last executing test programs: 7m16.095789729s ago: executing program 0 (id=5311): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x20009, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0xffffffffffff0006, 0x17) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) mmap$auto(0x1, 0x8d4, 0x6, 0x6f52, 0xffffffffffffffff, 0x8000) lstat$auto(0x0, 0x0) 7m14.82836525s ago: executing program 0 (id=5317): setrlimit$auto(0x0, 0x0) r0 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7fffffff, 0x10) ioctl$auto_NS_GET_PID_IN_PIDNS(0xffffffffffffffff, 0x8004b708, &(0x7f0000000000)=0xfffffff1) mmap$auto(0x0, 0x40000b, 0xe3, 0x9b72, 0xffffffffffffffff, 0x40000008000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) r1 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r1, 0x0, 0x39b8) 7m14.14035824s ago: executing program 0 (id=5324): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x80802, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x3, 0xb00) 7m13.925844614s ago: executing program 0 (id=5325): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 7m13.720584446s ago: executing program 0 (id=5327): mmap$auto(0x0, 0x8, 0x4000000000df, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x140, 0x0) r0 = open(&(0x7f00000000c0)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) fchmod$auto(r0, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) 7m13.360211021s ago: executing program 0 (id=5331): close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0x80) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040)='~', 0x8000, 0x1}, 0x8}, 0x1, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) 7m12.991808239s ago: executing program 32 (id=5331): close_range$auto(0x0, 0xfffffffffffff000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe2$auto(0x0, 0x80) mq_notify$auto(0x4, &(0x7f0000000040)={@sival_ptr=0x0, @inferred, 0x1, @_tid}) sendmsg$auto_NL802154_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, 0x0}, 0x80) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, &(0x7f0000000040)='~', 0x8000, 0x1}, 0x8}, 0x1, 0x9) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) 7m9.184764472s ago: executing program 1 (id=5355): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) socket(0x1d, 0x3, 0x1) bind$auto(0x3, 0x0, 0x6a) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) 7m8.839117492s ago: executing program 1 (id=5358): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) ioctl$auto(r0, 0x4008af03, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socketpair$auto(0x1f, 0x5, 0x8000000000000000, 0x0) ioctl$auto_TCFLSH2(r1, 0x80045439, 0x0) ioctl$auto_VHOST_NET_SET_BACKEND(r0, 0x4008af30, 0x0) 7m7.95389859s ago: executing program 1 (id=5359): ioctl$auto_XFS_IOC_READLINK_BY_HANDLE(0xffffffffffffffff, 0xc038586c, &(0x7f0000000280)={0xffffffffffffffff, &(0x7f0000000040)="36382843cbf647a308387752cf206143902799f714d3da792af73a2f51252c2924ba2758ab0a48d458fbe6a143f7d73b7035e954be54776dfb99d2e4055cbc993ef0467a8d1339bfea", 0xfd, 0x0, 0x0, 0x0, 0x0}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xed}) 7m7.412327424s ago: executing program 1 (id=5363): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 7m6.461418115s ago: executing program 1 (id=5366): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x20000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000140), 0x2002, 0x0) socket(0x29, 0x2, 0x0) select$auto(0xa, 0x0, 0x0, &(0x7f0000000200)={[0x8001ff, 0x4, 0xd, 0x8fd6, 0x948d, 0x3, 0x80, 0x3, 0x6, 0x7ffffffffffffffb, 0x7, 0x2, 0xd, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 7m3.767219081s ago: executing program 1 (id=5379): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/conex/uevent\x00', 0x464002, 0x0) poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x7ff, 0x200}, 0x100, 0x6) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = socket(0xa, 0x1, 0x84) setsockopt$auto(r1, 0x0, 0x40, 0x0, 0x6f7250c4) 7m3.294679603s ago: executing program 33 (id=5379): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/usb/drivers/conex/uevent\x00', 0x464002, 0x0) poll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x7ff, 0x200}, 0x100, 0x6) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0xffffffff}, 0x6, 0x0) r1 = socket(0xa, 0x1, 0x84) setsockopt$auto(r1, 0x0, 0x40, 0x0, 0x6f7250c4) 7m2.949629233s ago: executing program 4 (id=5333): mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xffffffffffffffff, 0x4000000000002) eventfd$auto(0x8e) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r1, 0x4040ae79, r2) close_range$auto(0x2, 0x8, 0x0) 7m2.535695621s ago: executing program 4 (id=5383): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x4, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f0000000040)={0x7, 0x0, [{0x40000106, 0x2, 0x6}]}) 7m2.171450664s ago: executing program 4 (id=5384): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 7m1.81284492s ago: executing program 4 (id=5386): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r0, 0x0, 0x81) write$auto(r0, &(0x7f0000000440)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0x98c7) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) clock_nanosleep$auto(0x2, 0x6, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) write$auto(r1, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 7m1.035052811s ago: executing program 4 (id=5390): r0 = gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) kill$auto(r0, 0x11) 7m0.766642584s ago: executing program 34 (id=5390): r0 = gettid() close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @host}, 0x55) listen$auto(0x3, 0x81) accept$auto(0x3, 0xffffffffffffffff, 0xffffffffffffffff) kill$auto(r0, 0x11) 2m43.609303167s ago: executing program 6 (id=7144): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) lsm_list_modules$auto(0x0, 0x0, 0x0) r0 = socket(0x2, 0x801, 0x106) r1 = getsockopt$auto(r0, 0x11c, 0x3, 0x0, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r1, 0x541c, r1) 2m41.277046915s ago: executing program 6 (id=7152): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/apparmor/parameters/rawdata_compression_level\x00', 0x80, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x9) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vbi3\x00', 0x2af01, 0x0) ioctl$auto(r1, 0xc0585611, r1) 2m40.986868284s ago: executing program 6 (id=7154): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) socket(0xa, 0x2, 0x0) r0 = socket(0xa, 0x3, 0x3a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000280)=@bpf_attr_5={@target_fd=r1, r1, 0x4, 0xf, 0xffffffffffffffff, @relative_fd=r0, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffffffffffffffff, 0x0, 0x3}, 0x4) 2m40.784746766s ago: executing program 6 (id=7156): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x28, 0x1, 0x0) socket(0x2, 0x5, 0x0) sysfs$auto(0x2, 0x0, 0x0) epoll_create$auto(0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r0, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 2m40.395114588s ago: executing program 6 (id=7157): mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) socket(0x2b, 0x1, 0x1) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000440), 0x20100, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xf) r1 = bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r1, 0x98}, 0x5) 2m40.131247224s ago: executing program 6 (id=7159): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r2) sendmsg$auto_NFSD_CMD_VERSION_SET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x18, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000001}, 0x844) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth0_to_bond\x00'}) 2m24.784606261s ago: executing program 35 (id=7159): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002a40), r0) sendmsg$auto_NFSD_CMD_LISTENER_SET(r0, &(0x7f00000050c0)={0x0, 0x0, &(0x7f0000005080)={&(0x7f0000002a80)={0x14, r1, 0x1, 0x70bd25, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x20008050) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000400), r2) sendmsg$auto_NFSD_CMD_VERSION_SET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x18, r3, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NFSD_A_SERVER_PROTO_VERSION={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000001}, 0x844) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'veth0_to_bond\x00'}) 9.468515048s ago: executing program 5 (id=7824): bpf$auto(0x8, &(0x7f00000001c0)=@test={0xffffffffffffffff, 0x1, 0x6, 0xc0d6, 0x5a3, 0x101, 0x401, 0x5, 0x800, 0x3e1b2d20, 0x0, 0x1, 0x9, 0xff}, 0x10) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) socket(0x1d, 0x2, 0x6) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b39", 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, 0x0, 0x20000881) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) ioctl$auto_MEMGETREGIONCOUNT(0xffffffffffffffff, 0x80044d07, 0x0) 6.755804681s ago: executing program 7 (id=7843): mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) socket(0x10, 0x2, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xe000) connect$auto(0x3, &(0x7f00000000c0), 0x55) write$auto(0x3, 0x0, 0x800) 6.588475454s ago: executing program 5 (id=7844): mmap$auto(0x0, 0x40000c, 0xdf, 0x9b72, 0xffffffffffffffff, 0x7ffd) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) msgctl$auto_MSG_INFO(0x0, 0xc, &(0x7f0000000180)={{0xfffffffc, 0x0, 0x0, 0x5, 0x5f, 0xcf, 0x5}, &(0x7f0000000100)=0xd, 0x0, 0x7, 0x7, 0x6, 0x3, 0x14cd21ec, 0x3, 0x7, 0x4, @inferred=0xffffffffffffffff}) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00082dbd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100aaaaaaaaaa35000008000200", @ANYRES32=r0, @ANYBLOB="060006000500dfff08000d"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.19262753s ago: executing program 5 (id=7847): r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x100e42, 0x0) write$auto_sg_fops_sg(r0, &(0x7f00000001c0)="bf5b1a8c24000000dbcbc7a996eea7f3804ca6c7591afff6578d2f5f520f687f316ba7327b581cd8d5", 0x29) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r1 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r1, 0x0, 0xfffffdf1) linkat$auto(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r1, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x7bd, 0x1) mprotect$auto(0x0, 0x8000000000000001, 0x8) write$auto(0x3, 0x0, 0xfffffdef) 5.032725667s ago: executing program 7 (id=7849): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x25, 0x800007, 0xeb1, 0xffffffffffffffff, 0x8000) sysfs$auto(0x2, 0x3, 0x0) fsopen$auto(0x0, 0x1) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) io_cancel$auto(0x3, &(0x7f0000000000)={0x3, 0x9, 0x0, 0x10, 0x8, 0x2, 0xff, 0x1, 0x7ff, 0x0, 0x3}, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) 4.747131828s ago: executing program 3 (id=7851): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) mmap$auto(0x2000, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) r2 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r2, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xbff, 0x2c, 0x2c, 0x3, 0x2}) 4.669827819s ago: executing program 7 (id=7852): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_pwait2$auto(r0, 0xfffffffffffffffc, 0x1000, 0x0, 0x0, 0x8) setsockopt$auto(0x3, 0x9, 0x7b, 0x0, 0x2) select$auto(0x9, 0x0, 0x0, &(0x7f0000000040)={[0xc, 0x5, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x9, 0x80000001, 0x7, 0x1, 0x9, 0x9, 0x1]}, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/swradio0\x00', 0x1600, 0x0) readv$auto(r1, 0x0, 0x8) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mouse0\x00', 0x2, 0x0) 4.291784218s ago: executing program 2 (id=7853): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x2000c000}, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000040)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) 3.440229399s ago: executing program 7 (id=7854): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000002f00)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20040000}, 0x4000000) 3.222912332s ago: executing program 5 (id=7855): r0 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) write$auto(r0, &(0x7f0000000000)='/dev/loop6\x00', 0x6) write$auto_fops_init_pkru_pkeys(0xffffffffffffffff, &(0x7f0000000280), 0x0) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_prog_fd=r1, 0x4007, @old_prog_fd=0x13b}, 0xa3) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/consoles\x00', 0x400200, 0x0) 3.046911715s ago: executing program 2 (id=7856): open(&(0x7f0000000000)='X))\x00', 0x145042, 0x1d0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf253100000008000300", @ANYRES32=r3], 0x48}}, 0x4000000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 2.418775452s ago: executing program 3 (id=7857): socket(0x1e, 0x4, 0x8) setsockopt$auto(0xffffffffffffffff, 0x10b, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x9, 0x4, 0x0, 0x2014) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mseal$auto(0x0, 0x7dda, 0x0) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) socket(0xa, 0x1, 0x84) getsockopt$auto(0xffffffffffffffff, 0x29, 0x1, 0x0, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x68880, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) select$auto(0x6, 0x0, 0x0, 0x0, 0x0) write$auto(0xca, &(0x7f0000000400)='\x04>\x00\x1d\xa4\xd2\xc3\xec&9\v\xbc\xdein\xe1G8\x02\x18\x00\x00\xd3b\x01\xbd\x9b@\xb0\x00\x00\x00\x84\xa2\\\x15\xc4>\xa9\x82,\x95\xeeH\xf8}v\xb3\xcb(\xa90Abe\xc3\x8c\xcc\xe7\xb8\x00F\x89#\xb4\xf0F\xa1GH\xb5\x8f\x9dZ~\xea\xa3\x93\xc2\x04\xe1;b\x99\x97}Z\x7f\x0f\x90\xce\x85-e\xb6n\xbc\xc6=\xf8\xce\xe7\x1e]\x85|\xce\xd7L\x9b\xd3lb\xc5\xee\xdb\xcb\xbb\xd8\xd9\xd3\xf8 \xe9e\xe5\x80\x1c7B+]\\!\xcej}H\x03x\x83Z\x98\xb8\t\xde\xd4\xf5\xf32\xccR\xaa\xdd\x16\xab\xd8\x1d\"\xc7\xa5\xe1k\x1d\xd9k\xc6\xb2\xa7\x97\x9a\xf6\xfe\xef\x1a\xbd\xcb\xb8*\x8b9\x00R\xe9)?Em\xb2\xac\xd1\xf6\xff\xc1\xc7\xbdl\xa2+tI\xa3\xa8\xabVe\x87\xa9\xae9\x82\xd2.SCt\xcc\x8c7\x7f\xdc\xc3\xfb\x94\xfc\xdfc+\x04\xfb\xf5$\xecO1@\x99l;\xd3X\xd5\"\xec\x17hR\xc5\x99\x8b\x9f\xf3\xf48%\xfa\xf2\x1d\xc5\x10T\x83p0\xd7]\x83{\x81\xdei\xd2\xfc\xfd=3K\xc3\xfe\x12\x98\x8b\xbe\xd1+\xc4r\x7f\x8f5\xcc\xa6\xd8>k\xcc\xee\xe0\x9bW\x0e\xc63\x84^\xde`\xd2\xe8\xfc\x02\xef\xa4\xdc\xd0A\xd5`?9D\x1c\x1b\x1b\xd5\xcb\xfb\x03I\xc9\x97\xac#\x0ee\xc8ltL\x88\x17m~aA%\xd3\xaf\xaa6hf\x9b\x83\x02A\xb0\xf6\x14\xb3\x18B\xfd\x9ai\xf8j \a\x1es\xa3U\x98sqq,\xd2A4?l\xa2\x9c\xc9\x9fa\xe8\x99qw\xf3\x18\x12R+(%x\xb6\xf8\x92\xa5\xe4\xdd\xe9\xf2\x0e\xc8', 0x100) 2.197571635s ago: executing program 2 (id=7858): r0 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dri/card1\x00', 0x129e01, 0x0) ioctl$auto(r0, 0x9210640c, 0xffffffffffffffff) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty0\x00', 0x22, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r2, 0x5459, 0x0) r3 = ioctl$auto_TIOCGPTPEER2(r1, 0x5441, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r4, r4, 0x0, 0x3) sendmsg$auto_OVS_METER_CMD_GET(r3, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x44, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {}, [@OVS_METER_ATTR_USED={0xc}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x6}, @OVS_METER_ATTR_MAX_METERS={0x8, 0x7, 0xfffffffd}, @OVS_METER_ATTR_STATS={0x14, 0x3, {0xd, 0xf87}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4044004}, 0x40000) 1.949825408s ago: executing program 5 (id=7859): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) userfaultfd$auto(0x816) mlockall$auto(0x7) mprotect$auto(0x0, 0x8000000000000001, 0x6) clone3$auto(0x0, 0x40) getrandom$auto(0x0, 0x6000000, 0x3) mbind$auto(0xffc, 0x100000004, 0x100000002, 0x0, 0x7ff, 0x5) setuid$auto(0xe) syz_genetlink_get_family_id$auto_nbd(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_map_fd=r1}, 0xa3) bpf$auto(0x3, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x3}, 0xc) 1.481877871s ago: executing program 2 (id=7860): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) nanosleep$auto(0x0, 0x0) r0 = getpid() r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, r0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x5, 0x2, 0xfffffffffffffffe]}, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x9, 0x2, 0x6]}, 0x0) 1.430610489s ago: executing program 3 (id=7861): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r1 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r1, 0x11, 0x68, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0xffd8) recvmmsg$auto(r0, 0x0, 0x10a, 0x8, 0x0) 1.31707233s ago: executing program 7 (id=7862): r0 = socket(0xa, 0x801, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, 0x8, 0x0) r1 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r1, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) madvise$auto(0x0, 0xe6, 0xb) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) open(0x0, 0x64842, 0x0) 1.251752766s ago: executing program 3 (id=7863): syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f0000000000)='\x00', 0xb7) move_pages$auto(0x0, 0x3, 0x0, 0x0, &(0x7f00000002c0)=0x8e5, 0x9) shmctl$auto_SHM_INFO(0x40, 0xe, 0x0) shmctl$auto_IPC_INFO(0x9, 0x3, 0x0) syslog$auto_SYSLOG_ACTION_READ(0x2, &(0x7f00000034c0)='[*))\'\x00', 0x8) r0 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) msgrcv$auto(0x4, 0x0, 0x6, 0x2c6, 0x1d10) sendmsg$auto_IPVS_CMD_GET_INFO(0xffffffffffffffff, &(0x7f0000007140)={&(0x7f0000007040)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) ioctl$auto_SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000007180)=0x5) adjtimex$auto(&(0x7f0000007340)={0x3, 0x0, 0x1, 0x40, 0x2, 0x93db, 0x80, 0x0, 0x7, 0x7f, 0x4, {0x4, 0x10}, 0x81, 0xd, 0x40, 0xb, 0x0, 0x100000001, 0x8000000000000001, 0x2, 0xffffffffffff7fff, 0x1, 0x8}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000074c0)={'ip_vti0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000007600)={0x0, 0x0, &(0x7f00000075c0)={&(0x7f0000007500)={0x74, r0, 0x8, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x50, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'gretap0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}]}, @ETHTOOL_A_LINKMODES_MASTER_SLAVE_CFG={0x5, 0x7, 0x2a}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x9}]}, 0x74}, 0x1, 0x0, 0x0, 0x20}, 0x14) sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f0000007c00)={&(0x7f0000007640), 0xc, &(0x7f0000007bc0)={&(0x7f00000076c0)={0x24, 0x0, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x8d, 0x0, 0x0, @u32}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008084}, 0x4000001) 511.457948ms ago: executing program 2 (id=7864): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 425.233628ms ago: executing program 2 (id=7865): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) syz_genetlink_get_family_id$auto_nl802154(0x0, r0) sendmsg$auto_NL802154_CMD_ASSOCIATE(r0, 0x0, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) 152.796121ms ago: executing program 3 (id=7866): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001d00), r0) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r0, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000080)={0x34, r1, 0x1, 0x70bd27, 0x25dfdc02, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x11, 0x401}]}, 0x34}, 0x1, 0x0, 0x0, 0x90}, 0x80014) syz_genetlink_get_family_id$auto_nl802154(&(0x7f00000001c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0x6, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x39b8) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) timer_settime$auto(0x0, 0x2, &(0x7f0000000100)={{0xa6, 0x3}, {0x0, 0x2000000003}}, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, &(0x7f0000003900)='\t', 0x1) 121.966356ms ago: executing program 5 (id=7867): unshare$auto(0x40000080) openat$auto_tracing_err_log_fops_trace(0xffffffffffffff9c, 0x0, 0x40000, 0x0) close_range$auto(0x2, 0x8, 0x0) open_tree_attr$auto(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x5f7, &(0x7f0000000280)={0x4, 0x4, 0xff, @raw=0x7f}, 0x100000000000) landlock_create_ruleset$auto(0x0, 0x9, 0x0) socket(0x10, 0x2, 0x4) ioperm$auto(0x3, 0xe, 0x2000000000000149) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/slaves\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000000000)="2dc2f4", 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/midi2\x00', 0xaa101, 0x0) fgetxattr$auto(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x2) 12.131262ms ago: executing program 7 (id=7868): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IEEE802154_ASSOCIATE_RESP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x20000881) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, r0, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x288202, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) close_range$auto(0x2, 0xa, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x1000) 0s ago: executing program 3 (id=7869): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x106) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon13\x00', 0x440, 0x0) socket(0x29, 0x2, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x20b82, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r1], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfc7c, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40c0}, 0x48050) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) kernel console output (not intermixed with test programs): [ 965.878618][T26480] ? __pfx_ksys_unshare+0x10/0x10 [ 965.878677][T26480] __x64_sys_unshare+0x31/0x40 [ 965.878719][T26480] do_syscall_64+0x106/0xf80 [ 965.878766][T26480] ? clear_bhb_loop+0x40/0x90 [ 965.878811][T26480] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 965.878849][T26480] RIP: 0033:0x7f75ae39bf79 [ 965.878878][T26480] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 965.878913][T26480] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 965.878946][T26480] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 965.878969][T26480] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 965.878990][T26480] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 965.879011][T26480] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 965.879031][T26480] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 965.879077][T26480] [ 966.958849][T26490] netlink: 342 bytes leftover after parsing attributes in process `syz.3.7286'. [ 966.973846][T26490] netlink: 274 bytes leftover after parsing attributes in process `syz.3.7286'. [ 967.118634][T26493] Â: entered promiscuous mode [ 967.713788][T26506] netlink: 'syz.3.7291': attribute type 27 has an invalid length. [ 967.767437][T26506] netlink: 146 bytes leftover after parsing attributes in process `syz.3.7291'. [ 969.870433][T26530] FAULT_INJECTION: forcing a failure. [ 969.870433][T26530] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 969.920589][T26530] CPU: 1 UID: 0 PID: 26530 Comm: syz.7.7299 Tainted: G U L syzkaller #0 PREEMPT(full) [ 969.920648][T26530] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 969.920661][T26530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 969.920681][T26530] Call Trace: [ 969.920692][T26530] [ 969.920704][T26530] dump_stack_lvl+0x100/0x190 [ 969.920753][T26530] should_fail_ex.cold+0x5/0xa [ 969.920782][T26530] ? prepare_alloc_pages+0x16d/0x5f0 [ 969.920831][T26530] should_fail_alloc_page+0xeb/0x140 [ 969.920878][T26530] prepare_alloc_pages+0x1f0/0x5f0 [ 969.920933][T26530] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 969.920972][T26530] ? __print_lock_name+0x61/0x80 [ 969.921017][T26530] ? is_bpf_text_address+0x8a/0x1a0 [ 969.921058][T26530] ? is_bpf_text_address+0x8a/0x1a0 [ 969.921098][T26530] ? bpf_ksym_find+0x124/0x1c0 [ 969.921128][T26530] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 969.921188][T26530] ? is_bpf_text_address+0x94/0x1a0 [ 969.921228][T26530] ? kernel_text_address+0x8d/0x100 [ 969.921269][T26530] ? __kernel_text_address+0xd/0x30 [ 969.921309][T26530] ? unwind_get_return_address+0x59/0xa0 [ 969.921341][T26530] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 969.921394][T26530] ? __pfx_stack_trace_save+0x10/0x10 [ 969.921440][T26530] ? stack_depot_save_flags+0x27/0x9d0 [ 969.921478][T26530] ? find_held_lock+0x2b/0x80 [ 969.921523][T26530] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 969.921568][T26530] ? policy_nodemask+0xed/0x4f0 [ 969.921615][T26530] alloc_pages_mpol+0x1fb/0x550 [ 969.921660][T26530] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 969.921713][T26530] alloc_pages_noprof+0x131/0x390 [ 969.921759][T26530] kimage_alloc_pages+0x72/0x380 [ 969.921808][T26530] kimage_alloc_control_pages+0x157/0xa20 [ 969.921862][T26530] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 969.921912][T26530] ? kasan_save_track+0x14/0x30 [ 969.921957][T26530] do_kexec_load+0x6c1/0x810 [ 969.921994][T26530] ? __pfx_do_kexec_load+0x10/0x10 [ 969.922026][T26530] ? _copy_from_user+0x59/0xd0 [ 969.922065][T26530] __x64_sys_kexec_load+0x1bf/0x230 [ 969.922097][T26530] do_syscall_64+0x106/0xf80 [ 969.922135][T26530] ? clear_bhb_loop+0x40/0x90 [ 969.922177][T26530] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 969.922208][T26530] RIP: 0033:0x7f39e3d9bf79 [ 969.922233][T26530] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 969.922262][T26530] RSP: 002b:00007f39e4bd5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6 [ 969.922291][T26530] RAX: ffffffffffffffda RBX: 00007f39e4015fa0 RCX: 00007f39e3d9bf79 [ 969.922312][T26530] RDX: 0000200000000040 RSI: 0000000000000001 RDI: 0000200000000007 [ 969.922332][T26530] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 969.922352][T26530] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000000 [ 969.922370][T26530] R13: 00007f39e4016038 R14: 00007f39e4015fa0 R15: 00007ffdf7f00958 [ 969.922409][T26530] [ 969.923535][T26530] kexec: Could not allocate swap buffer [ 974.119301][T26569] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 974.139140][T26569] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 974.202189][T26569] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 974.218420][T26569] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 974.252753][T26569] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 974.287053][T26569] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 974.405095][T26569] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 974.428859][T26569] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 974.539651][T26569] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 975.523550][ T30] audit: type=1800 audit(4294997280.394:24): pid=26606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.7321" name="features" dev="configfs" ino=129777 res=0 errno=0 [ 975.621675][T17274] Bluetooth: hci1: command 0x2016 tx timeout [ 976.185780][T17274] Bluetooth: hci0: command 0x0c1a tx timeout [ 976.262147][ T5826] Bluetooth: hci3: command 0x040f tx timeout [ 976.268849][T17274] Bluetooth: hci2: command 0x0c1a tx timeout [ 976.422113][T17274] Bluetooth: hci4: command 0x0c1a tx timeout [ 977.322964][T26635] netlink: 'syz.3.7330': attribute type 28 has an invalid length. [ 977.363864][T26635] netlink: 'syz.3.7330': attribute type 3 has an invalid length. [ 977.390239][T26635] netlink: 306 bytes leftover after parsing attributes in process `syz.3.7330'. [ 977.768973][T26645] FAULT_INJECTION: forcing a failure. [ 977.768973][T26645] name failslab, interval 1, probability 0, space 0, times 0 [ 977.783176][T26645] CPU: 0 UID: 0 PID: 26645 Comm: syz.7.7334 Tainted: G U L syzkaller #0 PREEMPT(full) [ 977.783234][T26645] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 977.783248][T26645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 977.783270][T26645] Call Trace: [ 977.783282][T26645] [ 977.783296][T26645] dump_stack_lvl+0x100/0x190 [ 977.783361][T26645] should_fail_ex.cold+0x5/0xa [ 977.783398][T26645] should_failslab+0xc2/0x120 [ 977.783446][T26645] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 977.783489][T26645] ? __alloc_skb+0x140/0x710 [ 977.783533][T26645] __alloc_skb+0x140/0x710 [ 977.783568][T26645] ? __alloc_skb+0x5b7/0x710 [ 977.783604][T26645] ? __pfx___alloc_skb+0x10/0x10 [ 977.783642][T26645] ? aa_label_sk_perm+0x194/0x5f0 [ 977.783687][T26645] alloc_skb_with_frags+0xe0/0x810 [ 977.783735][T26645] ? __lock_acquire+0x4a5/0x2630 [ 977.783775][T26645] sock_alloc_send_pskb+0x801/0x980 [ 977.783822][T26645] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 977.783860][T26645] ? __pfx_autoremove_wake_function+0x10/0x10 [ 977.783907][T26645] caif_stream_sendmsg+0x446/0x800 [ 977.783960][T26645] ? __pfx_caif_stream_sendmsg+0x10/0x10 [ 977.784003][T26645] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 977.784059][T26645] sock_write_iter+0x566/0x610 [ 977.784111][T26645] ? __pfx_sock_write_iter+0x10/0x10 [ 977.784164][T26645] ? futex_unqueue+0x133/0x2c0 [ 977.784203][T26645] ? futex_unqueue+0x133/0x2c0 [ 977.784255][T26645] ? __futex_wait+0x256/0x300 [ 977.784314][T26645] do_iter_readv_writev+0x6ee/0x920 [ 977.784371][T26645] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 977.784409][T26645] ? common_file_perm+0x1ab/0x4f0 [ 977.784452][T26645] ? bpf_lsm_file_permission+0x9/0x10 [ 977.784495][T26645] ? security_file_permission+0x76/0x210 [ 977.784536][T26645] ? rw_verify_area+0xce/0x6d0 [ 977.784577][T26645] vfs_writev+0x360/0xe10 [ 977.784625][T26645] ? __pfx_vfs_writev+0x10/0x10 [ 977.784691][T26645] ? __fget_files+0x21f/0x3d0 [ 977.784742][T26645] ? do_writev+0x28a/0x340 [ 977.784779][T26645] do_writev+0x28a/0x340 [ 977.784820][T26645] ? __pfx_do_writev+0x10/0x10 [ 977.784869][T26645] do_syscall_64+0x106/0xf80 [ 977.784909][T26645] ? clear_bhb_loop+0x40/0x90 [ 977.784946][T26645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 977.784978][T26645] RIP: 0033:0x7f39e3d9bf79 [ 977.785006][T26645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 977.785036][T26645] RSP: 002b:00007f39e4bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 977.785067][T26645] RAX: ffffffffffffffda RBX: 00007f39e4015fa0 RCX: 00007f39e3d9bf79 [ 977.785087][T26645] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 977.785109][T26645] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 977.785130][T26645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 977.785150][T26645] R13: 00007f39e4016038 R14: 00007f39e4015fa0 R15: 00007ffdf7f00958 [ 977.785195][T26645] [ 978.195430][T26646] ERROR: Out of memory at tomoyo_memory_ok. [ 978.353132][T17274] Bluetooth: hci2: command 0x0c1a tx timeout [ 978.519737][T17274] Bluetooth: hci4: command 0x0c1a tx timeout [ 978.695207][T26654] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7337'. [ 978.732219][T26654] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.804541][T26654] bridge_slave_1 (unregistering): left allmulticast mode [ 978.844796][T26654] bridge_slave_1 (unregistering): left promiscuous mode [ 978.879995][T26654] bridge0: port 2(bridge_slave_1) entered disabled state [ 978.989470][T26663] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7340'. [ 979.024048][T26663] netlink: 186 bytes leftover after parsing attributes in process `syz.3.7340'. [ 979.548208][ T30] audit: type=1326 audit(4294997284.432:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26667 comm="syz.3.7342" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb5f599bf79 code=0x0 [ 980.425460][T17274] Bluetooth: hci2: command 0x0c1a tx timeout [ 980.585955][T17274] Bluetooth: hci4: command 0x0c1a tx timeout [ 980.985947][T26692] netlink: 62 bytes leftover after parsing attributes in process `syz.5.7347'. [ 982.339767][T26716] netlink: 334 bytes leftover after parsing attributes in process `syz.3.7355'. [ 982.720197][T26726] FAULT_INJECTION: forcing a failure. [ 982.720197][T26726] name failslab, interval 1, probability 0, space 0, times 0 [ 982.785560][T26726] CPU: 0 UID: 0 PID: 26726 Comm: syz.5.7359 Tainted: G U L syzkaller #0 PREEMPT(full) [ 982.785622][T26726] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 982.785635][T26726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 982.785654][T26726] Call Trace: [ 982.785665][T26726] [ 982.785677][T26726] dump_stack_lvl+0x100/0x190 [ 982.785726][T26726] should_fail_ex.cold+0x5/0xa [ 982.785761][T26726] should_failslab+0xc2/0x120 [ 982.785804][T26726] __kmalloc_cache_noprof+0x7a/0x6f0 [ 982.785835][T26726] ? cec_open+0xdb/0x690 [ 982.785880][T26726] ? __lock_acquire+0x4a5/0x2630 [ 982.785919][T26726] cec_open+0xdb/0x690 [ 982.785957][T26726] ? __pfx_cec_open+0x10/0x10 [ 982.785998][T26726] ? kobject_get_unless_zero+0x156/0x200 [ 982.786042][T26726] ? find_held_lock+0x2b/0x80 [ 982.786085][T26726] ? chrdev_open+0x10b/0x6a0 [ 982.786126][T26726] ? chrdev_open+0x10b/0x6a0 [ 982.786173][T26726] ? __pfx_cec_open+0x10/0x10 [ 982.786208][T26726] chrdev_open+0x234/0x6a0 [ 982.786249][T26726] ? __pfx_apparmor_file_open+0x10/0x10 [ 982.786279][T26726] ? __pfx_chrdev_open+0x10/0x10 [ 982.786324][T26726] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 982.786374][T26726] do_dentry_open+0x6d8/0x1660 [ 982.786416][T26726] ? __pfx_chrdev_open+0x10/0x10 [ 982.786474][T26726] vfs_open+0x82/0x3f0 [ 982.786516][T26726] path_openat+0x208c/0x31a0 [ 982.786585][T26726] ? __pfx_path_openat+0x10/0x10 [ 982.786655][T26726] do_file_open+0x20e/0x430 [ 982.786714][T26726] ? __pfx_do_file_open+0x10/0x10 [ 982.786799][T26726] ? alloc_fd+0x476/0x790 [ 982.786864][T26726] ? do_getname+0x191/0x390 [ 982.786907][T26726] do_sys_openat2+0x10d/0x1e0 [ 982.786947][T26726] ? __pfx_do_sys_openat2+0x10/0x10 [ 982.786991][T26726] ? __fget_files+0x21f/0x3d0 [ 982.787048][T26726] __x64_sys_openat+0x12d/0x210 [ 982.787089][T26726] ? __pfx___x64_sys_openat+0x10/0x10 [ 982.787146][T26726] do_syscall_64+0x106/0xf80 [ 982.787193][T26726] ? clear_bhb_loop+0x40/0x90 [ 982.787236][T26726] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 982.787273][T26726] RIP: 0033:0x7f75ae39bf79 [ 982.787303][T26726] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 982.787338][T26726] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 982.787371][T26726] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 982.787394][T26726] RDX: 0000000000101901 RSI: 0000200000002c00 RDI: ffffffffffffff9c [ 982.787417][T26726] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 982.787438][T26726] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 982.787458][T26726] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 982.787502][T26726] [ 984.118630][T26738] netlink: 'syz.5.7363': attribute type 10 has an invalid length. [ 984.127627][T26738] netlink: 'syz.5.7363': attribute type 13 has an invalid length. [ 985.773955][T26769] random: crng reseeded on system resumption [ 987.704205][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805abb3800: rx timeout, send abort [ 988.213565][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805abb3800: abort rx timeout. Force session deactivation [ 988.443861][T26814] netlink: 50 bytes leftover after parsing attributes in process `syz.5.7385'. [ 989.312343][T26829] netlink: 'syz.5.7390': attribute type 10 has an invalid length. [ 989.385034][T26830] ERROR: Out of memory at tomoyo_memory_ok. [ 989.407570][T26829] netlink: 230 bytes leftover after parsing attributes in process `syz.5.7390'. [ 991.048658][T26876] FAULT_INJECTION: forcing a failure. [ 991.048658][T26876] name failslab, interval 1, probability 0, space 0, times 0 [ 991.088830][T26876] CPU: 0 UID: 0 PID: 26876 Comm: syz.7.7404 Tainted: G U L syzkaller #0 PREEMPT(full) [ 991.088891][T26876] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 991.088906][T26876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 991.088929][T26876] Call Trace: [ 991.088945][T26876] [ 991.088958][T26876] dump_stack_lvl+0x100/0x190 [ 991.089016][T26876] should_fail_ex.cold+0x5/0xa [ 991.089059][T26876] should_failslab+0xc2/0x120 [ 991.089122][T26876] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 991.089173][T26876] ? __alloc_skb+0x140/0x710 [ 991.089225][T26876] __alloc_skb+0x140/0x710 [ 991.089266][T26876] ? __alloc_skb+0x5b7/0x710 [ 991.089309][T26876] ? __pfx___alloc_skb+0x10/0x10 [ 991.089353][T26876] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 991.089398][T26876] ? audit_log_start+0x29d/0x930 [ 991.089444][T26876] ? lockdep_init_map_type+0x5c/0x250 [ 991.089496][T26876] audit_log_start+0x350/0x930 [ 991.089547][T26876] ? __pfx_audit_log_start+0x10/0x10 [ 991.089597][T26876] ? arch_do_signal_or_restart+0x1f9/0x770 [ 991.089643][T26876] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 991.089696][T26876] audit_seccomp+0x60/0x190 [ 991.089757][T26876] ? exc_general_protection+0x12e/0x250 [ 991.089820][T26876] __secure_computing+0x26d/0x2c0 [ 991.089866][T26876] do_syscall_64+0x568/0xf80 [ 991.089912][T26876] ? clear_bhb_loop+0x40/0x90 [ 991.089959][T26876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 991.089996][T26876] RIP: 0033:0x7f39e3d9bf79 [ 991.090025][T26876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 991.090058][T26876] RSP: 002b:00007f39e4b92a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 991.090091][T26876] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f39e3d9bf79 [ 991.090123][T26876] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000b [ 991.090144][T26876] RBP: 00007f39e4b93030 R08: 0000000000000000 R09: 000000000000000b [ 991.090166][T26876] R10: 0000000000000009 R11: 0000000000000246 R12: 000000000002f090 [ 991.090187][T26876] R13: 00007f39e4016218 R14: 00007f39e4016180 R15: 00007ffdf7f00958 [ 991.090232][T26876] [ 991.361072][T26876] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 991.369619][T26876] audit: out of memory in audit_log_start [ 991.442045][T26874] bond0: option all_slaves_active: invalid value () [ 992.667189][T26893] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7411'. [ 993.237160][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.244462][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 994.102290][T26917] vcan0: tx drop: invalid sa for name 0x00000000000000fd [ 994.768306][T26925] sp0: Synchronizing with TNC [ 996.335654][T26939] Process accounting paused [ 997.047335][T26977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 997.057872][T26977] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 997.067861][T26977] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 997.078339][T26977] page_type: f5(slab) [ 997.093304][T26977] raw: 00fff00000000040 ffff88813fe37140 dead000000000100 dead000000000122 [ 997.106860][T26977] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 997.117827][T26977] head: 00fff00000000040 ffff88813fe37140 dead000000000100 dead000000000122 [ 997.128779][T26977] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 997.140684][T26977] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 997.150822][T26977] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 997.166288][T26977] page dumped because: unmovable page [ 997.172661][T26977] page_owner tracks the page as allocated [ 997.179880][T26977] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5828, tgid 5828 (syz-executor), ts 280122463316, free_ts 280024644232 [ 997.207824][T26977] post_alloc_hook+0x153/0x170 [ 997.216033][T26977] get_page_from_freelist+0x111d/0x3140 [ 997.222720][T26977] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 997.229876][T26977] new_slab+0xa6/0x6e0 [ 997.234619][T26977] refill_objects+0x26b/0x400 [ 997.240366][T26977] __pcs_replace_empty_main+0x19f/0x600 [ 997.246746][T26977] __kmalloc_noprof+0x688/0x850 [ 997.252631][T26977] tomoyo_realpath_from_path+0xb6/0x690 [ 997.259280][T26977] tomoyo_path_perm+0x276/0x460 [ 997.264785][T26977] tomoyo_path_rmdir+0x91/0xe0 [ 997.275718][T26977] security_path_rmdir+0x145/0x2b0 [ 997.282457][T26977] filename_rmdir+0x29d/0x5c0 [ 997.289841][T26977] __x64_sys_unlinkat+0xf5/0x130 [ 997.295521][T26977] do_syscall_64+0x106/0xf80 [ 997.333928][T26977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.342745][T26977] page last free pid 5834 tgid 5834 stack trace: [ 997.350176][T26977] __free_frozen_pages+0x7ca/0x10a0 [ 997.356095][T26977] qlist_free_all+0x47/0xe0 [ 997.361660][T26977] kasan_quarantine_reduce+0x1a0/0x1f0 [ 997.367876][T26977] __kasan_slab_alloc+0x69/0x90 [ 997.373826][T26977] kmem_cache_alloc_noprof+0x241/0x6e0 [ 997.380265][T26977] vm_area_dup+0x27/0x8e0 [ 997.385206][T26977] dup_mmap+0x6c9/0x1db0 [ 997.428909][T26977] copy_process+0x73d1/0x7a10 [ 997.434333][T26977] kernel_clone+0xfc/0x9a0 [ 997.463590][T26977] __do_sys_clone+0xd9/0x120 [ 997.468888][T26977] do_syscall_64+0x106/0xf80 [ 997.484266][T26977] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.197264][T26999] FAULT_INJECTION: forcing a failure. [ 998.197264][T26999] name failslab, interval 1, probability 0, space 0, times 0 [ 998.370469][T26999] CPU: 1 UID: 0 PID: 26999 Comm: syz.2.7444 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 998.370542][T26999] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 998.370560][T26999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 998.370581][T26999] Call Trace: [ 998.370593][T26999] [ 998.370607][T26999] dump_stack_lvl+0x100/0x190 [ 998.370666][T26999] should_fail_ex.cold+0x5/0xa [ 998.370708][T26999] should_failslab+0xc2/0x120 [ 998.370763][T26999] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 998.370813][T26999] ? __alloc_skb+0x140/0x710 [ 998.370864][T26999] __alloc_skb+0x140/0x710 [ 998.370905][T26999] ? __alloc_skb+0x5b7/0x710 [ 998.370948][T26999] ? __pfx___alloc_skb+0x10/0x10 [ 998.370992][T26999] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 998.371038][T26999] ? audit_log_start+0x29d/0x930 [ 998.371083][T26999] ? lockdep_init_map_type+0x5c/0x250 [ 998.371145][T26999] audit_log_start+0x350/0x930 [ 998.371196][T26999] ? __pfx_audit_log_start+0x10/0x10 [ 998.371248][T26999] ? arch_do_signal_or_restart+0x1f9/0x770 [ 998.371295][T26999] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 998.371348][T26999] audit_seccomp+0x60/0x190 [ 998.371386][T26999] ? exc_general_protection+0x12e/0x250 [ 998.371448][T26999] __secure_computing+0x26d/0x2c0 [ 998.371503][T26999] do_syscall_64+0x568/0xf80 [ 998.371549][T26999] ? clear_bhb_loop+0x40/0x90 [ 998.371593][T26999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 998.371631][T26999] RIP: 0033:0x7f7f6879bf79 [ 998.371661][T26999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 998.371697][T26999] RSP: 002b:00007f7f69661a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 998.371731][T26999] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f7f6879bf79 [ 998.371755][T26999] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000000000b [ 998.371776][T26999] RBP: 00007f7f69662030 R08: 0000000000000000 R09: 000000000000000b [ 998.371797][T26999] R10: 0000000000000009 R11: 0000000000000246 R12: 000000000002f5ea [ 998.371819][T26999] R13: 00007f7f68a16218 R14: 00007f7f68a16180 R15: 00007fff68d8e808 [ 998.371863][T26999] [ 998.371895][T26999] audit: audit_lost=3 audit_rate_limit=0 audit_backlog_limit=64 [ 998.689130][T26999] audit: out of memory in audit_log_start [ 999.041042][T27008] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7447'. [ 999.070776][T27008] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7447'. [ 1000.525695][T27034] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7457'. [ 1000.558243][T27032] ERROR: Out of memory at tomoyo_memory_ok. [ 1001.706154][T27058] netlink: 354 bytes leftover after parsing attributes in process `syz.3.7465'. [ 1003.459408][T27070] FAULT_INJECTION: forcing a failure. [ 1003.459408][T27070] name failslab, interval 1, probability 0, space 0, times 0 [ 1003.489968][T27070] CPU: 0 UID: 0 PID: 27070 Comm: syz.7.7467 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1003.490042][T27070] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1003.490063][T27070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1003.490084][T27070] Call Trace: [ 1003.490095][T27070] [ 1003.490108][T27070] dump_stack_lvl+0x100/0x190 [ 1003.490166][T27070] should_fail_ex.cold+0x5/0xa [ 1003.490207][T27070] should_failslab+0xc2/0x120 [ 1003.490263][T27070] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1003.490301][T27070] ? pagemap_read+0x225/0x830 [ 1003.490354][T27070] ? bpf_lsm_capable+0x9/0x10 [ 1003.490408][T27070] ? security_capable+0x80/0x260 [ 1003.490472][T27070] pagemap_read+0x225/0x830 [ 1003.490532][T27070] ? common_file_perm+0x1ab/0x4f0 [ 1003.490575][T27070] ? __pfx_pagemap_read+0x10/0x10 [ 1003.490639][T27070] ? rw_verify_area+0xce/0x6d0 [ 1003.490689][T27070] ? __pfx_pagemap_read+0x10/0x10 [ 1003.490745][T27070] vfs_read+0x1e4/0xb30 [ 1003.490796][T27070] ? __pfx_vfs_read+0x10/0x10 [ 1003.490842][T27070] ? __fget_files+0x215/0x3d0 [ 1003.490899][T27070] ? __fget_files+0x21f/0x3d0 [ 1003.490959][T27070] ksys_read+0x12a/0x250 [ 1003.491008][T27070] ? __pfx_ksys_read+0x10/0x10 [ 1003.491066][T27070] do_syscall_64+0x106/0xf80 [ 1003.491111][T27070] ? clear_bhb_loop+0x40/0x90 [ 1003.491156][T27070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1003.491193][T27070] RIP: 0033:0x7f39e3d9bf79 [ 1003.491223][T27070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1003.491257][T27070] RSP: 002b:00007f39e4bb4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1003.491288][T27070] RAX: ffffffffffffffda RBX: 00007f39e4016090 RCX: 00007f39e3d9bf79 [ 1003.491310][T27070] RDX: 00000000000039b8 RSI: 0000000000000000 RDI: 0000000000000005 [ 1003.491330][T27070] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1003.491351][T27070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1003.491372][T27070] R13: 00007f39e4016128 R14: 00007f39e4016090 R15: 00007ffdf7f00958 [ 1003.491414][T27070] [ 1003.498808][ T30] audit: type=1107 audit(4294967327.470:26): pid=27066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1003.893310][ T30] audit: type=1107 audit(4294967327.730:27): pid=27066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='' [ 1004.493194][T27088] FAULT_INJECTION: forcing a failure. [ 1004.493194][T27088] name failslab, interval 1, probability 0, space 0, times 0 [ 1004.527364][T27088] CPU: 0 UID: 0 PID: 27088 Comm: syz.5.7474 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1004.527441][T27088] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1004.527463][T27088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1004.527486][T27088] Call Trace: [ 1004.527499][T27088] [ 1004.527521][T27088] dump_stack_lvl+0x100/0x190 [ 1004.527581][T27088] should_fail_ex.cold+0x5/0xa [ 1004.527624][T27088] should_failslab+0xc2/0x120 [ 1004.527681][T27088] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1004.527725][T27088] ? drm_atomic_helper_setup_commit+0x56f/0x14f0 [ 1004.527778][T27088] ? drm_atomic_helper_check+0x10f/0x190 [ 1004.527836][T27088] drm_atomic_helper_setup_commit+0x56f/0x14f0 [ 1004.527907][T27088] drm_atomic_helper_commit+0xa9/0x380 [ 1004.527960][T27088] ? __pfx_drm_atomic_helper_commit+0x10/0x10 [ 1004.528014][T27088] drm_atomic_commit+0x230/0x300 [ 1004.528060][T27088] ? __pfx_drm_atomic_commit+0x10/0x10 [ 1004.528104][T27088] ? __pfx___drm_printfn_info+0x10/0x10 [ 1004.528152][T27088] ? drm_client_rotation+0x451/0x6a0 [ 1004.528210][T27088] drm_client_modeset_commit_atomic+0x6a6/0x7e0 [ 1004.528276][T27088] ? __mutex_lock+0x26a/0x1b90 [ 1004.528327][T27088] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 1004.528383][T27088] ? drm_master_internal_acquire+0x21/0x80 [ 1004.528475][T27088] drm_client_modeset_commit_locked+0x14d/0x580 [ 1004.528551][T27088] drm_client_modeset_commit+0x4f/0x80 [ 1004.528607][T27088] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 1004.528667][T27088] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 1004.528726][T27088] drm_fbdev_client_restore+0x1b/0x30 [ 1004.528768][T27088] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 1004.528811][T27088] drm_client_dev_restore+0x205/0x2a0 [ 1004.528872][T27088] drm_release+0x2c6/0x360 [ 1004.528921][T27088] ? __pfx_drm_release+0x10/0x10 [ 1004.528967][T27088] __fput+0x3ff/0xb40 [ 1004.529010][T27088] task_work_run+0x150/0x240 [ 1004.529065][T27088] ? __pfx_task_work_run+0x10/0x10 [ 1004.529129][T27088] exit_to_user_mode_loop+0x100/0x4a0 [ 1004.529181][T27088] do_syscall_64+0x668/0xf80 [ 1004.529228][T27088] ? clear_bhb_loop+0x40/0x90 [ 1004.529273][T27088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1004.529310][T27088] RIP: 0033:0x7f75ae39bf79 [ 1004.529342][T27088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1004.529378][T27088] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1004.529412][T27088] RAX: 0000000000000000 RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1004.529434][T27088] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1004.529454][T27088] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1004.529475][T27088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1004.529495][T27088] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1004.529551][T27088] [ 1005.073587][T27092] netlink: 186 bytes leftover after parsing attributes in process `syz.2.7478'. [ 1005.085370][T27092] netlink: 186 bytes leftover after parsing attributes in process `syz.2.7478'. [ 1005.198525][T27097] netlink: 13 bytes leftover after parsing attributes in process `syz.7.7475'. [ 1005.251798][T27099] FAULT_INJECTION: forcing a failure. [ 1005.251798][T27099] name failslab, interval 1, probability 0, space 0, times 0 [ 1005.290118][T27099] CPU: 1 UID: 0 PID: 27099 Comm: syz.2.7479 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1005.290195][T27099] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1005.290217][T27099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1005.290238][T27099] Call Trace: [ 1005.290250][T27099] [ 1005.290264][T27099] dump_stack_lvl+0x100/0x190 [ 1005.290325][T27099] should_fail_ex.cold+0x5/0xa [ 1005.290366][T27099] should_failslab+0xc2/0x120 [ 1005.290422][T27099] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1005.290469][T27099] ? __proc_create+0x2cb/0x8c0 [ 1005.290530][T27099] __proc_create+0x2cb/0x8c0 [ 1005.290575][T27099] ? __pfx___proc_create+0x10/0x10 [ 1005.290625][T27099] ? _raw_write_unlock+0x28/0x50 [ 1005.290670][T27099] ? proc_register+0x559/0x8a0 [ 1005.290719][T27099] proc_create_reg+0x75/0x170 [ 1005.290769][T27099] proc_create_data+0x86/0x110 [ 1005.290816][T27099] ? __pfx_proc_create_data+0x10/0x10 [ 1005.290863][T27099] ? cache_register_net+0x137/0x5e0 [ 1005.290916][T27099] ? cache_register_net+0x137/0x5e0 [ 1005.290978][T27099] cache_register_net+0x25a/0x5e0 [ 1005.291038][T27099] nfsd_idmap_init+0xb6/0x250 [ 1005.291090][T27099] ? __pfx_nfsd_net_init+0x10/0x10 [ 1005.291131][T27099] nfsd_net_init+0x69/0x3d0 [ 1005.291175][T27099] ? __pfx_nfsd_net_init+0x10/0x10 [ 1005.291215][T27099] ops_init+0x1e2/0x5f0 [ 1005.291269][T27099] setup_net+0x118/0x3a0 [ 1005.291320][T27099] ? __pfx_setup_net+0x10/0x10 [ 1005.291368][T27099] ? lockdep_init_map_type+0x5c/0x250 [ 1005.291416][T27099] ? mutex_init_lockep+0x110/0x150 [ 1005.291469][T27099] copy_net_ns+0x46f/0x7c0 [ 1005.291536][T27099] create_new_namespaces+0x3ea/0xac0 [ 1005.291607][T27099] copy_namespaces+0x468/0x5e0 [ 1005.291647][T27099] copy_process+0x3226/0x7a10 [ 1005.291709][T27099] ? __pfx_copy_process+0x10/0x10 [ 1005.291772][T27099] kernel_clone+0xfc/0x9a0 [ 1005.291810][T27099] ? __pfx_futex_wait+0x10/0x10 [ 1005.291863][T27099] ? __pfx_kernel_clone+0x10/0x10 [ 1005.291926][T27099] __do_sys_clone+0xd9/0x120 [ 1005.291970][T27099] ? __pfx___do_sys_clone+0x10/0x10 [ 1005.292015][T27099] ? __fget_files+0x21f/0x3d0 [ 1005.292099][T27099] do_syscall_64+0x106/0xf80 [ 1005.292145][T27099] ? clear_bhb_loop+0x40/0x90 [ 1005.292191][T27099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1005.292228][T27099] RIP: 0033:0x7f7f6879bf79 [ 1005.292260][T27099] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1005.292296][T27099] RSP: 002b:00007f7f696a3fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1005.292330][T27099] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1005.292353][T27099] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 1005.292376][T27099] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1005.292398][T27099] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1005.292420][T27099] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1005.292466][T27099] [ 1006.173806][T27105] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1006.216310][T27112] netlink: 25 bytes leftover after parsing attributes in process `syz.7.7483'. [ 1006.839358][T17274] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 1007.061646][T27133] netlink: 342 bytes leftover after parsing attributes in process `syz.5.7491'. [ 1007.480109][T27139] FAULT_INJECTION: forcing a failure. [ 1007.480109][T27139] name failslab, interval 1, probability 0, space 0, times 0 [ 1007.506573][T27139] CPU: 1 UID: 0 PID: 27139 Comm: syz.3.7494 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1007.506663][T27139] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1007.506683][T27139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1007.506702][T27139] Call Trace: [ 1007.506714][T27139] [ 1007.506727][T27139] dump_stack_lvl+0x100/0x190 [ 1007.506785][T27139] should_fail_ex.cold+0x5/0xa [ 1007.506827][T27139] ? constrain_params_by_rules+0x175/0xcc0 [ 1007.506866][T27139] should_failslab+0xc2/0x120 [ 1007.506907][T27139] __kmalloc_noprof+0xe0/0x850 [ 1007.506946][T27139] constrain_params_by_rules+0x175/0xcc0 [ 1007.506979][T27139] ? __lock_acquire+0x4a5/0x2630 [ 1007.507011][T27139] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 1007.507058][T27139] ? __pfx_stack_trace_save+0x10/0x10 [ 1007.507100][T27139] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 1007.507134][T27139] ? lock_acquire+0x1cf/0x380 [ 1007.507175][T27139] ? __mutex_lock+0x26a/0x1b90 [ 1007.507212][T27139] ? snd_interval_refine+0x2d0/0x580 [ 1007.507252][T27139] snd_pcm_hw_refine+0x7e7/0xad0 [ 1007.507288][T27139] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 1007.507325][T27139] ? do_raw_spin_lock+0x128/0x260 [ 1007.507366][T27139] ? mark_held_locks+0x40/0x70 [ 1007.507400][T27139] snd_pcm_hw_params+0x3f1/0x1cb0 [ 1007.507432][T27139] ? snd_pcm_hw_param_near.constprop.0+0x573/0x850 [ 1007.507475][T27139] ? kfree+0x1f6/0x6b0 [ 1007.507500][T27139] ? snd_pcm_hw_param_last+0x2dc/0x660 [ 1007.507534][T27139] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 1007.507568][T27139] ? snd_pcm_hw_param_near.constprop.0+0x578/0x850 [ 1007.507617][T27139] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 1007.507669][T27139] snd_pcm_kernel_ioctl+0x167/0x2e0 [ 1007.507703][T27139] snd_pcm_oss_change_params_locked+0x1973/0x39f0 [ 1007.507745][T27139] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 1007.507777][T27139] ? __pfx___mutex_lock+0x10/0x10 [ 1007.507830][T27139] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 1007.507859][T27139] snd_pcm_oss_sync+0x265/0x840 [ 1007.507891][T27139] snd_pcm_oss_release+0x238/0x300 [ 1007.507918][T27139] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 1007.507946][T27139] __fput+0x3ff/0xb40 [ 1007.507977][T27139] task_work_run+0x150/0x240 [ 1007.508013][T27139] ? __pfx_task_work_run+0x10/0x10 [ 1007.508057][T27139] exit_to_user_mode_loop+0x100/0x4a0 [ 1007.508092][T27139] do_syscall_64+0x668/0xf80 [ 1007.508125][T27139] ? clear_bhb_loop+0x40/0x90 [ 1007.508156][T27139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1007.508183][T27139] RIP: 0033:0x7fb5f599bf79 [ 1007.508205][T27139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1007.508230][T27139] RSP: 002b:00007fb5f68d1028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1007.508255][T27139] RAX: 0000000000000000 RBX: 00007fb5f5c15fa0 RCX: 00007fb5f599bf79 [ 1007.508271][T27139] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 1007.508286][T27139] RBP: 00007fb5f5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1007.508302][T27139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1007.508317][T27139] R13: 00007fb5f5c16038 R14: 00007fb5f5c15fa0 R15: 00007ffe103198f8 [ 1007.508350][T27139] [ 1010.853480][T27185] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3562660123 (7125320246 ns) > initial count (2882038626 ns). Using initial count to start timer. [ 1011.708191][T27207] ERROR: Out of memory at tomoyo_memory_ok. [ 1013.279806][T27227] FAULT_INJECTION: forcing a failure. [ 1013.279806][T27227] name failslab, interval 1, probability 0, space 0, times 0 [ 1013.314924][T27227] CPU: 0 UID: 0 PID: 27227 Comm: syz.2.7518 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1013.315002][T27227] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1013.315022][T27227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1013.315043][T27227] Call Trace: [ 1013.315055][T27227] [ 1013.315068][T27227] dump_stack_lvl+0x100/0x190 [ 1013.315126][T27227] should_fail_ex.cold+0x5/0xa [ 1013.315166][T27227] should_failslab+0xc2/0x120 [ 1013.315223][T27227] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1013.315270][T27227] ? __proc_create+0x2cb/0x8c0 [ 1013.315323][T27227] __proc_create+0x2cb/0x8c0 [ 1013.315368][T27227] ? __pfx___proc_create+0x10/0x10 [ 1013.315418][T27227] ? _raw_write_unlock+0x28/0x50 [ 1013.315463][T27227] ? proc_register+0x559/0x8a0 [ 1013.315512][T27227] proc_create_reg+0x75/0x170 [ 1013.315562][T27227] proc_create_net_data+0x8e/0x1c0 [ 1013.315610][T27227] ? __pfx_proc_create_net_data+0x10/0x10 [ 1013.315657][T27227] ? __pfx_proc_create_net_data+0x10/0x10 [ 1013.315702][T27227] ? __pfx_uevent_net_rcv+0x10/0x10 [ 1013.315766][T27227] ? __pfx_dev_proc_net_init+0x10/0x10 [ 1013.315809][T27227] dev_proc_net_init+0x100/0x230 [ 1013.315852][T27227] ops_init+0x1e2/0x5f0 [ 1013.315904][T27227] setup_net+0x118/0x3a0 [ 1013.315962][T27227] ? __pfx_setup_net+0x10/0x10 [ 1013.316010][T27227] ? lockdep_init_map_type+0x5c/0x250 [ 1013.316059][T27227] ? mutex_init_lockep+0x110/0x150 [ 1013.316112][T27227] copy_net_ns+0x46f/0x7c0 [ 1013.316170][T27227] create_new_namespaces+0x3ea/0xac0 [ 1013.316241][T27227] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 1013.316282][T27227] ksys_unshare+0x455/0xab0 [ 1013.316329][T27227] ? __pfx_ksys_unshare+0x10/0x10 [ 1013.316389][T27227] __x64_sys_unshare+0x31/0x40 [ 1013.316431][T27227] do_syscall_64+0x106/0xf80 [ 1013.316477][T27227] ? clear_bhb_loop+0x40/0x90 [ 1013.316523][T27227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1013.316561][T27227] RIP: 0033:0x7f7f6879bf79 [ 1013.316590][T27227] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1013.316627][T27227] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1013.316662][T27227] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1013.316685][T27227] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1013.316705][T27227] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1013.316725][T27227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1013.316745][T27227] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1013.316791][T27227] [ 1013.885555][T27234] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7521'. [ 1013.967498][T27234] bridge_slave_1 (unregistering): left allmulticast mode [ 1013.989823][T27234] bridge_slave_1 (unregistering): left promiscuous mode [ 1013.997706][T27234] bridge0: port 2(bridge_slave_1) entered disabled state [ 1015.460723][T27264] FAULT_INJECTION: forcing a failure. [ 1015.460723][T27264] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1015.579275][T27264] CPU: 0 UID: 0 PID: 27264 Comm: syz.3.7529 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1015.579349][T27264] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1015.579367][T27264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1015.579387][T27264] Call Trace: [ 1015.579398][T27264] [ 1015.579411][T27264] dump_stack_lvl+0x100/0x190 [ 1015.579467][T27264] should_fail_ex.cold+0x5/0xa [ 1015.579508][T27264] get_futex_key+0x1d2/0x1620 [ 1015.579562][T27264] ? __pfx_get_futex_key+0x10/0x10 [ 1015.579601][T27264] ? __pfx_vm_normal_page+0x10/0x10 [ 1015.579658][T27264] ? mtree_load+0x32d/0xa40 [ 1015.579710][T27264] futex_wake+0xea/0x530 [ 1015.579762][T27264] ? __pfx_futex_wake+0x10/0x10 [ 1015.579819][T27264] ? mmput+0x53/0x80 [ 1015.579858][T27264] do_futex+0x32b/0x350 [ 1015.579900][T27264] ? __pfx_do_futex+0x10/0x10 [ 1015.579942][T27264] ? __pfx_kernel_move_pages+0x10/0x10 [ 1015.579977][T27264] ? __pfx_do_set_mempolicy+0x10/0x10 [ 1015.580033][T27264] __x64_sys_futex+0x34f/0x4d0 [ 1015.580080][T27264] ? __pfx___x64_sys_futex+0x10/0x10 [ 1015.580138][T27264] do_syscall_64+0x106/0xf80 [ 1015.580183][T27264] ? clear_bhb_loop+0x40/0x90 [ 1015.580227][T27264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1015.580264][T27264] RIP: 0033:0x7fb5f599bf79 [ 1015.580293][T27264] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1015.580327][T27264] RSP: 002b:00007fb5f68d10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1015.580361][T27264] RAX: ffffffffffffffda RBX: 00007fb5f5c15fa8 RCX: 00007fb5f599bf79 [ 1015.580384][T27264] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fb5f5c15fac [ 1015.580405][T27264] RBP: 00007fb5f5c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 1015.580426][T27264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1015.580446][T27264] R13: 00007fb5f5c16038 R14: 00007ffe10319810 R15: 00007ffe103198f8 [ 1015.580490][T27264] [ 1019.415182][ T5826] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 1019.486368][T27290] zswap: compressor not available [ 1019.702896][T27292] FAULT_INJECTION: forcing a failure. [ 1019.702896][T27292] name failslab, interval 1, probability 0, space 0, times 0 [ 1019.779468][T27292] CPU: 0 UID: 0 PID: 27292 Comm: syz.5.7537 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1019.779542][T27292] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1019.779563][T27292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1019.779584][T27292] Call Trace: [ 1019.779596][T27292] [ 1019.779609][T27292] dump_stack_lvl+0x100/0x190 [ 1019.779670][T27292] should_fail_ex.cold+0x5/0xa [ 1019.779712][T27292] should_failslab+0xc2/0x120 [ 1019.779766][T27292] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1019.779812][T27292] ? __proc_create+0x2cb/0x8c0 [ 1019.779865][T27292] __proc_create+0x2cb/0x8c0 [ 1019.779910][T27292] ? __pfx___proc_create+0x10/0x10 [ 1019.779960][T27292] ? _raw_write_unlock+0x28/0x50 [ 1019.780005][T27292] ? proc_register+0x559/0x8a0 [ 1019.780054][T27292] proc_create_reg+0x75/0x170 [ 1019.780104][T27292] proc_create_data+0x86/0x110 [ 1019.780163][T27292] ? __pfx_proc_create_data+0x10/0x10 [ 1019.780211][T27292] ? cache_register_net+0x137/0x5e0 [ 1019.780263][T27292] ? cache_register_net+0x137/0x5e0 [ 1019.780323][T27292] cache_register_net+0x2d6/0x5e0 [ 1019.780380][T27292] nfsd_idmap_init+0x16e/0x250 [ 1019.780430][T27292] ? __pfx_nfsd_net_init+0x10/0x10 [ 1019.780471][T27292] nfsd_net_init+0x69/0x3d0 [ 1019.780512][T27292] ? __pfx_nfsd_net_init+0x10/0x10 [ 1019.780553][T27292] ops_init+0x1e2/0x5f0 [ 1019.780607][T27292] setup_net+0x118/0x3a0 [ 1019.780658][T27292] ? __pfx_setup_net+0x10/0x10 [ 1019.780704][T27292] ? lockdep_init_map_type+0x5c/0x250 [ 1019.780751][T27292] ? mutex_init_lockep+0x110/0x150 [ 1019.780803][T27292] copy_net_ns+0x46f/0x7c0 [ 1019.780860][T27292] create_new_namespaces+0x3ea/0xac0 [ 1019.780928][T27292] copy_namespaces+0x468/0x5e0 [ 1019.780965][T27292] copy_process+0x3226/0x7a10 [ 1019.781027][T27292] ? __pfx_copy_process+0x10/0x10 [ 1019.781089][T27292] kernel_clone+0xfc/0x9a0 [ 1019.781125][T27292] ? __pfx_futex_wait+0x10/0x10 [ 1019.781186][T27292] ? __pfx_kernel_clone+0x10/0x10 [ 1019.781251][T27292] __do_sys_clone+0xd9/0x120 [ 1019.781293][T27292] ? __pfx___do_sys_clone+0x10/0x10 [ 1019.781335][T27292] ? __fget_files+0x21f/0x3d0 [ 1019.781419][T27292] do_syscall_64+0x106/0xf80 [ 1019.781466][T27292] ? clear_bhb_loop+0x40/0x90 [ 1019.781510][T27292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1019.781547][T27292] RIP: 0033:0x7f75ae39bf79 [ 1019.781576][T27292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1019.781611][T27292] RSP: 002b:00007f75af331fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 1019.781644][T27292] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1019.781667][T27292] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 1019.781688][T27292] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1019.781710][T27292] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 1019.781730][T27292] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1019.781776][T27292] [ 1020.832548][T27309] netlink: 226 bytes leftover after parsing attributes in process `syz.2.7541'. [ 1020.979478][T27309] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7541'. [ 1020.990118][T27309] A link change request failed with some changes committed already. Interface wg1 may have been left with an inconsistent configuration, please check. [ 1021.351113][T27315] netlink: 252 bytes leftover after parsing attributes in process `syz.2.7544'. [ 1021.365550][T27315] netlink: 252 bytes leftover after parsing attributes in process `syz.2.7544'. [ 1021.762710][T27326] netlink: 330 bytes leftover after parsing attributes in process `syz.2.7550'. [ 1022.157104][T27005] syz.7.7446 (27005) used greatest stack depth: 18472 bytes left [ 1022.221601][T27337] netlink: 'syz.2.7552': attribute type 15 has an invalid length. [ 1022.239678][T27337] netlink: 'syz.2.7552': attribute type 16 has an invalid length. [ 1022.250575][T27337] netlink: 194 bytes leftover after parsing attributes in process `syz.2.7552'. [ 1022.278102][T27321] ima: policy update failed [ 1022.292606][ T30] audit: type=1802 audit(4294967346.270:28): pid=27321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.7547" res=0 errno=0 [ 1022.503632][T17274] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 1022.960419][T27353] ERROR: Out of memory at tomoyo_memory_ok. [ 1023.561611][T27368] vivid-007: ================= START STATUS ================= [ 1023.604685][T27368] vivid-007: Enable Output Cropping: true grabbed [ 1023.663750][T27368] vivid-007: Enable Output Composing: true grabbed [ 1023.739297][T27368] vivid-007: Enable Output Scaler: true grabbed [ 1023.765470][T27368] vivid-007: Tx RGB Quantization Range: Automatic grabbed [ 1023.805390][T27368] vivid-007: Transmit Mode: HDMI grabbed [ 1023.839038][T27368] vivid-007: Hotplug Present: 0x00000000 [ 1023.865682][T27368] vivid-007: RxSense Present: 0x00000000 [ 1023.889023][T27368] vivid-007: EDID Present: 0x00000000 [ 1023.895125][T27368] vivid-007: ================== END STATUS ================== [ 1025.254982][T27398] netlink: 'syz.3.7568': attribute type 10 has an invalid length. [ 1025.291347][T27398] netlink: 230 bytes leftover after parsing attributes in process `syz.3.7568'. [ 1025.355273][T27398] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check. [ 1026.995022][T27421] Process accounting resumed [ 1027.075827][T27428] netlink: 330 bytes leftover after parsing attributes in process `syz.5.7576'. [ 1027.964414][T27452] netlink: 28 bytes leftover after parsing attributes in process `syz.3.7584'. [ 1028.128879][T27454] FAULT_INJECTION: forcing a failure. [ 1028.128879][T27454] name failslab, interval 1, probability 0, space 0, times 0 [ 1028.200722][T27454] CPU: 1 UID: 0 PID: 27454 Comm: syz.2.7585 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1028.200795][T27454] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1028.200816][T27454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1028.200837][T27454] Call Trace: [ 1028.200847][T27454] [ 1028.200860][T27454] dump_stack_lvl+0x100/0x190 [ 1028.200917][T27454] should_fail_ex.cold+0x5/0xa [ 1028.200955][T27454] ? lsm_blob_alloc+0x68/0x90 [ 1028.201004][T27454] should_failslab+0xc2/0x120 [ 1028.201055][T27454] __kmalloc_noprof+0xe0/0x850 [ 1028.201098][T27454] ? trace_kmem_cache_alloc+0xf3/0x120 [ 1028.201160][T27454] lsm_blob_alloc+0x68/0x90 [ 1028.201211][T27454] security_prepare_creds+0x2d/0x290 [ 1028.201262][T27454] prepare_creds+0x5d6/0x950 [ 1028.201315][T27454] lookup_user_key+0xfb2/0x1300 [ 1028.201361][T27454] ? __pfx_lookup_user_key+0x10/0x10 [ 1028.201407][T27454] ? do_raw_spin_lock+0x128/0x260 [ 1028.201461][T27454] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 1028.201510][T27454] ? _raw_spin_unlock_irq+0x2e/0x50 [ 1028.201560][T27454] ? do_sigaltstack.constprop.0+0x4c0/0x670 [ 1028.201616][T27454] keyctl_restrict_keyring+0x99/0x250 [ 1028.201655][T27454] ? __pfx_keyctl_restrict_keyring+0x10/0x10 [ 1028.201713][T27454] __do_sys_keyctl+0x2e8/0x5a0 [ 1028.201751][T27454] do_syscall_64+0x106/0xf80 [ 1028.201796][T27454] ? clear_bhb_loop+0x40/0x90 [ 1028.201840][T27454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1028.201877][T27454] RIP: 0033:0x7f7f6879bf79 [ 1028.201907][T27454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1028.201940][T27454] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 1028.201975][T27454] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1028.201999][T27454] RDX: 0000000000000002 RSI: fffffffffffffffd RDI: 000000000000001d [ 1028.202022][T27454] RBP: 00007f7f688327e0 R08: fffffffffffffffd R09: 0000000000000000 [ 1028.202052][T27454] R10: 0000000000000628 R11: 0000000000000246 R12: 0000000000000000 [ 1028.202074][T27454] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1028.202119][T27454] [ 1029.170659][T27459] FAULT_INJECTION: forcing a failure. [ 1029.170659][T27459] name failslab, interval 1, probability 0, space 0, times 0 [ 1029.205160][T27459] CPU: 1 UID: 0 PID: 27459 Comm: syz.5.7587 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1029.205225][T27459] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1029.205244][T27459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1029.205264][T27459] Call Trace: [ 1029.205275][T27459] [ 1029.205288][T27459] dump_stack_lvl+0x100/0x190 [ 1029.205341][T27459] should_fail_ex.cold+0x5/0xa [ 1029.205379][T27459] should_failslab+0xc2/0x120 [ 1029.205439][T27459] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1029.205484][T27459] ? taskstats_exit+0x650/0xbd0 [ 1029.205541][T27459] taskstats_exit+0x650/0xbd0 [ 1029.205593][T27459] ? __pfx_acct_update_integrals+0x10/0x10 [ 1029.205647][T27459] ? __pfx_taskstats_exit+0x10/0x10 [ 1029.205699][T27459] ? rcu_read_lock_any_held+0x6a/0xa0 [ 1029.205750][T27459] ? exit_signals+0x395/0xaf0 [ 1029.205788][T27459] do_exit+0x5ca/0x2a90 [ 1029.205824][T27459] ? __pfx_do_exit+0x10/0x10 [ 1029.205854][T27459] ? do_raw_spin_lock+0x128/0x260 [ 1029.205888][T27459] ? find_held_lock+0x2b/0x80 [ 1029.205925][T27459] ? get_signal+0x7e0/0x21e0 [ 1029.205951][T27459] do_group_exit+0xd5/0x2a0 [ 1029.205985][T27459] get_signal+0x1ec7/0x21e0 [ 1029.206016][T27459] ? __fget_files+0x21f/0x3d0 [ 1029.206052][T27459] ? __pfx_get_signal+0x10/0x10 [ 1029.206077][T27459] ? do_futex+0x192/0x350 [ 1029.206110][T27459] arch_do_signal_or_restart+0x91/0x770 [ 1029.206141][T27459] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1029.206179][T27459] ? __pfx___x64_sys_futex+0x10/0x10 [ 1029.206215][T27459] exit_to_user_mode_loop+0x86/0x4a0 [ 1029.206248][T27459] do_syscall_64+0x668/0xf80 [ 1029.206280][T27459] ? clear_bhb_loop+0x40/0x90 [ 1029.206310][T27459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1029.206334][T27459] RIP: 0033:0x7f75ae39bf79 [ 1029.206354][T27459] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1029.206378][T27459] RSP: 002b:00007f75af3110e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1029.206401][T27459] RAX: fffffffffffffe00 RBX: 00007f75ae616098 RCX: 00007f75ae39bf79 [ 1029.206422][T27459] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f75ae616098 [ 1029.206436][T27459] RBP: 00007f75ae616090 R08: 0000000000000000 R09: 0000000000000000 [ 1029.206451][T27459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1029.206465][T27459] R13: 00007f75ae616128 R14: 00007ffea10ae220 R15: 00007ffea10ae308 [ 1029.206496][T27459] [ 1030.499421][T27484] FAULT_INJECTION: forcing a failure. [ 1030.499421][T27484] name failslab, interval 1, probability 0, space 0, times 0 [ 1030.513868][T27484] CPU: 0 UID: 0 PID: 27484 Comm: syz.3.7593 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1030.513922][T27484] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1030.513937][T27484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1030.513953][T27484] Call Trace: [ 1030.513962][T27484] [ 1030.513972][T27484] dump_stack_lvl+0x100/0x190 [ 1030.514015][T27484] should_fail_ex.cold+0x5/0xa [ 1030.514045][T27484] should_failslab+0xc2/0x120 [ 1030.514093][T27484] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1030.514126][T27484] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1030.514156][T27484] ? pcpu_alloc_noprof+0x912/0x1c50 [ 1030.514194][T27484] radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1030.514228][T27484] radix_tree_extend+0x1a2/0x4d0 [ 1030.514260][T27484] idr_get_free+0x5ec/0xa00 [ 1030.514300][T27484] idr_alloc_u32+0x1ac/0x320 [ 1030.514335][T27484] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1030.514370][T27484] ? lock_acquire+0x1cf/0x380 [ 1030.514406][T27484] idr_alloc_cyclic+0x10b/0x230 [ 1030.514440][T27484] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1030.514471][T27484] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1030.514516][T27484] map_create+0x14d8/0x2ba0 [ 1030.514553][T27484] ? futex_unqueue+0x13d/0x2c0 [ 1030.514582][T27484] ? __futex_wait+0x256/0x300 [ 1030.514647][T27484] ? __pfx_map_create+0x10/0x10 [ 1030.514684][T27484] ? __might_fault+0xc5/0x140 [ 1030.514715][T27484] ? __might_fault+0xc5/0x140 [ 1030.514757][T27484] __sys_bpf+0x2091/0x4b90 [ 1030.514817][T27484] ? __pfx___sys_bpf+0x10/0x10 [ 1030.514843][T27484] ? __pfx_futex_wait+0x10/0x10 [ 1030.514886][T27484] ? ksys_write+0x190/0x250 [ 1030.514929][T27484] ? do_futex+0x192/0x350 [ 1030.515045][T27484] ? xfd_validate_state+0x129/0x190 [ 1030.515094][T27484] __x64_sys_bpf+0x7b/0xc0 [ 1030.515126][T27484] ? lockdep_hardirqs_on+0x78/0x100 [ 1030.515161][T27484] do_syscall_64+0x106/0xf80 [ 1030.515194][T27484] ? clear_bhb_loop+0x40/0x90 [ 1030.515226][T27484] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1030.515253][T27484] RIP: 0033:0x7fb5f599bf79 [ 1030.515275][T27484] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1030.515300][T27484] RSP: 002b:00007fb5f68b0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1030.515325][T27484] RAX: ffffffffffffffda RBX: 00007fb5f5c16090 RCX: 00007fb5f599bf79 [ 1030.515343][T27484] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000 [ 1030.515359][T27484] RBP: 00007fb5f5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1030.515375][T27484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1030.515391][T27484] R13: 00007fb5f5c16128 R14: 00007fb5f5c16090 R15: 00007ffe103198f8 [ 1030.515423][T27484] [ 1032.705920][T27511] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1034.123533][T27534] ERROR: Out of memory at tomoyo_memory_ok. [ 1034.398292][T27527] FAULT_INJECTION: forcing a failure. [ 1034.398292][T27527] name failslab, interval 1, probability 0, space 0, times 0 [ 1034.412385][T27527] CPU: 0 UID: 0 PID: 27527 Comm: syz.7.7609 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1034.412453][T27527] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1034.412474][T27527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1034.412495][T27527] Call Trace: [ 1034.412505][T27527] [ 1034.412519][T27527] dump_stack_lvl+0x100/0x190 [ 1034.412576][T27527] should_fail_ex.cold+0x5/0xa [ 1034.412619][T27527] should_failslab+0xc2/0x120 [ 1034.412706][T27527] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1034.412763][T27527] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1034.412807][T27527] ? pcpu_alloc_noprof+0x912/0x1c50 [ 1034.412863][T27527] radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1034.412911][T27527] radix_tree_extend+0x1a2/0x4d0 [ 1034.412958][T27527] idr_get_free+0x5ec/0xa00 [ 1034.413016][T27527] idr_alloc_u32+0x1ac/0x320 [ 1034.413065][T27527] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1034.413115][T27527] ? lock_acquire+0x1cf/0x380 [ 1034.413167][T27527] idr_alloc_cyclic+0x10b/0x230 [ 1034.413217][T27527] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1034.413261][T27527] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1034.413332][T27527] map_create+0x14d8/0x2ba0 [ 1034.413383][T27527] ? futex_unqueue+0x13d/0x2c0 [ 1034.413425][T27527] ? __futex_wait+0x256/0x300 [ 1034.413484][T27527] ? __pfx_map_create+0x10/0x10 [ 1034.413544][T27527] ? __might_fault+0xc5/0x140 [ 1034.413592][T27527] ? __might_fault+0xc5/0x140 [ 1034.413661][T27527] __sys_bpf+0x2091/0x4b90 [ 1034.413705][T27527] ? __pfx___sys_bpf+0x10/0x10 [ 1034.413741][T27527] ? __pfx_futex_wait+0x10/0x10 [ 1034.413803][T27527] ? ksys_write+0x190/0x250 [ 1034.413865][T27527] ? do_futex+0x192/0x350 [ 1034.413931][T27527] ? xfd_validate_state+0x129/0x190 [ 1034.413999][T27527] __x64_sys_bpf+0x7b/0xc0 [ 1034.414038][T27527] ? lockdep_hardirqs_on+0x78/0x100 [ 1034.414087][T27527] do_syscall_64+0x106/0xf80 [ 1034.414135][T27527] ? clear_bhb_loop+0x40/0x90 [ 1034.414180][T27527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1034.414219][T27527] RIP: 0033:0x7f39e3d9bf79 [ 1034.414250][T27527] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1034.414291][T27527] RSP: 002b:00007f39e4bd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1034.414328][T27527] RAX: ffffffffffffffda RBX: 00007f39e4015fa0 RCX: 00007f39e3d9bf79 [ 1034.414353][T27527] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000 [ 1034.414376][T27527] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1034.414399][T27527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1034.414421][T27527] R13: 00007f39e4016038 R14: 00007f39e4015fa0 R15: 00007ffdf7f00958 [ 1034.414467][T27527] [ 1035.203122][T27554] binder: 27553:27554 ioctl c0306201 0 returned -14 [ 1035.454868][T27561] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7621'. [ 1035.468264][T27561] netlink: 25 bytes leftover after parsing attributes in process `syz.7.7621'. [ 1037.274770][T27579] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 1037.421188][T27588] lo: entered allmulticast mode [ 1037.431678][ T5179] ERROR: Out of memory at tomoyo_memory_ok. [ 1037.438442][T27588] lo: left allmulticast mode [ 1037.482687][T27588] Setting dangerous option i915.mitigations - tainting kernel [ 1037.512966][T27588] Setting dangerous option i915.mitigations - tainting kernel [ 1037.947116][T27593] FAULT_INJECTION: forcing a failure. [ 1037.947116][T27593] name failslab, interval 1, probability 0, space 0, times 0 [ 1037.962239][T27593] CPU: 0 UID: 0 PID: 27593 Comm: syz.5.7632 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1037.962315][T27593] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1037.962345][T27593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1037.962369][T27593] Call Trace: [ 1037.962380][T27593] [ 1037.962395][T27593] dump_stack_lvl+0x100/0x190 [ 1037.962455][T27593] should_fail_ex.cold+0x5/0xa [ 1037.962505][T27593] should_failslab+0xc2/0x120 [ 1037.962560][T27593] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1037.962599][T27593] ? fscontext_alloc_log+0x4a/0x1b0 [ 1037.962638][T27593] ? v9fs_init_fs_context+0x43d/0x590 [ 1037.962681][T27593] fscontext_alloc_log+0x4a/0x1b0 [ 1037.962724][T27593] __x64_sys_fsopen+0x159/0x220 [ 1037.962765][T27593] do_syscall_64+0x106/0xf80 [ 1037.962811][T27593] ? clear_bhb_loop+0x40/0x90 [ 1037.962854][T27593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1037.962892][T27593] RIP: 0033:0x7f75ae39bf79 [ 1037.962921][T27593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1037.962957][T27593] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 1037.962991][T27593] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1037.963015][T27593] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1037.963036][T27593] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1037.963057][T27593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1037.963078][T27593] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1037.963122][T27593] [ 1038.238397][T27599] futex_wake_op: syz.3.7634 tries to shift op by -2048; fix this program [ 1039.309542][T27621] FAULT_INJECTION: forcing a failure. [ 1039.309542][T27621] name failslab, interval 1, probability 0, space 0, times 0 [ 1039.323552][T27621] CPU: 1 UID: 0 PID: 27621 Comm: syz.5.7640 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1039.323628][T27621] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1039.323650][T27621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1039.323671][T27621] Call Trace: [ 1039.323682][T27621] [ 1039.323696][T27621] dump_stack_lvl+0x100/0x190 [ 1039.323758][T27621] should_fail_ex.cold+0x5/0xa [ 1039.323799][T27621] should_failslab+0xc2/0x120 [ 1039.323854][T27621] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1039.323900][T27621] ? radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1039.323941][T27621] ? pcpu_alloc_noprof+0x912/0x1c50 [ 1039.323996][T27621] radix_tree_node_alloc.constprop.0+0x66/0x340 [ 1039.324043][T27621] radix_tree_extend+0x1a2/0x4d0 [ 1039.324090][T27621] idr_get_free+0x5ec/0xa00 [ 1039.324146][T27621] idr_alloc_u32+0x1ac/0x320 [ 1039.324193][T27621] ? __pfx_idr_alloc_u32+0x10/0x10 [ 1039.324249][T27621] ? lock_acquire+0x1cf/0x380 [ 1039.324300][T27621] idr_alloc_cyclic+0x10b/0x230 [ 1039.324350][T27621] ? __pfx_idr_alloc_cyclic+0x10/0x10 [ 1039.324394][T27621] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1039.324457][T27621] map_create+0x14d8/0x2ba0 [ 1039.324510][T27621] ? futex_unqueue+0x13d/0x2c0 [ 1039.324551][T27621] ? __futex_wait+0x256/0x300 [ 1039.324611][T27621] ? __pfx_map_create+0x10/0x10 [ 1039.324663][T27621] ? __might_fault+0xc5/0x140 [ 1039.324706][T27621] ? __might_fault+0xc5/0x140 [ 1039.324767][T27621] __sys_bpf+0x2091/0x4b90 [ 1039.324809][T27621] ? __pfx___sys_bpf+0x10/0x10 [ 1039.324845][T27621] ? __pfx_futex_wait+0x10/0x10 [ 1039.324904][T27621] ? ksys_write+0x190/0x250 [ 1039.324964][T27621] ? do_futex+0x192/0x350 [ 1039.325031][T27621] ? xfd_validate_state+0x129/0x190 [ 1039.325092][T27621] __x64_sys_bpf+0x7b/0xc0 [ 1039.325127][T27621] ? lockdep_hardirqs_on+0x78/0x100 [ 1039.325174][T27621] do_syscall_64+0x106/0xf80 [ 1039.325221][T27621] ? clear_bhb_loop+0x40/0x90 [ 1039.325273][T27621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1039.325312][T27621] RIP: 0033:0x7f75ae39bf79 [ 1039.325342][T27621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1039.325378][T27621] RSP: 002b:00007f75af311028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1039.325414][T27621] RAX: ffffffffffffffda RBX: 00007f75ae616090 RCX: 00007f75ae39bf79 [ 1039.325437][T27621] RDX: 000000000000000f RSI: 00002000000001c0 RDI: 0000000000000000 [ 1039.325459][T27621] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1039.325480][T27621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1039.325499][T27621] R13: 00007f75ae616128 R14: 00007f75ae616090 R15: 00007ffea10ae308 [ 1039.325545][T27621] [ 1040.505449][T27630] zswap: compressor not available [ 1041.071045][T27649] netlink: 28 bytes leftover after parsing attributes in process `syz.7.7649'. [ 1041.930250][T27660] nvme_fabrics: missing parameter 'transport=%s' [ 1041.968468][T27660] nvme_fabrics: missing parameter 'nqn=%s' [ 1042.118372][T27662] nvme_fabrics: missing parameter 'transport=%s' [ 1042.129910][T27662] nvme_fabrics: missing parameter 'nqn=%s' [ 1042.365074][T27672] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7656'. [ 1042.392625][T27672] netlink: 'syz.7.7656': attribute type 1 has an invalid length. [ 1042.409806][T27672] netlink: 13 bytes leftover after parsing attributes in process `syz.7.7656'. [ 1042.617657][T27671] FAULT_INJECTION: forcing a failure. [ 1042.617657][T27671] name failslab, interval 1, probability 0, space 0, times 0 [ 1042.655913][T27671] CPU: 1 UID: 0 PID: 27671 Comm: syz.2.7657 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1042.655987][T27671] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1042.656007][T27671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1042.656028][T27671] Call Trace: [ 1042.656039][T27671] [ 1042.656053][T27671] dump_stack_lvl+0x100/0x190 [ 1042.656111][T27671] should_fail_ex.cold+0x5/0xa [ 1042.656152][T27671] ? genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 1042.656211][T27671] should_failslab+0xc2/0x120 [ 1042.656267][T27671] __kmalloc_noprof+0xe0/0x850 [ 1042.656313][T27671] ? rcu_is_watching+0x12/0xc0 [ 1042.656373][T27671] genl_family_rcv_msg_attrs_parse.isra.0+0xc8/0x290 [ 1042.656442][T27671] genl_family_rcv_msg_doit+0xc7/0x300 [ 1042.656505][T27671] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1042.656563][T27671] ? genl_get_cmd+0x3ef/0x720 [ 1042.656626][T27671] ? bpf_lsm_capable+0x9/0x10 [ 1042.656681][T27671] ? security_capable+0x80/0x260 [ 1042.656741][T27671] ? ns_capable+0xd2/0xf0 [ 1042.656801][T27671] genl_rcv_msg+0x560/0x800 [ 1042.656874][T27671] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1042.656933][T27671] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1042.657011][T27671] netlink_rcv_skb+0x159/0x420 [ 1042.657062][T27671] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1042.657120][T27671] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1042.657189][T27671] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1042.657244][T27671] genl_rcv+0x28/0x40 [ 1042.657295][T27671] netlink_unicast+0x5aa/0x870 [ 1042.657351][T27671] ? __pfx_netlink_unicast+0x10/0x10 [ 1042.657419][T27671] netlink_sendmsg+0x8b0/0xda0 [ 1042.657477][T27671] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1042.657525][T27671] ? __import_iovec+0x1d2/0x640 [ 1042.657574][T27671] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1042.657640][T27671] ____sys_sendmsg+0xa54/0xc30 [ 1042.657703][T27671] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1042.657768][T27671] ? __pfx_futex_wake_mark+0x10/0x10 [ 1042.657825][T27671] ___sys_sendmsg+0x190/0x1e0 [ 1042.657878][T27671] ? __pfx____sys_sendmsg+0x10/0x10 [ 1042.657965][T27671] __sys_sendmsg+0x170/0x220 [ 1042.658013][T27671] ? __pfx___sys_sendmsg+0x10/0x10 [ 1042.658060][T27671] ? __x64_sys_futex+0x34f/0x4d0 [ 1042.658128][T27671] do_syscall_64+0x106/0xf80 [ 1042.658175][T27671] ? clear_bhb_loop+0x40/0x90 [ 1042.658219][T27671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1042.658256][T27671] RIP: 0033:0x7f7f6879bf79 [ 1042.658285][T27671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1042.658319][T27671] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1042.658354][T27671] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1042.658378][T27671] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1042.658400][T27671] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1042.658421][T27671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1042.658442][T27671] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1042.658488][T27671] [ 1043.166597][T27680] netlink: 'syz.7.7660': attribute type 16 has an invalid length. [ 1043.203839][T27680] netlink: 226 bytes leftover after parsing attributes in process `syz.7.7660'. [ 1043.249460][T27680] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7660'. [ 1043.657891][T27693] netlink: 28 bytes leftover after parsing attributes in process `syz.5.7662'. [ 1044.289405][T27706] netlink: 306 bytes leftover after parsing attributes in process `syz.2.7666'. [ 1044.798009][T27714] netlink: 330 bytes leftover after parsing attributes in process `syz.5.7669'. [ 1045.152804][T27722] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1045.331976][T27721] ERROR: Out of memory at tomoyo_memory_ok. [ 1046.597482][T27736] netlink: 4 bytes leftover after parsing attributes in process `syz.5.7677'. [ 1047.196110][T27744] sp0: Synchronizing with TNC [ 1047.386384][T27756] FAULT_INJECTION: forcing a failure. [ 1047.386384][T27756] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1047.422137][T27756] CPU: 1 UID: 0 PID: 27756 Comm: syz.2.7684 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1047.422219][T27756] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1047.422240][T27756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1047.422262][T27756] Call Trace: [ 1047.422274][T27756] [ 1047.422289][T27756] dump_stack_lvl+0x100/0x190 [ 1047.422349][T27756] should_fail_ex.cold+0x5/0xa [ 1047.422383][T27756] ? prepare_alloc_pages+0x16d/0x5f0 [ 1047.422448][T27756] should_fail_alloc_page+0xeb/0x140 [ 1047.422506][T27756] prepare_alloc_pages+0x1f0/0x5f0 [ 1047.422564][T27756] ? rcu_is_watching+0x12/0xc0 [ 1047.422622][T27756] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1047.422677][T27756] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 1047.422729][T27756] ? __pfx_css_rstat_updated+0x10/0x10 [ 1047.422779][T27756] ? find_held_lock+0x2b/0x80 [ 1047.422835][T27756] ? rcu_read_unlock+0x17/0x60 [ 1047.422889][T27756] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1047.422937][T27756] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1047.422983][T27756] ? page_counter_charge+0x1d2/0x240 [ 1047.423024][T27756] ? rcu_is_watching+0x12/0xc0 [ 1047.423075][T27756] ? trace_mm_page_alloc+0x17a/0x1d0 [ 1047.423149][T27756] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1047.423207][T27756] ? policy_nodemask+0xed/0x4f0 [ 1047.423264][T27756] alloc_pages_mpol+0x1fb/0x550 [ 1047.423320][T27756] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1047.423382][T27756] ? do_raw_spin_lock+0x128/0x260 [ 1047.423432][T27756] ? find_held_lock+0x2b/0x80 [ 1047.423485][T27756] ? __pud_alloc+0x575/0x760 [ 1047.423523][T27756] alloc_pages_noprof+0x131/0x390 [ 1047.423580][T27756] __pmd_alloc+0x3b/0x9c0 [ 1047.423611][T27756] ? __pud_alloc+0x57a/0x760 [ 1047.423647][T27756] walk_to_pmd+0x3a3/0x4c0 [ 1047.423691][T27756] get_locked_pte+0x25/0xc0 [ 1047.423727][T27756] map_ldt_struct+0x3c1/0xa70 [ 1047.423795][T27756] ? __pfx_map_ldt_struct+0x10/0x10 [ 1047.423851][T27756] ? alloc_pages_noprof+0x233/0x390 [ 1047.423913][T27756] write_ldt+0x6d3/0xd40 [ 1047.423977][T27756] ? __pfx_write_ldt+0x10/0x10 [ 1047.424033][T27756] ? xfd_validate_state+0x129/0x190 [ 1047.424092][T27756] __x64_sys_modify_ldt+0xb1/0x170 [ 1047.424127][T27756] do_syscall_64+0x106/0xf80 [ 1047.424173][T27756] ? clear_bhb_loop+0x40/0x90 [ 1047.424216][T27756] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1047.424251][T27756] RIP: 0033:0x7f7f6879bf79 [ 1047.424279][T27756] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1047.424314][T27756] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 000000000000009a [ 1047.424347][T27756] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1047.424370][T27756] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000001 [ 1047.424391][T27756] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1047.424412][T27756] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1047.424434][T27756] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1047.424480][T27756] [ 1048.089300][ T30] audit: type=1800 audit(4294967372.040:29): pid=27762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.7684" name="trace_marker" dev="tracefs" ino=758 res=0 errno=0 [ 1048.735902][T27770] sp0: Synchronizing with TNC [ 1048.924258][T17274] Bluetooth: hci4: unexpected event for opcode 0x7c89 [ 1051.929984][T27828] netlink: 226 bytes leftover after parsing attributes in process `syz.7.7705'. [ 1053.911418][T27849] zswap: compressor not available [ 1054.200745][T27864] vhci_hcd vhci_hcd.2: invalid port number 255 [ 1054.526614][T27874] netlink: 62 bytes leftover after parsing attributes in process `syz.5.7716'. [ 1054.677863][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 1054.685011][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 1056.552880][T27905] netlink: 'syz.3.7724': attribute type 5 has an invalid length. [ 1056.555685][T27906] ERROR: Out of memory at tomoyo_memory_ok. [ 1056.604195][T27909] netlink: 'syz.3.7724': attribute type 5 has an invalid length. [ 1056.613130][T27909] netlink: 'syz.3.7724': attribute type 1 has an invalid length. [ 1056.615853][T27905] netlink: 'syz.3.7724': attribute type 1 has an invalid length. [ 1056.639060][T27909] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7724'. [ 1056.679176][T27905] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7724'. [ 1056.963912][T27914] netlink: 13 bytes leftover after parsing attributes in process `syz.2.7728'. [ 1057.126855][T27908] FAULT_INJECTION: forcing a failure. [ 1057.126855][T27908] name failslab, interval 1, probability 0, space 0, times 0 [ 1057.133927][T27914] Process accounting paused [ 1057.141539][T27908] CPU: 0 UID: 0 PID: 27908 Comm: syz.7.7725 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1057.141714][T27908] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1057.141767][T27908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1057.141819][T27908] Call Trace: [ 1057.141849][T27908] [ 1057.141881][T27908] dump_stack_lvl+0x100/0x190 [ 1057.142021][T27908] should_fail_ex.cold+0x5/0xa [ 1057.142126][T27908] should_failslab+0xc2/0x120 [ 1057.142274][T27908] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1057.142412][T27908] ? kvasprintf_const+0x66/0x1a0 [ 1057.142584][T27908] kvasprintf+0xbc/0x150 [ 1057.142715][T27908] ? __pfx_kvasprintf+0x10/0x10 [ 1057.142833][T27908] ? find_held_lock+0x2b/0x80 [ 1057.142981][T27908] ? rcu_read_unlock+0x17/0x60 [ 1057.143118][T27908] ? rcu_read_unlock+0x17/0x60 [ 1057.143269][T27908] kvasprintf_const+0x66/0x1a0 [ 1057.143386][T27908] kobject_set_name_vargs+0x5a/0x140 [ 1057.143565][T27908] dev_set_name+0xc7/0x100 [ 1057.143692][T27908] ? __pfx_dev_set_name+0x10/0x10 [ 1057.143842][T27908] ? trace_kmalloc+0x101/0x130 [ 1057.143971][T27908] ? __kmalloc_large_node_noprof+0x5d/0x70 [ 1057.144170][T27908] ? __kmalloc_noprof+0x320/0x850 [ 1057.144295][T27908] wiphy_new_nm+0x811/0x21a0 [ 1057.144429][T27908] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1057.144595][T27908] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1057.144736][T27908] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 1057.144874][T27908] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 1057.145017][T27908] ? __local_bh_enable_ip+0x9e/0x120 [ 1057.145123][T27908] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 1057.145320][T27908] ? __asan_memset+0x23/0x50 [ 1057.145427][T27908] ? __nla_validate_parse+0x1e7/0x28b0 [ 1057.145581][T27908] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1057.145775][T27908] hwsim_new_radio_nl+0xc1f/0x1340 [ 1057.145900][T27908] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1057.146142][T27908] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1057.146298][T27908] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1057.146476][T27908] genl_family_rcv_msg_doit+0x214/0x300 [ 1057.146640][T27908] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1057.146775][T27908] ? genl_get_cmd+0x3ef/0x720 [ 1057.146939][T27908] ? bpf_lsm_capable+0x9/0x10 [ 1057.147076][T27908] ? security_capable+0x80/0x260 [ 1057.147224][T27908] ? ns_capable+0xd2/0xf0 [ 1057.147378][T27908] genl_rcv_msg+0x560/0x800 [ 1057.147538][T27908] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1057.147708][T27908] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1057.147901][T27908] netlink_rcv_skb+0x159/0x420 [ 1057.148035][T27908] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1057.148181][T27908] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1057.148358][T27908] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1057.148520][T27908] genl_rcv+0x28/0x40 [ 1057.148657][T27908] netlink_unicast+0x5aa/0x870 [ 1057.148800][T27908] ? __pfx_netlink_unicast+0x10/0x10 [ 1057.148975][T27908] netlink_sendmsg+0x8b0/0xda0 [ 1057.149135][T27908] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1057.149288][T27908] ? __import_iovec+0x1d2/0x640 [ 1057.149407][T27908] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1057.149576][T27908] ____sys_sendmsg+0xa54/0xc30 [ 1057.149729][T27908] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1057.149894][T27908] ? try_to_wake_up+0x644/0x1a80 [ 1057.150063][T27908] ___sys_sendmsg+0x190/0x1e0 [ 1057.150158][T27908] ? __pfx____sys_sendmsg+0x10/0x10 [ 1057.150249][T27908] ? futex_private_hash_put+0x107/0x1c0 [ 1057.150477][T27908] __sys_sendmsg+0x170/0x220 [ 1057.150601][T27908] ? __pfx___sys_sendmsg+0x10/0x10 [ 1057.150724][T27908] ? __x64_sys_futex+0x34f/0x4d0 [ 1057.150911][T27908] do_syscall_64+0x106/0xf80 [ 1057.151028][T27908] ? clear_bhb_loop+0x40/0x90 [ 1057.151140][T27908] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1057.151233][T27908] RIP: 0033:0x7f39e3d9bf79 [ 1057.151315][T27908] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1057.151400][T27908] RSP: 002b:00007f39e4bd5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1057.151485][T27908] RAX: ffffffffffffffda RBX: 00007f39e4015fa0 RCX: 00007f39e3d9bf79 [ 1057.151547][T27908] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1057.151609][T27908] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1057.151657][T27908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1057.151714][T27908] R13: 00007f39e4016038 R14: 00007f39e4015fa0 R15: 00007ffdf7f00958 [ 1057.151830][T27908] [ 1057.994539][T27911] FAULT_INJECTION: forcing a failure. [ 1057.994539][T27911] name failslab, interval 1, probability 0, space 0, times 0 [ 1058.303434][T27911] CPU: 0 UID: 0 PID: 27911 Comm: syz.5.7726 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1058.303509][T27911] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1058.303530][T27911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1058.303552][T27911] Call Trace: [ 1058.303565][T27911] [ 1058.303579][T27911] dump_stack_lvl+0x100/0x190 [ 1058.303639][T27911] should_fail_ex.cold+0x5/0xa [ 1058.303690][T27911] should_failslab+0xc2/0x120 [ 1058.303747][T27911] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1058.303787][T27911] ? sctp_add_bind_addr+0xae/0x3e0 [ 1058.303840][T27911] sctp_add_bind_addr+0xae/0x3e0 [ 1058.303889][T27911] sctp_copy_local_addr_list+0x349/0x550 [ 1058.303948][T27911] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 1058.304004][T27911] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 1058.304058][T27911] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1058.304120][T27911] sctp_bind_addr_copy+0xe0/0x530 [ 1058.304175][T27911] sctp_connect_new_asoc+0x1c9/0x770 [ 1058.304238][T27911] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1058.304309][T27911] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1058.304387][T27911] sctp_sendmsg+0x171a/0x22b0 [ 1058.304435][T27911] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1058.304474][T27911] ? do_user_addr_fault+0x8d6/0x12f0 [ 1058.304539][T27911] ? aa_sk_perm+0x2de/0xb40 [ 1058.304588][T27911] ? __pfx_aa_sk_perm+0x10/0x10 [ 1058.304644][T27911] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1058.304688][T27911] inet_sendmsg+0x11c/0x140 [ 1058.304729][T27911] ____sys_sendmsg+0x9ad/0xc30 [ 1058.304791][T27911] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1058.304869][T27911] ___sys_sendmsg+0x190/0x1e0 [ 1058.304908][T27911] ? __pfx____sys_sendmsg+0x10/0x10 [ 1058.304965][T27911] ? find_held_lock+0x2b/0x80 [ 1058.305048][T27911] __sys_sendmmsg+0x205/0x430 [ 1058.305101][T27911] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1058.305159][T27911] ? find_held_lock+0x2b/0x80 [ 1058.305211][T27911] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1058.305279][T27911] ? exc_page_fault+0x6f/0xd0 [ 1058.305332][T27911] __x64_sys_sendmmsg+0x9c/0x100 [ 1058.305371][T27911] ? lockdep_hardirqs_on+0x78/0x100 [ 1058.305410][T27911] do_syscall_64+0x106/0xf80 [ 1058.305449][T27911] ? clear_bhb_loop+0x40/0x90 [ 1058.305485][T27911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1058.305515][T27911] RIP: 0033:0x7f75ae39bf79 [ 1058.305540][T27911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1058.305569][T27911] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1058.305598][T27911] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1058.305617][T27911] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000004 [ 1058.305635][T27911] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1058.305661][T27911] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1058.305680][T27911] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1058.305718][T27911] [ 1059.238032][T27943] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7735'. [ 1059.284379][T27943] netlink: 25 bytes leftover after parsing attributes in process `syz.2.7735'. [ 1059.354821][T27942] zswap: compressor not available [ 1060.189951][T27960] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7740'. [ 1060.746276][T27964] FAULT_INJECTION: forcing a failure. [ 1060.746276][T27964] name failslab, interval 1, probability 0, space 0, times 0 [ 1060.789891][T27964] CPU: 1 UID: 0 PID: 27964 Comm: syz.3.7741 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1060.789965][T27964] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1060.789986][T27964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1060.790008][T27964] Call Trace: [ 1060.790020][T27964] [ 1060.790034][T27964] dump_stack_lvl+0x100/0x190 [ 1060.790093][T27964] should_fail_ex.cold+0x5/0xa [ 1060.790152][T27964] should_failslab+0xc2/0x120 [ 1060.790207][T27964] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 1060.790267][T27964] ? kasprintf+0xc7/0x100 [ 1060.790320][T27964] kvasprintf+0xbc/0x150 [ 1060.790363][T27964] ? __pfx_kvasprintf+0x10/0x10 [ 1060.790411][T27964] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1060.790456][T27964] ? lockdep_hardirqs_on+0x78/0x100 [ 1060.790504][T27964] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 1060.790553][T27964] kasprintf+0xc7/0x100 [ 1060.790601][T27964] ? __pfx_kasprintf+0x10/0x10 [ 1060.790664][T27964] ieee80211_alloc_led_names+0x243/0x420 [ 1060.790721][T27964] ieee80211_alloc_hw_nm+0x1934/0x22a0 [ 1060.790783][T27964] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 1060.790864][T27964] ? __asan_memset+0x23/0x50 [ 1060.790907][T27964] ? __nla_validate_parse+0x1e7/0x28b0 [ 1060.790964][T27964] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1060.791036][T27964] hwsim_new_radio_nl+0xc1f/0x1340 [ 1060.791099][T27964] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1060.791170][T27964] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1060.791241][T27964] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1060.791309][T27964] genl_family_rcv_msg_doit+0x214/0x300 [ 1060.791373][T27964] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1060.791432][T27964] ? genl_get_cmd+0x3ef/0x720 [ 1060.791494][T27964] ? bpf_lsm_capable+0x9/0x10 [ 1060.791549][T27964] ? security_capable+0x80/0x260 [ 1060.791609][T27964] ? ns_capable+0xd2/0xf0 [ 1060.791669][T27964] genl_rcv_msg+0x560/0x800 [ 1060.791731][T27964] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.791789][T27964] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1060.791863][T27964] netlink_rcv_skb+0x159/0x420 [ 1060.791914][T27964] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1060.791974][T27964] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1060.792042][T27964] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1060.792098][T27964] genl_rcv+0x28/0x40 [ 1060.792149][T27964] netlink_unicast+0x5aa/0x870 [ 1060.792206][T27964] ? __pfx_netlink_unicast+0x10/0x10 [ 1060.792281][T27964] netlink_sendmsg+0x8b0/0xda0 [ 1060.792341][T27964] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1060.792397][T27964] ? __import_iovec+0x1d2/0x640 [ 1060.792447][T27964] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1060.792513][T27964] ____sys_sendmsg+0xa54/0xc30 [ 1060.792570][T27964] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1060.792637][T27964] ? __pfx_futex_wake_mark+0x10/0x10 [ 1060.792695][T27964] ___sys_sendmsg+0x190/0x1e0 [ 1060.792733][T27964] ? __pfx____sys_sendmsg+0x10/0x10 [ 1060.792821][T27964] __sys_sendmsg+0x170/0x220 [ 1060.792870][T27964] ? __pfx___sys_sendmsg+0x10/0x10 [ 1060.792917][T27964] ? __x64_sys_futex+0x34f/0x4d0 [ 1060.792984][T27964] do_syscall_64+0x106/0xf80 [ 1060.793030][T27964] ? clear_bhb_loop+0x40/0x90 [ 1060.793074][T27964] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1060.793109][T27964] RIP: 0033:0x7fb5f599bf79 [ 1060.793137][T27964] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1060.793173][T27964] RSP: 002b:00007fb5f68d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1060.793208][T27964] RAX: ffffffffffffffda RBX: 00007fb5f5c15fa0 RCX: 00007fb5f599bf79 [ 1060.793240][T27964] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1060.793262][T27964] RBP: 00007fb5f5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1060.793284][T27964] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1060.793305][T27964] R13: 00007fb5f5c16038 R14: 00007fb5f5c15fa0 R15: 00007ffe103198f8 [ 1060.793350][T27964] [ 1061.301145][T27967] zswap: compressor not available [ 1062.058239][T27983] netlink: 28 bytes leftover after parsing attributes in process `syz.2.7745'. [ 1063.577584][T28003] FAULT_INJECTION: forcing a failure. [ 1063.577584][T28003] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1063.643312][T28003] CPU: 1 UID: 0 PID: 28003 Comm: syz.5.7753 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1063.643390][T28003] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1063.643413][T28003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1063.643435][T28003] Call Trace: [ 1063.643447][T28003] [ 1063.643461][T28003] dump_stack_lvl+0x100/0x190 [ 1063.643519][T28003] should_fail_ex.cold+0x5/0xa [ 1063.643555][T28003] ? prepare_alloc_pages+0x16d/0x5f0 [ 1063.643619][T28003] should_fail_alloc_page+0xeb/0x140 [ 1063.643676][T28003] prepare_alloc_pages+0x1f0/0x5f0 [ 1063.643734][T28003] ? kernel_text_address+0x8d/0x100 [ 1063.643789][T28003] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1063.643847][T28003] ? __lock_acquire+0x4a5/0x2630 [ 1063.643892][T28003] ? __lock_acquire+0x4a5/0x2630 [ 1063.643943][T28003] ? __lock_acquire+0x4a5/0x2630 [ 1063.643986][T28003] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1063.644038][T28003] ? __lock_acquire+0x4a5/0x2630 [ 1063.644101][T28003] ? find_held_lock+0x2b/0x80 [ 1063.644155][T28003] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1063.644222][T28003] ? policy_nodemask+0xed/0x4f0 [ 1063.644280][T28003] alloc_pages_mpol+0x1fb/0x550 [ 1063.644337][T28003] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1063.644392][T28003] ? arch_stack_walk+0xa6/0xf0 [ 1063.644433][T28003] ? wiphy_new_nm+0x701/0x21a0 [ 1063.644480][T28003] ___kmalloc_large_node+0x104/0x150 [ 1063.644543][T28003] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1063.644600][T28003] __kmalloc_large_node_noprof+0x1c/0x70 [ 1063.644662][T28003] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1063.644716][T28003] __kmalloc_noprof+0x5be/0x850 [ 1063.644768][T28003] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1063.644823][T28003] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1063.644878][T28003] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 1063.644930][T28003] wiphy_new_nm+0x701/0x21a0 [ 1063.644980][T28003] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1063.645037][T28003] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1063.645090][T28003] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 1063.645142][T28003] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 1063.645207][T28003] ? __local_bh_enable_ip+0x9e/0x120 [ 1063.645250][T28003] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 1063.645331][T28003] ? __asan_memset+0x23/0x50 [ 1063.645374][T28003] ? __nla_validate_parse+0x1e7/0x28b0 [ 1063.645429][T28003] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1063.645502][T28003] hwsim_new_radio_nl+0xc1f/0x1340 [ 1063.645566][T28003] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1063.645637][T28003] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1063.645697][T28003] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1063.645766][T28003] genl_family_rcv_msg_doit+0x214/0x300 [ 1063.645828][T28003] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1063.645886][T28003] ? genl_get_cmd+0x3ef/0x720 [ 1063.645950][T28003] ? bpf_lsm_capable+0x9/0x10 [ 1063.646004][T28003] ? security_capable+0x80/0x260 [ 1063.646061][T28003] ? ns_capable+0xd2/0xf0 [ 1063.646120][T28003] genl_rcv_msg+0x560/0x800 [ 1063.646193][T28003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1063.646250][T28003] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1063.646325][T28003] netlink_rcv_skb+0x159/0x420 [ 1063.646374][T28003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1063.646434][T28003] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1063.646504][T28003] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1063.646559][T28003] genl_rcv+0x28/0x40 [ 1063.646609][T28003] netlink_unicast+0x5aa/0x870 [ 1063.646667][T28003] ? __pfx_netlink_unicast+0x10/0x10 [ 1063.646735][T28003] netlink_sendmsg+0x8b0/0xda0 [ 1063.646793][T28003] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1063.646841][T28003] ? __import_iovec+0x1d2/0x640 [ 1063.646888][T28003] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1063.646960][T28003] ____sys_sendmsg+0xa54/0xc30 [ 1063.647024][T28003] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1063.647090][T28003] ? __pfx_futex_wake_mark+0x10/0x10 [ 1063.647146][T28003] ___sys_sendmsg+0x190/0x1e0 [ 1063.647250][T28003] ? __pfx____sys_sendmsg+0x10/0x10 [ 1063.647382][T28003] __sys_sendmsg+0x170/0x220 [ 1063.647431][T28003] ? __pfx___sys_sendmsg+0x10/0x10 [ 1063.647478][T28003] ? __x64_sys_futex+0x34f/0x4d0 [ 1063.647548][T28003] do_syscall_64+0x106/0xf80 [ 1063.647593][T28003] ? clear_bhb_loop+0x40/0x90 [ 1063.647638][T28003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1063.647676][T28003] RIP: 0033:0x7f75ae39bf79 [ 1063.647707][T28003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1063.647743][T28003] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1063.647776][T28003] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1063.647799][T28003] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1063.647826][T28003] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1063.647848][T28003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1063.647869][T28003] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1063.647955][T28003] [ 1065.008843][T28019] zswap: compressor not available [ 1067.413314][T28061] netlink: 186 bytes leftover after parsing attributes in process `syz.7.7768'. [ 1067.658861][T28063] ERROR: Out of memory at tomoyo_memory_ok. [ 1067.725542][T17274] Bluetooth: hci3: unexpected subevent 0x01 length: 3 < 18 [ 1067.740813][T28069] FAULT_INJECTION: forcing a failure. [ 1067.740813][T28069] name failslab, interval 1, probability 0, space 0, times 0 [ 1067.755491][T28069] CPU: 1 UID: 0 PID: 28069 Comm: syz.7.7771 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1067.755564][T28069] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1067.755584][T28069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1067.755603][T28069] Call Trace: [ 1067.755613][T28069] [ 1067.755624][T28069] dump_stack_lvl+0x100/0x190 [ 1067.755673][T28069] should_fail_ex.cold+0x5/0xa [ 1067.755707][T28069] should_failslab+0xc2/0x120 [ 1067.755754][T28069] __kvmalloc_node_noprof+0xfa/0xa00 [ 1067.755795][T28069] ? alloc_netdev_mqs+0xd7/0x14f0 [ 1067.755836][T28069] ? nla_memcpy+0x93/0xb0 [ 1067.755881][T28069] ? __pfx_do_setup+0x10/0x10 [ 1067.755920][T28069] alloc_netdev_mqs+0xd7/0x14f0 [ 1067.755961][T28069] ? ovs_vport_alloc+0x288/0x3b0 [ 1067.756004][T28069] internal_dev_create+0x8a/0x520 [ 1067.756048][T28069] ovs_vport_add+0x147/0x4d0 [ 1067.756089][T28069] new_vport+0x16/0x1d0 [ 1067.756118][T28069] ovs_dp_cmd_new+0x65d/0xdf0 [ 1067.756158][T28069] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1067.756198][T28069] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1067.756248][T28069] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1067.756305][T28069] genl_family_rcv_msg_doit+0x214/0x300 [ 1067.756356][T28069] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1067.756403][T28069] ? genl_get_cmd+0x3ef/0x720 [ 1067.756461][T28069] ? bpf_lsm_capable+0x9/0x10 [ 1067.756513][T28069] ? security_capable+0x80/0x260 [ 1067.756563][T28069] ? ns_capable+0xd2/0xf0 [ 1067.756613][T28069] genl_rcv_msg+0x560/0x800 [ 1067.756663][T28069] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1067.756711][T28069] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1067.756756][T28069] netlink_rcv_skb+0x159/0x420 [ 1067.756798][T28069] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1067.756846][T28069] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1067.756902][T28069] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1067.756946][T28069] genl_rcv+0x28/0x40 [ 1067.756989][T28069] netlink_unicast+0x5aa/0x870 [ 1067.757035][T28069] ? __pfx_netlink_unicast+0x10/0x10 [ 1067.757090][T28069] netlink_sendmsg+0x8b0/0xda0 [ 1067.757137][T28069] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1067.757178][T28069] ? __import_iovec+0x1d2/0x640 [ 1067.757217][T28069] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1067.757272][T28069] ____sys_sendmsg+0xa54/0xc30 [ 1067.757322][T28069] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1067.757376][T28069] ? __pfx_futex_wake_mark+0x10/0x10 [ 1067.757424][T28069] ___sys_sendmsg+0x190/0x1e0 [ 1067.757455][T28069] ? __pfx____sys_sendmsg+0x10/0x10 [ 1067.757530][T28069] __sys_sendmsg+0x170/0x220 [ 1067.757571][T28069] ? __pfx___sys_sendmsg+0x10/0x10 [ 1067.757609][T28069] ? __x64_sys_futex+0x34f/0x4d0 [ 1067.757665][T28069] do_syscall_64+0x106/0xf80 [ 1067.757703][T28069] ? clear_bhb_loop+0x40/0x90 [ 1067.757742][T28069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1067.757773][T28069] RIP: 0033:0x7f39e3d9bf79 [ 1067.757798][T28069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1067.757827][T28069] RSP: 002b:00007f39e4bb4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1067.757856][T28069] RAX: ffffffffffffffda RBX: 00007f39e4016090 RCX: 00007f39e3d9bf79 [ 1067.757876][T28069] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 1067.757895][T28069] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1067.757914][T28069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1067.757932][T28069] R13: 00007f39e4016128 R14: 00007f39e4016090 R15: 00007ffdf7f00958 [ 1067.757970][T28069] [ 1068.872951][T28077] FAULT_INJECTION: forcing a failure. [ 1068.872951][T28077] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1068.893908][T28084] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 1068.932612][T28077] CPU: 0 UID: 0 PID: 28077 Comm: syz.3.7773 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1068.932694][T28077] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1068.932715][T28077] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1068.932735][T28077] Call Trace: [ 1068.932747][T28077] [ 1068.932761][T28077] dump_stack_lvl+0x100/0x190 [ 1068.932818][T28077] should_fail_ex.cold+0x5/0xa [ 1068.932852][T28077] ? prepare_alloc_pages+0x16d/0x5f0 [ 1068.932914][T28077] should_fail_alloc_page+0xeb/0x140 [ 1068.932971][T28077] prepare_alloc_pages+0x1f0/0x5f0 [ 1068.933029][T28077] ? kernel_text_address+0x8d/0x100 [ 1068.933085][T28077] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 1068.933136][T28077] ? __lock_acquire+0x4a5/0x2630 [ 1068.933181][T28077] ? __lock_acquire+0x4a5/0x2630 [ 1068.933233][T28077] ? __lock_acquire+0x4a5/0x2630 [ 1068.933279][T28077] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1068.933331][T28077] ? __lock_acquire+0x4a5/0x2630 [ 1068.933395][T28077] ? find_held_lock+0x2b/0x80 [ 1068.933448][T28077] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1068.933506][T28077] ? policy_nodemask+0xed/0x4f0 [ 1068.933562][T28077] alloc_pages_mpol+0x1fb/0x550 [ 1068.933620][T28077] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1068.933684][T28077] ? arch_stack_walk+0xa6/0xf0 [ 1068.933723][T28077] ? wiphy_new_nm+0x701/0x21a0 [ 1068.933772][T28077] ___kmalloc_large_node+0x104/0x150 [ 1068.933829][T28077] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1068.933887][T28077] __kmalloc_large_node_noprof+0x1c/0x70 [ 1068.933948][T28077] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1068.934007][T28077] __kmalloc_noprof+0x5be/0x850 [ 1068.934059][T28077] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1068.934118][T28077] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1068.934175][T28077] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 1068.934239][T28077] wiphy_new_nm+0x701/0x21a0 [ 1068.934293][T28077] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 1068.934352][T28077] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 1068.934408][T28077] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 1068.934463][T28077] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 1068.934517][T28077] ? __local_bh_enable_ip+0x9e/0x120 [ 1068.934561][T28077] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 1068.934648][T28077] ? __asan_memset+0x23/0x50 [ 1068.934693][T28077] ? __nla_validate_parse+0x1e7/0x28b0 [ 1068.934749][T28077] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 1068.934826][T28077] hwsim_new_radio_nl+0xc1f/0x1340 [ 1068.934883][T28077] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1068.934951][T28077] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1068.935003][T28077] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1068.935054][T28077] genl_family_rcv_msg_doit+0x214/0x300 [ 1068.935102][T28077] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1068.935146][T28077] ? genl_get_cmd+0x3ef/0x720 [ 1068.935195][T28077] ? bpf_lsm_capable+0x9/0x10 [ 1068.935239][T28077] ? security_capable+0x80/0x260 [ 1068.935284][T28077] ? ns_capable+0xd2/0xf0 [ 1068.935331][T28077] genl_rcv_msg+0x560/0x800 [ 1068.935381][T28077] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1068.935431][T28077] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 1068.935493][T28077] netlink_rcv_skb+0x159/0x420 [ 1068.935533][T28077] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1068.935580][T28077] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1068.935643][T28077] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1068.935690][T28077] genl_rcv+0x28/0x40 [ 1068.935736][T28077] netlink_unicast+0x5aa/0x870 [ 1068.935788][T28077] ? __pfx_netlink_unicast+0x10/0x10 [ 1068.935847][T28077] netlink_sendmsg+0x8b0/0xda0 [ 1068.935902][T28077] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1068.935946][T28077] ? __import_iovec+0x1d2/0x640 [ 1068.935988][T28077] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1068.936047][T28077] ____sys_sendmsg+0xa54/0xc30 [ 1068.936099][T28077] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1068.936155][T28077] ? try_to_wake_up+0x644/0x1a80 [ 1068.936209][T28077] ___sys_sendmsg+0x190/0x1e0 [ 1068.936241][T28077] ? __pfx____sys_sendmsg+0x10/0x10 [ 1068.936274][T28077] ? futex_private_hash_put+0x107/0x1c0 [ 1068.936369][T28077] __sys_sendmsg+0x170/0x220 [ 1068.936419][T28077] ? __pfx___sys_sendmsg+0x10/0x10 [ 1068.936466][T28077] ? __x64_sys_futex+0x34f/0x4d0 [ 1068.936535][T28077] do_syscall_64+0x106/0xf80 [ 1068.936582][T28077] ? clear_bhb_loop+0x40/0x90 [ 1068.936628][T28077] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1068.936673][T28077] RIP: 0033:0x7fb5f599bf79 [ 1068.936700][T28077] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1068.936737][T28077] RSP: 002b:00007fb5f68d1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1068.936771][T28077] RAX: ffffffffffffffda RBX: 00007fb5f5c15fa0 RCX: 00007fb5f599bf79 [ 1068.936796][T28077] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 1068.936818][T28077] RBP: 00007fb5f5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1068.936840][T28077] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1068.936861][T28077] R13: 00007fb5f5c16038 R14: 00007fb5f5c15fa0 R15: 00007ffe103198f8 [ 1068.936907][T28077] [ 1070.768230][T28089] sp0: Synchronizing with TNC [ 1071.380227][T28104] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 1071.395371][T28104] File: /dev/nullb0 PID: 28104 Comm: syz.3.7780 [ 1073.931706][T28114] kexec: Could not allocate control_code_buffer [ 1074.258305][T28140] netlink: 12 bytes leftover after parsing attributes in process `syz.3.7791'. [ 1074.291914][T28140] random: crng reseeded on system resumption [ 1074.825360][T28145] sp0: Synchronizing with TNC [ 1075.463544][T28152] FAULT_INJECTION: forcing a failure. [ 1075.463544][T28152] name failslab, interval 1, probability 0, space 0, times 0 [ 1075.573642][T28152] CPU: 0 UID: 0 PID: 28152 Comm: syz.2.7794 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1075.573699][T28152] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1075.573714][T28152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1075.573729][T28152] Call Trace: [ 1075.573738][T28152] [ 1075.573749][T28152] dump_stack_lvl+0x100/0x190 [ 1075.573792][T28152] should_fail_ex.cold+0x5/0xa [ 1075.573821][T28152] should_failslab+0xc2/0x120 [ 1075.573861][T28152] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1075.573889][T28152] ? sctp_add_bind_addr+0xae/0x3e0 [ 1075.573926][T28152] sctp_add_bind_addr+0xae/0x3e0 [ 1075.573961][T28152] sctp_copy_local_addr_list+0x349/0x550 [ 1075.574002][T28152] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 1075.574049][T28152] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 1075.574089][T28152] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1075.574134][T28152] sctp_bind_addr_copy+0xe0/0x530 [ 1075.574173][T28152] sctp_connect_new_asoc+0x1c9/0x770 [ 1075.574218][T28152] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 1075.574268][T28152] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1075.574310][T28152] sctp_sendmsg+0x171a/0x22b0 [ 1075.574343][T28152] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1075.574367][T28152] ? do_user_addr_fault+0x8d6/0x12f0 [ 1075.574413][T28152] ? aa_sk_perm+0x2de/0xb40 [ 1075.574448][T28152] ? __pfx_aa_sk_perm+0x10/0x10 [ 1075.574486][T28152] ? __pfx_sctp_sendmsg+0x10/0x10 [ 1075.574512][T28152] inet_sendmsg+0x11c/0x140 [ 1075.574540][T28152] ____sys_sendmsg+0x9ad/0xc30 [ 1075.574585][T28152] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1075.574632][T28152] ? futex_unqueue+0x133/0x2c0 [ 1075.574668][T28152] ___sys_sendmsg+0x190/0x1e0 [ 1075.574695][T28152] ? __pfx____sys_sendmsg+0x10/0x10 [ 1075.574720][T28152] ? __pfx___futex_wait+0x10/0x10 [ 1075.574768][T28152] ? find_held_lock+0x2b/0x80 [ 1075.574827][T28152] __sys_sendmmsg+0x205/0x430 [ 1075.574865][T28152] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1075.574907][T28152] ? __pfx_do_futex+0x10/0x10 [ 1075.574935][T28152] ? find_held_lock+0x2b/0x80 [ 1075.574974][T28152] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 1075.575026][T28152] ? xfd_validate_state+0x129/0x190 [ 1075.575075][T28152] __x64_sys_sendmmsg+0x9c/0x100 [ 1075.575109][T28152] ? lockdep_hardirqs_on+0x78/0x100 [ 1075.575143][T28152] do_syscall_64+0x106/0xf80 [ 1075.575177][T28152] ? clear_bhb_loop+0x40/0x90 [ 1075.575208][T28152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1075.575235][T28152] RIP: 0033:0x7f7f6879bf79 [ 1075.575256][T28152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1075.575282][T28152] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1075.575306][T28152] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1075.575323][T28152] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000004 [ 1075.575339][T28152] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1075.575356][T28152] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 1075.575372][T28152] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1075.575404][T28152] [ 1076.106119][T28131] syz.7.7787 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 1076.117710][T28131] CPU: 1 UID: 0 PID: 28131 Comm: syz.7.7787 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1076.117781][T28131] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1076.117801][T28131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1076.117821][T28131] Call Trace: [ 1076.117833][T28131] [ 1076.117846][T28131] dump_stack_lvl+0x100/0x190 [ 1076.117902][T28131] dump_header+0xfb/0x606 [ 1076.117942][T28131] oom_kill_process.cold+0xd/0x330 [ 1076.117991][T28131] out_of_memory+0x340/0x14f0 [ 1076.118046][T28131] ? __pfx_out_of_memory+0x10/0x10 [ 1076.118102][T28131] mem_cgroup_out_of_memory+0xc6/0x130 [ 1076.118143][T28131] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 1076.118182][T28131] ? find_held_lock+0x2b/0x80 [ 1076.118244][T28131] ? do_raw_spin_unlock+0x145/0x1e0 [ 1076.118294][T28131] ? _raw_spin_unlock+0x28/0x50 [ 1076.118340][T28131] try_charge_memcg+0x652/0xc90 [ 1076.118402][T28131] ? __pfx_try_charge_memcg+0x10/0x10 [ 1076.118455][T28131] ? find_held_lock+0x2b/0x80 [ 1076.118508][T28131] ? rcu_read_unlock+0x17/0x60 [ 1076.118562][T28131] ? rcu_read_unlock+0x17/0x60 [ 1076.118630][T28131] charge_memcg+0xa6/0x280 [ 1076.118683][T28131] __mem_cgroup_charge+0x2b/0x1e0 [ 1076.118721][T28131] shmem_alloc_and_add_folio+0x451/0xd40 [ 1076.118780][T28131] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 1076.118832][T28131] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 1076.118891][T28131] shmem_get_folio_gfp+0x6ab/0x1900 [ 1076.118950][T28131] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 1076.119005][T28131] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 1076.119048][T28131] ? lockdep_hardirqs_on+0x78/0x100 [ 1076.119099][T28131] shmem_fault+0x1f9/0xa20 [ 1076.119146][T28131] ? __lock_acquire+0x4a5/0x2630 [ 1076.119187][T28131] ? __pfx_shmem_fault+0x10/0x10 [ 1076.119236][T28131] ? __up_read+0x2c5/0x700 [ 1076.119299][T28131] ? __pfx_filemap_map_pages+0x10/0x10 [ 1076.119344][T28131] __do_fault+0x10d/0x550 [ 1076.119399][T28131] ? __pfx_filemap_map_pages+0x10/0x10 [ 1076.119443][T28131] do_fault+0x2db/0x1a00 [ 1076.119484][T28131] __handle_mm_fault+0x180f/0x2b60 [ 1076.119537][T28131] ? __pfx___handle_mm_fault+0x10/0x10 [ 1076.119580][T28131] ? pte_offset_map_lock+0x174/0x320 [ 1076.119635][T28131] ? find_held_lock+0x2b/0x80 [ 1076.119704][T28131] ? follow_page_pte+0x5b3/0x1400 [ 1076.119770][T28131] handle_mm_fault+0x36d/0xa20 [ 1076.119820][T28131] __get_user_pages+0xf9c/0x34d0 [ 1076.119889][T28131] ? down_read_killable+0x30e/0x4c0 [ 1076.119940][T28131] ? __lock_acquire+0x4a5/0x2630 [ 1076.119989][T28131] ? __pfx___get_user_pages+0x10/0x10 [ 1076.120056][T28131] __gup_longterm_locked+0x279/0x16f0 [ 1076.120127][T28131] ? __pfx___gup_longterm_locked+0x10/0x10 [ 1076.120189][T28131] ? __get_pfnblock_flags_mask+0x140/0x250 [ 1076.120247][T28131] ? find_held_lock+0x2b/0x80 [ 1076.120302][T28131] ? sanity_check_pinned_pages+0x5f6/0x1250 [ 1076.120368][T28131] gup_fast_fallback+0x18c6/0x2460 [ 1076.120458][T28131] ? __pfx_gup_fast_fallback+0x10/0x10 [ 1076.120525][T28131] ? rcu_is_watching+0x12/0xc0 [ 1076.120587][T28131] pin_user_pages_fast+0xa7/0xf0 [ 1076.120621][T28131] ? __pfx_pin_user_pages_fast+0x10/0x10 [ 1076.120655][T28131] ? io_pin_pages+0xc3/0x1e0 [ 1076.120726][T28131] io_pin_pages+0xe6/0x1e0 [ 1076.120786][T28131] io_sqe_buffer_register+0x171/0x1f60 [ 1076.120867][T28131] ? rcu_is_watching+0x12/0xc0 [ 1076.120918][T28131] ? trace_kmalloc+0x101/0x130 [ 1076.120971][T28131] ? __pfx_io_sqe_buffer_register+0x10/0x10 [ 1076.121039][T28131] ? io_rsrc_data_alloc+0x2c/0xa0 [ 1076.121091][T28131] ? copy_iovec_from_user+0x102/0x140 [ 1076.121135][T28131] ? iovec_from_user+0xbb/0x140 [ 1076.121183][T28131] io_sqe_buffers_register.cold+0x3d6/0x582 [ 1076.121249][T28131] ? __pfx_io_sqe_buffers_register+0x10/0x10 [ 1076.121284][T28131] ? __fget_files+0x215/0x3d0 [ 1076.121341][T28131] ? __fget_files+0x21f/0x3d0 [ 1076.121402][T28131] __do_sys_io_uring_register+0x12f9/0x1ac0 [ 1076.121469][T28131] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 1076.121533][T28131] ? __x64_sys_futex+0x34f/0x4d0 [ 1076.121572][T28131] ? __x64_sys_futex+0x358/0x4d0 [ 1076.121620][T28131] ? xfd_validate_state+0x129/0x190 [ 1076.121686][T28131] do_syscall_64+0x106/0xf80 [ 1076.121732][T28131] ? clear_bhb_loop+0x40/0x90 [ 1076.121776][T28131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1076.121812][T28131] RIP: 0033:0x7f39e3d9bf79 [ 1076.121841][T28131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1076.121876][T28131] RSP: 002b:00007f39e4b93028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 1076.121909][T28131] RAX: ffffffffffffffda RBX: 00007f39e4016180 RCX: 00007f39e3d9bf79 [ 1076.121933][T28131] RDX: 0000200000000000 RSI: 0000000000000000 RDI: 0000000000000002 [ 1076.121955][T28131] RBP: 00007f39e3e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1076.121981][T28131] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 1076.122003][T28131] R13: 00007f39e4016218 R14: 00007f39e4016180 R15: 00007ffdf7f00958 [ 1076.122050][T28131] [ 1077.274435][T28131] memory: usage 3072kB, limit 3072kB, failcnt 32741 [ 1077.286880][T28131] memory+swap: usage 6168kB, limit 9007199254740988kB, failcnt 0 [ 1077.315317][T28131] kmem: usage 764kB, limit 9007199254740988kB, failcnt 0 [ 1077.339012][T28131] Memory cgroup stats for /syz7: [ 1077.345464][T28131] cache 2334720 [ 1077.397496][T28131] rss 0 [ 1077.403905][T28131] rss_huge 0 [ 1077.409800][T28131] shmem 2334720 [ 1077.416367][T28131] mapped_file 0 [ 1077.449752][T28131] dirty 0 [ 1077.453067][T28131] writeback 0 [ 1077.489262][T28131] workingset_refault_anon 2596 [ 1077.609119][T28131] workingset_refault_file 511 [ 1077.659431][T28131] swap 3170304 [ 1077.663207][T28131] swapcached 144052224 [ 1077.667710][T28131] pgpgin 109110 [ 1077.711762][T28131] pgpgout 108533 [ 1077.761807][T28131] pgfault 121215 [ 1077.765867][T28131] pgmajfault 1019 [ 1077.821627][T28131] inactive_anon 1052672 [ 1077.869409][T28131] active_anon 1179648 [ 1077.877930][T28131] inactive_file 0 [ 1077.899602][T28131] active_file 0 [ 1077.908994][T28131] unevictable 0 [ 1077.957777][T28131] hierarchical_memory_limit 3145728 [ 1077.977979][T28131] hierarchical_memsw_limit 9223372036854771712 [ 1078.019096][T28131] total_cache 2334720 [ 1078.119367][T28131] total_rss 0 [ 1078.168671][T28131] total_rss_huge 0 [ 1078.196307][T28131] total_shmem 2334720 [ 1078.220925][T28131] total_mapped_file 0 [ 1078.239911][T28131] total_dirty 0 [ 1078.268632][T28131] total_writeback 0 [ 1078.286099][T28131] total_workingset_refault_anon 2596 [ 1078.299343][T28131] total_workingset_refault_file 511 [ 1078.308577][T28131] total_swap 3170304 [ 1078.320287][T28131] total_swapcached 144052224 [ 1078.329327][T28131] total_pgpgin 109110 [ 1078.338623][T28131] total_pgpgout 108533 [ 1078.345276][T28131] total_pgfault 121215 [ 1078.351663][T28131] total_pgmajfault 1019 [ 1078.373754][T28131] total_inactive_anon 1052672 [ 1078.412978][T28131] total_active_anon 1179648 [ 1078.423788][T28131] total_inactive_file 0 [ 1078.435469][T28131] total_active_file 0 [ 1078.452806][T28131] total_unevictable 0 [ 1078.472227][T28131] anon_cost 637 [ 1078.479905][T28131] file_cost 0 [ 1078.498444][T28131] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz7,task_memcg=/syz7,task=syz.7.7787,pid=28128,uid=0 [ 1078.523599][T28131] Memory cgroup out of memory: Killed process 28128 (syz.7.7787) total-vm:235736kB, anon-rss:1228kB, file-rss:21248kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1078.852877][T28195] ERROR: Out of memory at tomoyo_memory_ok. [ 1080.292741][T28211] FAULT_INJECTION: forcing a failure. [ 1080.292741][T28211] name failslab, interval 1, probability 0, space 0, times 0 [ 1080.437168][T28211] CPU: 0 UID: 0 PID: 28211 Comm: syz.3.7813 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1080.437244][T28211] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1080.437265][T28211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1080.437288][T28211] Call Trace: [ 1080.437300][T28211] [ 1080.437314][T28211] dump_stack_lvl+0x100/0x190 [ 1080.437372][T28211] should_fail_ex.cold+0x5/0xa [ 1080.437415][T28211] should_failslab+0xc2/0x120 [ 1080.437470][T28211] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1080.437517][T28211] ? do_epoll_ctl+0x2434/0x36a0 [ 1080.437588][T28211] do_epoll_ctl+0x2434/0x36a0 [ 1080.437660][T28211] ? __pfx_do_epoll_ctl+0x10/0x10 [ 1080.437712][T28211] ? find_held_lock+0x2b/0x80 [ 1080.437765][T28211] ? __might_fault+0xc5/0x140 [ 1080.437807][T28211] ? __might_fault+0xc5/0x140 [ 1080.437861][T28211] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 1080.437905][T28211] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 1080.437951][T28211] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 1080.438007][T28211] do_syscall_64+0x106/0xf80 [ 1080.438046][T28211] ? clear_bhb_loop+0x40/0x90 [ 1080.438081][T28211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1080.438112][T28211] RIP: 0033:0x7fb5f599bf79 [ 1080.438136][T28211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1080.438165][T28211] RSP: 002b:00007fb5f68d1028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 1080.438199][T28211] RAX: ffffffffffffffda RBX: 00007fb5f5c15fa0 RCX: 00007fb5f599bf79 [ 1080.438220][T28211] RDX: 0000000000000007 RSI: 0000000000000001 RDI: 0000000000000008 [ 1080.438238][T28211] RBP: 00007fb5f5a327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1080.438256][T28211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1080.438275][T28211] R13: 00007fb5f5c16038 R14: 00007fb5f5c15fa0 R15: 00007ffe103198f8 [ 1080.438313][T28211] [ 1081.357272][T28217] FAULT_INJECTION: forcing a failure. [ 1081.357272][T28217] name failslab, interval 1, probability 0, space 0, times 0 [ 1081.374932][T28217] CPU: 0 UID: 0 PID: 28217 Comm: syz.5.7814 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1081.375010][T28217] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1081.375032][T28217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1081.375054][T28217] Call Trace: [ 1081.375067][T28217] [ 1081.375081][T28217] dump_stack_lvl+0x100/0x190 [ 1081.375141][T28217] should_fail_ex.cold+0x5/0xa [ 1081.375185][T28217] should_failslab+0xc2/0x120 [ 1081.375241][T28217] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1081.375281][T28217] ? slip_open+0x85c/0x1120 [ 1081.375331][T28217] ? timer_init_key+0x150/0x340 [ 1081.375374][T28217] slip_open+0x85c/0x1120 [ 1081.375438][T28217] ? find_held_lock+0x2b/0x80 [ 1081.375494][T28217] ? __pfx_slip_open+0x10/0x10 [ 1081.375544][T28217] ? tty_set_ldisc+0x2b1/0x740 [ 1081.375603][T28217] ? __pfx_slip_open+0x10/0x10 [ 1081.375653][T28217] tty_ldisc_open+0xa2/0x120 [ 1081.375703][T28217] tty_set_ldisc+0x325/0x740 [ 1081.375759][T28217] tty_ioctl+0x695/0x1690 [ 1081.375816][T28217] ? __pfx_tty_ioctl+0x10/0x10 [ 1081.375882][T28217] ? find_held_lock+0x2b/0x80 [ 1081.375937][T28217] ? __fget_files+0x215/0x3d0 [ 1081.375986][T28217] ? hook_file_ioctl_common+0x146/0x410 [ 1081.376039][T28217] ? __fget_files+0x21f/0x3d0 [ 1081.376096][T28217] ? __pfx_tty_ioctl+0x10/0x10 [ 1081.376153][T28217] __x64_sys_ioctl+0x18e/0x210 [ 1081.376202][T28217] do_syscall_64+0x106/0xf80 [ 1081.376248][T28217] ? clear_bhb_loop+0x40/0x90 [ 1081.376294][T28217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1081.376331][T28217] RIP: 0033:0x7f75ae39bf79 [ 1081.376361][T28217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1081.376397][T28217] RSP: 002b:00007f75af311028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1081.376438][T28217] RAX: ffffffffffffffda RBX: 00007f75ae616090 RCX: 00007f75ae39bf79 [ 1081.376462][T28217] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 1081.376483][T28217] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1081.376504][T28217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1081.376524][T28217] R13: 00007f75ae616128 R14: 00007f75ae616090 R15: 00007ffea10ae308 [ 1081.376571][T28217] [ 1083.101633][T28236] FAULT_INJECTION: forcing a failure. [ 1083.101633][T28236] name failslab, interval 1, probability 0, space 0, times 0 [ 1083.115899][T28236] CPU: 1 UID: 0 PID: 28236 Comm: syz.5.7820 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1083.115972][T28236] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1083.115992][T28236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1083.116012][T28236] Call Trace: [ 1083.116024][T28236] [ 1083.116046][T28236] dump_stack_lvl+0x100/0x190 [ 1083.116103][T28236] should_fail_ex.cold+0x5/0xa [ 1083.116145][T28236] should_failslab+0xc2/0x120 [ 1083.116200][T28236] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1083.116240][T28236] ? acpi_evaluate_object+0xf5/0xe00 [ 1083.116277][T28236] ? __lock_acquire+0x4a5/0x2630 [ 1083.116327][T28236] acpi_evaluate_object+0xf5/0xe00 [ 1083.116364][T28236] ? kasan_save_stack+0x30/0x50 [ 1083.116410][T28236] ? kasan_save_track+0x14/0x30 [ 1083.116466][T28236] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 1083.116518][T28236] acpi_evaluate_integer+0xdf/0x220 [ 1083.116572][T28236] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 1083.116645][T28236] ? __pfx_status_show+0x10/0x10 [ 1083.116680][T28236] status_show+0xa0/0x120 [ 1083.116716][T28236] ? __pfx_status_show+0x10/0x10 [ 1083.116763][T28236] dev_attr_show+0x52/0xa0 [ 1083.116807][T28236] ? __pfx_dev_attr_show+0x10/0x10 [ 1083.116848][T28236] sysfs_kf_seq_show+0x217/0x3a0 [ 1083.116913][T28236] seq_read_iter+0x32f/0x1270 [ 1083.116979][T28236] kernfs_fop_read_iter+0x46c/0x610 [ 1083.117031][T28236] ? rw_verify_area+0xce/0x6d0 [ 1083.117083][T28236] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 1083.117136][T28236] vfs_read+0x825/0xb30 [ 1083.117190][T28236] ? __pfx_vfs_read+0x10/0x10 [ 1083.117264][T28236] ksys_read+0x12a/0x250 [ 1083.117312][T28236] ? __pfx_ksys_read+0x10/0x10 [ 1083.117373][T28236] do_syscall_64+0x106/0xf80 [ 1083.117419][T28236] ? clear_bhb_loop+0x40/0x90 [ 1083.117465][T28236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1083.117499][T28236] RIP: 0033:0x7f75ae39bf79 [ 1083.117529][T28236] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1083.117564][T28236] RSP: 002b:00007f75af332028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1083.117598][T28236] RAX: ffffffffffffffda RBX: 00007f75ae615fa0 RCX: 00007f75ae39bf79 [ 1083.117622][T28236] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 1083.117643][T28236] RBP: 00007f75ae4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1083.117663][T28236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1083.117684][T28236] R13: 00007f75ae616038 R14: 00007f75ae615fa0 R15: 00007ffea10ae308 [ 1083.117729][T28236] [ 1085.084942][T28260] netlink: 13 bytes leftover after parsing attributes in process `syz.2.7827'. [ 1085.289464][T28262] FAULT_INJECTION: forcing a failure. [ 1085.289464][T28262] name failslab, interval 1, probability 0, space 0, times 0 [ 1085.289574][T28262] CPU: 1 UID: 0 PID: 28262 Comm: syz.2.7828 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1085.289648][T28262] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1085.289670][T28262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1085.289692][T28262] Call Trace: [ 1085.289704][T28262] [ 1085.289718][T28262] dump_stack_lvl+0x100/0x190 [ 1085.289779][T28262] should_fail_ex.cold+0x5/0xa [ 1085.289822][T28262] should_failslab+0xc2/0x120 [ 1085.289878][T28262] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1085.289918][T28262] ? tipc_nametbl_insert_publ+0x5a/0x1580 [ 1085.289982][T28262] tipc_nametbl_insert_publ+0x5a/0x1580 [ 1085.290037][T28262] ? do_raw_spin_lock+0x128/0x260 [ 1085.290098][T28262] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1085.290173][T28262] tipc_nametbl_publish+0x137/0x260 [ 1085.290235][T28262] tipc_sk_publish+0x1d8/0x430 [ 1085.290293][T28262] ? __pfx_tipc_sk_publish+0x10/0x10 [ 1085.290354][T28262] ? __local_bh_enable_ip+0x9e/0x120 [ 1085.290398][T28262] tipc_sk_bind+0x16f/0x380 [ 1085.290457][T28262] tipc_bind+0x18d/0x280 [ 1085.290516][T28262] __sys_bind+0x1a9/0x260 [ 1085.290556][T28262] ? __pfx___sys_bind+0x10/0x10 [ 1085.290621][T28262] __x64_sys_bind+0x72/0xb0 [ 1085.290658][T28262] ? lockdep_hardirqs_on+0x78/0x100 [ 1085.290707][T28262] do_syscall_64+0x106/0xf80 [ 1085.290754][T28262] ? clear_bhb_loop+0x40/0x90 [ 1085.290800][T28262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1085.290837][T28262] RIP: 0033:0x7f7f6879bf79 [ 1085.290872][T28262] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1085.290907][T28262] RSP: 002b:00007f7f696a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 1085.290942][T28262] RAX: ffffffffffffffda RBX: 00007f7f68a15fa0 RCX: 00007f7f6879bf79 [ 1085.290967][T28262] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000002 [ 1085.290989][T28262] RBP: 00007f7f688327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1085.291010][T28262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1085.291031][T28262] R13: 00007f7f68a16038 R14: 00007f7f68a15fa0 R15: 00007fff68d8e808 [ 1085.291077][T28262] [ 1086.371561][T28280] netlink: 'syz.2.7834': attribute type 4 has an invalid length. [ 1086.371596][T28280] netlink: 'syz.2.7834': attribute type 32 has an invalid length. [ 1086.371620][T28280] netlink: 46 bytes leftover after parsing attributes in process `syz.2.7834'. [ 1086.633422][T28286] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7835'. [ 1086.634309][T28286] netlink: 25 bytes leftover after parsing attributes in process `syz.3.7835'. [ 1087.924220][T28311] netlink: 330 bytes leftover after parsing attributes in process `syz.5.7844'. [ 1088.853212][T28298] Process accounting resumed [ 1090.308825][T28346] ERROR: Out of memory at tomoyo_memory_ok. [ 1091.766248][T28355] netlink: 44 bytes leftover after parsing attributes in process `syz.2.7856'. [ 1091.799658][T28355] netlink: 44 bytes leftover after parsing attributes in process `syz.2.7856'. [ 1091.988719][T17274] Bluetooth: hci1: Unable to find connection for big 0xd2 [ 1094.350975][ T31] INFO: task syz.6.7159:25982 blocked for more than 143 seconds. [ 1094.378949][ T31] Tainted: G U W L XTNJ syzkaller #0 [ 1094.386197][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1094.424515][ T31] task:syz.6.7159 state:D stack:27464 pid:25982 tgid:25977 ppid:20506 task_flags:0x400140 flags:0x00080002 [ 1094.466028][ T31] Call Trace: [ 1094.477007][ T31] [ 1094.485219][ T31] __schedule+0xfee/0x60e0 [ 1094.509197][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1094.539110][ T31] ? __pfx___schedule+0x10/0x10 [ 1094.544541][ T31] ? find_held_lock+0x2b/0x80 [ 1094.594394][ T31] ? schedule+0x2bf/0x390 [ 1094.609003][ T31] schedule+0xdd/0x390 [ 1094.613585][ T31] schedule_preempt_disabled+0x13/0x30 [ 1094.628951][ T31] __mutex_lock+0xc9a/0x1b90 [ 1094.636457][T28394] bond0: option slaves: interface -Âô does not exist! [ 1094.646393][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 1094.658978][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 1094.672780][ T31] ? __pfx___nla_validate_parse+0x10/0x10 [ 1094.710166][ T31] ? nfsd_nl_version_set_doit+0xc4/0x7a0 [ 1094.810381][ T31] nfsd_nl_version_set_doit+0xc4/0x7a0 [ 1094.848284][T28391] netlink: 354 bytes leftover after parsing attributes in process `syz.3.7869'. [ 1094.849041][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 1094.938632][ T31] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 1094.967894][ T31] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 1095.006102][ T31] genl_family_rcv_msg_doit+0x214/0x300 [ 1095.033822][ T31] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1095.198998][ T31] ? apparmor_capable+0x1f2/0x4e0 [ 1095.204638][ T31] ? bpf_lsm_capable+0x9/0x10 [ 1095.216060][ T31] ? security_capable+0x80/0x260 [ 1095.221893][ T31] genl_rcv_msg+0x560/0x800 [ 1095.226926][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1095.233140][ T31] ? __pfx_nfsd_nl_version_set_doit+0x10/0x10 [ 1095.243119][ T31] netlink_rcv_skb+0x159/0x420 [ 1095.248448][ T31] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1095.254546][ T31] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1095.289082][ T31] ? netlink_deliver_tap+0x1ae/0xcc0 [ 1095.294997][ T31] genl_rcv+0x28/0x40 [ 1095.359295][ T31] netlink_unicast+0x5aa/0x870 [ 1095.364824][ T31] ? __pfx_netlink_unicast+0x10/0x10 [ 1095.415972][ T31] ? __pfx___might_resched+0x10/0x10 [ 1095.429114][ T31] ? __lock_acquire+0x4a5/0x2630 [ 1095.434741][ T31] netlink_sendmsg+0x8b0/0xda0 [ 1095.449431][ T31] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1095.455328][ T31] ? __import_iovec+0x1d2/0x640 [ 1095.489941][ T31] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 1095.496252][ T31] ____sys_sendmsg+0xa54/0xc30 [ 1095.529680][ T31] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1095.535608][ T31] ? __pfx_futex_wake_mark+0x10/0x10 [ 1095.549528][ T31] ___sys_sendmsg+0x190/0x1e0 [ 1095.554753][ T31] ? __pfx____sys_sendmsg+0x10/0x10 [ 1095.569163][ T31] __sys_sendmsg+0x170/0x220 [ 1095.574496][ T31] ? __pfx___sys_sendmsg+0x10/0x10 [ 1095.598979][ T31] ? __x64_sys_futex+0x34f/0x4d0 [ 1095.604495][ T31] do_syscall_64+0x106/0xf80 [ 1095.613925][ T31] ? clear_bhb_loop+0x40/0x90 [ 1095.630548][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1095.637108][ T31] RIP: 0033:0x7f94bb79bf79 [ 1095.644523][ T31] RSP: 002b:00007f94bc5a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1095.659228][ T31] RAX: ffffffffffffffda RBX: 00007f94bba16090 RCX: 00007f94bb79bf79 [ 1095.668118][ T31] RDX: 0000000000000844 RSI: 00002000000004c0 RDI: 0000000000000004 [ 1095.698970][ T31] RBP: 00007f94bb8327e0 R08: 0000000000000000 R09: 0000000000000000 [ 1095.707813][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1095.759381][ T31] R13: 00007f94bba16128 R14: 00007f94bba16090 R15: 00007ffc66175958 [ 1095.768248][ T31] [ 1095.789246][ T31] [ 1095.789246][ T31] Showing all locks held in the system: [ 1095.798491][ T31] 1 lock held by khungtaskd/31: [ 1095.809097][ T31] #0: ffffffff8e7e92e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 1095.839375][ T31] 4 locks held by kworker/u8:11/3002: [ 1095.845339][ T31] #0: ffff88801c6a6948 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x1287/0x1920 [ 1095.928951][ T31] #1: ffffc9000fecfd08 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x93c/0x1920 [ 1095.955639][ T31] #2: ffffffff905f69f0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xb8/0x920 [ 1095.967411][ T31] #3: ffffffff9060f2e8 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x7ec/0xab0 [ 1095.980658][ T31] 1 lock held by syz.3.717/7629: [ 1095.986132][ T31] #0: ffffffff8e7f4ef8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1095.998533][ T31] 1 lock held by syz-executor/24662: [ 1096.005090][ T31] #0: ffffffff8e7f4ef8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x19e/0x3c0 [ 1096.016539][ T31] 2 locks held by syz.6.7159/25979: [ 1096.022630][ T31] #0: ffffffff906bb430 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1096.032426][ T31] #1: ffffffff8ec55d88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_listener_set_doit+0xd5/0x1b20 [ 1096.045335][ T31] 2 locks held by syz.6.7159/25982: [ 1096.053451][ T31] #0: ffffffff906bb430 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40 [ 1096.062931][ T31] #1: ffffffff8ec55d88 (nfsd_mutex){+.+.}-{4:4}, at: nfsd_nl_version_set_doit+0xc4/0x7a0 [ 1096.075394][ T31] 1 lock held by syz.7.7786/28124: [ 1096.081867][ T31] #0: ffff8880b843b2e0 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x88/0x140 [ 1096.118978][ T31] [ 1096.121592][ T31] ============================================= [ 1096.121592][ T31] [ 1096.180126][ T31] NMI backtrace for cpu 0 [ 1096.180157][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1096.180221][ T31] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1096.180240][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1096.180260][ T31] Call Trace: [ 1096.180272][ T31] [ 1096.180284][ T31] dump_stack_lvl+0x100/0x190 [ 1096.180338][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 1096.180393][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 1096.180442][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 1096.180482][ T31] sys_info+0x141/0x190 [ 1096.180531][ T31] watchdog+0xd25/0x1050 [ 1096.180594][ T31] ? __pfx_watchdog+0x10/0x10 [ 1096.180644][ T31] ? __kthread_parkme+0x18c/0x230 [ 1096.180701][ T31] ? kthread+0x13a/0x450 [ 1096.180739][ T31] ? __pfx_watchdog+0x10/0x10 [ 1096.180788][ T31] kthread+0x370/0x450 [ 1096.180829][ T31] ? __pfx_kthread+0x10/0x10 [ 1096.180874][ T31] ret_from_fork+0x754/0xd80 [ 1096.180923][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1096.180974][ T31] ? __switch_to+0x7b4/0x1120 [ 1096.181009][ T31] ? __pfx_kthread+0x10/0x10 [ 1096.181053][ T31] ret_from_fork_asm+0x1a/0x30 [ 1096.181122][ T31] [ 1096.181134][ T31] Sending NMI from CPU 0 to CPUs 1: [ 1096.329520][ C1] NMI backtrace for cpu 1 [ 1096.329545][ C1] CPU: 1 UID: 0 PID: 28124 Comm: syz.7.7786 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1096.329597][ C1] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1096.329612][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1096.329628][ C1] RIP: 0010:unwind_next_frame+0x0/0x1ea0 [ 1096.329659][ C1] Code: 94 e8 c4 a2 bb 00 e9 6b ff ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1e fa 48 b8 00 00 00 00 00 fc ff df 41 57 48 89 fa 41 56 48 [ 1096.329684][ C1] RSP: 0018:ffffc90000a089f8 EFLAGS: 00000202 [ 1096.329704][ C1] RAX: 0000000000000001 RBX: ffffc90000a08a00 RCX: ffffc90000a08954 [ 1096.329721][ C1] RDX: 1ffff92000141177 RSI: ffffffff82645afa RDI: ffffc90000a08a00 [ 1096.329739][ C1] RBP: ffffc90000a08a90 R08: 0000000000000001 R09: 0000000000000007 [ 1096.329755][ C1] R10: 0000000000000200 R11: 0000000000017e7b R12: ffffffff81f29cf0 [ 1096.329771][ C1] R13: ffffc90000a08ac0 R14: 0000000000000000 R15: ffff888052e13c80 [ 1096.329789][ C1] FS: 0000000000000000(0000) GS:ffff88812445a000(0000) knlGS:0000000000000000 [ 1096.329812][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1096.329828][ C1] CR2: 0000001b2ef07ff8 CR3: 0000000037458000 CR4: 00000000003526f0 [ 1096.329854][ C1] Call Trace: [ 1096.329863][ C1] [ 1096.329871][ C1] arch_stack_walk+0x94/0xf0 [ 1096.329899][ C1] ? __free_frozen_pages+0x7ca/0x10a0 [ 1096.329927][ C1] ? __put_task_struct+0x353/0x590 [ 1096.329953][ C1] stack_trace_save+0x8e/0xc0 [ 1096.329993][ C1] ? __pfx_stack_trace_save+0x10/0x10 [ 1096.330034][ C1] ? __lock_acquire+0x4a5/0x2630 [ 1096.330064][ C1] ? rcu_core+0x59d/0x10d0 [ 1096.330097][ C1] kasan_save_stack+0x30/0x50 [ 1096.330130][ C1] ? kasan_save_stack+0x30/0x50 [ 1096.330161][ C1] ? kasan_save_track+0x14/0x30 [ 1096.330193][ C1] ? kasan_save_free_info+0x3b/0x70 [ 1096.330220][ C1] ? __kasan_slab_free+0x5f/0x80 [ 1096.330254][ C1] ? kmem_cache_free+0x124/0x6a0 [ 1096.330280][ C1] ? __put_task_struct+0x353/0x590 [ 1096.330305][ C1] ? rcu_core+0x5a2/0x10d0 [ 1096.330334][ C1] ? handle_softirqs+0x1eb/0x9e0 [ 1096.330358][ C1] ? __irq_exit_rcu+0xef/0x150 [ 1096.330381][ C1] ? irq_exit_rcu+0x9/0x30 [ 1096.330404][ C1] ? sysvec_apic_timer_interrupt+0xa3/0xc0 [ 1096.330436][ C1] ? asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1096.330464][ C1] ? rcu_lockdep_current_cpu_online+0x86/0x150 [ 1096.330506][ C1] ? rcu_read_lock_held+0x27/0x50 [ 1096.330528][ C1] ? lookup_page_ext+0x6e/0x100 [ 1096.330560][ C1] ? page_ext_get+0x58/0x1a0 [ 1096.330591][ C1] ? __reset_page_owner+0x2b/0x190 [ 1096.330626][ C1] ? __free_frozen_pages+0x7ca/0x10a0 [ 1096.330672][ C1] kasan_save_track+0x14/0x30 [ 1096.330705][ C1] kasan_save_free_info+0x3b/0x70 [ 1096.330732][ C1] __kasan_slab_free+0x5f/0x80 [ 1096.330767][ C1] kmem_cache_free+0x124/0x6a0 [ 1096.330794][ C1] ? key_put+0x62/0x2e0 [ 1096.330822][ C1] ? rcu_core+0x59d/0x10d0 [ 1096.330861][ C1] ? rcu_core+0x59d/0x10d0 [ 1096.330892][ C1] __put_task_struct+0x353/0x590 [ 1096.330918][ C1] ? rcu_core+0x59d/0x10d0 [ 1096.330948][ C1] rcu_core+0x5a2/0x10d0 [ 1096.330983][ C1] ? __pfx_rcu_core+0x10/0x10 [ 1096.331013][ C1] ? ktime_get+0x1a7/0x300 [ 1096.331040][ C1] ? rcu_is_watching+0x12/0xc0 [ 1096.331077][ C1] handle_softirqs+0x1eb/0x9e0 [ 1096.331104][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 1096.331133][ C1] __irq_exit_rcu+0xef/0x150 [ 1096.331156][ C1] irq_exit_rcu+0x9/0x30 [ 1096.331179][ C1] sysvec_apic_timer_interrupt+0xa3/0xc0 [ 1096.331210][ C1] [ 1096.331218][ C1] [ 1096.331227][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 1096.331255][ C1] RIP: 0010:rcu_lockdep_current_cpu_online+0x86/0x150 [ 1096.331298][ C1] Code: 3c 02 00 0f 85 a8 00 00 00 48 03 1c ed e0 28 12 8e 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 28 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 8b 00 00 00 48 8d 7b 20 48 8b 6b 28 48 b8 00 00 00 00 00 fc [ 1096.331322][ C1] RSP: 0018:ffffc9000213f900 EFLAGS: 00000246 [ 1096.331341][ C1] RAX: dffffc0000000000 RBX: ffff8880b853c240 RCX: 1ffff11027fe3e1e [ 1096.331359][ C1] RDX: 1ffff110170a784d RSI: ffffffff8c1adaa0 RDI: ffff8880b853c268 [ 1096.331376][ C1] RBP: 0000000000000001 R08: 0000000000000006 R09: 0000000000001000 [ 1096.331392][ C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffffea0000f0e000 [ 1096.331407][ C1] R13: 000000ff424b3f89 R14: 0000000000000000 R15: 0000000000000000 [ 1096.331433][ C1] rcu_read_lock_held+0x27/0x50 [ 1096.331456][ C1] lookup_page_ext+0x6e/0x100 [ 1096.331490][ C1] page_ext_get+0x58/0x1a0 [ 1096.331521][ C1] __reset_page_owner+0x2b/0x190 [ 1096.331558][ C1] __free_frozen_pages+0x7ca/0x10a0 [ 1096.331589][ C1] vfree.part.0+0x12b/0x9d0 [ 1096.331612][ C1] ? __pfx___might_resched+0x10/0x10 [ 1096.331648][ C1] ? __pfx_kcov_close+0x10/0x10 [ 1096.331683][ C1] ? rcu_is_watching+0x12/0xc0 [ 1096.331719][ C1] ? __pfx_kcov_close+0x10/0x10 [ 1096.331755][ C1] vfree+0x55/0x80 [ 1096.331775][ C1] kcov_close+0x34/0x60 [ 1096.331809][ C1] __fput+0x3ff/0xb40 [ 1096.331841][ C1] task_work_run+0x150/0x240 [ 1096.331876][ C1] ? __pfx_task_work_run+0x10/0x10 [ 1096.331914][ C1] do_exit+0x829/0x2a90 [ 1096.331948][ C1] ? __pfx_do_exit+0x10/0x10 [ 1096.331977][ C1] ? __pfx_proc_coredump_connector+0x10/0x10 [ 1096.332020][ C1] do_group_exit+0xd5/0x2a0 [ 1096.332054][ C1] get_signal+0x1ec7/0x21e0 [ 1096.332086][ C1] ? __pfx_get_signal+0x10/0x10 [ 1096.332110][ C1] ? bad_area_access_error+0xab/0x1d0 [ 1096.332150][ C1] ? fixup_vdso_exception+0x2d1/0x370 [ 1096.332183][ C1] arch_do_signal_or_restart+0x91/0x770 [ 1096.332214][ C1] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 1096.332250][ C1] ? do_user_addr_fault+0x8d6/0x12f0 [ 1096.332293][ C1] irqentry_exit+0x1f8/0x670 [ 1096.332327][ C1] asm_exc_page_fault+0x26/0x30 [ 1096.332351][ C1] RIP: 0033:0x0 [ 1096.332368][ C1] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 1096.332380][ C1] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 1096.332398][ C1] RAX: 0000000000000000 RBX: 00007f39e4015fa0 RCX: 00007f39e3d9bf79 [ 1096.332415][ C1] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 1096.332430][ C1] RBP: 00007f39e3e327e0 R08: 0000000000000002 R09: 0000000000000000 [ 1096.332446][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1096.332462][ C1] R13: 00007f39e4016038 R14: 00007f39e4015fa0 R15: 00007ffdf7f00958 [ 1096.332488][ C1] [ 1097.205992][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 1097.213608][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1097.225413][ T31] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1097.236504][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 1097.247600][ T31] Call Trace: [ 1097.251236][ T31] [ 1097.254486][ T31] dump_stack_lvl+0x100/0x190 [ 1097.259685][ T31] vpanic+0x552/0x970 [ 1097.264105][ T31] ? __pfx_vpanic+0x10/0x10 [ 1097.269105][ T31] ? nmi_trigger_cpumask_backtrace+0x182/0x230 [ 1097.275931][ T31] panic+0xd1/0xe0 [ 1097.280065][ T31] ? __pfx_panic+0x10/0x10 [ 1097.284966][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 1097.291784][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 1097.298594][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 1097.305397][ T31] ? watchdog.cold+0x198/0x1ca [ 1097.310682][ T31] ? watchdog+0xd35/0x1050 [ 1097.315602][ T31] watchdog.cold+0x1a9/0x1ca [ 1097.320707][ T31] ? __pfx_watchdog+0x10/0x10 [ 1097.325898][ T31] ? __kthread_parkme+0x18c/0x230 [ 1097.331465][ T31] ? kthread+0x13a/0x450 [ 1097.336178][ T31] ? __pfx_watchdog+0x10/0x10 [ 1097.341361][ T31] kthread+0x370/0x450 [ 1097.345871][ T31] ? __pfx_kthread+0x10/0x10 [ 1097.350960][ T31] ret_from_fork+0x754/0xd80 [ 1097.356049][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 1097.361720][ T31] ? __switch_to+0x7b4/0x1120 [ 1097.366928][ T31] ? __pfx_kthread+0x10/0x10 [ 1097.372012][ T31] ret_from_fork_asm+0x1a/0x30 [ 1097.377305][ T31] [ 1097.381178][ T31] Kernel Offset: disabled [ 1097.385960][ T31] Rebooting in 86400 seconds..