last executing test programs: 5.676484704s ago: executing program 3 (id=1841): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) timer_create$auto_CLOCK_TAI(0xb, 0x0, &(0x7f0000000040)=0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000580)='/dev/adsp1\x00', 0x28600, 0x0) openat$auto_proc_timers_operations_base(0xffffffffffffff9c, &(0x7f0000000680), 0x103000, 0x0) lseek$auto(0x3, 0x20000, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto(0x3, 0xc04c5349, 0x38) 5.248105352s ago: executing program 3 (id=1843): mremap$auto(0x110c230000, 0x7, 0x101, 0x3, 0x862) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0xa0801, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x88000, 0x0) socket(0x2, 0x1, 0x106) pread64$auto(0xffffffffffffffff, 0x0, 0x1000f42d, 0x100) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) write$auto(0xca, &(0x7f0000000240)='\x04>\x00\x01\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1O\xf68\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B*]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8fA\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6h\b\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1er\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\xe9\xf2\x0e\xc8\x00\x00\x00\x00', 0x3) open(0x0, 0x40000, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x3e, 0x0) fsopen$auto(0x0, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$auto(0x3, 0x402c5342, 0x38) 5.083830586s ago: executing program 3 (id=1845): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x400, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/022/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x1, 0x11, 0x5, 0x7ff, 0x7fb, &(0x7f0000000100)}) 4.593087154s ago: executing program 3 (id=1848): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000200)={0x0, 0x1ff}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="022502000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x80000005, &(0x7f0000000180)={0x0, 0xc8}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0) 4.442094837s ago: executing program 3 (id=1850): connect$auto(0x3, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff, 0x2}, 0x50) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0x0, 0x0) mmap$auto(0xfffffffffffffffd, 0x729, 0xa, 0xeb1, 0x401, 0x8003) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000001c0)={[0x1ff, 0x7f, 0xd3e, 0x7, 0x948b, 0x6, 0x3, 0x5, 0x4, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) sendfile$auto(r2, r2, 0x0, 0x7ffff000) close_range$auto(0xffffffffffffffff, r0, 0x3) readv$auto(0xffffffffffffffff, 0x0, 0x200000000080003) madvise$auto(0xffffffffffffffff, 0xfffffffffffefffb, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) getpid() sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xd}, 0x8}, 0x7, 0x20020000) socket(0x1d, 0xa, 0x0) socket(0x5, 0x5, 0xff) mmap$auto(0x0, 0x400008, 0xdf, 0x8009b72, 0x2, 0x9000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x42802, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd13\x00', 0x0, 0x0) 4.229272501s ago: executing program 1 (id=1853): gettid() mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}, 0x1, 0x0, 0x0, 0x48080}, 0x4c100) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) (async) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0x3, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x2000000200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r0, 0x0, 0xffffff4b) brk$auto(0x7) (async) brk$auto(0x7) getsockopt$auto_SO_LOCK_FILTER(r0, 0x5794, 0x2c, &(0x7f00000000c0)='/proc/thread-self/clear_refs\x00', &(0x7f0000000180)=0xcd) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto_nsim_psample_enable_fops_psample(r2, 0x0, 0x0) ioctl$auto_BTRFS_IOC_SEND_32(r2, 0x40449426, &(0x7f0000000000)={@raw=0x4, 0x5, 0x163, 0xfffffffffffffffe, 0x8a, 0x2, "9df4eb338888ce4ca6ee5be19bb90d66ca085067b88467d0f91805e7"}) (async) ioctl$auto_BTRFS_IOC_SEND_32(r2, 0x40449426, &(0x7f0000000000)={@raw=0x4, 0x5, 0x163, 0xfffffffffffffffe, 0x8a, 0x2, "9df4eb338888ce4ca6ee5be19bb90d66ca085067b88467d0f91805e7"}) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (async) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x7fffffffffffffff, 0xfffffffffffffe01, 0x7) read$auto(0xffffffffffffffff, 0x0, 0x4) migrate_pages$auto(0x0, 0x74, &(0x7f0000000780)=0x8000000000000001, &(0x7f00000007c0)=0x1) 3.486531987s ago: executing program 2 (id=1854): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) ioctl$auto(0x3, 0x40605346, 0x38) 3.402721274s ago: executing program 2 (id=1855): connect$auto(0x3, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff, 0x2}, 0x50) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0x0, 0x0) mmap$auto(0xfffffffffffffffd, 0x729, 0xa, 0xeb1, 0x401, 0x8003) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000001c0)={[0x1ff, 0x7f, 0xd3e, 0x7, 0x948b, 0x6, 0x3, 0x5, 0x4, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) sendfile$auto(r2, r2, 0x0, 0x7ffff000) close_range$auto(0xffffffffffffffff, r0, 0x3) readv$auto(0xffffffffffffffff, 0x0, 0x200000000080003) mbind$auto(0x0, 0x9, 0xffffffffffffff01, 0x0, 0x3b8, 0x3) madvise$auto(0xffffffffffffffff, 0xfffffffffffefffb, 0x17) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000080)={0x0, 0x1003}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xd}, 0x8}, 0x7, 0x20020000) socket(0x1d, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x8009b72, 0x2, 0x9000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd13\x00', 0x0, 0x0) 3.176524041s ago: executing program 1 (id=1856): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000280)={0x0, 0x80000000}, 0x6, 0x3, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x42, 0x0) mmap$auto(0x0, 0x202000a, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8004) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) rseq$auto(&(0x7f0000000580)={0x5, 0x85, 0x9416, 0x4, 0xe, 0x6, "551e7285968d8e86bd4794a0e875ee9f7b35db28d0a7e72b7a19039c3357a05ba0582cc612c6c0be4beb4cc54d8337d40c93638ba3454a0435c32a206e808194584d8c359d418662d18943a5e3c6234e712a096205457b56f0a1e5d4d19835696295a54f38117d9d751e23b5fb61daa5a6b2c75148106dc167a20061e3fe55cc53ffadf62b0945da4b27515a0102a8d2d002a842362b4744b8972a5e11e8a6aab89c7b85947f3901d696d459641aa7e6b89b73387ec5fa2d2af6c992213d82c5774c4bcd4187585bcf652af094e988e75002e01f607abf5e25ae0f5548fd13175b681fc059c1f9160aef893bae78cf6cf62c30fa3f0c5c60cbe383a9c0cc1289519b0c7cff81cc3b4fec739fad19c662b0f98d607b61d825d10e2dd3b27b0f7a6b1adc5a452f344c39da5f086ea7c5d99674ca69c4f5635776e67c151bad72f906cd65231da3a55d6056e23b00686723714fabd752f3e2c86dafdee9d379230c0abeabfde9cf88c7e099f3ccc76ea7e64a3734ced5ffe749a8012db53ad4d6a5e347bdd83bb409c1bdb762f4aba145df74833d73ccd583797d4fb4ed3e0c7c29d502aacaef02e114d9e60ca6b0bcb28f825f5d49e94ccd2f830933c39a3ba3782505453e3de872ad8da84a6a22aaa62970428bb9a95d1817dbeeded1c53c5d508dea6cc53d80153b05f954c263278bb9c8bc02f3b1805dd9299dc8b97ebff0165d615ba7bf5ce8c490f4dd273642a18267b0a61a594cb1d608f3dffb292991ea32bb647a6f9b951f283e118dc73b4584485aa883410e402e3bec9ba889ec237462042cedaed761cca0c3b7058d3ffc276c9a75e18b79804f4e21650d911edbedb9fedd31959a8783b1e39d7d6408554bddb2a5d67703d225fe4422bf2367ca483e77fe479495be3235f4c77b3872a9e33946d2602486b83e84e7d8d1742d369e2d00b9dbb552385502c0f597b3615bed54de65af106b58d2b6bebbdd3fe625152527af965b67e9424da7be2e2574e1492aed568d4faaa9da508e0a2e6878"}, 0x80000002, 0x8, 0xfd) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x1, &(0x7f0000000500)=0xffff, 0xa, 0x1) futex_wake$auto(0x0, 0x5, 0x4, 0xa) socket(0x11, 0x80003, 0x1d12) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0xffffffffffffffff, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x40, 0x20000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x82942, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0xc000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000000000)) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x100000000000001, 0x8, 0x2000000000, 0x9b7f, r1, 0x8) r2 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x9, 0x11, r2, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) 2.452656079s ago: executing program 2 (id=1858): mkdir$auto(&(0x7f0000000080)='./file0\x00', 0x1) open$dir(&(0x7f0000000000)='./file0\x00', 0x511081, 0x4) capset$auto(&(0x7f0000000040)={0x9, 0xffffffffffffffff}, &(0x7f00000000c0)={0x3, 0x6, 0x6}) prctl$auto(0x200, 0x7, r0, 0x61, 0x2) rmdir$auto(&(0x7f0000000280)='./file0\x00') 2.008515933s ago: executing program 0 (id=1859): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000200)={0x0, 0x1ff}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="022502000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x80000005, &(0x7f0000000180)={0x0, 0xc8}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0) 2.006172153s ago: executing program 2 (id=1860): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffff7ffffffffffa, 0x8000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) memfd_create$auto(0x0, 0x4) r0 = socket(0xa, 0x3, 0x3a) r1 = openat$auto_proc_mounts_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000001200)='/proc/thread-self/mounts\x00', 0x28000, 0x0) r2 = epoll_create$auto(0x3e) epoll_ctl$auto(r2, 0x1, r1, 0x0) statx$auto(r2, 0x0, 0x7, 0xbe00, 0x0) setsockopt$auto(r0, 0x29, 0x14, 0x0, 0x56b) close_range$auto(0x0, 0xfffffffffffff000, 0x7) r3 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f00000000c0), 0x141401, 0x0) r4 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_fops_x64_ro_(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy17/netdev:wlan1/stations/08:02:11:00:00:00/driver_buffered_tids\x00', 0x8e302, 0x0) ioctl$auto(r3, 0x356d, r4) 1.902862119s ago: executing program 0 (id=1861): prctl$auto_PR_SET_CHILD_SUBREAPER(0x24, 0x5, 0xbf9, 0x7d1e, 0x92) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/maps\x00', 0x0, 0x0) lseek$auto(r0, 0x7fd, 0x1) 1.861746062s ago: executing program 2 (id=1862): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x9, 0x40abe, r0, 0x4007) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$auto(0x9, &(0x7f00000000c0)=@batch={0xffffffffffff3c77, 0x37, 0x2, 0x5, 0x9, 0x1, 0x6, 0x5852}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x40049409, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r3, 0x0, 0xfffffdf1) linkat$auto(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) sysfs$auto(0x2, 0x23, 0x0) open(0x0, 0x22040, 0x75) utimes$auto(0x0, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) read$auto(r1, 0x0, 0xb4d3) 1.81525941s ago: executing program 1 (id=1863): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000040), 0x8fef5b20dfbe4414, 0x0) close_range$auto(r0, r0, 0x0) pipe$auto(0x0) r1 = pipe$auto(0x0) tee$auto(0x2000000000000, 0x3, 0x402, 0xd) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r2 = socket(0x29, 0x1, 0x1000a) mmap$auto(0x0, 0x2, 0x3, 0xeb1, 0xfffffffffffffffa, 0x0) capset$auto(0x0, 0x0) adjtimex$auto(0x0) mmap$auto(0xb, 0x600008, 0xe2, 0x9b72, r2, 0x8000) socket(0x2, 0x1, 0x106) mmap$auto(0xffffffffffffffee, 0x24000000000, 0xdf, 0x9b72, 0x7, 0x28006) r3 = io_uring_setup$auto(0x4008, 0x0) mmap$auto(0x4, 0x400408, 0x0, 0x411, r3, 0x7ffd) socket(0x0, 0x801, 0xffffffff) getsockopt$auto_SO_TIMESTAMP_NEW(r1, 0x9, 0x3f, &(0x7f0000000080)='/dev/sg0\x00', &(0x7f00000000c0)=0x5) r4 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIMINTERFACE(r4, 0x8004550f, 0x0) r5 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x8000000000000003, 0x8000) syz_genetlink_get_family_id$auto_ipvs(0x0, 0xffffffffffffffff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, r5, 0x0) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) socket(0xa, 0x2, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0x22, 0xffffffffffffffff, 0x3) 1.533388543s ago: executing program 1 (id=1864): connect$auto(0x3, &(0x7f0000000080)=@hci={0x1f, 0xffffffffffffffff, 0x2}, 0x50) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/pci0000:00/0000:00:04.0/revision\x00', 0x0, 0x0) mmap$auto(0xfffffffffffffffd, 0x729, 0xa, 0xeb1, 0x401, 0x8003) close_range$auto(0x2, 0x8, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev0\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000001c0)={[0x1ff, 0x7f, 0xd3e, 0x7, 0x948b, 0x6, 0x3, 0x5, 0x4, 0x5e, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, 0x0, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nullb0/queue/scheduler\x00', 0xca002, 0x0) sendfile$auto(r2, r2, 0x0, 0x7ffff000) close_range$auto(0xffffffffffffffff, r0, 0x3) readv$auto(0xffffffffffffffff, 0x0, 0x200000000080003) mbind$auto(0x0, 0x9, 0xffffffffffffff01, 0x0, 0x3b8, 0x3) madvise$auto(0xffffffffffffffff, 0xfffffffffffefffb, 0x17) getpid() sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xd}, 0x8}, 0x7, 0x20020000) socket(0x1d, 0xa, 0x0) socket(0x5, 0x5, 0xff) mmap$auto(0x0, 0x400008, 0xdf, 0x8009b72, 0x2, 0x9000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x42802, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd13\x00', 0x0, 0x0) 1.525697937s ago: executing program 0 (id=1872): timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), r2) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd6300fcdba169248bdb3c0f2edf2514000000180001c0aa239e0a74ab6604e2d81400"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) ioperm$auto(0x7, 0x6, 0x2) syz_clone3(&(0x7f00000000c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0) ioctl$auto(0x3, 0x80286f4e, r4) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 1.447774723s ago: executing program 3 (id=1865): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x9, 0x40abe, r0, 0x4007) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) bpf$auto(0x9, &(0x7f00000000c0)=@batch={0xffffffffffff3c77, 0x37, 0x2, 0x5, 0x9, 0x1, 0x6, 0x5852}, 0x18) msgctl$auto_IPC_RMID(0x4, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x40049409, 0x0) r3 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r3, 0x0, 0xfffffdf1) linkat$auto(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) sysfs$auto(0x2, 0x23, 0x0) open(0x0, 0x22040, 0x75) utimes$auto(0x0, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) read$auto(r1, 0x0, 0xb4d3) 936.425937ms ago: executing program 2 (id=1866): r0 = openat$auto_proc_tid_children_operations_internal(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0) getsockopt$auto_SO_BUF_LOCK(r0, 0x4, 0x48, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', &(0x7f0000000080)=0x2) unshare$auto(0x40000080) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = socket(0x15, 0x5, 0x0) getsockopt$auto(r2, 0x114, 0x2713, 0xfffffffffffffffc, 0x0) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) close_range$auto(0x2, 0x8, 0x0) userfaultfd$auto(0x1) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) 932.979107ms ago: executing program 0 (id=1875): timer_settime$auto(0x0, 0xffff8000, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_l2tp(0x0, 0xffffffffffffffff) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000740), r2) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd6300fcdba169248bdb3c0f2edf2514000000180001c0aa239e0a74ab6604e2d81400"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$auto_L2TP_CMD_TUNNEL_MODIFY(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)={0x14, r1, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x80) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) ioperm$auto(0x7, 0x6, 0x2) syz_clone3(&(0x7f00000000c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x12de82, 0x0) ioctl$auto(0x3, 0x80286f4e, r4) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) 502.760274ms ago: executing program 0 (id=1867): ioctl$auto(0x3, 0x4040ae79, 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_ADD_TXSA(0xffffffffffffffff, &(0x7f00000006c0)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x13c, 0x0, 0x20, 0x70bd27, 0x25dfdbff, {}, [@MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_IFINDEX={0x8}, @MACSEC_ATTR_SA_CONFIG={0xfe, 0x3, 0x0, 0x1, [@typed={0x8, 0x134, 0x0, 0x0, @u32=0x3ff}, @generic="a60c2badbed7328de08f510d82433faa888f1d5fed8bf34f6f6662ec62528f", @generic="2804d8cf45c7082a144617f0a6f2df49eeba50bf2bb8c66622e5ffb4e009e04cb6b5c53a641779fb450b696aea6810ff04de95d02ceff2a9229d62bf4137ce0936c9998db86942c441bc13244913f094835c2085bb91d8597011b0e2cd7940630c4d5347b456c1a0c420ab5f85de97ec9b1d9f4b73071f7fcd37454ab056f186db2c4b1e2e4a2b18a3dfec0c509dde0645e25e047c6afe7c73d9e6efe32e141ac7a02bfc0687e90223508d05551c70bd553e872aef09d2ff9dd52d", @typed={0x8, 0xf4, 0x0, 0x0, @fd}, @nested={0x10, 0x133e, 0x0, 0x1, [@nested={0x4, 0x14c}, @typed={0x8, 0x65, 0x0, 0x0, @u32=0x2}]}]}, @MACSEC_ATTR_IFINDEX={0x8}]}, 0x13c}}, 0x20000840) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x800, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), r0) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) sendmsg$auto_ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x3c, r1, 0x1, 0x70bd26, 0x25dfdbf7, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKINFO_PHYADDR={0x5}, @ETHTOOL_A_LINKINFO_PORT={0x5}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000840}, 0x2000c840) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec7\x00', 0x10b101, 0x0) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x3ff, 0x8001) setsockopt$auto(0x3, 0x10f, 0x80, 0x0, 0x7) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bridge0\x00', 0x0}) r5 = socket(0xa, 0x2, 0x88) bpf$auto_BPF_MAP_DELETE_BATCH(0x1b, &(0x7f00000002c0)=@enable_stats={0x9}, 0x4) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'pimreg1\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r7, r6, 0x4, 0x1ff, r5, @relative_id=0x13, 0xe602}, 0xf) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0xffffffffffffff46, r1, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@ETHTOOL_A_PAUSE_TX={0x5, 0x4, 0x81}, @ETHTOOL_A_PAUSE_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}, @ETHTOOL_A_PAUSE_TX={0x0, 0x4, 0x8}, @ETHTOOL_A_PAUSE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dummy0\x00'}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x400c000}, 0x8004) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) dup3$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x0) 243.267705ms ago: executing program 1 (id=1868): set_mempolicy$auto(0x5, &(0x7f00000010c0)=0x80000001, 0x7) r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r1, &(0x7f0000000e80)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010029bd700002dcdf251f000000180001801400020076657468305f766972745f7769666900"], 0x2c}, 0x1, 0x0, 0x0, 0x4004084}, 0x82) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x80502, 0x0) 96.209623ms ago: executing program 1 (id=1869): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r3 = open(&(0x7f0000000100)='.\x00', 0x40000, 0x0) getdents64$auto(r3, 0x0, 0x400) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000140)=';') ioctl$auto(0x3, 0x40086200, 0x38) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x8, 0x1, 0x13, 0x3, 0x110000000) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="130026bd70006b68e11636178b6608000300", @ANYRES32=r2], 0x24}, 0x1, 0x0, 0x0, 0x4004894}, 0x20008891) 0s ago: executing program 0 (id=1870): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x4, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x50, &(0x7f0000000200)={0x0, 0x1ff}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="022502000000"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x20040004) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x80000005, &(0x7f0000000180)={0x0, 0xc8}, 0x1, 0x0, 0x5}, 0x3}, 0x40000204, 0x0) kernel console output (not intermixed with test programs): find_vma+0xbf/0x140 [ 184.803626][ T7799] ? __pfx_find_vma+0x10/0x10 [ 184.803670][ T7799] handle_mm_fault+0x36d/0xa20 [ 184.803708][ T7799] do_user_addr_fault+0x74c/0x12f0 [ 184.803749][ T7799] exc_page_fault+0x6f/0xd0 [ 184.803782][ T7799] asm_exc_page_fault+0x26/0x30 [ 184.803808][ T7799] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 184.803850][ T7799] Code: 7d 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 e9 0f 7d 04 00 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 184.803875][ T7799] RSP: 0018:ffffc90004e3fd18 EFLAGS: 00050206 [ 184.803898][ T7799] RAX: 0000000000000001 RBX: 0000000000000038 RCX: 000000000000004c [ 184.803914][ T7799] RDX: 0000000000000001 RSI: 0000000000000038 RDI: ffffc90004e3fd80 [ 184.803931][ T7799] RBP: 000000000000004c R08: 0000000000000001 R09: fffff520009c7fb9 [ 184.803948][ T7799] R10: ffffc90004e3fdcb R11: 0000000000000000 R12: 0000000000000000 [ 184.803965][ T7799] R13: ffffc90004e3fd80 R14: ffffc90004e3fd80 R15: ffff88807ed89800 [ 184.804002][ T7799] _copy_from_user+0x98/0xd0 [ 184.804044][ T7799] snd_seq_ioctl+0x1bf/0x430 [ 184.804073][ T7799] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 184.804127][ T7799] ? __pfx_snd_seq_ioctl+0x10/0x10 [ 184.804155][ T7799] __x64_sys_ioctl+0x18e/0x210 [ 184.804200][ T7799] do_syscall_64+0xc9/0xf80 [ 184.804236][ T7799] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.804263][ T7799] RIP: 0033:0x7f40d1f9aeb9 [ 184.804285][ T7799] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.804310][ T7799] RSP: 002b:00007f40d2df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 184.804334][ T7799] RAX: ffffffffffffffda RBX: 00007f40d2215fa0 RCX: 00007f40d1f9aeb9 [ 184.804352][ T7799] RDX: 0000000000000038 RSI: 00000000404c534a RDI: 0000000000000003 [ 184.804375][ T7799] RBP: 00007f40d2df6090 R08: 0000000000000000 R09: 0000000000000000 [ 184.804391][ T7799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 184.804407][ T7799] R13: 00007f40d2216038 R14: 00007f40d2215fa0 R15: 00007fffd3cc12d8 [ 184.804445][ T7799] [ 185.651905][ T7810] netlink: 4 bytes leftover after parsing attributes in process `syz.0.462'. [ 186.163347][ T7800] kexec: Could not allocate control_code_buffer [ 186.427061][ T7833] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(16) [ 186.438770][ T7833] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 189.788761][ T5824] Bluetooth: hci0: unexpected event 0x23 length: 127 > 13 [ 190.542293][ T7938] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 191.077422][ T7957] netlink: 4 bytes leftover after parsing attributes in process `syz.0.498'. [ 191.101859][ T7957] netlink: 25 bytes leftover after parsing attributes in process `syz.0.498'. [ 191.448926][ T7963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 191.459968][ T7963] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 191.471960][ T7963] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 191.480749][ T7963] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 191.489701][ T7963] page dumped because: unmovable page [ 191.496010][ T7963] page_owner tracks the page as allocated [ 191.503806][ T7963] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 5819, tgid 5819 (syz-executor), ts 86406279906, free_ts 74724862292 [ 191.520915][ T7963] post_alloc_hook+0x1e1/0x250 [ 191.525728][ T7963] get_page_from_freelist+0xe3d/0x2e10 [ 191.531259][ T7963] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 191.540453][ T7963] alloc_pages_bulk_noprof+0x777/0x1500 [ 191.546049][ T7963] __kasan_populate_vmalloc+0xf0/0x210 [ 191.594780][ T7963] alloc_vmap_area+0x935/0x2a00 [ 191.600197][ T7963] __get_vm_area_node+0x1ca/0x330 [ 191.605317][ T7963] __vmalloc_node_range_noprof+0x213/0x1530 [ 191.611691][ T7963] vmalloc_user_noprof+0x9e/0xe0 [ 191.616669][ T7963] kcov_ioctl+0x4c/0x720 [ 191.621445][ T7963] __x64_sys_ioctl+0x18e/0x210 [ 191.626264][ T7963] do_syscall_64+0xc9/0xf80 [ 191.637048][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.643626][ T7963] page last free pid 5713 tgid 5713 stack trace: [ 191.650664][ T7963] __free_frozen_pages+0x822/0x1130 [ 191.656023][ T7963] __folio_put+0x3b4/0x540 [ 191.662636][ T7963] anon_pipe_buf_release+0x40c/0x530 [ 191.672101][ T7963] anon_pipe_read+0x5cd/0x1200 [ 191.676931][ T7963] vfs_read+0x957/0xb30 [ 191.681623][ T7963] ksys_read+0x1f8/0x250 [ 191.686173][ T7963] do_syscall_64+0xc9/0xf80 [ 191.692375][ T7963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.714608][ T7974] FAULT_INJECTION: forcing a failure. [ 191.714608][ T7974] name failslab, interval 1, probability 0, space 0, times 0 [ 191.745879][ T7974] CPU: 0 UID: 0 PID: 7974 Comm: syz.1.502 Tainted: G L syzkaller #0 PREEMPT(full) [ 191.745924][ T7974] Tainted: [L]=SOFTLOCKUP [ 191.745933][ T7974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 191.745948][ T7974] Call Trace: [ 191.745957][ T7974] [ 191.745967][ T7974] dump_stack_lvl+0x100/0x190 [ 191.746004][ T7974] should_fail_ex.cold+0x5/0xa [ 191.746049][ T7974] should_failslab+0xc2/0x120 [ 191.746086][ T7974] kmem_cache_alloc_noprof+0x83/0x780 [ 191.746124][ T7974] ? do_fcntl_add_lease+0x361/0x550 [ 191.746160][ T7974] ? do_fcntl_add_lease+0x361/0x550 [ 191.746186][ T7974] do_fcntl_add_lease+0x361/0x550 [ 191.746215][ T7974] ? __pfx_do_fcntl_add_lease+0x10/0x10 [ 191.746242][ T7974] ? __pfx_futex_wait+0x10/0x10 [ 191.746280][ T7974] fcntl_setlease+0xfc/0x180 [ 191.746309][ T7974] ? __pfx_fcntl_setlease+0x10/0x10 [ 191.746345][ T7974] do_fcntl+0x1149/0x1670 [ 191.746382][ T7974] ? __pfx_do_fcntl+0x10/0x10 [ 191.746498][ T7974] ? __fget_files+0x215/0x3d0 [ 191.746540][ T7974] ? tomoyo_file_fcntl+0x6c/0xc0 [ 191.746578][ T7974] __x64_sys_fcntl+0x163/0x200 [ 191.746620][ T7974] do_syscall_64+0xc9/0xf80 [ 191.746653][ T7974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.746675][ T7974] RIP: 0033:0x7fc08879aeb9 [ 191.746696][ T7974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 191.746721][ T7974] RSP: 002b:00007fc08963a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 191.746747][ T7974] RAX: ffffffffffffffda RBX: 00007fc088a16090 RCX: 00007fc08879aeb9 [ 191.746765][ T7974] RDX: 9ec0000000000000 RSI: 0000000000000400 RDI: 0000000000000003 [ 191.746782][ T7974] RBP: 00007fc088808c1f R08: 0000000000000000 R09: 0000000000000000 [ 191.746798][ T7974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 191.746813][ T7974] R13: 00007fc088a16128 R14: 00007fc088a16090 R15: 00007ffd94b6edc8 [ 191.746850][ T7974] [ 192.238194][ T30] audit: type=1800 audit(1769879364.959:12): pid=7974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.502" name="lu_gp_id" dev="configfs" ino=20236 res=0 errno=0 [ 192.382892][ T7979] netlink: 4 bytes leftover after parsing attributes in process `syz.2.503'. [ 192.420268][ T7979] netlink: 'syz.2.503': attribute type 1 has an invalid length. [ 192.441566][ T7979] netlink: 306 bytes leftover after parsing attributes in process `syz.2.503'. [ 193.713951][ T8023] netlink: 16 bytes leftover after parsing attributes in process `syz.3.513'. [ 194.207859][ T8023] Process accounting paused [ 194.556496][ T8051] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 194.849342][ T8061] netlink: 28 bytes leftover after parsing attributes in process `syz.3.520'. [ 194.898394][ T8061] bridge_slave_1: left allmulticast mode [ 194.914580][ T8061] bridge_slave_1: left promiscuous mode [ 194.971613][ T8061] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.058845][ T8061] bridge_slave_0: left allmulticast mode [ 195.064508][ T8061] bridge_slave_0: left promiscuous mode [ 195.109350][ T8061] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.555325][ T8110] zswap: compressor not available [ 196.689549][ T8119] FAULT_INJECTION: forcing a failure. [ 196.689549][ T8119] name failslab, interval 1, probability 0, space 0, times 0 [ 196.735047][ T8119] CPU: 1 UID: 0 PID: 8119 Comm: syz.3.528 Tainted: G L syzkaller #0 PREEMPT(full) [ 196.735094][ T8119] Tainted: [L]=SOFTLOCKUP [ 196.735104][ T8119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 196.735120][ T8119] Call Trace: [ 196.735128][ T8119] [ 196.735138][ T8119] dump_stack_lvl+0x100/0x190 [ 196.735174][ T8119] should_fail_ex.cold+0x5/0xa [ 196.735218][ T8119] should_failslab+0xc2/0x120 [ 196.735259][ T8119] kmem_cache_alloc_noprof+0x83/0x780 [ 196.735297][ T8119] ? __pfx_map_id_range_down+0x10/0x10 [ 196.735324][ T8119] ? security_inode_alloc+0x3b/0x2c0 [ 196.735367][ T8119] ? security_inode_alloc+0x3b/0x2c0 [ 196.735404][ T8119] security_inode_alloc+0x3b/0x2c0 [ 196.735443][ T8119] inode_init_always_gfp+0xced/0x1040 [ 196.735481][ T8119] alloc_inode+0x8e/0x250 [ 196.735523][ T8119] alloc_anon_inode+0x2a/0x3e0 [ 196.735559][ T8119] anon_inode_make_secure_inode+0x2f/0x140 [ 196.735601][ T8119] __do_sys_memfd_secret+0xd7/0x3d0 [ 196.735639][ T8119] do_syscall_64+0xc9/0xf80 [ 196.735678][ T8119] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.735706][ T8119] RIP: 0033:0x7f701b99aeb9 [ 196.735728][ T8119] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 196.735754][ T8119] RSP: 002b:00007f701c8da028 EFLAGS: 00000246 ORIG_RAX: 00000000000001bf [ 196.735780][ T8119] RAX: ffffffffffffffda RBX: 00007f701bc16180 RCX: 00007f701b99aeb9 [ 196.735799][ T8119] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 196.735815][ T8119] RBP: 00007f701ba08c1f R08: 0000000000000000 R09: 0000000000000000 [ 196.735831][ T8119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.735847][ T8119] R13: 00007f701bc16218 R14: 00007f701bc16180 R15: 00007ffd61601c38 [ 196.735879][ T8119] [ 197.642428][ T8135] netlink: 44 bytes leftover after parsing attributes in process `syz.3.531'. [ 199.340688][ T8152] input: ¶š9ã%v”ûJ,6Ö‘ as /devices/virtual/input/input9 [ 199.576665][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 199.584730][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 200.653828][ T8195] netlink: 252 bytes leftover after parsing attributes in process `syz.3.548'. [ 200.698800][ T8195] netlink: 252 bytes leftover after parsing attributes in process `syz.3.548'. [ 201.017855][ T8205] netlink: 350 bytes leftover after parsing attributes in process `syz.1.552'. [ 201.339498][ T8216] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 201.876015][ T8232] netlink: 4 bytes leftover after parsing attributes in process `syz.3.559'. [ 202.325426][ T8243] netlink: 8 bytes leftover after parsing attributes in process `syz.0.564'. [ 202.431479][ T8243] syz.0.564 (8243) used greatest stack depth: 17752 bytes left [ 202.742737][ T8258] netlink: 28 bytes leftover after parsing attributes in process `syz.2.566'. [ 203.126150][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.2.570'. [ 203.744158][ T8284] FAULT_INJECTION: forcing a failure. [ 203.744158][ T8284] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 203.791379][ T8284] CPU: 0 UID: 0 PID: 8284 Comm: syz.0.575 Tainted: G L syzkaller #0 PREEMPT(full) [ 203.791406][ T8284] Tainted: [L]=SOFTLOCKUP [ 203.791411][ T8284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 203.791420][ T8284] Call Trace: [ 203.791426][ T8284] [ 203.791432][ T8284] dump_stack_lvl+0x100/0x190 [ 203.791455][ T8284] should_fail_ex.cold+0x5/0xa [ 203.791480][ T8284] _copy_to_user+0x32/0xd0 [ 203.791512][ T8284] ksys_shmctl.constprop.0+0x2f1/0x390 [ 203.791528][ T8284] ? __pfx_ksys_shmctl.constprop.0+0x10/0x10 [ 203.791546][ T8284] ? __pfx_do_futex+0x10/0x10 [ 203.791568][ T8284] ? do_fcntl+0x811/0x1670 [ 203.791592][ T8284] ? __x64_sys_futex+0x34f/0x4d0 [ 203.791622][ T8284] do_syscall_64+0xc9/0xf80 [ 203.791641][ T8284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.791656][ T8284] RIP: 0033:0x7ff3fc59aeb9 [ 203.791669][ T8284] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 203.791682][ T8284] RSP: 002b:00007ff3fd3f4028 EFLAGS: 00000246 ORIG_RAX: 000000000000001f [ 203.791697][ T8284] RAX: ffffffffffffffda RBX: 00007ff3fc815fa0 RCX: 00007ff3fc59aeb9 [ 203.791707][ T8284] RDX: 0000000000000000 RSI: 000000000000000e RDI: 0000000000000006 [ 203.791715][ T8284] RBP: 00007ff3fc608c1f R08: 0000000000000000 R09: 0000000000000000 [ 203.791724][ T8284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 203.791732][ T8284] R13: 00007ff3fc816038 R14: 00007ff3fc815fa0 R15: 00007ffe26d40cf8 [ 203.791751][ T8284] [ 205.409696][ T8309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.580'. [ 207.214594][ T8347] netlink: 4 bytes leftover after parsing attributes in process `syz.3.590'. [ 207.224969][ T8347] netlink: 'syz.3.590': attribute type 1 has an invalid length. [ 207.236573][ T8347] netlink: 13 bytes leftover after parsing attributes in process `syz.3.590'. [ 207.477597][ T8352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.592'. [ 207.495564][ T8352] netlink: 'syz.1.592': attribute type 1 has an invalid length. [ 207.514140][ T8352] netlink: 13 bytes leftover after parsing attributes in process `syz.1.592'. [ 208.548411][ T8386] netlink: 4 bytes leftover after parsing attributes in process `syz.2.601'. [ 208.573870][ T8386] netlink: 'syz.2.601': attribute type 1 has an invalid length. [ 208.602578][ T8386] netlink: 13 bytes leftover after parsing attributes in process `syz.2.601'. [ 208.983326][ T8397] netlink: 'syz.2.604': attribute type 1 has an invalid length. [ 208.992141][ T8397] netlink: 'syz.2.604': attribute type 1 has an invalid length. [ 209.167983][ T8399] netlink: 4 bytes leftover after parsing attributes in process `syz.2.605'. [ 209.468552][ T8409] FAULT_INJECTION: forcing a failure. [ 209.468552][ T8409] name failslab, interval 1, probability 0, space 0, times 0 [ 209.525116][ T8409] CPU: 0 UID: 0 PID: 8409 Comm: syz.3.608 Tainted: G L syzkaller #0 PREEMPT(full) [ 209.525163][ T8409] Tainted: [L]=SOFTLOCKUP [ 209.525173][ T8409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 209.525189][ T8409] Call Trace: [ 209.525198][ T8409] [ 209.525208][ T8409] dump_stack_lvl+0x100/0x190 [ 209.525246][ T8409] should_fail_ex.cold+0x5/0xa [ 209.525294][ T8409] should_failslab+0xc2/0x120 [ 209.525333][ T8409] __kmalloc_cache_noprof+0x80/0x810 [ 209.525365][ T8409] ? call_usermodehelper_setup+0xaf/0x360 [ 209.525393][ T8409] ? __kmalloc_node_track_caller_noprof+0x373/0x9d0 [ 209.525429][ T8409] ? __pfx_free_modprobe_argv+0x10/0x10 [ 209.525473][ T8409] ? call_usermodehelper_setup+0xaf/0x360 [ 209.525501][ T8409] call_usermodehelper_setup+0xaf/0x360 [ 209.525535][ T8409] __request_module+0x3c7/0x650 [ 209.525577][ T8409] ? __pfx___request_module+0x10/0x10 [ 209.525635][ T8409] ? find_held_lock+0x2b/0x80 [ 209.525662][ T8409] ? inet_create+0xa72/0x1060 [ 209.525710][ T8409] inet_create+0xd45/0x1060 [ 209.525744][ T8409] ? inet_create+0x94/0x1060 [ 209.525782][ T8409] __sock_create+0x339/0x860 [ 209.525820][ T8409] __sys_socket+0x14d/0x260 [ 209.525854][ T8409] ? __pfx___sys_socket+0x10/0x10 [ 209.525883][ T8409] ? xfd_validate_state+0x129/0x190 [ 209.525937][ T8409] __x64_sys_socket+0x72/0xb0 [ 209.525968][ T8409] ? lockdep_hardirqs_on+0x78/0x100 [ 209.526001][ T8409] do_syscall_64+0xc9/0xf80 [ 209.526038][ T8409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.526066][ T8409] RIP: 0033:0x7f701b99aeb9 [ 209.526089][ T8409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.526114][ T8409] RSP: 002b:00007f701c91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 209.526141][ T8409] RAX: ffffffffffffffda RBX: 00007f701bc15fa0 RCX: 00007f701b99aeb9 [ 209.526159][ T8409] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000002 [ 209.526174][ T8409] RBP: 00007f701ba08c1f R08: 0000000000000000 R09: 0000000000000000 [ 209.526191][ T8409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.526207][ T8409] R13: 00007f701bc16038 R14: 00007f701bc15fa0 R15: 00007ffd61601c38 [ 209.526245][ T8409] [ 209.936881][ T8422] netlink: 'syz.1.609': attribute type 1 has an invalid length. [ 210.020174][ T8416] zswap: compressor not available [ 210.249596][ T8428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.611'. [ 210.289234][ T8428] netlink: 'syz.3.611': attribute type 1 has an invalid length. [ 210.352489][ T8428] netlink: 13 bytes leftover after parsing attributes in process `syz.3.611'. [ 210.692693][ T5824] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9 [ 210.855064][ T8448] netlink: 4 bytes leftover after parsing attributes in process `syz.3.617'. [ 210.890517][ T8448] FAULT_INJECTION: forcing a failure. [ 210.890517][ T8448] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.955406][ T8448] CPU: 1 UID: 0 PID: 8448 Comm: syz.3.617 Tainted: G L syzkaller #0 PREEMPT(full) [ 210.955449][ T8448] Tainted: [L]=SOFTLOCKUP [ 210.955458][ T8448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 210.955473][ T8448] Call Trace: [ 210.955490][ T8448] [ 210.955500][ T8448] dump_stack_lvl+0x100/0x190 [ 210.955538][ T8448] should_fail_ex.cold+0x5/0xa [ 210.955579][ T8448] _copy_from_iter+0x1f4/0x1690 [ 210.955623][ T8448] ? rcu_is_watching+0x12/0xc0 [ 210.955645][ T8448] ? __pfx__copy_from_iter+0x10/0x10 [ 210.955667][ T8448] ? __asan_memset+0x23/0x50 [ 210.955683][ T8448] ? __build_skb_around+0x278/0x390 [ 210.955702][ T8448] ? is_vmalloc_addr+0x86/0xa0 [ 210.955721][ T8448] netlink_sendmsg+0x808/0xda0 [ 210.955748][ T8448] ? __pfx_netlink_sendmsg+0x10/0x10 [ 210.955772][ T8448] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 210.955794][ T8448] sock_write_iter+0x566/0x610 [ 210.955811][ T8448] ? __pfx_sock_write_iter+0x10/0x10 [ 210.955833][ T8448] ? bpf_lsm_file_permission+0x9/0x10 [ 210.955853][ T8448] ? security_file_permission+0x76/0x210 [ 210.955877][ T8448] ? rw_verify_area+0xce/0x6d0 [ 210.955893][ T8448] vfs_write+0x6ac/0x1070 [ 210.955911][ T8448] ? __pfx_sock_write_iter+0x10/0x10 [ 210.955928][ T8448] ? __pfx_vfs_write+0x10/0x10 [ 210.955942][ T8448] ? find_held_lock+0x2b/0x80 [ 210.955968][ T8448] ksys_write+0x1f8/0x250 [ 210.955984][ T8448] ? __pfx_ksys_write+0x10/0x10 [ 210.956005][ T8448] do_syscall_64+0xc9/0xf80 [ 210.956025][ T8448] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.956039][ T8448] RIP: 0033:0x7f701b99aeb9 [ 210.956053][ T8448] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 210.956066][ T8448] RSP: 002b:00007f701c91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 210.956080][ T8448] RAX: ffffffffffffffda RBX: 00007f701bc15fa0 RCX: 00007f701b99aeb9 [ 210.956090][ T8448] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002 [ 210.956098][ T8448] RBP: 00007f701c91c090 R08: 0000000000000000 R09: 0000000000000000 [ 210.956107][ T8448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 210.956115][ T8448] R13: 00007f701bc16038 R14: 00007f701bc15fa0 R15: 00007ffd61601c38 [ 210.956133][ T8448] [ 211.574946][ T8468] Invalid ELF header magic: != ELF [ 211.637423][ T8472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.625'. [ 211.653561][ T8472] netlink: 'syz.1.625': attribute type 1 has an invalid length. [ 211.701095][ T8472] netlink: 13 bytes leftover after parsing attributes in process `syz.1.625'. [ 212.448913][ T5824] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 212.559210][ T8501] netlink: 4 bytes leftover after parsing attributes in process `syz.3.631'. [ 212.626261][ T8507] FAULT_INJECTION: forcing a failure. [ 212.626261][ T8507] name failslab, interval 1, probability 0, space 0, times 0 [ 212.678236][ T8507] CPU: 1 UID: 0 PID: 8507 Comm: syz.3.631 Tainted: G L syzkaller #0 PREEMPT(full) [ 212.678279][ T8507] Tainted: [L]=SOFTLOCKUP [ 212.678288][ T8507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 212.678302][ T8507] Call Trace: [ 212.678311][ T8507] [ 212.678321][ T8507] dump_stack_lvl+0x100/0x190 [ 212.678359][ T8507] should_fail_ex.cold+0x5/0xa [ 212.678400][ T8507] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 212.678429][ T8507] should_failslab+0xc2/0x120 [ 212.678468][ T8507] kmem_cache_alloc_noprof+0x83/0x780 [ 212.678503][ T8507] ? skb_clone+0x190/0x400 [ 212.678549][ T8507] ? skb_clone+0x190/0x400 [ 212.678586][ T8507] skb_clone+0x190/0x400 [ 212.678627][ T8507] netlink_deliver_tap+0xaed/0xcc0 [ 212.678720][ T8507] netlink_unicast+0x650/0x870 [ 212.678767][ T8507] ? __pfx_netlink_unicast+0x10/0x10 [ 212.678807][ T8507] ? __asan_memset+0x23/0x50 [ 212.678835][ T8507] ? __build_skb_around+0x278/0x390 [ 212.678870][ T8507] ? is_vmalloc_addr+0x86/0xa0 [ 212.678905][ T8507] netlink_sendmsg+0x8b0/0xda0 [ 212.678953][ T8507] ? __pfx_netlink_sendmsg+0x10/0x10 [ 212.678999][ T8507] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 212.679040][ T8507] sock_write_iter+0x566/0x610 [ 212.679072][ T8507] ? __pfx_sock_write_iter+0x10/0x10 [ 212.679114][ T8507] ? bpf_lsm_file_permission+0x9/0x10 [ 212.679151][ T8507] ? security_file_permission+0x76/0x210 [ 212.679194][ T8507] ? rw_verify_area+0xce/0x6d0 [ 212.679224][ T8507] vfs_write+0x6ac/0x1070 [ 212.679255][ T8507] ? __pfx_sock_write_iter+0x10/0x10 [ 212.679288][ T8507] ? __pfx_vfs_write+0x10/0x10 [ 212.679315][ T8507] ? find_held_lock+0x2b/0x80 [ 212.679365][ T8507] ksys_write+0x1f8/0x250 [ 212.679395][ T8507] ? __pfx_ksys_write+0x10/0x10 [ 212.679425][ T8507] ? do_user_addr_fault+0x8d6/0x12f0 [ 212.679463][ T8507] do_syscall_64+0xc9/0xf80 [ 212.679499][ T8507] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.679527][ T8507] RIP: 0033:0x7f701b99aeb9 [ 212.679548][ T8507] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 212.679572][ T8507] RSP: 002b:00007f701c8fb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 212.679598][ T8507] RAX: ffffffffffffffda RBX: 00007f701bc16090 RCX: 00007f701b99aeb9 [ 212.679616][ T8507] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000002 [ 212.679638][ T8507] RBP: 00007f701c8fb090 R08: 0000000000000000 R09: 0000000000000000 [ 212.679654][ T8507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.679669][ T8507] R13: 00007f701bc16128 R14: 00007f701bc16090 R15: 00007ffd61601c38 [ 212.679706][ T8507] [ 212.681423][ T8507] netlink: 'syz.3.631': attribute type 1 has an invalid length. [ 212.977634][ T8507] netlink: 13 bytes leftover after parsing attributes in process `syz.3.631'. [ 213.009588][ T8511] zero sized request [ 213.167792][ T8480] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 213.186446][ T8480] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 213.207926][ T8480] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 214.093925][ T8529] netlink: 4 bytes leftover after parsing attributes in process `syz.1.636'. [ 214.330577][ T8521] zswap: compressor not available [ 215.277302][ T8564] zswap: compressor not available [ 216.512061][ T8601] netlink: 4 bytes leftover after parsing attributes in process `syz.1.649'. [ 217.568730][ T8634] netlink: 28 bytes leftover after parsing attributes in process `syz.3.656'. [ 217.716543][ T8634] team0: Port device team_slave_1 removed [ 217.861056][ T8639] netlink: 146 bytes leftover after parsing attributes in process `syz.0.657'. [ 218.277370][ T8654] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 218.345053][ T8654] CIFS mount error: No usable UNC path provided in device string! [ 218.345053][ T8654] [ 218.394543][ T8654] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 218.911612][ T8673] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 219.305205][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 219.318421][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 219.318836][ T8068] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.337591][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 219.350655][ T8686] futex_wake_op: syz.1.666 tries to shift op by -2048; fix this program [ 219.379691][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 219.397446][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 219.453558][ T8689] zero sized request [ 219.510156][ T8068] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.681113][ T8068] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.810860][ T8068] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 219.935849][ T8698] netlink: 28 bytes leftover after parsing attributes in process `syz.1.668'. [ 219.935849][ T8697] netlink: 28 bytes leftover after parsing attributes in process `syz.1.668'. [ 220.198849][ T8068] bridge_slave_1: left allmulticast mode [ 220.204893][ T8068] bridge_slave_1: left promiscuous mode [ 220.219512][ T8068] bridge0: port 2(bridge_slave_1) entered disabled state [ 220.250542][ T8068] bridge_slave_0: left allmulticast mode [ 220.264101][ T8068] bridge_slave_0: left promiscuous mode [ 220.272974][ T8068] bridge0: port 1(bridge_slave_0) entered disabled state [ 220.690104][ T8068] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 220.712138][ T8068] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 220.725354][ T8068] bond0 (unregistering): Released all slaves [ 220.765442][ T8685] chnl_net:caif_netlink_parms(): no params data found [ 221.013682][ T8685] bridge0: port 1(bridge_slave_0) entered blocking state [ 221.022703][ T8685] bridge0: port 1(bridge_slave_0) entered disabled state [ 221.040922][ T8685] bridge_slave_0: entered allmulticast mode [ 221.078458][ T8685] bridge_slave_0: entered promiscuous mode [ 221.091910][ T8685] bridge0: port 2(bridge_slave_1) entered blocking state [ 221.100414][ T8685] bridge0: port 2(bridge_slave_1) entered disabled state [ 221.107774][ T8685] bridge_slave_1: entered allmulticast mode [ 221.120925][ T8685] bridge_slave_1: entered promiscuous mode [ 221.272242][ T8685] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 221.283445][ T8716] netlink: 334 bytes leftover after parsing attributes in process `syz.3.673'. [ 221.313133][ T8685] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 221.459488][ T8685] team0: Port device team_slave_0 added [ 221.481687][ T8685] team0: Port device team_slave_1 added [ 221.488641][ T5824] Bluetooth: hci0: command tx timeout [ 221.729105][ T8685] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 221.739152][ T8685] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 221.780021][ T8685] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 221.843182][ T8685] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 221.858205][ T8685] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 221.922785][ T8685] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 222.298185][ T8068] hsr_slave_0: left promiscuous mode [ 222.338661][ T8068] hsr_slave_1: left promiscuous mode [ 222.345735][ T8068] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 222.378508][ T8068] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 222.400228][ T8068] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 222.412470][ T8068] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 222.584857][ T8068] veth1_macvtap: left promiscuous mode [ 222.604361][ T8068] veth0_macvtap: left promiscuous mode [ 222.614510][ T8068] veth1_vlan: left promiscuous mode [ 222.624671][ T8068] veth0_vlan: left promiscuous mode [ 223.569415][ T5824] Bluetooth: hci0: command tx timeout [ 223.795072][ T8068] team0 (unregistering): Port device team_slave_1 removed [ 223.863579][ T8068] team0 (unregistering): Port device team_slave_0 removed [ 224.609998][ T8685] hsr_slave_0: entered promiscuous mode [ 224.619253][ T8685] hsr_slave_1: entered promiscuous mode [ 224.912177][ T8771] FAULT_INJECTION: forcing a failure. [ 224.912177][ T8771] name failslab, interval 1, probability 0, space 0, times 0 [ 224.945282][ T8771] CPU: 0 UID: 0 PID: 8771 Comm: syz.2.681 Tainted: G L syzkaller #0 PREEMPT(full) [ 224.945326][ T8771] Tainted: [L]=SOFTLOCKUP [ 224.945335][ T8771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 224.945352][ T8771] Call Trace: [ 224.945360][ T8771] [ 224.945371][ T8771] dump_stack_lvl+0x100/0x190 [ 224.945410][ T8771] should_fail_ex.cold+0x5/0xa [ 224.945457][ T8771] should_failslab+0xc2/0x120 [ 224.945495][ T8771] kmem_cache_alloc_noprof+0x83/0x780 [ 224.945532][ T8771] ? security_file_alloc+0x34/0x2c0 [ 224.945581][ T8771] ? security_file_alloc+0x34/0x2c0 [ 224.945619][ T8771] security_file_alloc+0x34/0x2c0 [ 224.945658][ T8771] init_file+0x93/0x4c0 [ 224.945696][ T8771] alloc_empty_file+0x73/0x1c0 [ 224.945734][ T8771] path_openat+0xe8/0x3120 [ 224.945765][ T8771] ? getname_flags+0x93/0xf0 [ 224.945790][ T8771] ? do_sys_openat2+0xc5/0x220 [ 224.945829][ T8771] ? __x64_sys_openat+0x12d/0x210 [ 224.945865][ T8771] ? do_syscall_64+0xc9/0xf80 [ 224.945896][ T8771] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.945933][ T8771] ? __pfx_path_openat+0x10/0x10 [ 224.945979][ T8771] do_filp_open+0x1f7/0x420 [ 224.946013][ T8771] ? __pfx_do_filp_open+0x10/0x10 [ 224.946070][ T8771] ? _raw_spin_unlock+0x28/0x50 [ 224.946095][ T8771] ? alloc_fd+0x476/0x790 [ 224.946138][ T8771] do_sys_openat2+0x12e/0x220 [ 224.946190][ T8771] ? __pfx_do_sys_openat2+0x10/0x10 [ 224.946244][ T8771] __x64_sys_openat+0x12d/0x210 [ 224.946286][ T8771] ? __pfx___x64_sys_openat+0x10/0x10 [ 224.946331][ T8771] ? xfd_validate_state+0x129/0x190 [ 224.946387][ T8771] do_syscall_64+0xc9/0xf80 [ 224.946421][ T8771] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.946450][ T8771] RIP: 0033:0x7f40d1f9aeb9 [ 224.946474][ T8771] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 224.946501][ T8771] RSP: 002b:00007f40d2df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 224.946529][ T8771] RAX: ffffffffffffffda RBX: 00007f40d2215fa0 RCX: 00007f40d1f9aeb9 [ 224.946547][ T8771] RDX: 00000000000426a2 RSI: 0000000000000000 RDI: ffffffffffffff9c [ 224.946564][ T8771] RBP: 00007f40d2008c1f R08: 0000000000000000 R09: 0000000000000000 [ 224.946581][ T8771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.946598][ T8771] R13: 00007f40d2216038 R14: 00007f40d2215fa0 R15: 00007fffd3cc12d8 [ 224.946642][ T8771] [ 225.280006][ T8759] Process accounting resumed [ 225.578884][ T8779] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 225.634905][ T8782] netlink: 'syz.2.684': attribute type 4 has an invalid length. [ 225.648215][ T5824] Bluetooth: hci0: command tx timeout [ 226.352910][ T8798] netlink: 4 bytes leftover after parsing attributes in process `syz.3.686'. [ 226.362816][ T8798] netlink: 'syz.3.686': attribute type 1 has an invalid length. [ 226.385479][ T8798] netlink: 13 bytes leftover after parsing attributes in process `syz.3.686'. [ 226.761790][ T8805] netlink: 342 bytes leftover after parsing attributes in process `syz.3.688'. [ 226.863204][ T8685] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 226.952119][ T8685] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 226.964053][ T8685] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 227.073793][ T8685] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 227.367016][ T8685] 8021q: adding VLAN 0 to HW filter on device bond0 [ 227.400328][ T8685] 8021q: adding VLAN 0 to HW filter on device team0 [ 227.437104][ T8077] bridge0: port 1(bridge_slave_0) entered blocking state [ 227.444413][ T8077] bridge0: port 1(bridge_slave_0) entered forwarding state [ 227.533394][ T8078] bridge0: port 2(bridge_slave_1) entered blocking state [ 227.540615][ T8078] bridge0: port 2(bridge_slave_1) entered forwarding state [ 227.575503][ T8826] netlink: 28 bytes leftover after parsing attributes in process `syz.3.690'. [ 227.728252][ T5824] Bluetooth: hci0: command tx timeout [ 227.738157][ T8826] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 227.745588][ T8826] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 228.009347][ T8826] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 228.038883][ T8826] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 228.908033][ T8685] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 229.078274][ T8685] veth0_vlan: entered promiscuous mode [ 229.120905][ T8685] veth1_vlan: entered promiscuous mode [ 229.234656][ T8685] veth0_macvtap: entered promiscuous mode [ 229.289767][ T8685] veth1_macvtap: entered promiscuous mode [ 229.369063][ T8685] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 229.401551][ T8685] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 229.472769][ T7527] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.536231][ T7527] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.580560][ T7527] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.625846][ T7527] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 229.636257][ T8866] zswap: compressor not available [ 229.905228][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 229.946543][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 229.980167][ T8881] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 230.010951][ T8884] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 230.024669][ T8070] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 230.058148][ T8070] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 233.307957][ T30] audit: type=1800 audit(1769879406.029:13): pid=8939 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.708" name="dbroot" dev="configfs" ino=25556 res=0 errno=0 [ 233.360272][ T8939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.708'. [ 233.398453][ T8939] netlink: 'syz.2.708': attribute type 1 has an invalid length. [ 233.406155][ T8939] netlink: 13 bytes leftover after parsing attributes in process `syz.2.708'. [ 233.706298][ T8953] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 233.850019][ T8957] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 234.653908][ T8980] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 235.560660][ T8983] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 236.133812][ T8989] Â: entered promiscuous mode [ 236.169545][ T9000] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 236.247330][ T9003] ptrace attach of "./syz-executor exec"[9004] was attempted by "./syz-executor exec"[9003] [ 236.607773][ T9011] netlink: 4 bytes leftover after parsing attributes in process `syz.2.723'. [ 236.640578][ T9011] netlink: 'syz.2.723': attribute type 1 has an invalid length. [ 236.678242][ T9011] netlink: 13 bytes leftover after parsing attributes in process `syz.2.723'. [ 239.291711][ T9065] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 239.880368][ T9080] Invalid ELF header magic: != ELF [ 241.210092][ T9106] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 241.917789][ T9119] Â: entered promiscuous mode [ 243.087943][ T9129] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 243.435635][ T9156] Invalid ELF header magic: != ELF [ 244.582417][ T9175] netlink: 4 bytes leftover after parsing attributes in process `syz.2.756'. [ 244.592475][ T9175] netlink: 'syz.2.756': attribute type 1 has an invalid length. [ 244.606261][ T9175] netlink: 13 bytes leftover after parsing attributes in process `syz.2.756'. [ 245.545519][ T9201] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 246.630086][ T9239] Invalid ELF header magic: != ELF [ 247.293247][ T9256] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 247.421458][ T9257] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 247.473358][ T9257] ptp ptp0: new virtual clock ptp1 [ 247.499589][ T9257] ptp ptp0: new virtual clock ptp2 [ 247.595573][ T9257] ptp ptp0: new virtual clock ptp3 [ 247.604001][ T9257] ptp ptp0: guarantee physical clock free running [ 248.483542][ T9268] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 248.493432][ T9268] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 248.508555][ T9268] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 248.514928][ T9268] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 248.548386][ T9268] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 248.629373][ T9268] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 250.369146][ T5824] Bluetooth: hci1: command 0x0c1a tx timeout [ 250.528532][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 250.534570][ T5824] Bluetooth: hci3: command 0x0c1a tx timeout [ 250.541660][ T5827] Bluetooth: hci2: command 0x0c1a tx timeout [ 250.618612][ T9331] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 250.930288][ T9310] kexec: Could not allocate control_code_buffer [ 251.419016][ T9338] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 251.469552][ T9338] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 251.480825][ T9338] ptp ptp0: guarantee physical clock free running [ 252.611060][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 252.687570][ T9359] Invalid ELF header magic: != ELF [ 254.534261][ T9401] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 254.592874][ T9401] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 254.614587][ T9401] ptp ptp0: guarantee physical clock free running [ 254.692331][ T5824] Bluetooth: hci0: command 0x0c1a tx timeout [ 256.030749][ T9391] kexec: Could not allocate control_code_buffer [ 257.143740][ T9448] Format for unlinking a device is "netnsfd:ifidx" (int uint). [ 257.208563][ T9448] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 257.267100][ T9448] ptp ptp0: guarantee physical clock free running [ 258.019869][ T9458] netlink: 12 bytes leftover after parsing attributes in process `syz.1.817'. [ 261.024938][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.031381][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.400110][ T9496] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 264.871148][ T9589] misc userio: Invalid payload size [ 265.059918][ T9592] FAULT_INJECTION: forcing a failure. [ 265.059918][ T9592] name fail_futex, interval 1, probability 0, space 0, times 1 [ 265.098314][ T9592] CPU: 1 UID: 0 PID: 9592 Comm: syz.2.829 Tainted: G L syzkaller #0 PREEMPT(full) [ 265.098361][ T9592] Tainted: [L]=SOFTLOCKUP [ 265.098372][ T9592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 265.098411][ T9592] Call Trace: [ 265.098420][ T9592] [ 265.098430][ T9592] dump_stack_lvl+0x100/0x190 [ 265.098470][ T9592] should_fail_ex.cold+0x5/0xa [ 265.098513][ T9592] get_futex_key+0x1d2/0x1620 [ 265.098553][ T9592] ? __pfx_get_futex_key+0x10/0x10 [ 265.098599][ T9592] futex_wake+0xea/0x530 [ 265.098634][ T9592] ? rcu_is_watching+0x12/0xc0 [ 265.098661][ T9592] ? lockdep_hardirqs_on+0x78/0x100 [ 265.098694][ T9592] ? __pfx_futex_wake+0x10/0x10 [ 265.098737][ T9592] ? fd_install+0x223/0x580 [ 265.098764][ T9592] ? putname+0xf5/0x1a0 [ 265.098805][ T9592] do_futex+0x32b/0x350 [ 265.098839][ T9592] ? __pfx_do_futex+0x10/0x10 [ 265.098874][ T9592] ? __pfx_do_sys_openat2+0x10/0x10 [ 265.098926][ T9592] ? __fget_files+0x21f/0x3d0 [ 265.098960][ T9592] __x64_sys_futex+0x34f/0x4d0 [ 265.099001][ T9592] ? __x64_sys_openat+0x12d/0x210 [ 265.099046][ T9592] ? __pfx___x64_sys_futex+0x10/0x10 [ 265.099084][ T9592] ? xfd_validate_state+0x129/0x190 [ 265.099142][ T9592] do_syscall_64+0xc9/0xf80 [ 265.099189][ T9592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.099220][ T9592] RIP: 0033:0x7f40d1f9aeb9 [ 265.099244][ T9592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 265.099271][ T9592] RSP: 002b:00007f40d2df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 265.099299][ T9592] RAX: ffffffffffffffda RBX: 00007f40d2215fa8 RCX: 00007f40d1f9aeb9 [ 265.099318][ T9592] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f40d2215fac [ 265.099335][ T9592] RBP: 00007f40d2215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 265.099353][ T9592] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 265.099369][ T9592] R13: 00007f40d2216038 R14: 00007fffd3cc11f0 R15: 00007fffd3cc12d8 [ 265.099406][ T9592] [ 266.630740][ T9621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 266.649505][ T9621] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 266.688501][ T9621] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 266.697431][ T9621] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 266.714066][ T9621] page dumped because: unmovable page [ 266.767901][ T9621] page_owner tracks the page as allocated [ 266.808270][ T9621] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 5819, tgid 5819 (syz-executor), ts 86406279906, free_ts 74724862292 [ 266.871556][ T9621] post_alloc_hook+0x1e1/0x250 [ 266.879770][ T9621] get_page_from_freelist+0xe3d/0x2e10 [ 266.897687][ T9621] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 266.964593][ T9621] alloc_pages_bulk_noprof+0x777/0x1500 [ 266.998250][ T9621] __kasan_populate_vmalloc+0xf0/0x210 [ 267.009663][ T9621] alloc_vmap_area+0x935/0x2a00 [ 267.023277][ T9621] __get_vm_area_node+0x1ca/0x330 [ 267.060905][ T9621] __vmalloc_node_range_noprof+0x213/0x1530 [ 267.105196][ T9621] vmalloc_user_noprof+0x9e/0xe0 [ 267.128546][ T9621] kcov_ioctl+0x4c/0x720 [ 267.133413][ T9633] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 267.145792][ T9621] __x64_sys_ioctl+0x18e/0x210 [ 267.155978][ T9621] do_syscall_64+0xc9/0xf80 [ 267.174146][ T9621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.188220][ T9621] page last free pid 5713 tgid 5713 stack trace: [ 267.207678][ T9621] __free_frozen_pages+0x822/0x1130 [ 267.222030][ T9621] __folio_put+0x3b4/0x540 [ 267.235652][ T9621] anon_pipe_buf_release+0x40c/0x530 [ 267.318465][ T9621] anon_pipe_read+0x5cd/0x1200 [ 267.477430][ T9621] vfs_read+0x957/0xb30 [ 267.650645][ T9621] ksys_read+0x1f8/0x250 [ 267.690398][ T9621] do_syscall_64+0xc9/0xf80 [ 267.764538][ T9621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.925990][ T9625] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 267.935066][ T9625] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 267.942544][ T9625] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 267.951454][ T9625] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 267.999960][ T9625] page dumped because: unmovable page [ 268.005386][ T9625] page_owner tracks the page as allocated [ 268.105923][ T9625] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xcc0(GFP_KERNEL), pid 5819, tgid 5819 (syz-executor), ts 86406279906, free_ts 74724862292 [ 268.129954][ T9625] post_alloc_hook+0x1e1/0x250 [ 268.157262][ T9625] get_page_from_freelist+0xe3d/0x2e10 [ 268.188193][ T9625] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 268.194225][ T9625] alloc_pages_bulk_noprof+0x777/0x1500 [ 268.199998][ T9625] __kasan_populate_vmalloc+0xf0/0x210 [ 268.211086][ T9625] alloc_vmap_area+0x935/0x2a00 [ 268.216627][ T9625] __get_vm_area_node+0x1ca/0x330 [ 268.229649][ T9625] __vmalloc_node_range_noprof+0x213/0x1530 [ 268.312218][ T9625] vmalloc_user_noprof+0x9e/0xe0 [ 268.317201][ T9625] kcov_ioctl+0x4c/0x720 [ 268.358224][ T9625] __x64_sys_ioctl+0x18e/0x210 [ 268.363103][ T9625] do_syscall_64+0xc9/0xf80 [ 268.431483][ T9625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.508410][ T9625] page last free pid 5713 tgid 5713 stack trace: [ 268.514764][ T9625] __free_frozen_pages+0x822/0x1130 [ 268.583509][ T9625] __folio_put+0x3b4/0x540 [ 268.588011][ T9625] anon_pipe_buf_release+0x40c/0x530 [ 268.697533][ T9625] anon_pipe_read+0x5cd/0x1200 [ 268.706979][ T9625] vfs_read+0x957/0xb30 [ 268.719352][ T9625] ksys_read+0x1f8/0x250 [ 268.728371][ T9625] do_syscall_64+0xc9/0xf80 [ 268.739279][ T9625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.109177][ T9655] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 271.131601][ T9704] random: crng reseeded on system resumption [ 272.391992][ T9720] netlink: 342 bytes leftover after parsing attributes in process `syz.2.856'. [ 272.401710][ T9716] device-mapper: ioctl: only supply one of name or uuid, cmd(5) [ 273.339653][ T9734] netlink: 4 bytes leftover after parsing attributes in process `syz.2.858'. [ 273.398548][ T9734] netlink: 25 bytes leftover after parsing attributes in process `syz.2.858'. [ 273.582364][ T9738] FAULT_INJECTION: forcing a failure. [ 273.582364][ T9738] name failslab, interval 1, probability 0, space 0, times 0 [ 273.628350][ T9738] CPU: 0 UID: 0 PID: 9738 Comm: syz.1.860 Tainted: G L syzkaller #0 PREEMPT(full) [ 273.628392][ T9738] Tainted: [L]=SOFTLOCKUP [ 273.628402][ T9738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 273.628418][ T9738] Call Trace: [ 273.628425][ T9738] [ 273.628434][ T9738] dump_stack_lvl+0x100/0x190 [ 273.628472][ T9738] should_fail_ex.cold+0x5/0xa [ 273.628517][ T9738] should_failslab+0xc2/0x120 [ 273.628566][ T9738] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 273.628602][ T9738] ? proc_alloc_inode+0x25/0x200 [ 273.628646][ T9738] ? __pfx_proc_alloc_inode+0x10/0x10 [ 273.628691][ T9738] ? proc_alloc_inode+0x25/0x200 [ 273.628728][ T9738] proc_alloc_inode+0x25/0x200 [ 273.628766][ T9738] alloc_inode+0x68/0x250 [ 273.628806][ T9738] new_inode+0x22/0x1c0 [ 273.628845][ T9738] proc_get_inode+0x1d/0x780 [ 273.628885][ T9738] proc_lookup_de+0x236/0x360 [ 273.628935][ T9738] proc_lookup+0xcf/0x110 [ 273.628961][ T9738] __lookup_slow+0x251/0x460 [ 273.629020][ T9738] ? __pfx___lookup_slow+0x10/0x10 [ 273.629085][ T9738] ? __d_lookup+0x266/0x4a0 [ 273.629118][ T9738] lookup_slow+0x50/0x70 [ 273.629170][ T9738] link_path_walk+0x1377/0x1cc0 [ 273.629234][ T9738] path_openat+0x1be/0x3120 [ 273.629270][ T9738] ? getname_flags+0x93/0xf0 [ 273.629295][ T9738] ? do_sys_openat2+0xc5/0x220 [ 273.629347][ T9738] ? __x64_sys_openat+0x12d/0x210 [ 273.629390][ T9738] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.629433][ T9738] ? __pfx_path_openat+0x10/0x10 [ 273.629482][ T9738] do_filp_open+0x1f7/0x420 [ 273.629519][ T9738] ? __pfx_do_filp_open+0x10/0x10 [ 273.629572][ T9738] ? __pfx_kfree_link+0x10/0x10 [ 273.629623][ T9738] ? _raw_spin_unlock+0x28/0x50 [ 273.629651][ T9738] ? alloc_fd+0x476/0x790 [ 273.629694][ T9738] do_sys_openat2+0x12e/0x220 [ 273.629737][ T9738] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.629783][ T9738] ? __fget_files+0x21f/0x3d0 [ 273.629822][ T9738] __x64_sys_openat+0x12d/0x210 [ 273.629866][ T9738] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.629908][ T9738] ? xfd_validate_state+0x129/0x190 [ 273.629965][ T9738] do_syscall_64+0xc9/0xf80 [ 273.630010][ T9738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.630041][ T9738] RIP: 0033:0x7fc08879aeb9 [ 273.630066][ T9738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.630090][ T9738] RSP: 002b:00007fc08965b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.630116][ T9738] RAX: ffffffffffffffda RBX: 00007fc088a15fa0 RCX: 00007fc08879aeb9 [ 273.630135][ T9738] RDX: 000000000000e881 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 273.630153][ T9738] RBP: 00007fc088808c1f R08: 0000000000000000 R09: 0000000000000000 [ 273.630169][ T9738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.630185][ T9738] R13: 00007fc088a16038 R14: 00007fc088a15fa0 R15: 00007ffd94b6edc8 [ 273.630224][ T9738] [ 275.981622][ T9783] netlink: 4 bytes leftover after parsing attributes in process `syz.2.868'. [ 276.013810][ T9783] netlink: 25 bytes leftover after parsing attributes in process `syz.2.868'. [ 276.254789][ T9794] netlink: 8 bytes leftover after parsing attributes in process `syz.0.871'. [ 282.259821][ T9948] FAULT_INJECTION: forcing a failure. [ 282.259821][ T9948] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 282.318284][ T9948] CPU: 0 UID: 0 PID: 9948 Comm: syz.1.898 Tainted: G L syzkaller #0 PREEMPT(full) [ 282.318327][ T9948] Tainted: [L]=SOFTLOCKUP [ 282.318337][ T9948] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 282.318351][ T9948] Call Trace: [ 282.318356][ T9948] [ 282.318363][ T9948] dump_stack_lvl+0x100/0x190 [ 282.318386][ T9948] should_fail_ex.cold+0x5/0xa [ 282.318411][ T9948] _copy_to_user+0x32/0xd0 [ 282.318440][ T9948] simple_read_from_buffer+0xcb/0x170 [ 282.318465][ T9948] proc_fail_nth_read+0x1af/0x230 [ 282.318494][ T9948] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 282.318512][ T9948] ? rw_verify_area+0xce/0x6d0 [ 282.318527][ T9948] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 282.318547][ T9948] vfs_read+0x1e4/0xb30 [ 282.318566][ T9948] ? __pfx_vfs_read+0x10/0x10 [ 282.318581][ T9948] ? find_held_lock+0x2b/0x80 [ 282.318596][ T9948] ? __fget_files+0x215/0x3d0 [ 282.318615][ T9948] ? __fget_files+0x21f/0x3d0 [ 282.318636][ T9948] ksys_read+0x12a/0x250 [ 282.318652][ T9948] ? __pfx_ksys_read+0x10/0x10 [ 282.318673][ T9948] do_syscall_64+0xc9/0xf80 [ 282.318701][ T9948] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.318716][ T9948] RIP: 0033:0x7fc08875b78e [ 282.318730][ T9948] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 282.318746][ T9948] RSP: 002b:00007fc08965afe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 282.318761][ T9948] RAX: ffffffffffffffda RBX: 00007fc08965b6c0 RCX: 00007fc08875b78e [ 282.318771][ T9948] RDX: 000000000000000f RSI: 00007fc08965b0a0 RDI: 0000000000000004 [ 282.318779][ T9948] RBP: 00007fc08965b090 R08: 0000000000000000 R09: 0000000000000000 [ 282.318788][ T9948] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 282.318796][ T9948] R13: 00007fc088a16038 R14: 00007fc088a15fa0 R15: 00007ffd94b6edc8 [ 282.318816][ T9948] [ 284.107845][ T9992] sp0: Synchronizing with TNC [ 285.732641][T10012] netlink: 12 bytes leftover after parsing attributes in process `syz.0.914'. [ 286.153063][T10019] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'. [ 286.174218][T10019] netlink: 13 bytes leftover after parsing attributes in process `syz.2.915'. [ 286.198650][T10019] : Can't lookup blockdev [ 286.288324][ T9520] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 286.377040][T10025] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 286.418997][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.1.919'. [ 286.430960][T10025] netlink: 25 bytes leftover after parsing attributes in process `syz.1.919'. [ 286.840760][T10031] sp0: Synchronizing with TNC [ 287.011548][T10036] netlink: 12 bytes leftover after parsing attributes in process `syz.1.929'. [ 287.533840][T10044] Invalid ELF header magic: != ELF [ 287.616390][T10048] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(6) [ 289.040337][T10064] netlink: 4 bytes leftover after parsing attributes in process `syz.3.927'. [ 289.069855][T10064] netlink: 13 bytes leftover after parsing attributes in process `syz.3.927'. [ 289.139817][T10064] : Can't lookup blockdev [ 289.363288][T10070] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 289.413875][T10070] netlink: 4 bytes leftover after parsing attributes in process `syz.3.930'. [ 289.441809][T10070] netlink: 25 bytes leftover after parsing attributes in process `syz.3.930'. [ 289.994872][ T9570] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 290.354312][T10079] sp0: Synchronizing with TNC [ 291.286997][T10102] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 292.891475][T10133] zswap: compressor not available [ 293.654212][T10160] random: crng reseeded on system resumption [ 294.603462][T10166] __nla_validate_parse: 1 callbacks suppressed [ 294.603485][T10166] netlink: 28 bytes leftover after parsing attributes in process `syz.3.954'. [ 294.638307][ T30] audit: type=1806 audit(1769879467.359:14): xattr=E2DC7EC594BAC18C785803E3059E1E1C5079F8175E res=-22 [ 294.841797][T10168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.955'. [ 295.241071][T10178] NFSD: Failed to start, no listeners configured. [ 296.291548][T10181] Process accounting resumed [ 297.154521][ T30] audit: type=1806 audit(1769879469.859:15): xattr=E2DC7EC594BAC18C785803E3059E1E1C5079F8175E res=-22 [ 298.641711][T10227] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 298.790669][T10229] FAULT_INJECTION: forcing a failure. [ 298.790669][T10229] name failslab, interval 1, probability 0, space 0, times 0 [ 298.853039][T10229] CPU: 1 UID: 0 PID: 10229 Comm: syz.3.968 Tainted: G L syzkaller #0 PREEMPT(full) [ 298.853082][T10229] Tainted: [L]=SOFTLOCKUP [ 298.853091][T10229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 298.853107][T10229] Call Trace: [ 298.853115][T10229] [ 298.853125][T10229] dump_stack_lvl+0x100/0x190 [ 298.853163][T10229] should_fail_ex.cold+0x5/0xa [ 298.853207][T10229] should_failslab+0xc2/0x120 [ 298.853244][T10229] ? tomoyo_realpath_from_path+0xb6/0x690 [ 298.853272][T10229] __kmalloc_noprof+0xf6/0x9c0 [ 298.853298][T10229] ? kfree+0x2a9/0x690 [ 298.853333][T10229] ? tomoyo_realpath_from_path+0xb6/0x690 [ 298.853360][T10229] tomoyo_realpath_from_path+0xb6/0x690 [ 298.853397][T10229] tomoyo_check_open_permission+0x2af/0x3c0 [ 298.853439][T10229] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 298.853515][T10229] ? do_raw_spin_lock+0x128/0x260 [ 298.853559][T10229] ? path_get+0x61/0x80 [ 298.853597][T10229] tomoyo_file_open+0x6b/0x90 [ 298.853630][T10229] security_file_open+0xb5/0x1e0 [ 298.853656][T10229] do_dentry_open+0x58c/0x1570 [ 298.853691][T10229] ? security_inode_permission+0xbf/0x250 [ 298.853737][T10229] vfs_open+0x82/0x3f0 [ 298.853785][T10229] path_openat+0x21dc/0x3120 [ 298.853830][T10229] ? __pfx_path_openat+0x10/0x10 [ 298.853876][T10229] do_filp_open+0x1f7/0x420 [ 298.853911][T10229] ? __pfx_do_filp_open+0x10/0x10 [ 298.853969][T10229] ? _raw_spin_unlock+0x28/0x50 [ 298.853996][T10229] ? alloc_fd+0x476/0x790 [ 298.854036][T10229] do_sys_openat2+0x12e/0x220 [ 298.854077][T10229] ? __pfx_do_sys_openat2+0x10/0x10 [ 298.854119][T10229] ? rcu_is_watching+0x12/0xc0 [ 298.854155][T10229] __x64_sys_openat+0x12d/0x210 [ 298.854196][T10229] ? __pfx___x64_sys_openat+0x10/0x10 [ 298.854235][T10229] ? xfd_validate_state+0x129/0x190 [ 298.854290][T10229] do_syscall_64+0xc9/0xf80 [ 298.854326][T10229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.854354][T10229] RIP: 0033:0x7f701b99aeb9 [ 298.854375][T10229] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 298.854399][T10229] RSP: 002b:00007f701c898028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.854425][T10229] RAX: ffffffffffffffda RBX: 00007f701bc16360 RCX: 00007f701b99aeb9 [ 298.854444][T10229] RDX: 0000000000040001 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 298.854461][T10229] RBP: 00007f701ba08c1f R08: 0000000000000000 R09: 0000000000000000 [ 298.854478][T10229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.854494][T10229] R13: 00007f701bc163f8 R14: 00007f701bc16360 R15: 00007ffd61601c38 [ 298.854532][T10229] [ 298.854542][T10229] ERROR: Out of memory at tomoyo_realpath_from_path. [ 299.728513][T10245] sp0: Synchronizing with TNC [ 300.330109][T10255] futex_wake_op: syz.0.974 tries to shift op by -2048; fix this program [ 302.007829][T10293] FAULT_INJECTION: forcing a failure. [ 302.007829][T10293] name failslab, interval 1, probability 0, space 0, times 0 [ 302.088407][T10293] CPU: 1 UID: 0 PID: 10293 Comm: syz.2.982 Tainted: G L syzkaller #0 PREEMPT(full) [ 302.088433][T10293] Tainted: [L]=SOFTLOCKUP [ 302.088439][T10293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 302.088448][T10293] Call Trace: [ 302.088453][T10293] [ 302.088459][T10293] dump_stack_lvl+0x100/0x190 [ 302.088483][T10293] should_fail_ex.cold+0x5/0xa [ 302.088509][T10293] should_failslab+0xc2/0x120 [ 302.088530][T10293] __kmalloc_cache_noprof+0x80/0x810 [ 302.088546][T10293] ? alloc_ldt_struct+0x5d/0x1b0 [ 302.088561][T10293] ? down_write_killable+0x152/0x250 [ 302.088582][T10293] ? __pfx_down_write_killable+0x10/0x10 [ 302.088604][T10293] ? alloc_ldt_struct+0x5d/0x1b0 [ 302.088619][T10293] alloc_ldt_struct+0x5d/0x1b0 [ 302.088635][T10293] write_ldt+0x62b/0xd40 [ 302.088655][T10293] ? __pfx_write_ldt+0x10/0x10 [ 302.088673][T10293] ? xfd_validate_state+0x129/0x190 [ 302.088701][T10293] __x64_sys_modify_ldt+0xb1/0x170 [ 302.088718][T10293] do_syscall_64+0xc9/0xf80 [ 302.088737][T10293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.088752][T10293] RIP: 0033:0x7f40d1f9aeb9 [ 302.088774][T10293] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.088789][T10293] RSP: 002b:00007f40d2dd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 302.088804][T10293] RAX: ffffffffffffffda RBX: 00007f40d2216090 RCX: 00007f40d1f9aeb9 [ 302.088814][T10293] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 302.088823][T10293] RBP: 00007f40d2008c1f R08: 0000000000000000 R09: 0000000000000000 [ 302.088832][T10293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 302.088841][T10293] R13: 00007f40d2216128 R14: 00007f40d2216090 R15: 00007fffd3cc12d8 [ 302.088861][T10293] [ 302.739543][T10297] sp0: Synchronizing with TNC [ 304.696974][T10332] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬ [ 305.594961][T10345] FAULT_INJECTION: forcing a failure. [ 305.594961][T10345] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 305.617948][T10345] CPU: 1 UID: 0 PID: 10345 Comm: syz.2.993 Tainted: G L syzkaller #0 PREEMPT(full) [ 305.617988][T10345] Tainted: [L]=SOFTLOCKUP [ 305.617996][T10345] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 305.618009][T10345] Call Trace: [ 305.618017][T10345] [ 305.618026][T10345] dump_stack_lvl+0x100/0x190 [ 305.618060][T10345] should_fail_ex.cold+0x5/0xa [ 305.618100][T10345] ? prepare_alloc_pages+0x16d/0x5f0 [ 305.618139][T10345] should_fail_alloc_page+0xeb/0x140 [ 305.618174][T10345] prepare_alloc_pages+0x1f0/0x5f0 [ 305.618211][T10345] ? rcu_is_watching+0x12/0xc0 [ 305.618239][T10345] __alloc_frozen_pages_noprof+0x193/0x2410 [ 305.618274][T10345] ? __lock_acquire+0x4a5/0x2630 [ 305.618323][T10345] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 305.618356][T10345] ? do_raw_spin_lock+0x128/0x260 [ 305.618404][T10345] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 305.618444][T10345] ? find_held_lock+0x2b/0x80 [ 305.618482][T10345] ? __lock_acquire+0x4a5/0x2630 [ 305.618517][T10345] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 305.618548][T10345] ? policy_nodemask+0xed/0x4f0 [ 305.618590][T10345] alloc_pages_mpol+0x1fb/0x550 [ 305.618629][T10345] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 305.618665][T10345] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 305.618701][T10345] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 305.618744][T10345] folio_alloc_mpol_noprof+0x36/0x340 [ 305.618789][T10345] shmem_alloc_folio+0x135/0x160 [ 305.618819][T10345] shmem_alloc_and_add_folio+0x371/0xd40 [ 305.618862][T10345] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 305.618898][T10345] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 305.618949][T10345] shmem_get_folio_gfp+0x6ab/0x1900 [ 305.618987][T10345] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 305.619018][T10345] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 305.619052][T10345] ? lockdep_hardirqs_on+0x78/0x100 [ 305.619086][T10345] shmem_fault+0x1f9/0xa20 [ 305.619116][T10345] ? __lock_acquire+0x4a5/0x2630 [ 305.619145][T10345] ? __pfx_shmem_fault+0x10/0x10 [ 305.619169][T10345] ? __pfx_current_time+0x10/0x10 [ 305.619203][T10345] ? __up_read+0x2c5/0x700 [ 305.619251][T10345] ? __pfx_filemap_map_pages+0x10/0x10 [ 305.619282][T10345] __do_fault+0x10d/0x550 [ 305.619319][T10345] ? __pfx_filemap_map_pages+0x10/0x10 [ 305.619349][T10345] do_fault+0x2db/0x1990 [ 305.619397][T10345] __handle_mm_fault+0x1807/0x2b50 [ 305.619434][T10345] ? __pfx___handle_mm_fault+0x10/0x10 [ 305.619463][T10345] ? __pte_offset_map_lock+0x174/0x320 [ 305.619498][T10345] ? find_held_lock+0x2b/0x80 [ 305.619532][T10345] ? follow_page_pte+0x5b4/0x1410 [ 305.619576][T10345] handle_mm_fault+0x36d/0xa20 [ 305.619608][T10345] __get_user_pages+0xf9c/0x34d0 [ 305.619653][T10345] ? down_read_killable+0x30e/0x4c0 [ 305.619689][T10345] ? __pfx___get_user_pages+0x10/0x10 [ 305.619735][T10345] faultin_page_range+0x1f1/0x9e0 [ 305.619780][T10345] madvise_do_behavior+0x354/0x510 [ 305.619822][T10345] ? __pfx_madvise_do_behavior+0x10/0x10 [ 305.619860][T10345] ? down_read+0x13b/0x460 [ 305.619907][T10345] do_madvise+0x195/0x240 [ 305.619943][T10345] ? __pfx_do_madvise+0x10/0x10 [ 305.619978][T10345] ? do_futex+0x192/0x350 [ 305.620018][T10345] ? __fput+0x68a/0xb40 [ 305.620062][T10345] ? xfd_validate_state+0x129/0x190 [ 305.620108][T10345] __x64_sys_madvise+0xa9/0x110 [ 305.620145][T10345] ? lockdep_hardirqs_on+0x78/0x100 [ 305.620173][T10345] do_syscall_64+0xc9/0xf80 [ 305.620205][T10345] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.620231][T10345] RIP: 0033:0x7f40d1f9aeb9 [ 305.620251][T10345] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.620275][T10345] RSP: 002b:00007f40d2df6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 305.620299][T10345] RAX: ffffffffffffffda RBX: 00007f40d2215fa0 RCX: 00007f40d1f9aeb9 [ 305.620316][T10345] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 305.620332][T10345] RBP: 00007f40d2008c1f R08: 0000000000000000 R09: 0000000000000000 [ 305.620347][T10345] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.620362][T10345] R13: 00007f40d2216038 R14: 00007f40d2215fa0 R15: 00007fffd3cc12d8 [ 305.620401][T10345] [ 306.178467][T10349] binder: 10348:10349 ioctl c018620c 0 returned -1 [ 306.208887][T10363] FAULT_INJECTION: forcing a failure. [ 306.208887][T10363] name failslab, interval 1, probability 0, space 0, times 0 [ 306.231792][T10363] CPU: 0 UID: 0 PID: 10363 Comm: syz.1.997 Tainted: G L syzkaller #0 PREEMPT(full) [ 306.231817][T10363] Tainted: [L]=SOFTLOCKUP [ 306.231823][T10363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 306.231831][T10363] Call Trace: [ 306.231836][T10363] [ 306.231842][T10363] dump_stack_lvl+0x100/0x190 [ 306.231865][T10363] should_fail_ex.cold+0x5/0xa [ 306.231890][T10363] should_failslab+0xc2/0x120 [ 306.231912][T10363] kmem_cache_alloc_noprof+0x83/0x780 [ 306.231931][T10363] ? getname_flags.part.0+0x4c/0x540 [ 306.231957][T10363] ? getname_flags.part.0+0x4c/0x540 [ 306.231978][T10363] getname_flags.part.0+0x4c/0x540 [ 306.232001][T10363] getname_flags+0x93/0xf0 [ 306.232026][T10363] do_sys_openat2+0xc5/0x220 [ 306.232049][T10363] ? __pfx_do_sys_openat2+0x10/0x10 [ 306.232069][T10363] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 306.232091][T10363] ? __fget_files+0x21f/0x3d0 [ 306.232110][T10363] __x64_sys_openat+0x12d/0x210 [ 306.232133][T10363] ? __pfx___x64_sys_openat+0x10/0x10 [ 306.232154][T10363] ? ksys_write+0x1ac/0x250 [ 306.232176][T10363] do_syscall_64+0xc9/0xf80 [ 306.232195][T10363] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.232210][T10363] RIP: 0033:0x7fc08879aeb9 [ 306.232222][T10363] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.232236][T10363] RSP: 002b:00007fc08965b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 306.232251][T10363] RAX: ffffffffffffffda RBX: 00007fc088a15fa0 RCX: 00007fc08879aeb9 [ 306.232260][T10363] RDX: 0000000000080502 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 306.232270][T10363] RBP: 00007fc08965b090 R08: 0000000000000000 R09: 0000000000000000 [ 306.232285][T10363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 306.232293][T10363] R13: 00007fc088a16038 R14: 00007fc088a15fa0 R15: 00007ffd94b6edc8 [ 306.232312][T10363] [ 306.836298][T10367] netlink: 28 bytes leftover after parsing attributes in process `syz.1.998'. [ 308.650996][T10389] block2mtd: error: cannot open device çinX‘©¼Ëò¨±ÂÚjFBçB>U»;߸³Ilk¬ [ 309.256084][T10401] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 309.263678][T10401] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 309.401487][T10405] blktrace: Concurrent blktraces are not allowed on loop2 [ 309.761195][T10415] Invalid ELF header magic: != ELF [ 310.378410][T10415] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(6) [ 311.038830][T10426] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 311.052780][T10426] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1011'. [ 311.066860][T10426] veth1_macvtap: left promiscuous mode [ 311.078011][T10426] macsec0: entered allmulticast mode [ 312.225375][ T9572] [drm:drm_crtc_add_crc_entry] *ERROR* Overflow of CRC buffer, userspace reads too slow. [ 316.801639][ T30] audit: type=1800 audit(1769879489.529:16): pid=10526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1031" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 320.953388][ T30] audit: type=1800 audit(1769879493.679:17): pid=10596 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1046" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 322.454172][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.463059][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.848559][T10630] FAULT_INJECTION: forcing a failure. [ 323.848559][T10630] name failslab, interval 1, probability 0, space 0, times 0 [ 323.902038][T10630] CPU: 1 UID: 0 PID: 10630 Comm: syz.3.1054 Tainted: G L syzkaller #0 PREEMPT(full) [ 323.902083][T10630] Tainted: [L]=SOFTLOCKUP [ 323.902093][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 323.902108][T10630] Call Trace: [ 323.902116][T10630] [ 323.902126][T10630] dump_stack_lvl+0x100/0x190 [ 323.902165][T10630] should_fail_ex.cold+0x5/0xa [ 323.902212][T10630] should_failslab+0xc2/0x120 [ 323.902251][T10630] kmem_cache_alloc_noprof+0x83/0x780 [ 323.902289][T10630] ? kcm_create+0x11e/0x6a0 [ 323.902328][T10630] ? kcm_create+0x11e/0x6a0 [ 323.902358][T10630] kcm_create+0x11e/0x6a0 [ 323.902394][T10630] __sock_create+0x339/0x860 [ 323.902434][T10630] __sys_socket+0x14d/0x260 [ 323.902465][T10630] ? fput+0x79/0x100 [ 323.902502][T10630] ? __pfx___sys_socket+0x10/0x10 [ 323.902542][T10630] ? xfd_validate_state+0x129/0x190 [ 323.902595][T10630] __x64_sys_socket+0x72/0xb0 [ 323.902625][T10630] ? lockdep_hardirqs_on+0x78/0x100 [ 323.902658][T10630] do_syscall_64+0xc9/0xf80 [ 323.902694][T10630] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.902722][T10630] RIP: 0033:0x7f701b99aeb9 [ 323.902745][T10630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.902772][T10630] RSP: 002b:00007f701c91c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 323.902799][T10630] RAX: ffffffffffffffda RBX: 00007f701bc15fa0 RCX: 00007f701b99aeb9 [ 323.902817][T10630] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000029 [ 323.902833][T10630] RBP: 00007f701ba08c1f R08: 0000000000000000 R09: 0000000000000000 [ 323.902849][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.902866][T10630] R13: 00007f701bc16038 R14: 00007f701bc15fa0 R15: 00007ffd61601c38 [ 323.902901][T10630] [ 326.151216][ T30] audit: type=1800 audit(1769879498.869:18): pid=10662 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1061" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 326.825333][T10664] Process accounting paused [ 332.731050][T10775] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 336.381763][T10816] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1094'. [ 336.456036][T10818] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1094'. [ 336.911638][T10824] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1106'. [ 336.947477][T10824] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1106'. [ 338.244466][T10850] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 344.662817][T10945] input: ¶š9ã%v”ûJ,6Ö‘ as /devices/virtual/input/input15 [ 347.060223][T10989] input: ¶š9ã%v”ûJ,6Ö‘ as /devices/virtual/input/input16 [ 350.108270][T11046] input: ¶š9ã%v”ûJ,6Ö‘ as /devices/virtual/input/input17 [ 350.162088][T11051] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1154'. [ 350.190759][T11051] netlink: 252 bytes leftover after parsing attributes in process `syz.2.1154'. [ 351.339963][T11073] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1162'. [ 352.286148][T11099] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1168'. [ 352.297717][T11099] netlink: 252 bytes leftover after parsing attributes in process `syz.1.1168'. [ 354.203249][T11131] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1176'. [ 354.273588][T11135] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1179'. [ 354.690479][T11146] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 354.718911][T11146] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 354.752389][T11146] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 354.778340][T11146] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 354.818238][T11146] page dumped because: unmovable page [ 354.823692][T11146] page_owner info is not present (never set?) [ 357.111156][T11171] Process accounting resumed [ 358.751899][T11203] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1193'. [ 359.689468][T11221] Invalid ELF header magic: != ELF [ 363.257355][T11273] Invalid ELF header magic: != ELF [ 363.717976][T11282] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1216'. [ 363.751835][T11282] netlink: 'syz.0.1216': attribute type 1 has an invalid length. [ 363.771948][T11282] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1216'. [ 365.867443][T11321] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1228'. [ 365.917281][T11321] netlink: 'syz.3.1228': attribute type 1 has an invalid length. [ 365.945916][T11321] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1228'. [ 368.797735][ T9559] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 368.967685][ T9559] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.122839][ T9559] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.297176][ T9559] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 369.479957][ T9998] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 369.490144][ T9998] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 369.501223][ T9998] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 369.514077][ T9998] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 369.522896][ T9998] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 370.422428][ T9559] netdevsim netdevsim1335 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 370.621658][T11393] chnl_net:caif_netlink_parms(): no params data found [ 371.014774][T11425] netlink: 146 bytes leftover after parsing attributes in process `syz.1.1255'. [ 371.224790][ T9559] bridge_slave_1: left allmulticast mode [ 371.250672][ T9559] bridge_slave_1: left promiscuous mode [ 371.261495][ T9559] bridge0: port 2(bridge_slave_1) entered disabled state [ 371.292008][ T9559] bridge_slave_0: left allmulticast mode [ 371.297768][ T9559] bridge_slave_0: left promiscuous mode [ 371.303867][ T9559] bridge0: port 1(bridge_slave_0) entered disabled state [ 371.575997][ T9998] Bluetooth: hci2: command tx timeout [ 372.127112][ T9559] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 372.145853][ T9559] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 372.156149][ T9559] bond0 (unregistering): Released all slaves [ 372.264884][T11393] bridge0: port 1(bridge_slave_0) entered blocking state [ 372.282165][T11393] bridge0: port 1(bridge_slave_0) entered disabled state [ 372.307972][T11393] bridge_slave_0: entered allmulticast mode [ 372.335769][T11393] bridge_slave_0: entered promiscuous mode [ 372.408966][T11393] bridge0: port 2(bridge_slave_1) entered blocking state [ 372.416476][T11393] bridge0: port 2(bridge_slave_1) entered disabled state [ 372.426627][T11393] bridge_slave_1: entered allmulticast mode [ 372.437768][T11393] bridge_slave_1: entered promiscuous mode [ 372.573219][T11393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 372.805018][T11393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 373.110757][T11393] team0: Port device team_slave_0 added [ 373.188752][T11393] team0: Port device team_slave_1 added [ 373.499898][ T9520] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 373.510064][ T9520] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 373.519091][ T9520] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 373.527875][ T9520] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 373.536665][ T9520] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 373.650912][ T9520] Bluetooth: hci2: command tx timeout [ 373.755057][T11393] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 373.768407][T11393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 373.829238][T11393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 373.901393][ T9559] hsr_slave_0: left promiscuous mode [ 373.911754][ T9559] hsr_slave_1: left promiscuous mode [ 373.958666][ T9559] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 374.008830][ T9559] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 374.016631][ T9559] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 374.025315][ T9559] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 374.044070][ T9559] veth1_macvtap: left promiscuous mode [ 374.050718][ T9559] veth0_macvtap: left promiscuous mode [ 374.061601][ T9559] veth1_vlan: left promiscuous mode [ 374.066883][ T9559] veth0_vlan: left promiscuous mode [ 374.985710][ T9559] team0 (unregistering): Port device team_slave_1 removed [ 375.046611][ T9559] team0 (unregistering): Port device team_slave_0 removed [ 375.616398][T11393] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 375.623798][T11393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 375.648289][ T9520] Bluetooth: hci1: command tx timeout [ 375.650449][T11393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 375.729277][ T9520] Bluetooth: hci2: command tx timeout [ 375.899494][T11393] hsr_slave_0: entered promiscuous mode [ 375.914654][T11393] hsr_slave_1: entered promiscuous mode [ 375.923629][T11393] debugfs: 'hsr0' already exists in 'hsr' [ 375.929835][T11393] Cannot create hsr debugfs directory [ 376.483214][ T9559] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.666549][ T9559] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.757687][T11470] chnl_net:caif_netlink_parms(): no params data found [ 376.801043][ T9559] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.900058][ T9559] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 376.972944][T11470] bridge0: port 1(bridge_slave_0) entered blocking state [ 376.980491][T11470] bridge0: port 1(bridge_slave_0) entered disabled state [ 376.987718][T11470] bridge_slave_0: entered allmulticast mode [ 376.995564][T11470] bridge_slave_0: entered promiscuous mode [ 377.032881][T11470] bridge0: port 2(bridge_slave_1) entered blocking state [ 377.040785][T11470] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.048040][T11470] bridge_slave_1: entered allmulticast mode [ 377.055619][T11470] bridge_slave_1: entered promiscuous mode [ 377.112298][T11470] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 377.128492][T11470] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 377.223106][T11470] team0: Port device team_slave_0 added [ 377.255738][T11470] team0: Port device team_slave_1 added [ 377.299303][ T9559] bridge_slave_1: left allmulticast mode [ 377.305092][ T9559] bridge_slave_1: left promiscuous mode [ 377.311966][ T9559] bridge0: port 2(bridge_slave_1) entered disabled state [ 377.327198][ T9559] bridge_slave_0: left allmulticast mode [ 377.334107][ T9559] bridge_slave_0: left promiscuous mode [ 377.342145][ T9559] bridge0: port 1(bridge_slave_0) entered disabled state [ 377.729024][ T9520] Bluetooth: hci1: command tx timeout [ 377.808383][ T9520] Bluetooth: hci2: command tx timeout [ 377.854013][ T9559] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 377.865415][ T9559] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 377.875617][ T9559] bond0 (unregistering): Released all slaves [ 378.002485][T11470] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 378.022564][T11470] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 378.049527][T11470] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 378.106477][T11470] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 378.115277][T11470] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 378.142735][T11470] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 378.187222][T11393] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 378.295153][T11393] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 378.313994][T11393] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 378.360161][T11393] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 378.397020][T11470] hsr_slave_0: entered promiscuous mode [ 378.404790][T11470] hsr_slave_1: entered promiscuous mode [ 378.411475][T11470] debugfs: 'hsr0' already exists in 'hsr' [ 378.417227][T11470] Cannot create hsr debugfs directory [ 378.819382][ T9559] hsr_slave_0: left promiscuous mode [ 378.826139][ T9559] hsr_slave_1: left promiscuous mode [ 378.833558][ T9559] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 378.841414][ T9559] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 378.850055][ T9559] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 378.859574][ T9559] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 378.876314][ T9559] veth1_macvtap: left promiscuous mode [ 378.882069][ T9559] veth0_macvtap: left promiscuous mode [ 379.215105][ T9559] team0 (unregistering): Port device team_slave_1 removed [ 379.256694][ T9559] team0 (unregistering): Port device team_slave_0 removed [ 379.735667][T11393] 8021q: adding VLAN 0 to HW filter on device bond0 [ 379.789378][T11393] 8021q: adding VLAN 0 to HW filter on device team0 [ 379.808620][ T9520] Bluetooth: hci1: command tx timeout [ 379.822128][ T9578] bridge0: port 1(bridge_slave_0) entered blocking state [ 379.829430][ T9578] bridge0: port 1(bridge_slave_0) entered forwarding state [ 379.842543][ T9578] bridge0: port 2(bridge_slave_1) entered blocking state [ 379.849761][ T9578] bridge0: port 2(bridge_slave_1) entered forwarding state [ 380.377991][T11470] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 380.404373][T11470] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 380.430203][T11470] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 380.442547][T11470] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 380.561264][T11393] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 380.633551][T11470] 8021q: adding VLAN 0 to HW filter on device bond0 [ 380.677788][T11393] veth0_vlan: entered promiscuous mode [ 380.704377][T11470] 8021q: adding VLAN 0 to HW filter on device team0 [ 380.723461][T11393] veth1_vlan: entered promiscuous mode [ 380.746373][ T9559] bridge0: port 1(bridge_slave_0) entered blocking state [ 380.753596][ T9559] bridge0: port 1(bridge_slave_0) entered forwarding state [ 380.821299][ T9559] bridge0: port 2(bridge_slave_1) entered blocking state [ 380.828613][ T9559] bridge0: port 2(bridge_slave_1) entered forwarding state [ 380.880494][T11393] veth0_macvtap: entered promiscuous mode [ 380.910074][T11393] veth1_macvtap: entered promiscuous mode [ 380.941443][T11393] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 380.967240][T11393] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 381.002342][ T9559] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.041519][ T9559] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.071921][ T9559] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.115111][ T9559] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 381.293052][ T9562] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.320015][ T9562] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.401729][ T9560] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 381.423484][ T9560] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 381.485258][T11470] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 381.642257][T11603] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1273'. [ 381.676636][T11603] netlink: 'syz.0.1273': attribute type 1 has an invalid length. [ 381.683384][T11470] veth0_vlan: entered promiscuous mode [ 381.694945][T11603] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1273'. [ 381.726081][T11470] veth1_vlan: entered promiscuous mode [ 381.830728][T11470] veth0_macvtap: entered promiscuous mode [ 381.868031][T11470] veth1_macvtap: entered promiscuous mode [ 381.888689][ T9520] Bluetooth: hci1: command tx timeout [ 381.924149][T11470] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 381.956573][T11470] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 382.002389][ T9556] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.032872][ T9556] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.056512][ T9556] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.067623][ T9556] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 382.421321][ T9556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 382.449271][ T9556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 382.502807][ T9559] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 382.512787][ T9559] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 383.897142][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.903610][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 386.520836][T11672] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1280'. [ 386.619576][T11672] team0: Port device team_slave_1 removed [ 387.523323][T11671] Process accounting paused [ 390.037592][T11735] can: request_module (can-proto-0) failed. [ 393.933735][T11801] can: request_module (can-proto-0) failed. [ 399.307301][T11891] can: request_module (can-proto-0) failed. [ 399.689123][T11913] FAULT_INJECTION: forcing a failure. [ 399.689123][T11913] name failslab, interval 1, probability 0, space 0, times 0 [ 399.716143][T11913] CPU: 1 UID: 0 PID: 11913 Comm: syz.2.1332 Tainted: G L syzkaller #0 PREEMPT(full) [ 399.716184][T11913] Tainted: [L]=SOFTLOCKUP [ 399.716193][T11913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 399.716213][T11913] Call Trace: [ 399.716222][T11913] [ 399.716232][T11913] dump_stack_lvl+0x100/0x190 [ 399.716272][T11913] should_fail_ex.cold+0x5/0xa [ 399.716316][T11913] should_failslab+0xc2/0x120 [ 399.716353][T11913] __kvmalloc_node_noprof+0x101/0xac0 [ 399.716385][T11913] ? __pfx___mutex_lock+0x10/0x10 [ 399.716420][T11913] ? traverse.part.0.constprop.0+0x397/0x650 [ 399.716458][T11913] ? traverse.part.0.constprop.0+0x397/0x650 [ 399.716486][T11913] traverse.part.0.constprop.0+0x397/0x650 [ 399.716527][T11913] seq_lseek+0x2fb/0x430 [ 399.716562][T11913] proc_reg_llseek+0x104/0x2f0 [ 399.716605][T11913] ksys_lseek+0xf3/0x1b0 [ 399.716634][T11913] do_syscall_64+0xc9/0xf80 [ 399.716669][T11913] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.716697][T11913] RIP: 0033:0x7f778179aeb9 [ 399.716720][T11913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 399.716745][T11913] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000008 [ 399.716824][T11913] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 399.716843][T11913] RDX: 0000000000000001 RSI: 00000000000007fd RDI: 0000000000000003 [ 399.716859][T11913] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 399.716875][T11913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 399.716890][T11913] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 399.716928][T11913] [ 404.841841][T12013] perf: Dynamic interrupt throttling disabled, can hang your system! [ 410.391129][T12105] FAULT_INJECTION: forcing a failure. [ 410.391129][T12105] name failslab, interval 1, probability 0, space 0, times 0 [ 410.440265][T12105] CPU: 1 UID: 0 PID: 12105 Comm: syz.2.1384 Tainted: G L syzkaller #0 PREEMPT(full) [ 410.440309][T12105] Tainted: [L]=SOFTLOCKUP [ 410.440318][T12105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 410.440332][T12105] Call Trace: [ 410.440340][T12105] [ 410.440349][T12105] dump_stack_lvl+0x100/0x190 [ 410.440385][T12105] should_fail_ex.cold+0x5/0xa [ 410.440423][T12105] should_failslab+0xc2/0x120 [ 410.440460][T12105] kmem_cache_alloc_noprof+0x83/0x780 [ 410.440496][T12105] ? security_file_alloc+0x34/0x2c0 [ 410.440543][T12105] ? security_file_alloc+0x34/0x2c0 [ 410.440583][T12105] security_file_alloc+0x34/0x2c0 [ 410.440625][T12105] init_file+0x93/0x4c0 [ 410.440662][T12105] alloc_empty_file+0x73/0x1c0 [ 410.440709][T12105] path_openat+0xe8/0x3120 [ 410.440739][T12105] ? getname_flags+0x93/0xf0 [ 410.440764][T12105] ? do_sys_openat2+0xc5/0x220 [ 410.440797][T12105] ? __x64_sys_openat+0x12d/0x210 [ 410.440834][T12105] ? do_syscall_64+0xc9/0xf80 [ 410.440861][T12105] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.440897][T12105] ? __pfx_path_openat+0x10/0x10 [ 410.440940][T12105] do_filp_open+0x1f7/0x420 [ 410.440975][T12105] ? __pfx_do_filp_open+0x10/0x10 [ 410.441030][T12105] ? _raw_spin_unlock+0x28/0x50 [ 410.441056][T12105] ? alloc_fd+0x476/0x790 [ 410.441097][T12105] do_sys_openat2+0x12e/0x220 [ 410.441138][T12105] ? __pfx_do_sys_openat2+0x10/0x10 [ 410.441176][T12105] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 410.441215][T12105] ? __fget_files+0x21f/0x3d0 [ 410.441251][T12105] __x64_sys_openat+0x12d/0x210 [ 410.441292][T12105] ? __pfx___x64_sys_openat+0x10/0x10 [ 410.441331][T12105] ? ksys_write+0x1ac/0x250 [ 410.441374][T12105] do_syscall_64+0xc9/0xf80 [ 410.441409][T12105] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 410.441436][T12105] RIP: 0033:0x7f778179aeb9 [ 410.441459][T12105] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 410.441485][T12105] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 410.441509][T12105] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 410.441528][T12105] RDX: 0000000000080502 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 410.441545][T12105] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 410.441562][T12105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 410.441578][T12105] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 410.441617][T12105] [ 410.963885][T12109] blktrace: Concurrent blktraces are not allowed on loop2 [ 416.306153][T12208] perf: Dynamic interrupt throttling disabled, can hang your system! [ 417.290779][T12225] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 417.984348][T12227] Process accounting resumed [ 418.452594][T12242] can: request_module (can-proto-0) failed. [ 421.404148][T12294] can: request_module (can-proto-0) failed. [ 421.755787][T12301] FAULT_INJECTION: forcing a failure. [ 421.755787][T12301] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 421.778295][T12301] CPU: 0 UID: 0 PID: 12301 Comm: syz.0.1429 Tainted: G L syzkaller #0 PREEMPT(full) [ 421.778343][T12301] Tainted: [L]=SOFTLOCKUP [ 421.778353][T12301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 421.778369][T12301] Call Trace: [ 421.778377][T12301] [ 421.778387][T12301] dump_stack_lvl+0x100/0x190 [ 421.778427][T12301] should_fail_ex.cold+0x5/0xa [ 421.778465][T12301] ? prepare_alloc_pages+0x16d/0x5f0 [ 421.778505][T12301] should_fail_alloc_page+0xeb/0x140 [ 421.778542][T12301] prepare_alloc_pages+0x1f0/0x5f0 [ 421.778588][T12301] __alloc_frozen_pages_noprof+0x193/0x2410 [ 421.778627][T12301] ? lock_acquire+0x17c/0x330 [ 421.778665][T12301] ? find_held_lock+0x2b/0x80 [ 421.778692][T12301] ? page_table_check_set+0x49a/0xa10 [ 421.778725][T12301] ? page_table_check_set+0x49a/0xa10 [ 421.778765][T12301] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 421.778814][T12301] ? __page_table_check_ptes_set+0x1b5/0x4e0 [ 421.778843][T12301] ? xas_move_index+0xae/0x110 [ 421.778873][T12301] ? xas_find+0x32c/0x8e0 [ 421.778910][T12301] ? find_held_lock+0x2b/0x80 [ 421.778936][T12301] ? find_held_lock+0x2b/0x80 [ 421.778962][T12301] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 421.778994][T12301] ? policy_nodemask+0xed/0x4f0 [ 421.779036][T12301] alloc_pages_mpol+0x1fb/0x550 [ 421.779077][T12301] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 421.779126][T12301] folio_alloc_mpol_noprof+0x36/0x340 [ 421.779171][T12301] vma_alloc_folio_noprof+0xed/0x1d0 [ 421.779214][T12301] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 421.779269][T12301] do_anonymous_page+0xb10/0x1f40 [ 421.779313][T12301] __handle_mm_fault+0x1d3a/0x2b50 [ 421.779351][T12301] ? reacquire_held_locks+0xce/0x1e0 [ 421.779387][T12301] ? __pfx___handle_mm_fault+0x10/0x10 [ 421.779424][T12301] ? lock_vma_under_rcu+0x17c/0x5a0 [ 421.779476][T12301] handle_mm_fault+0x36d/0xa20 [ 421.779517][T12301] do_user_addr_fault+0x5a3/0x12f0 [ 421.779555][T12301] exc_page_fault+0x6f/0xd0 [ 421.779583][T12301] asm_exc_page_fault+0x26/0x30 [ 421.779608][T12301] RIP: 0033:0x7fb17305c86b [ 421.779629][T12301] Code: 00 00 00 48 8d 3d bd b0 1a 00 48 89 c1 31 c0 e8 fb 36 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 b0 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 421.779657][T12301] RSP: 002b:00007fb173ffefa0 EFLAGS: 00010206 [ 421.779682][T12301] RAX: 0000000000000000 RBX: 00007fb173415fa0 RCX: 0000000000000000 [ 421.779699][T12301] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000000 [ 421.779714][T12301] RBP: 00007fb174000090 R08: 0000000000000000 R09: 0000000000000000 [ 421.779729][T12301] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 [ 421.779744][T12301] R13: 00007fb173416038 R14: 00007fb173415fa0 R15: 00007ffd93ec7318 [ 421.779782][T12301] [ 422.060215][T12301] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 422.611931][T12309] perf: Dynamic interrupt throttling disabled, can hang your system! [ 426.439822][T12358] can: request_module (can-proto-0) failed. [ 430.315982][T12423] perf: Dynamic interrupt throttling disabled, can hang your system! [ 431.298245][T12440] can: request_module (can-proto-0) failed. [ 433.187849][T12478] can: request_module (can-proto-0) failed. [ 436.786044][T12536] can: request_module (can-proto-0) failed. [ 438.276334][T12554] can: request_module (can-proto-0) failed. [ 438.997889][T12580] can: request_module (can-proto-0) failed. [ 439.251425][T12586] can: request_module (can-proto-0) failed. [ 439.794543][T12602] FAULT_INJECTION: forcing a failure. [ 439.794543][T12602] name failslab, interval 1, probability 0, space 0, times 0 [ 439.855478][T12602] CPU: 0 UID: 0 PID: 12602 Comm: syz.2.1485 Tainted: G L syzkaller #0 PREEMPT(full) [ 439.855504][T12602] Tainted: [L]=SOFTLOCKUP [ 439.855509][T12602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 439.855518][T12602] Call Trace: [ 439.855523][T12602] [ 439.855535][T12602] dump_stack_lvl+0x100/0x190 [ 439.855557][T12602] should_fail_ex.cold+0x5/0xa [ 439.855582][T12602] should_failslab+0xc2/0x120 [ 439.855604][T12602] ? tomoyo_realpath_from_path+0xb6/0x690 [ 439.855620][T12602] __kmalloc_noprof+0xf6/0x9c0 [ 439.855645][T12602] ? tomoyo_realpath_from_path+0xb6/0x690 [ 439.855663][T12602] tomoyo_realpath_from_path+0xb6/0x690 [ 439.855682][T12602] tomoyo_path_number_perm+0x23c/0x580 [ 439.855703][T12602] ? tomoyo_path_number_perm+0x22e/0x580 [ 439.855729][T12602] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 439.855761][T12602] ? rcu_read_lock_any_held+0x6a/0xa0 [ 439.855789][T12602] ? hook_file_ioctl_common+0x146/0x410 [ 439.855819][T12602] security_file_ioctl+0xd3/0x230 [ 439.855842][T12602] __x64_sys_ioctl+0xb7/0x210 [ 439.855867][T12602] do_syscall_64+0xc9/0xf80 [ 439.855886][T12602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.855901][T12602] RIP: 0033:0x7f778179aeb9 [ 439.855914][T12602] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 439.855928][T12602] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 439.855942][T12602] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 439.855952][T12602] RDX: 0000000000000038 RSI: 00000000402c5342 RDI: 0000000000000003 [ 439.855961][T12602] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 439.855969][T12602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 439.855983][T12602] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 439.856002][T12602] [ 439.856009][T12602] ERROR: Out of memory at tomoyo_realpath_from_path. [ 442.536139][T12639] can: request_module (can-proto-0) failed. [ 443.991021][T12650] can: request_module (can-proto-0) failed. [ 444.769458][T12684] can: request_module (can-proto-0) failed. [ 445.336559][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.342978][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.769521][T12717] can: request_module (can-proto-0) failed. [ 448.002038][T12735] Process accounting paused [ 449.558971][T12762] can: request_module (can-proto-0) failed. [ 453.063338][T12820] can: request_module (can-proto-0) failed. [ 459.888336][ T9520] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 461.009723][T12915] can: request_module (can-proto-0) failed. [ 461.869738][T12925] FAULT_INJECTION: forcing a failure. [ 461.869738][T12925] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 461.912869][T12925] CPU: 1 UID: 0 PID: 12925 Comm: syz.2.1544 Tainted: G L syzkaller #0 PREEMPT(full) [ 461.912910][T12925] Tainted: [L]=SOFTLOCKUP [ 461.912917][T12925] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 461.912929][T12925] Call Trace: [ 461.912936][T12925] [ 461.912944][T12925] dump_stack_lvl+0x100/0x190 [ 461.912976][T12925] should_fail_ex.cold+0x5/0xa [ 461.913015][T12925] _copy_to_user+0x32/0xd0 [ 461.913053][T12925] simple_read_from_buffer+0xcb/0x170 [ 461.913083][T12925] proc_fail_nth_read+0x1af/0x230 [ 461.913115][T12925] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 461.913150][T12925] ? rw_verify_area+0xce/0x6d0 [ 461.913177][T12925] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 461.913209][T12925] vfs_read+0x1e4/0xb30 [ 461.913244][T12925] ? __pfx_vfs_read+0x10/0x10 [ 461.913271][T12925] ? find_held_lock+0x2b/0x80 [ 461.913299][T12925] ? __fget_files+0x215/0x3d0 [ 461.913335][T12925] ? __fget_files+0x21f/0x3d0 [ 461.913375][T12925] ksys_read+0x12a/0x250 [ 461.913404][T12925] ? __pfx_ksys_read+0x10/0x10 [ 461.913445][T12925] do_syscall_64+0xc9/0xf80 [ 461.913481][T12925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 461.913509][T12925] RIP: 0033:0x7f778175b78e [ 461.913531][T12925] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 461.913556][T12925] RSP: 002b:00007f777f9f5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 461.913583][T12925] RAX: ffffffffffffffda RBX: 00007f777f9f66c0 RCX: 00007f778175b78e [ 461.913608][T12925] RDX: 000000000000000f RSI: 00007f777f9f60a0 RDI: 0000000000000004 [ 461.913623][T12925] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 461.913639][T12925] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 461.913654][T12925] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 461.913692][T12925] [ 465.358249][T12978] can: request_module (can-proto-0) failed. [ 468.082699][T13025] can: request_module (can-proto-0) failed. [ 469.315005][T13050] can: request_module (can-proto-0) failed. [ 471.945434][T13097] can: request_module (can-proto-0) failed. [ 476.328649][T13163] can: request_module (can-proto-0) failed. [ 476.449422][ T9520] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 478.158496][T13187] Process accounting resumed [ 478.520120][T13196] can: request_module (can-proto-0) failed. [ 479.151884][T13230] can: request_module (can-proto-0) failed. [ 481.968540][ T9520] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 482.385736][T13284] can: request_module (can-proto-0) failed. [ 483.791260][T13325] can: request_module (can-proto-0) failed. [ 484.352608][T13316] can: request_module (can-proto-0) failed. [ 487.969749][ T9520] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 488.789614][T13427] can: request_module (can-proto-0) failed. [ 492.666389][T13508] can: request_module (can-proto-0) failed. [ 493.492194][ T9998] Bluetooth: hci2: command 0x0406 tx timeout [ 493.882032][T13534] can: request_module (can-proto-0) failed. [ 493.896148][T13536] can: request_module (can-proto-0) failed. [ 494.807125][T13570] FAULT_INJECTION: forcing a failure. [ 494.807125][T13570] name failslab, interval 1, probability 0, space 0, times 0 [ 494.819831][T13570] CPU: 1 UID: 0 PID: 13570 Comm: syz.2.1658 Tainted: G L syzkaller #0 PREEMPT(full) [ 494.819856][T13570] Tainted: [L]=SOFTLOCKUP [ 494.819861][T13570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 494.819870][T13570] Call Trace: [ 494.819875][T13570] [ 494.819880][T13570] dump_stack_lvl+0x100/0x190 [ 494.819903][T13570] should_fail_ex.cold+0x5/0xa [ 494.819929][T13570] should_failslab+0xc2/0x120 [ 494.819949][T13570] ? tomoyo_realpath_from_path+0xb6/0x690 [ 494.819965][T13570] __kmalloc_noprof+0xf6/0x9c0 [ 494.819986][T13570] ? tomoyo_realpath_from_path+0xb6/0x690 [ 494.820000][T13570] tomoyo_realpath_from_path+0xb6/0x690 [ 494.820019][T13570] tomoyo_path_number_perm+0x23c/0x580 [ 494.820040][T13570] ? tomoyo_path_number_perm+0x22e/0x580 [ 494.820066][T13570] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 494.820094][T13570] ? rcu_read_lock_any_held+0x6a/0xa0 [ 494.820138][T13570] ? hook_file_ioctl_common+0x146/0x410 [ 494.820168][T13570] security_file_ioctl+0xd3/0x230 [ 494.820191][T13570] __x64_sys_ioctl+0xb7/0x210 [ 494.820216][T13570] do_syscall_64+0xc9/0xf80 [ 494.820236][T13570] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 494.820251][T13570] RIP: 0033:0x7f778179aeb9 [ 494.820265][T13570] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 494.820279][T13570] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 494.820293][T13570] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 494.820303][T13570] RDX: 0000000000000038 RSI: 0000000040605346 RDI: 0000000000000003 [ 494.820312][T13570] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 494.820320][T13570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 494.820334][T13570] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 494.820354][T13570] [ 494.820972][T13570] ERROR: Out of memory at tomoyo_realpath_from_path. [ 497.087018][T13610] can: request_module (can-proto-0) failed. [ 498.629911][ T9998] Bluetooth: hci1: command 0x0406 tx timeout [ 498.717480][T13646] can: request_module (can-proto-0) failed. [ 499.453215][T13671] netlink: 206 bytes leftover after parsing attributes in process `syz.0.1679'. [ 500.021145][T13677] can: request_module (can-proto-0) failed. [ 501.027118][T13709] can: request_module (can-proto-0) failed. [ 502.138364][T13737] can: request_module (can-proto-0) failed. [ 502.332181][T13739] can: request_module (can-proto-0) failed. [ 504.524700][T13785] can: request_module (can-proto-0) failed. [ 506.041084][T13805] can: request_module (can-proto-0) failed. [ 506.522180][T13825] can: request_module (can-proto-0) failed. [ 506.784655][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.791328][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 508.433225][T13858] can: request_module (can-proto-0) failed. [ 509.086783][T13877] can: request_module (can-proto-0) failed. [ 509.472466][T13870] Process accounting paused [ 512.824462][T13948] can: request_module (can-proto-0) failed. [ 513.090794][T13956] can: request_module (can-proto-0) failed. [ 514.175933][T13981] can: request_module (can-proto-0) failed. [ 516.768646][T14032] can: request_module (can-proto-0) failed. [ 517.581581][T14049] can: request_module (can-proto-0) failed. [ 519.418271][T14085] can: request_module (can-proto-0) failed. [ 520.428982][T14112] can: request_module (can-proto-0) failed. [ 520.755200][T14121] can: request_module (can-proto-0) failed. [ 521.847442][T14146] can: request_module (can-proto-0) failed. [ 523.914192][T14186] can: request_module (can-proto-0) failed. [ 525.014121][T14208] can: request_module (can-proto-0) failed. [ 525.749472][T14218] can: request_module (can-proto-0) failed. [ 526.698659][T14236] can: request_module (can-proto-0) failed. [ 527.426659][T14249] can: request_module (can-proto-0) failed. [ 528.934878][T14283] can: request_module (can-proto-0) failed. [ 529.086048][T14284] can: request_module (can-proto-0) failed. [ 529.915799][T14302] can: request_module (can-proto-0) failed. [ 531.363407][T14328] can: request_module (can-proto-0) failed. [ 532.365656][T14351] can: request_module (can-proto-0) failed. [ 533.680124][T14358] can: request_module (can-proto-0) failed. [ 534.978453][T14399] can: request_module (can-proto-0) failed. [ 535.516502][T14415] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 536.559438][T14431] can: request_module (can-proto-0) failed. [ 537.824551][T14463] can: request_module (can-proto-0) failed. [ 538.058476][T14470] can: request_module (can-proto-0) failed. [ 539.682667][T14499] can: request_module (can-proto-0) failed. [ 539.709564][T14502] can: request_module (can-proto-0) failed. [ 540.043196][T14506] Process accounting resumed [ 541.254549][T14541] can: request_module (can-proto-0) failed. [ 541.560403][T14550] can: request_module (can-proto-0) failed. [ 542.102236][T14556] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1817'. [ 543.122484][T14581] FAULT_INJECTION: forcing a failure. [ 543.122484][T14581] name failslab, interval 1, probability 0, space 0, times 0 [ 543.135464][T14581] CPU: 1 UID: 0 PID: 14581 Comm: syz.2.1823 Tainted: G L syzkaller #0 PREEMPT(full) [ 543.135507][T14581] Tainted: [L]=SOFTLOCKUP [ 543.135517][T14581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 543.135532][T14581] Call Trace: [ 543.135541][T14581] [ 543.135551][T14581] dump_stack_lvl+0x100/0x190 [ 543.135589][T14581] should_fail_ex.cold+0x5/0xa [ 543.135633][T14581] should_failslab+0xc2/0x120 [ 543.135669][T14581] ? tomoyo_realpath_from_path+0xb6/0x690 [ 543.135695][T14581] __kmalloc_noprof+0xf6/0x9c0 [ 543.135729][T14581] ? tomoyo_realpath_from_path+0xb6/0x690 [ 543.135753][T14581] tomoyo_realpath_from_path+0xb6/0x690 [ 543.135786][T14581] tomoyo_path_number_perm+0x23c/0x580 [ 543.135822][T14581] ? tomoyo_path_number_perm+0x22e/0x580 [ 543.135859][T14581] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 543.135924][T14581] ? rcu_read_lock_any_held+0x6a/0xa0 [ 543.135970][T14581] ? hook_file_ioctl_common+0x146/0x410 [ 543.136021][T14581] security_file_ioctl+0xd3/0x230 [ 543.136059][T14581] __x64_sys_ioctl+0xb7/0x210 [ 543.136104][T14581] do_syscall_64+0xc9/0xf80 [ 543.136140][T14581] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 543.136175][T14581] RIP: 0033:0x7f778179aeb9 [ 543.136199][T14581] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 543.136225][T14581] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 543.136252][T14581] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 543.136271][T14581] RDX: 0000000000000038 RSI: 00000000c05c5340 RDI: 0000000000000003 [ 543.136288][T14581] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 543.136304][T14581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 543.136320][T14581] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 543.136358][T14581] [ 543.136440][T14581] ERROR: Out of memory at tomoyo_realpath_from_path. [ 543.495396][T14583] netlink: 302 bytes leftover after parsing attributes in process `syz.1.1824'. [ 543.535918][T14583] Invalid ELF header magic: != ELF [ 544.275059][T14601] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 544.730634][T14616] rnbd_client L213: map_device: Parameters missing [ 544.938588][T14612] can: request_module (can-proto-0) failed. [ 545.009440][T14611] netlink: set zone limit has 8 unknown bytes [ 545.571660][T14634] FAULT_INJECTION: forcing a failure. [ 545.571660][T14634] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 545.608762][T14634] CPU: 0 UID: 0 PID: 14634 Comm: syz.1.1836 Tainted: G L syzkaller #0 PREEMPT(full) [ 545.608808][T14634] Tainted: [L]=SOFTLOCKUP [ 545.608817][T14634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 545.608833][T14634] Call Trace: [ 545.608842][T14634] [ 545.608852][T14634] dump_stack_lvl+0x100/0x190 [ 545.608890][T14634] should_fail_ex.cold+0x5/0xa [ 545.608934][T14634] _copy_from_user+0x2e/0xd0 [ 545.608977][T14634] copy_msghdr_from_user+0x9f/0x4f0 [ 545.609012][T14634] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 545.609061][T14634] ___sys_sendmsg+0x106/0x1e0 [ 545.609095][T14634] ? __pfx____sys_sendmsg+0x10/0x10 [ 545.609143][T14634] ? find_held_lock+0x2b/0x80 [ 545.609193][T14634] __sys_sendmsg+0x170/0x220 [ 545.609234][T14634] ? __pfx___sys_sendmsg+0x10/0x10 [ 545.609297][T14634] do_syscall_64+0xc9/0xf80 [ 545.609331][T14634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 545.609358][T14634] RIP: 0033:0x7fa89339aeb9 [ 545.609381][T14634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 545.609408][T14634] RSP: 002b:00007fa89429a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 545.609434][T14634] RAX: ffffffffffffffda RBX: 00007fa893615fa0 RCX: 00007fa89339aeb9 [ 545.609453][T14634] RDX: 0000000004000000 RSI: 0000200000000140 RDI: 0000000000000003 [ 545.609470][T14634] RBP: 00007fa89429a090 R08: 0000000000000000 R09: 0000000000000000 [ 545.609487][T14634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 545.609502][T14634] R13: 00007fa893616038 R14: 00007fa893615fa0 R15: 00007ffd359793d8 [ 545.609539][T14634] [ 546.061037][T14643] __vm_enough_memory: pid: 14643, comm: syz.1.1839, bytes: 4398046511104 not enough memory for the allocation [ 546.232822][T14648] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 546.288937][T14643] FAULT_INJECTION: forcing a failure. [ 546.288937][T14643] name fail_futex, interval 1, probability 0, space 0, times 0 [ 546.328906][T14643] CPU: 0 UID: 0 PID: 14643 Comm: syz.1.1839 Tainted: G L syzkaller #0 PREEMPT(full) [ 546.328931][T14643] Tainted: [L]=SOFTLOCKUP [ 546.328936][T14643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 546.328945][T14643] Call Trace: [ 546.328950][T14643] [ 546.328956][T14643] dump_stack_lvl+0x100/0x190 [ 546.328978][T14643] should_fail_ex.cold+0x5/0xa [ 546.329003][T14643] get_futex_key+0x1d2/0x1620 [ 546.329024][T14643] ? __pfx_get_futex_key+0x10/0x10 [ 546.329049][T14643] futex_wake+0xea/0x530 [ 546.329073][T14643] ? __pfx_futex_wake+0x10/0x10 [ 546.329096][T14643] ? exit_mm_release+0x19/0x30 [ 546.329122][T14643] do_futex+0x32b/0x350 [ 546.329142][T14643] ? __pfx_do_futex+0x10/0x10 [ 546.329170][T14643] ? __might_fault+0xc5/0x140 [ 546.329192][T14643] mm_release+0x24a/0x2f0 [ 546.329209][T14643] do_exit+0x675/0x2a30 [ 546.329233][T14643] ? __pfx_do_exit+0x10/0x10 [ 546.329254][T14643] ? do_raw_spin_lock+0x128/0x260 [ 546.329276][T14643] ? find_held_lock+0x2b/0x80 [ 546.329290][T14643] ? get_signal+0x7e0/0x21e0 [ 546.329309][T14643] do_group_exit+0xd5/0x2a0 [ 546.329332][T14643] get_signal+0x1ec7/0x21e0 [ 546.329355][T14643] ? __pfx_get_signal+0x10/0x10 [ 546.329373][T14643] ? do_futex+0x192/0x350 [ 546.329395][T14643] arch_do_signal_or_restart+0x91/0x770 [ 546.329419][T14643] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 546.329445][T14643] ? __pfx___x64_sys_futex+0x10/0x10 [ 546.329464][T14643] ? xfd_validate_state+0x129/0x190 [ 546.329490][T14643] exit_to_user_mode_loop+0x86/0x4b0 [ 546.329511][T14643] ? rcu_is_watching+0x12/0xc0 [ 546.329526][T14643] do_syscall_64+0x4ea/0xf80 [ 546.329546][T14643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.329561][T14643] RIP: 0033:0x7fa89339aeb9 [ 546.329574][T14643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 546.329588][T14643] RSP: 002b:00007fa8942790e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 546.329602][T14643] RAX: fffffffffffffe00 RBX: 00007fa893616098 RCX: 00007fa89339aeb9 [ 546.329611][T14643] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa893616098 [ 546.329620][T14643] RBP: 00007fa893616090 R08: 0000000000000000 R09: 0000000000000000 [ 546.329629][T14643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 546.329637][T14643] R13: 00007fa893616128 R14: 00007ffd359792f0 R15: 00007ffd359793d8 [ 546.329656][T14643] [ 546.723496][T14654] FAULT_INJECTION: forcing a failure. [ 546.723496][T14654] name failslab, interval 1, probability 0, space 0, times 0 [ 546.790237][T14654] CPU: 1 UID: 0 PID: 14654 Comm: syz.2.1842 Tainted: G L syzkaller #0 PREEMPT(full) [ 546.790281][T14654] Tainted: [L]=SOFTLOCKUP [ 546.790290][T14654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 546.790306][T14654] Call Trace: [ 546.790315][T14654] [ 546.790326][T14654] dump_stack_lvl+0x100/0x190 [ 546.790363][T14654] should_fail_ex.cold+0x5/0xa [ 546.790407][T14654] should_failslab+0xc2/0x120 [ 546.790444][T14654] ? tomoyo_encode2+0xfb/0x3c0 [ 546.790469][T14654] __kmalloc_noprof+0xf6/0x9c0 [ 546.790508][T14654] ? tomoyo_encode2+0xfb/0x3c0 [ 546.790531][T14654] tomoyo_encode2+0xfb/0x3c0 [ 546.790563][T14654] tomoyo_encode+0x29/0x50 [ 546.790587][T14654] tomoyo_realpath_from_path+0x18c/0x690 [ 546.790624][T14654] tomoyo_path_number_perm+0x23c/0x580 [ 546.790661][T14654] ? tomoyo_path_number_perm+0x22e/0x580 [ 546.790701][T14654] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 546.790754][T14654] ? rcu_read_lock_any_held+0x6a/0xa0 [ 546.790806][T14654] ? hook_file_ioctl_common+0x146/0x410 [ 546.790860][T14654] security_file_ioctl+0xd3/0x230 [ 546.790898][T14654] __x64_sys_ioctl+0xb7/0x210 [ 546.790942][T14654] do_syscall_64+0xc9/0xf80 [ 546.790977][T14654] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 546.791003][T14654] RIP: 0033:0x7f778179aeb9 [ 546.791021][T14654] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 546.791044][T14654] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 546.791068][T14654] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 546.791086][T14654] RDX: 0000000000000038 RSI: 00000000402c5342 RDI: 0000000000000003 [ 546.791110][T14654] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 546.791123][T14654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 546.791140][T14654] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 546.791177][T14654] [ 546.791201][T14654] ERROR: Out of memory at tomoyo_realpath_from_path. [ 547.078618][T14661] FAULT_INJECTION: forcing a failure. [ 547.078618][T14661] name failslab, interval 1, probability 0, space 0, times 0 [ 547.111622][T14661] CPU: 1 UID: 0 PID: 14661 Comm: syz.2.1846 Tainted: G L syzkaller #0 PREEMPT(full) [ 547.111667][T14661] Tainted: [L]=SOFTLOCKUP [ 547.111677][T14661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 547.111693][T14661] Call Trace: [ 547.111701][T14661] [ 547.111711][T14661] dump_stack_lvl+0x100/0x190 [ 547.111749][T14661] should_fail_ex.cold+0x5/0xa [ 547.111792][T14661] should_failslab+0xc2/0x120 [ 547.111828][T14661] ? tomoyo_realpath_from_path+0xb6/0x690 [ 547.111856][T14661] __kmalloc_noprof+0xf6/0x9c0 [ 547.111895][T14661] ? tomoyo_realpath_from_path+0xb6/0x690 [ 547.111922][T14661] tomoyo_realpath_from_path+0xb6/0x690 [ 547.111959][T14661] tomoyo_path_number_perm+0x23c/0x580 [ 547.111997][T14661] ? tomoyo_path_number_perm+0x22e/0x580 [ 547.112037][T14661] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 547.112110][T14661] ? find_held_lock+0x2b/0x80 [ 547.112136][T14661] ? hook_file_ioctl_common+0x146/0x410 [ 547.112172][T14661] ? __fget_files+0x215/0x3d0 [ 547.112208][T14661] ? __fget_files+0x21f/0x3d0 [ 547.112244][T14661] security_file_ioctl+0xd3/0x230 [ 547.112282][T14661] __x64_sys_ioctl+0xb7/0x210 [ 547.112323][T14661] do_syscall_64+0xc9/0xf80 [ 547.112357][T14661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.112391][T14661] RIP: 0033:0x7f778179aeb9 [ 547.112412][T14661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 547.112435][T14661] RSP: 002b:00007f777f9f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 547.112460][T14661] RAX: ffffffffffffffda RBX: 00007f7781a15fa0 RCX: 00007f778179aeb9 [ 547.112478][T14661] RDX: 0000200000000240 RSI: 00000000c0185500 RDI: 0000000000000004 [ 547.112495][T14661] RBP: 00007f777f9f6090 R08: 0000000000000000 R09: 0000000000000000 [ 547.112510][T14661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 547.112526][T14661] R13: 00007f7781a16038 R14: 00007f7781a15fa0 R15: 00007fff26c7b458 [ 547.112563][T14661] [ 547.112573][T14661] ERROR: Out of memory at tomoyo_realpath_from_path. [ 547.572489][T14676] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 547.743594][T14680] FAULT_INJECTION: forcing a failure. [ 547.743594][T14680] name failslab, interval 1, probability 0, space 0, times 0 [ 547.838676][T14680] CPU: 1 UID: 0 PID: 14680 Comm: syz.2.1849 Tainted: G L syzkaller #0 PREEMPT(full) [ 547.838725][T14680] Tainted: [L]=SOFTLOCKUP [ 547.838735][T14680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 547.838749][T14680] Call Trace: [ 547.838760][T14680] [ 547.838770][T14680] dump_stack_lvl+0x100/0x190 [ 547.838811][T14680] should_fail_ex.cold+0x5/0xa [ 547.838856][T14680] should_failslab+0xc2/0x120 [ 547.838896][T14680] kmem_cache_alloc_noprof+0x83/0x780 [ 547.838933][T14680] ? __proc_create+0xc2/0x8c0 [ 547.838974][T14680] ? __proc_create+0x2cb/0x8c0 [ 547.839022][T14680] ? __proc_create+0x2cb/0x8c0 [ 547.839074][T14680] __proc_create+0x2cb/0x8c0 [ 547.839118][T14680] ? __pfx___proc_create+0x10/0x10 [ 547.839167][T14680] ? _raw_write_unlock+0x28/0x50 [ 547.839198][T14680] ? proc_register+0x559/0x8a0 [ 547.839227][T14680] proc_create_reg+0x75/0x170 [ 547.839257][T14680] proc_create_net_data+0x8e/0x1c0 [ 547.839300][T14680] ? __pfx_proc_create_net_data+0x10/0x10 [ 547.839356][T14680] sctp_proc_init+0x199/0x270 [ 547.839394][T14680] ? __pfx_sctp_defaults_init+0x10/0x10 [ 547.839431][T14680] sctp_defaults_init+0x758/0xd90 [ 547.839472][T14680] ? __pfx_sctp_defaults_init+0x10/0x10 [ 547.839510][T14680] ops_init+0x1e2/0x5f0 [ 547.839557][T14680] setup_net+0x118/0x3a0 [ 547.839582][T14680] ? __pfx_setup_net+0x10/0x10 [ 547.839624][T14680] ? lockdep_init_map_type+0x5c/0x250 [ 547.839663][T14680] ? mutex_init_lockep+0x110/0x150 [ 547.839708][T14680] copy_net_ns+0x46f/0x7c0 [ 547.839741][T14680] create_new_namespaces+0x3ea/0xab0 [ 547.839782][T14680] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 547.839819][T14680] ksys_unshare+0x455/0xab0 [ 547.839861][T14680] ? __pfx_ksys_unshare+0x10/0x10 [ 547.839898][T14680] ? xfd_validate_state+0x129/0x190 [ 547.839954][T14680] __x64_sys_unshare+0x31/0x40 [ 547.839993][T14680] do_syscall_64+0xc9/0xf80 [ 547.840030][T14680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 547.840066][T14680] RIP: 0033:0x7f778179aeb9 [ 547.840090][T14680] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 547.840117][T14680] RSP: 002b:00007f777f9b4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 547.840145][T14680] RAX: ffffffffffffffda RBX: 00007f7781a16180 RCX: 00007f778179aeb9 [ 547.840165][T14680] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 547.840184][T14680] RBP: 00007f7781808c1f R08: 0000000000000000 R09: 0000000000000000 [ 547.840202][T14680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 547.840219][T14680] R13: 00007f7781a16218 R14: 00007f7781a16180 R15: 00007fff26c7b458 [ 547.840258][T14680] [ 549.170574][T14702] can: request_module (can-proto-0) failed. [ 549.234423][T14705] can: request_module (can-proto-0) failed. [ 549.478950][T14713] FAULT_INJECTION: forcing a failure. [ 549.478950][T14713] name failslab, interval 1, probability 0, space 0, times 0 [ 549.492041][T14713] CPU: 1 UID: 0 PID: 14713 Comm: syz.0.1857 Tainted: G L syzkaller #0 PREEMPT(full) [ 549.492083][T14713] Tainted: [L]=SOFTLOCKUP [ 549.492092][T14713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 549.492107][T14713] Call Trace: [ 549.492115][T14713] [ 549.492125][T14713] dump_stack_lvl+0x100/0x190 [ 549.492163][T14713] should_fail_ex.cold+0x5/0xa [ 549.492206][T14713] should_failslab+0xc2/0x120 [ 549.492242][T14713] ? tomoyo_encode2+0xfb/0x3c0 [ 549.492267][T14713] __kmalloc_noprof+0xf6/0x9c0 [ 549.492305][T14713] ? tomoyo_encode2+0xfb/0x3c0 [ 549.492328][T14713] tomoyo_encode2+0xfb/0x3c0 [ 549.492361][T14713] tomoyo_encode+0x29/0x50 [ 549.492385][T14713] tomoyo_realpath_from_path+0x18c/0x690 [ 549.492422][T14713] tomoyo_path_number_perm+0x23c/0x580 [ 549.492459][T14713] ? tomoyo_path_number_perm+0x22e/0x580 [ 549.492500][T14713] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 549.492552][T14713] ? rcu_read_lock_any_held+0x6a/0xa0 [ 549.492606][T14713] ? hook_file_ioctl_common+0x146/0x410 [ 549.492662][T14713] security_file_ioctl+0xd3/0x230 [ 549.492703][T14713] __x64_sys_ioctl+0xb7/0x210 [ 549.492747][T14713] do_syscall_64+0xc9/0xf80 [ 549.492783][T14713] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 549.492810][T14713] RIP: 0033:0x7fb17319aeb9 [ 549.492830][T14713] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 549.492862][T14713] RSP: 002b:00007fb174000028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 549.492889][T14713] RAX: ffffffffffffffda RBX: 00007fb173415fa0 RCX: 00007fb17319aeb9 [ 549.492908][T14713] RDX: 0000000000000038 RSI: 0000000040605346 RDI: 0000000000000003 [ 549.492925][T14713] RBP: 00007fb174000090 R08: 0000000000000000 R09: 0000000000000000 [ 549.492942][T14713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 549.492958][T14713] R13: 00007fb173416038 R14: 00007fb173415fa0 R15: 00007ffd93ec7318 [ 549.492996][T14713] [ 549.493361][T14713] ERROR: Out of memory at tomoyo_realpath_from_path. [ 550.846716][T14749] can: request_module (can-proto-0) failed. [ 551.925147][T14777] ------------[ cut here ]------------ [ 551.930738][T14777] ((d_inode(path->dentry))->i_flags & (1 << 19)) && !(path->mnt->mnt_sb->s_iflags & 0x00000002) [ 551.930763][T14777] WARNING: fs/exec.c:118 at path_noexec+0x1cf/0x230, CPU#0: syz.1.1869/14777 [ 551.950176][T14777] Modules linked in: [ 551.954432][T14777] CPU: 0 UID: 0 PID: 14777 Comm: syz.1.1869 Tainted: G L syzkaller #0 PREEMPT(full) [ 551.965409][T14777] Tainted: [L]=SOFTLOCKUP [ 551.969846][T14777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 551.980041][T14777] RIP: 0010:path_noexec+0x1cf/0x230 [ 551.985247][T14777] Code: 58 31 ff 83 e3 02 48 89 de 48 d1 eb e8 1a 5e 81 ff 83 e3 01 e8 32 63 81 ff 89 d8 5b 5d 41 5c e9 c7 48 f2 08 e8 22 63 81 ff 90 <0f> 0b 90 e9 46 ff ff ff e8 44 bc ea ff e9 a3 fe ff ff e8 3a bc ea [ 552.004924][T14777] RSP: 0018:ffffc900052e7c50 EFLAGS: 00010287 [ 552.011134][T14777] RAX: 00000000000000b2 RBX: 0000000000000000 RCX: ffffc9000b9f9000 [ 552.020341][T14777] RDX: 0000000000080000 RSI: ffffffff8284e75e RDI: ffff888028753d00 [ 552.029413][T14777] RBP: ffff88801ca88fe0 R08: 0000000000000007 R09: 0000000000000000 [ 552.037393][T14777] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000080000 [ 552.045400][T14777] R13: 0000000000000001 R14: ffff88805fb823c8 R15: 0000000000000000 [ 552.053494][T14777] FS: 00007fa89429a6c0(0000) GS:ffff8881245e3000(0000) knlGS:0000000000000000 [ 552.062484][T14777] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 552.069120][T14777] CR2: 000000110c864a96 CR3: 0000000059dbe000 CR4: 00000000003526f0 [ 552.077100][T14777] Call Trace: [ 552.080581][T14777] [ 552.083508][T14777] do_mmap+0x857/0x12f0 [ 552.087670][T14777] ? __pfx_do_mmap+0x10/0x10 [ 552.092396][T14777] ? __pfx_down_write_killable+0x10/0x10 [ 552.098036][T14777] vm_mmap_pgoff+0x29e/0x470 [ 552.102685][T14777] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 552.107804][T14777] ? __fget_files+0x215/0x3d0 [ 552.112550][T14777] ? __fget_files+0x21f/0x3d0 [ 552.118020][T14777] ksys_mmap_pgoff+0x328/0x5b0 [ 552.123484][T14777] __x64_sys_mmap+0x125/0x190 [ 552.128251][T14777] do_syscall_64+0xc9/0xf80 [ 552.132756][T14777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.138683][T14777] RIP: 0033:0x7fa89339aeb9 [ 552.143144][T14777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.162776][T14777] RSP: 002b:00007fa89429a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 552.171305][T14777] RAX: ffffffffffffffda RBX: 00007fa893615fa0 RCX: 00007fa89339aeb9 [ 552.179373][T14777] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000000 [ 552.187338][T14777] RBP: 00007fa893408c1f R08: 0000000000000003 R09: 0000000110000000 [ 552.195324][T14777] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000000 [ 552.203340][T14777] R13: 00007fa893616038 R14: 00007fa893615fa0 R15: 00007ffd359793d8 [ 552.211352][T14777] [ 552.214366][T14777] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 552.221842][T14777] CPU: 0 UID: 0 PID: 14777 Comm: syz.1.1869 Tainted: G L syzkaller #0 PREEMPT(full) [ 552.232863][T14777] Tainted: [L]=SOFTLOCKUP [ 552.237290][T14777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 552.247339][T14777] Call Trace: [ 552.250627][T14777] [ 552.253548][T14777] dump_stack_lvl+0x100/0x190 [ 552.258241][T14777] vpanic+0x20d/0x630 [ 552.262240][T14777] panic+0xd1/0xd1 [ 552.266253][T14777] ? __pfx_panic+0x10/0x10 [ 552.270706][T14777] check_panic_on_warn.cold+0x19/0x34 [ 552.276090][T14777] ? path_noexec+0x1cf/0x230 [ 552.280758][T14777] __warn.cold+0x191/0x2f8 [ 552.285196][T14777] __report_bug+0x296/0x3d0 [ 552.289715][T14777] ? path_noexec+0x1cf/0x230 [ 552.294305][T14777] ? __pfx___report_bug+0x10/0x10 [ 552.299323][T14777] ? arch_get_unmapped_area_topdown+0x3e6/0x9b0 [ 552.305574][T14777] ? aa_file_perm+0x268/0x1540 [ 552.310349][T14777] ? path_noexec+0x1cf/0x230 [ 552.314937][T14777] report_bug+0xb2/0x220 [ 552.319189][T14777] ? path_noexec+0x1cf/0x230 [ 552.323774][T14777] handle_bug+0x166/0x2a0 [ 552.328108][T14777] exc_invalid_op+0x17/0x50 [ 552.332626][T14777] asm_exc_invalid_op+0x1a/0x20 [ 552.337647][T14777] RIP: 0010:path_noexec+0x1cf/0x230 [ 552.342871][T14777] Code: 58 31 ff 83 e3 02 48 89 de 48 d1 eb e8 1a 5e 81 ff 83 e3 01 e8 32 63 81 ff 89 d8 5b 5d 41 5c e9 c7 48 f2 08 e8 22 63 81 ff 90 <0f> 0b 90 e9 46 ff ff ff e8 44 bc ea ff e9 a3 fe ff ff e8 3a bc ea [ 552.362484][T14777] RSP: 0018:ffffc900052e7c50 EFLAGS: 00010287 [ 552.368545][T14777] RAX: 00000000000000b2 RBX: 0000000000000000 RCX: ffffc9000b9f9000 [ 552.376510][T14777] RDX: 0000000000080000 RSI: ffffffff8284e75e RDI: ffff888028753d00 [ 552.384476][T14777] RBP: ffff88801ca88fe0 R08: 0000000000000007 R09: 0000000000000000 [ 552.392525][T14777] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000080000 [ 552.400575][T14777] R13: 0000000000000001 R14: ffff88805fb823c8 R15: 0000000000000000 [ 552.408547][T14777] ? path_noexec+0x1ce/0x230 [ 552.413228][T14777] do_mmap+0x857/0x12f0 [ 552.417469][T14777] ? __pfx_do_mmap+0x10/0x10 [ 552.422053][T14777] ? __pfx_down_write_killable+0x10/0x10 [ 552.427688][T14777] vm_mmap_pgoff+0x29e/0x470 [ 552.432378][T14777] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 552.437487][T14777] ? __fget_files+0x215/0x3d0 [ 552.442352][T14777] ? __fget_files+0x21f/0x3d0 [ 552.447162][T14777] ksys_mmap_pgoff+0x328/0x5b0 [ 552.451956][T14777] __x64_sys_mmap+0x125/0x190 [ 552.456646][T14777] do_syscall_64+0xc9/0xf80 [ 552.461337][T14777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.467239][T14777] RIP: 0033:0x7fa89339aeb9 [ 552.471654][T14777] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.491629][T14777] RSP: 002b:00007fa89429a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 552.500042][T14777] RAX: ffffffffffffffda RBX: 00007fa893615fa0 RCX: 00007fa89339aeb9 [ 552.508007][T14777] RDX: 0000000000000001 RSI: 0000000000000008 RDI: 0000000000000000 [ 552.516232][T14777] RBP: 00007fa893408c1f R08: 0000000000000003 R09: 0000000110000000 [ 552.524202][T14777] R10: 0000000000000013 R11: 0000000000000246 R12: 0000000000000000 [ 552.532169][T14777] R13: 00007fa893616038 R14: 00007fa893615fa0 R15: 00007ffd359793d8 [ 552.540144][T14777] [ 552.543325][T14777] Kernel Offset: disabled [ 552.547644][T14777] Rebooting in 86400 seconds..