ? __pfx_sock_write_iter+0x10/0x10 [ 1108.076982][T23921] do_iter_readv_writev+0x6ee/0x920 [ 1108.077022][T23921] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 1108.077065][T23921] ? bpf_lsm_file_permission+0x9/0x10 [ 1108.077106][T23921] ? security_file_permission+0x76/0x210 [ 1108.077132][T23921] ? rw_verify_area+0xce/0x6d0 [ 1108.077171][T23921] vfs_writev+0x360/0xe10 [ 1108.077218][T23921] ? __pfx_vfs_writev+0x10/0x10 [ 1108.077277][T23921] ? __fget_files+0x21f/0x3d0 [ 1108.077312][T23921] ? do_writev+0x28a/0x340 [ 1108.077349][T23921] do_writev+0x28a/0x340 [ 1108.077389][T23921] ? __pfx_do_writev+0x10/0x10 [ 1108.077436][T23921] do_syscall_64+0x106/0xf80 [ 1108.077466][T23921] ? clear_bhb_loop+0x40/0x90 [ 1108.077497][T23921] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1108.077525][T23921] RIP: 0033:0x7fb5b3f9c799 [ 1108.077546][T23921] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1108.077572][T23921] RSP: 002b:00007fb5b4f00028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 1108.077597][T23921] RAX: ffffffffffffffda RBX: 00007fb5b4215fa0 RCX: 00007fb5b3f9c799 [ 1108.077617][T23921] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 1108.077633][T23921] RBP: 00007fb5b4032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 1108.077648][T23921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1108.077663][T23921] R13: 00007fb5b4216038 R14: 00007fb5b4215fa0 R15: 00007ffc25ea4ba8 [ 1108.077695][T23921] [ 1108.600492][T23904] ACPI Error: Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20251212/psparse-529) [ 1109.338932][T23936] netlink: 'syz.4.6375': attribute type 15 has an invalid length. [ 1109.388400][T23936] netlink: 'syz.4.6375': attribute type 16 has an invalid length. [ 1109.449557][T23936] netlink: 194 bytes leftover after parsing attributes in process `syz.4.6375'. [ 1109.773224][T23940] vhci_hcd vhci_hcd.1: default hub control req: 0000 v0000 i0000 l0 [ 1110.982751][T23967] random: crng reseeded on system resumption [ 1111.465813][T23972] ERROR: Out of memory at tomoyo_memory_ok. [ 1112.058162][T23974] netlink: 186 bytes leftover after parsing attributes in process `syz.4.6390'. [ 1112.103398][T23974] netlink: 186 bytes leftover after parsing attributes in process `syz.4.6390'. [ 1112.880839][T23960] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 1112.936931][T23989] zswap: compressor not available [ 1115.338622][T24036] FAULT_INJECTION: forcing a failure. [ 1115.338622][T24036] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1115.635950][T24036] CPU: 0 UID: 0 PID: 24036 Comm: syz.5.6407 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1115.635995][T24036] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1115.636005][T24036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1115.636021][T24036] Call Trace: [ 1115.636029][T24036] [ 1115.636039][T24036] dump_stack_lvl+0x100/0x190 [ 1115.636082][T24036] should_fail_ex.cold+0x5/0xa [ 1115.636111][T24036] get_futex_key+0x1d2/0x1620 [ 1115.636145][T24036] ? __pfx_get_futex_key+0x10/0x10 [ 1115.636186][T24036] futex_wake+0xea/0x530 [ 1115.636228][T24036] ? __pfx_futex_wake+0x10/0x10 [ 1115.636270][T24036] ? putname+0xb1/0x110 [ 1115.636294][T24036] ? kmem_cache_free+0x124/0x6a0 [ 1115.636335][T24036] do_futex+0x32b/0x350 [ 1115.636368][T24036] ? __pfx_do_futex+0x10/0x10 [ 1115.636399][T24036] ? __pfx_do_sys_openat2+0x10/0x10 [ 1115.636435][T24036] ? __fget_files+0x21f/0x3d0 [ 1115.636461][T24036] __x64_sys_futex+0x34f/0x4d0 [ 1115.636496][T24036] ? __x64_sys_openat+0x12d/0x210 [ 1115.636530][T24036] ? __pfx___x64_sys_futex+0x10/0x10 [ 1115.636575][T24036] do_syscall_64+0x106/0xf80 [ 1115.636605][T24036] ? clear_bhb_loop+0x40/0x90 [ 1115.636636][T24036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1115.636725][T24036] RIP: 0033:0x7fb5b3f9c799 [ 1115.636745][T24036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1115.636771][T24036] RSP: 002b:00007fb5b4ebe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1115.636795][T24036] RAX: ffffffffffffffda RBX: 00007fb5b4216188 RCX: 00007fb5b3f9c799 [ 1115.636813][T24036] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb5b421618c [ 1115.636830][T24036] RBP: 00007fb5b4216180 R08: 0000000000000000 R09: 0000000000000000 [ 1115.636846][T24036] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1115.636862][T24036] R13: 00007fb5b4216218 R14: 00007ffc25ea4ac0 R15: 00007ffc25ea4ba8 [ 1115.636894][T24036] [ 1115.637133][ T29] audit: type=1326 audit(1772362926.742:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24029 comm="syz.5.6407" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb5b3f9c799 code=0x0 [ 1116.445114][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1116.456715][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1117.458882][T24055] [ 1117.461253][T24055] ====================================================== [ 1117.468359][T24055] WARNING: possible circular locking dependency detected [ 1117.475379][T24055] syzkaller #0 Tainted: G U L [ 1117.481482][T24055] ------------------------------------------------------ [ 1117.488527][T24055] syz.2.6415/24055 is trying to acquire lock: [ 1117.494607][T24055] ffff8880326aa368 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 1117.506124][T24055] [ 1117.506124][T24055] but task is already holding lock: [ 1117.513489][T24055] ffff8880326ab460 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1117.522549][T24055] [ 1117.522549][T24055] which lock already depends on the new lock. [ 1117.522549][T24055] [ 1117.532964][T24055] [ 1117.532964][T24055] the existing dependency chain (in reverse order) is: [ 1117.541982][T24055] [ 1117.541982][T24055] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 1117.549739][T24055] lock_sock_nested+0x41/0xf0 [ 1117.555003][T24055] smc_listen_out+0x1f5/0x4b0 [ 1117.560216][T24055] smc_listen_work+0x4c2/0x50e0 [ 1117.565600][T24055] process_one_work+0x9d7/0x1920 [ 1117.571084][T24055] worker_thread+0x5da/0xe40 [ 1117.576218][T24055] kthread+0x370/0x450 [ 1117.580915][T24055] ret_from_fork+0x754/0xd80 [ 1117.586076][T24055] ret_from_fork_asm+0x1a/0x30 [ 1117.591383][T24055] [ 1117.591383][T24055] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 1117.601583][T24055] __lock_acquire+0x14b8/0x2630 [ 1117.606989][T24055] lock_acquire+0x1cf/0x380 [ 1117.612083][T24055] __flush_work+0x4de/0xcb0 [ 1117.617146][T24055] cancel_work_sync+0xd1/0xf0 [ 1117.622368][T24055] smc_clcsock_release+0x5f/0xe0 [ 1117.627849][T24055] __smc_release+0x5c2/0x880 [ 1117.632987][T24055] smc_close_non_accepted+0xda/0x200 [ 1117.638829][T24055] smc_close_active+0x4ff/0x1070 [ 1117.644323][T24055] __smc_release+0x634/0x880 [ 1117.649461][T24055] smc_release+0x1fc/0x620 [ 1117.654431][T24055] __sock_release+0xb3/0x260 [ 1117.659596][T24055] sock_close+0x1c/0x30 [ 1117.664468][T24055] __fput+0x3ff/0xb40 [ 1117.669009][T24055] task_work_run+0x150/0x240 [ 1117.674154][T24055] exit_to_user_mode_loop+0x100/0x4a0 [ 1117.680078][T24055] do_syscall_64+0x668/0xf80 [ 1117.685209][T24055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1117.691640][T24055] [ 1117.691640][T24055] other info that might help us debug this: [ 1117.691640][T24055] [ 1117.701872][T24055] Possible unsafe locking scenario: [ 1117.701872][T24055] [ 1117.709328][T24055] CPU0 CPU1 [ 1117.714700][T24055] ---- ---- [ 1117.720072][T24055] lock(sk_lock-AF_SMC/1); [ 1117.724610][T24055] lock((work_completion)(&new_smc->smc_listen_work)); [ 1117.734083][T24055] lock(sk_lock-AF_SMC/1); [ 1117.741131][T24055] lock((work_completion)(&new_smc->smc_listen_work)); [ 1117.748082][T24055] [ 1117.748082][T24055] *** DEADLOCK *** [ 1117.748082][T24055] [ 1117.756247][T24055] 3 locks held by syz.2.6415/24055: [ 1117.761449][T24055] #0: ffff888078d1d848 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1117.772025][T24055] #1: ffff8880326ab460 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1117.781492][T24055] #2: ffffffff8e7e9220 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 1117.790695][T24055] [ 1117.790695][T24055] stack backtrace: [ 1117.796605][T24055] CPU: 0 UID: 0 PID: 24055 Comm: syz.2.6415 Tainted: G U L syzkaller #0 PREEMPT(full) [ 1117.796644][T24055] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 1117.796653][T24055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1117.796669][T24055] Call Trace: [ 1117.796678][T24055] [ 1117.796688][T24055] dump_stack_lvl+0x100/0x190 [ 1117.796726][T24055] print_circular_bug.cold+0x178/0x1c7 [ 1117.796767][T24055] check_noncircular+0x146/0x160 [ 1117.796801][T24055] __lock_acquire+0x14b8/0x2630 [ 1117.796835][T24055] lock_acquire+0x1cf/0x380 [ 1117.796863][T24055] ? __flush_work+0x4ca/0xcb0 [ 1117.796899][T24055] ? mark_held_locks+0x40/0x70 [ 1117.796927][T24055] ? __flush_work+0x4ca/0xcb0 [ 1117.796962][T24055] __flush_work+0x4de/0xcb0 [ 1117.796995][T24055] ? __flush_work+0x4ca/0xcb0 [ 1117.797031][T24055] ? __pfx___flush_work+0x10/0x10 [ 1117.797067][T24055] ? __pfx_wq_barrier_func+0x10/0x10 [ 1117.797099][T24055] ? __pfx___might_resched+0x10/0x10 [ 1117.797137][T24055] cancel_work_sync+0xd1/0xf0 [ 1117.797159][T24055] smc_clcsock_release+0x5f/0xe0 [ 1117.797183][T24055] __smc_release+0x5c2/0x880 [ 1117.797221][T24055] ? __pfx_sock_def_readable+0x10/0x10 [ 1117.797246][T24055] smc_close_non_accepted+0xda/0x200 [ 1117.797270][T24055] smc_close_active+0x4ff/0x1070 [ 1117.797296][T24055] __smc_release+0x634/0x880 [ 1117.797335][T24055] smc_release+0x1fc/0x620 [ 1117.797373][T24055] __sock_release+0xb3/0x260 [ 1117.797403][T24055] ? __pfx_sock_close+0x10/0x10 [ 1117.797432][T24055] sock_close+0x1c/0x30 [ 1117.797459][T24055] __fput+0x3ff/0xb40 [ 1117.797489][T24055] task_work_run+0x150/0x240 [ 1117.797524][T24055] ? __pfx_task_work_run+0x10/0x10 [ 1117.797573][T24055] exit_to_user_mode_loop+0x100/0x4a0 [ 1117.797607][T24055] do_syscall_64+0x668/0xf80 [ 1117.797634][T24055] ? clear_bhb_loop+0x40/0x90 [ 1117.797663][T24055] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1117.797688][T24055] RIP: 0033:0x7f11d979c799 [ 1117.797707][T24055] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1117.797731][T24055] RSP: 002b:00007fffdeec1b38 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1117.797753][T24055] RAX: 0000000000000000 RBX: 00007f11d9a17da0 RCX: 00007f11d979c799 [ 1117.797769][T24055] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1117.797785][T24055] RBP: 00007f11d9a17da0 R08: 00007f11d9a16038 R09: 0000000000000000 [ 1117.797800][T24055] R10: 00000000005d81bc R11: 0000000000000246 R12: 0000000000110cc6 [ 1117.797815][T24055] R13: 00007f11d9a15fac R14: 0000000000110b53 R15: 00007fffdeec1c40 [ 1117.797840][T24055] [ 1122.518115][T24065] ERROR: Out of memory at tomoyo_memory_ok.