last executing test programs: 5m51.590535324s ago: executing program 3 (id=4854): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) connect$auto(0x3, 0x0, 0x55) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x80000000, 0x7) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) epoll_create1$auto(0x0) 5m50.844623503s ago: executing program 3 (id=4858): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) r0 = socket(0x1d, 0x3, 0x1) setsockopt$auto(r0, 0x65, 0x1, 0x0, 0x800) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) close_range$auto(0x2, 0x8, 0x0) 5m50.6042898s ago: executing program 3 (id=4859): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x1000, 0x0) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x232040, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ram0\x00', 0x67f00, 0x0) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x400, 0x2f) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) 5m50.391220049s ago: executing program 3 (id=4861): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m49.935105062s ago: executing program 3 (id=4864): madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NBD_CMD_DISCONNECT(0xffffffffffffffff, 0x0, 0x2000c800) read$auto(0xffffffffffffffff, &(0x7f00000000c0)='/sys/devices/porm/vhci_hcd.7/uwb2\xb6\x9d23-0:1.0/ep\xdf\x001/interval\x00\x00\x00\x00\x00', 0x2) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) waitid$auto_P_PGID(0x2, r0, 0x0, 0x7, 0x0) r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r1, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000004) 5m49.239860277s ago: executing program 3 (id=4869): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5m48.876835453s ago: executing program 32 (id=4869): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5m47.934605091s ago: executing program 0 (id=4877): mmap$auto(0x0, 0x40009, 0x7, 0x9b72, 0x7, 0x28000) r0 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = syz_genetlink_get_family_id$auto_nlbl_unlbl(&(0x7f0000000040), r0) sendmsg$auto_NLBL_UNLABEL_C_LIST(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x40, r1, 0x8, 0x70bd28, 0x25dfdbfb, {}, [@NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @loopback}, @NLBL_UNLABEL_A_IPV4ADDR={0x8, 0x4, @rand_addr=0x64010102}, @NLBL_UNLABEL_A_IPV4MASK={0x8, 0x5, @empty}, @NLBL_UNLABEL_A_IPV6MASK={0x14, 0x3, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x61}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0x2, 0x0) 5m47.420406843s ago: executing program 0 (id=4882): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/afs/cells\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r0, 0x0, 0x20) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/module/zswap/parameters/compressor\x00', 0x82002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000003900)="fb", 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000000c0)=""/7, 0x7) 5m46.369467103s ago: executing program 0 (id=4895): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) fcntl$auto(0x3, 0x4, 0xa553) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0xe) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x11f, 0x0, 0xfffffffffffffffd) 5m45.203555714s ago: executing program 0 (id=4893): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 5m44.736484424s ago: executing program 0 (id=4896): mmap$auto(0x0, 0x40000b, 0xde, 0x200009b72, 0xffffffffffffffff, 0x8000) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TEMP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="770e0000", @ANYRES16=0x0, @ANYBLOB="080028bd7000fddbdf250300000008000600"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x405b) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc045}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x8000, 0x1, 0x8, 0x20007, 0x5, 0xffffffffffffffff, 0x80000001, "787d66da4a620eab7f7382854ef61529", 0x0, 0xffffffffffffffff, 0x7, 0xffff4e8b, 0x2002, 0x1}, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00\''], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r0 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r0, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 5m44.052814821s ago: executing program 0 (id=4898): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) ioctl$auto(0x3, 0x89e0, 0x91) 5m43.63021937s ago: executing program 33 (id=4898): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) ioctl$auto(0x3, 0x89e0, 0x91) 3m48.278181022s ago: executing program 4 (id=5668): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/set_event_notrace_pid\x00', 0x582, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2440, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, &(0x7f0000000080)={{@raw=0x5, 0x802, 0x35, 0x804, "36de2b0a327d724585d0b99f2d17729a5f833ecd1aba4a2c7b7a7997d8308453b2fa9e014dfefae6966dc3dc", @raw=0x5}, 0x0, 0x1, 0xffff, @raw=0x6, @integer64={0xb, 0x10001, 0x9}, "783f755296b60ee24c1881f015f4d529ecddcaf3eac72d2d7353863e9cb3761c92af4d877daee740a465e8817fe58636780bd0a915cc515ae057704b91ec686e"}) write$auto(0x3, 0x0, 0x5c8) 3m48.019186111s ago: executing program 4 (id=5670): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000001380), 0x0, 0x0) io_uring_setup$auto(0xdd4, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) 3m47.771691625s ago: executing program 4 (id=5672): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) epoll_create$auto(0x4) 3m46.667132621s ago: executing program 4 (id=5680): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x82, 0x0) socket(0x2, 0x1, 0x0) socket(0x2, 0x5, 0x0) epoll_create$auto(0x7) r0 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r0, 0x0) epoll_ctl$auto(0x5, 0x3, r0, 0x0) 3m46.516378051s ago: executing program 4 (id=5681): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 3m46.351864347s ago: executing program 4 (id=5683): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video52\x00', 0x6aa01, 0x0) ioctl$auto(r1, 0xc0585611, r1) 3m31.306655116s ago: executing program 34 (id=5683): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2, 0x1, 0x0) socket(0x2b, 0x1, 0x1) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(r0, r0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video52\x00', 0x6aa01, 0x0) ioctl$auto(r1, 0xc0585611, r1) 6.506818108s ago: executing program 2 (id=7024): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0xf441, 0x4000000000df, 0xeb1, 0x401, 0x0) unshare$auto(0x40000080) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) migrate_pages$auto(0x0, 0xa, 0x0, &(0x7f0000000140)=0x2) 3.995542226s ago: executing program 2 (id=7030): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mtdblock0\x00', 0x14f602, 0x0) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @broadcast}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) write$auto(0x3, 0x0, 0x1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) shutdown$auto(0x200000003, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 3.995425075s ago: executing program 6 (id=7031): mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/sctp/assocs\x00', 0x101080, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, 0x0) readv$auto(0x3, &(0x7f0000000280)={0x0, 0xf7}, 0x87) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x8000003, 0x0, 0x7, 0x0, 0x7, 0x201d55}, 0x2}, 0x800, 0x80000000) r2 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) write$auto(r2, &(0x7f0000000200)='&\x00', 0x8) r3 = socket(0xa, 0x5, 0x84) unshare$auto(0x1) sendto$auto(r3, 0x0, 0x401, 0x6358c0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) pread64$auto(r0, 0x0, 0x7, 0xffff) 3.511993015s ago: executing program 6 (id=7032): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) write$auto_ocfs2_control_fops_stack_user(r0, &(0x7f0000003900)='\t', 0x1) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) unshare$auto(0x40000080) clone$auto(0x9001, 0x5, 0xffffffffffffffff, 0xfffffffffffffffc, 0x5) swapon$auto(0x0, 0x8000004) 3.238820854s ago: executing program 2 (id=7034): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x20, 0x0) r0 = socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x18, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) ioctl$auto_KVM_CREATE_VM(r1, 0xc028ae92, 0x0) 2.92429037s ago: executing program 1 (id=7036): mmap$auto(0x0, 0x20009, 0x10000000000df, 0x4eb2, 0x401, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x58400, 0x22) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dsp\x00', 0x20002, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000000)) r2 = epoll_create$auto(0x8800001) epoll_ctl$auto(r2, 0x1, r0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x189002, 0x0) write$auto(0x3, 0x0, 0xfdef) 2.628603459s ago: executing program 5 (id=7037): select$auto(0xd, &(0x7f00000000c0)={[0x5, 0x9, 0x3, 0x3, 0x2, 0xb8, 0x0, 0x9, 0x8000000000000001, 0xffffffffffffff73, 0x8001, 0x2, 0x4, 0x8, 0x3e7, 0x8]}, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x88000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) r0 = socket(0x1d, 0x2, 0x7) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000000)=@can={0x1d, r2}, 0x6a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'vcan0\x00', 0x0}) connect$auto(0x3, &(0x7f00000018c0)=@can={0x1d, r3}, 0x18) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.526628653s ago: executing program 2 (id=7039): close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xb, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) io_uring_setup$auto(0x401, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/rose11/tx_queue_len\x00', 0xa0000, 0x0) 2.341801463s ago: executing program 1 (id=7040): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x8, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) r1 = socket(0x18, 0x5, 0x1) connect$auto(r1, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) write$auto(0xffffffffffffffff, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.214777552s ago: executing program 1 (id=7042): socket(0x22, 0x3, 0x0) recvmmsg$auto(0xffffffffffffffff, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = signalfd$auto(0xffffffffffffffff, 0x0, 0x8) read$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f0000001a40)=""/4100, 0x1004) sigaltstack$auto(&(0x7f0000000140)={0x0, 0x80000000, 0x800000000dd}, 0x0) r1 = getpid() r2 = gettid() rt_tgsigqueueinfo$auto(r1, r2, 0x21, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x80000000) 1.925227023s ago: executing program 2 (id=7043): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0x8, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) unshare$auto(0x40000080) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) socket(0x15, 0x5, 0x0) pipe$auto(0x0) dup2$auto(0x5, 0x4) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) splice$auto(0x4, 0x0, r0, 0x0, 0x80000004, 0x9) write$auto(0x6, 0x0, 0x1) 1.61811766s ago: executing program 5 (id=7044): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x10, 0x80002, 0x0) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) timerfd_settime$auto(r0, 0x3, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) settimeofday$auto(&(0x7f0000000180)={0x10000001f, 0x1}, 0x0) 1.551988546s ago: executing program 6 (id=7045): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, 0x0, 0x5, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x400) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) sendfile$auto(0x3, r1, 0x0, 0x400000000006) shutdown$auto(r0, 0x2) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 1.349926165s ago: executing program 5 (id=7046): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r2, @ANYBLOB="18000000", @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0) write$auto(r1, &(0x7f0000000000)='-\x00', 0x30) 1.253881452s ago: executing program 1 (id=7047): r0 = open(&(0x7f0000000080)='./file0\x00', 0x22ac2, 0x5d745cb200ae4d7b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev1\x00', 0xe0800, 0x0) ioctl$auto(0x3, 0xc0905664, 0x38) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000e40)='/sys/devices/pci0000:00/0000:00:01.3/config\x00', 0x68002, 0x0) pread64$auto(r1, 0x0, 0x3, 0x93) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fstatfs$auto(0x3, 0x0) write$auto_fops_u32_(r0, &(0x7f0000000100)="035289bfec1ca65c63d03e34c9f1c4023ca52d3288c8a5a63bf17ead1703aa5bcafe5c2a3d2e73da2b56d0897bb7165366f5a084f8242f14a852340e941f630cfb2a18d5ba6adb739f5ce2734c9e3e5d8db1934c053d27c51da49724e9400f2089ec4ba2c53bf6fe63f3a326c98619b5fb15cf16087baa6245fbdd10800c205916a2d25a46aff41d1bd1f43ca2b455777fdf87c2018ad024221ef89c53de070869b436ec30b3bc7e6caa1521a6fd0a3ffb0beb379e47c06c522430852eb3f5e90b5d3b2a894a7f2403b85c6c18609c0cb245e9f50143661bac642f256bfa6bc67648f632885decd3a03e2c", 0xeb) setfsuid$auto(0xee00) write$auto(r0, 0x0, 0x7fff) 1.116972286s ago: executing program 5 (id=7048): r0 = open(&(0x7f0000000040)='./file0\x00', 0x22240, 0x154) fcntl$auto(r0, 0x400, 0x1) close_range$auto(0x0, 0xfffffffffffff000, 0x0) ioctl$auto(0xffffffffffffffff, 0x405c5504, 0x81) syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) socket(0x25, 0x1, 0xcb4) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x28000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x88) fremovexattr$auto(r1, &(0x7f0000000000)='system.posix_acl_access\x00') 1.022004889s ago: executing program 1 (id=7049): close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0xd, 0x0) clone$auto(0x1ff00, 0x0, 0x0, 0x0, 0x9) exit$auto(0x7fff) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) ustat$auto(0x801, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) recvfrom$auto(0x3, 0x0, 0x1, 0xfc, 0x0, 0xfffffffffffffffd) socket(0x15, 0x5, 0x0) 1.002537629s ago: executing program 6 (id=7050): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0xff, 0x400000000000401, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x0, 0x401, 0x7}, 0x9, 0x0) landlock_restrict_self$auto(r1, 0x0) mmap$auto(0x0, 0x200009, 0x2, 0x40eb1, 0x602, 0x300000000000) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 883.40814ms ago: executing program 5 (id=7051): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x200007, 0x8) madvise$auto(0x0, 0x2003f0, 0x15) memfd_create$auto(0x0, 0x80000004) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, 0x0, 0x55) mmap$auto(0x3, 0x5, 0xdd, 0x16, 0xffffffffffffffff, 0xb10a) 662.816667ms ago: executing program 6 (id=7052): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, 0x0, 0xffffffff, 0x4, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) setgroups$auto(0xe32, 0x0) r1 = socket(0xa, 0x2, 0x88) setsockopt$auto(r1, 0x11, 0xb, 0x0, 0x8) 539.423115ms ago: executing program 2 (id=7053): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) unshare$auto(0x40000080) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000540), 0xffffffffffffffff) mprotect$auto(0x8000, 0x8, 0x8) 264.291334ms ago: executing program 5 (id=7054): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x5, 0x0) close_range$auto(0x2, r0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r1 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000000)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x24, 0xfffffffd}, 0x10001}, 0x5, 0x20000000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101e81, 0x0) poll$auto(&(0x7f0000000080)={0x3, 0x1, 0xa}, 0x5, 0x108) 129.762957ms ago: executing program 6 (id=7055): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) setsockopt$auto(0x3, 0x84, 0x17, 0x0, 0x27) setsockopt$auto(0x3, 0x10000000084, 0x18, 0x0, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1a000}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 0s ago: executing program 1 (id=7056): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) r0 = socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800008}, 0x5, 0x20000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x9, 0x0, 0x9) get_robust_list$auto(0x0, 0x0, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x106, 0x0, 0x6c, 0x697c}, 0xed71390}, 0x9a6, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): [ 859.581343][T22097] tomoyo_write_log2+0x2ed/0xbc0 [ 859.581366][T22097] tomoyo_supervisor+0x15e/0x1340 [ 859.581391][T22097] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 859.581422][T22097] ? kasan_quarantine_put+0x104/0x240 [ 859.581446][T22097] ? tomoyo_check_path_acl+0x141/0x210 [ 859.581463][T22097] ? tomoyo_check_acl+0x1f7/0x410 [ 859.581489][T22097] tomoyo_path_permission+0x270/0x3b0 [ 859.581507][T22097] tomoyo_check_open_permission+0x37f/0x3c0 [ 859.581525][T22097] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 859.581561][T22097] ? do_raw_spin_lock+0x128/0x260 [ 859.581584][T22097] ? path_get+0x61/0x80 [ 859.581602][T22097] tomoyo_file_open+0x6b/0x90 [ 859.581624][T22097] security_file_open+0xb5/0x1e0 [ 859.581643][T22097] do_dentry_open+0x5aa/0x1660 [ 859.581669][T22097] ? security_inode_permission+0xbf/0x250 [ 859.581690][T22097] vfs_open+0x82/0x3f0 [ 859.581712][T22097] path_openat+0x208c/0x31a0 [ 859.581735][T22097] ? __pfx_path_openat+0x10/0x10 [ 859.581759][T22097] do_file_open+0x20e/0x430 [ 859.581776][T22097] ? __pfx_do_file_open+0x10/0x10 [ 859.581806][T22097] ? alloc_fd+0x476/0x790 [ 859.581823][T22097] ? do_getname+0x191/0x390 [ 859.581843][T22097] do_sys_openat2+0x10d/0x1e0 [ 859.581862][T22097] ? __pfx_do_sys_openat2+0x10/0x10 [ 859.581888][T22097] __x64_sys_openat+0x12d/0x210 [ 859.581908][T22097] ? __pfx___x64_sys_openat+0x10/0x10 [ 859.581936][T22097] do_syscall_64+0x106/0xf80 [ 859.581955][T22097] ? clear_bhb_loop+0x40/0x90 [ 859.581973][T22097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 859.581989][T22097] RIP: 0033:0x7f24be59c799 [ 859.582003][T22097] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 859.582018][T22097] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 859.582034][T22097] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 859.582044][T22097] RDX: 00000000001e3800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 859.582054][T22097] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 859.582064][T22097] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 859.582073][T22097] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 859.582094][T22097] [ 860.041420][T22104] mkiss: ax0: crc mode is auto. [ 860.739004][T22119] netlink: 186 bytes leftover after parsing attributes in process `syz.6.5887'. [ 861.231372][T22138] binder: 22136:22138 ioctl c0306201 2000000000c0 returned -14 [ 861.535907][T22139] sp0: Synchronizing with TNC [ 861.661821][T22149] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5898'. [ 863.214679][T22185] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 863.255363][T22179] mkiss: ax0: crc mode is auto. [ 865.332630][T22223] netlink: 342 bytes leftover after parsing attributes in process `syz.1.5921'. [ 865.871881][T22237] netlink: 25 bytes leftover after parsing attributes in process `syz.6.5927'. [ 866.027336][T22246] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5928'. [ 866.068242][T22250] netlink: 'syz.5.5929': attribute type 1 has an invalid length. [ 866.075994][T22250] netlink: 306 bytes leftover after parsing attributes in process `syz.5.5929'. [ 866.210170][T22250] netlink: 'syz.5.5929': attribute type 1 has an invalid length. [ 866.296946][T22250] netlink: 306 bytes leftover after parsing attributes in process `syz.5.5929'. [ 867.051825][T22269] FAULT_INJECTION: forcing a failure. [ 867.051825][T22269] name failslab, interval 1, probability 0, space 0, times 0 [ 867.131080][ T5826] Bluetooth: hci4: unexpected subevent 0x01 length: 123 > 18 [ 867.148927][T22269] CPU: 0 UID: 0 PID: 22269 Comm: syz.6.5937 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 867.148966][T22269] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 867.148975][T22269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 867.148986][T22269] Call Trace: [ 867.148992][T22269] [ 867.148999][T22269] dump_stack_lvl+0x100/0x190 [ 867.149029][T22269] should_fail_ex.cold+0x5/0xa [ 867.149048][T22269] should_failslab+0xc2/0x120 [ 867.149066][T22269] __kmalloc_cache_noprof+0x7a/0x6f0 [ 867.149086][T22269] ? __alloc_workqueue+0x1a0/0x1880 [ 867.149108][T22269] __alloc_workqueue+0x1a0/0x1880 [ 867.149125][T22269] ? __pfx_vsnprintf+0x10/0x10 [ 867.149145][T22269] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 867.149165][T22269] ? lockdep_hardirqs_on+0x78/0x100 [ 867.149185][T22269] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 867.149206][T22269] alloc_workqueue_noprof+0xd2/0x200 [ 867.149224][T22269] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 867.149248][T22269] ? __pfx___debug_object_init+0x10/0x10 [ 867.149276][T22269] nci_register_device+0x21e/0xb80 [ 867.149365][T22269] ? __pfx_nci_register_device+0x10/0x10 [ 867.149384][T22269] ? lockdep_init_map_type+0x5c/0x250 [ 867.149409][T22269] virtual_ncidev_open+0x141/0x220 [ 867.149470][T22269] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 867.149489][T22269] misc_open+0x26d/0x450 [ 867.149507][T22269] ? __pfx_misc_open+0x10/0x10 [ 867.149523][T22269] chrdev_open+0x234/0x6a0 [ 867.149538][T22269] ? __pfx_apparmor_file_open+0x10/0x10 [ 867.149562][T22269] ? __pfx_chrdev_open+0x10/0x10 [ 867.149579][T22269] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 867.149600][T22269] do_dentry_open+0x6d8/0x1660 [ 867.149615][T22269] ? __pfx_chrdev_open+0x10/0x10 [ 867.149635][T22269] vfs_open+0x82/0x3f0 [ 867.149656][T22269] path_openat+0x208c/0x31a0 [ 867.149678][T22269] ? __pfx_path_openat+0x10/0x10 [ 867.149701][T22269] do_file_open+0x20e/0x430 [ 867.149721][T22269] ? __pfx_do_file_open+0x10/0x10 [ 867.149751][T22269] ? alloc_fd+0x476/0x790 [ 867.149768][T22269] ? do_getname+0x191/0x390 [ 867.149789][T22269] do_sys_openat2+0x10d/0x1e0 [ 867.149808][T22269] ? __pfx_do_sys_openat2+0x10/0x10 [ 867.149829][T22269] ? __fget_files+0x21f/0x3d0 [ 867.149847][T22269] __x64_sys_openat+0x12d/0x210 [ 867.149867][T22269] ? __pfx___x64_sys_openat+0x10/0x10 [ 867.149894][T22269] do_syscall_64+0x106/0xf80 [ 867.149922][T22269] ? clear_bhb_loop+0x40/0x90 [ 867.149942][T22269] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 867.149959][T22269] RIP: 0033:0x7f9ae459c799 [ 867.149974][T22269] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 867.149988][T22269] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 867.150004][T22269] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 867.150015][T22269] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 867.150025][T22269] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 867.150034][T22269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 867.150043][T22269] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 867.150065][T22269] [ 868.028207][T22279] netlink: 'syz.6.5939': attribute type 4 has an invalid length. [ 868.056383][T22279] netlink: 314 bytes leftover after parsing attributes in process `syz.6.5939'. [ 868.085354][T22279] IPv6: NLM_F_CREATE should be specified when creating new route [ 868.542797][T22268] netlink: 'syz.2.5936': attribute type 33 has an invalid length. [ 868.653502][T22268] netlink: 322 bytes leftover after parsing attributes in process `syz.2.5936'. [ 869.095261][T22294] ERROR: Out of memory at tomoyo_memory_ok. [ 869.499281][T22301] netlink: 326 bytes leftover after parsing attributes in process `syz.1.5949'. [ 870.214378][T22321] sock: sock_timestamping_bind_phc: sock not bind to device [ 870.316464][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 870.326867][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 870.534009][T22314] zswap: compressor not available [ 873.150209][T22402] netlink: 28 bytes leftover after parsing attributes in process `syz.2.5980'. [ 874.307417][T22425] [U] /Eev/audio1 [ 874.311086][T22425] [U] F츱Z|GP)\nC:LubΧtUwUU3.O"4Y8@Z5`mb4* [ 874.320034][T22425] [U] WwK E6?(I,k8D [ 874.325235][T22425] [U] [ 874.327932][T22425] [U] [ 874.330605][T22425] [U] [ 874.464564][T22425] [U] [ 874.467337][T22425] [U] [ 874.470449][T22425] [U] [ 874.473122][T22425] [U] [ 874.539578][T22425] [U] [ 874.542302][T22425] [U] [ 874.544999][T22425] [U] [ 874.547672][T22425] [U] [ 874.611908][T22425] [U] [ 874.903932][T22441] bridge0: port 3(batadv0) entered blocking state [ 874.956103][T22441] bridge0: port 3(batadv0) entered disabled state [ 875.001113][T22441] batadv0: entered allmulticast mode [ 875.030735][T22441] batadv0: entered promiscuous mode [ 875.313250][T22449] mkiss: ax0: crc mode is auto. [ 875.514555][ T13] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 875.524383][ T13] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 876.609458][T22491] netlink: 18 bytes leftover after parsing attributes in process `syz.5.6004'. [ 877.028692][T22504] netlink: 25 bytes leftover after parsing attributes in process `syz.2.6009'. [ 877.752343][T22510] FAULT_INJECTION: forcing a failure. [ 877.752343][T22510] name failslab, interval 1, probability 0, space 0, times 0 [ 878.013698][T22510] CPU: 0 UID: 0 PID: 22510 Comm: syz.6.6006 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 878.013733][T22510] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 878.013742][T22510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 878.013751][T22510] Call Trace: [ 878.013756][T22510] [ 878.013763][T22510] dump_stack_lvl+0x100/0x190 [ 878.013791][T22510] should_fail_ex.cold+0x5/0xa [ 878.013809][T22510] should_failslab+0xc2/0x120 [ 878.013826][T22510] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 878.013849][T22510] ? taskstats_exit+0x650/0xbd0 [ 878.013876][T22510] taskstats_exit+0x650/0xbd0 [ 878.013899][T22510] ? __pfx_acct_update_integrals+0x10/0x10 [ 878.013923][T22510] ? __pfx_taskstats_exit+0x10/0x10 [ 878.013948][T22510] ? rcu_read_lock_any_held+0x6a/0xa0 [ 878.013963][T22510] ? exit_signals+0x395/0xaf0 [ 878.013980][T22510] do_exit+0x659/0x2b60 [ 878.014003][T22510] ? __pfx_do_exit+0x10/0x10 [ 878.014022][T22510] ? do_raw_spin_lock+0x128/0x260 [ 878.014043][T22510] ? find_held_lock+0x2b/0x80 [ 878.014057][T22510] ? get_signal+0x7e0/0x21e0 [ 878.014074][T22510] do_group_exit+0xd5/0x2a0 [ 878.014094][T22510] get_signal+0x1ec7/0x21e0 [ 878.014116][T22510] ? __pfx_get_signal+0x10/0x10 [ 878.014133][T22510] ? do_futex+0x192/0x350 [ 878.014154][T22510] arch_do_signal_or_restart+0x91/0x770 [ 878.014174][T22510] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 878.014198][T22510] ? __pfx___x64_sys_futex+0x10/0x10 [ 878.014222][T22510] exit_to_user_mode_loop+0x86/0x4a0 [ 878.014243][T22510] do_syscall_64+0x668/0xf80 [ 878.014264][T22510] ? clear_bhb_loop+0x40/0x90 [ 878.014283][T22510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 878.014298][T22510] RIP: 0033:0x7f9ae459c799 [ 878.014312][T22510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 878.014326][T22510] RSP: 002b:00007f9ae53840e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 878.014341][T22510] RAX: fffffffffffffe00 RBX: 00007f9ae4816098 RCX: 00007f9ae459c799 [ 878.014351][T22510] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f9ae4816098 [ 878.014361][T22510] RBP: 00007f9ae4816090 R08: 0000000000000000 R09: 0000000000000000 [ 878.014369][T22510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 878.014378][T22510] R13: 00007f9ae4816128 R14: 00007ffce73d52e0 R15: 00007ffce73d53c8 [ 878.014397][T22510] [ 879.130417][T22551] mkiss: ax0: crc mode is auto. [ 879.593981][T22550] bridge0: port 3(batadv0) entered blocking state [ 879.630179][T22550] bridge0: port 3(batadv0) entered disabled state [ 879.672679][T22550] batadv0: entered allmulticast mode [ 879.709379][T22550] batadv0: entered promiscuous mode [ 879.726108][T22550] bridge0: port 3(batadv0) entered blocking state [ 879.732681][T22550] bridge0: port 3(batadv0) entered forwarding state [ 879.762380][T19505] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 879.771875][T19505] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 879.834800][T22553] netlink: 334 bytes leftover after parsing attributes in process `syz.6.6021'. [ 879.948710][T22568] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6026'. [ 880.006520][T22568] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6026'. [ 880.300866][T22580] netlink: 266 bytes leftover after parsing attributes in process `syz.5.6028'. [ 880.344608][T22580] IPv6: NLM_F_CREATE should be specified when creating new route [ 881.055424][T22599] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6034'. [ 881.594887][T22608] FAULT_INJECTION: forcing a failure. [ 881.594887][T22608] name fail_futex, interval 1, probability 0, space 0, times 0 [ 881.782207][T22608] CPU: 0 UID: 0 PID: 22608 Comm: syz.5.6037 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 881.782244][T22608] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 881.782253][T22608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 881.782262][T22608] Call Trace: [ 881.782267][T22608] [ 881.782274][T22608] dump_stack_lvl+0x100/0x190 [ 881.782303][T22608] should_fail_ex.cold+0x5/0xa [ 881.782321][T22608] get_futex_key+0x1d2/0x1620 [ 881.782351][T22608] ? __pfx_get_futex_key+0x10/0x10 [ 881.782376][T22608] futex_wait_setup+0x83/0x510 [ 881.782404][T22608] __futex_wait+0x19f/0x300 [ 881.782428][T22608] ? __pfx___futex_wait+0x10/0x10 [ 881.782449][T22608] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 881.782468][T22608] ? lockdep_hardirqs_on+0x78/0x100 [ 881.782490][T22608] ? __pfx_futex_wake_mark+0x10/0x10 [ 881.782515][T22608] ? futex_hash+0x2c5/0x380 [ 881.782537][T22608] futex_wait+0xed/0x380 [ 881.782559][T22608] ? __pfx_futex_wait+0x10/0x10 [ 881.782587][T22608] ? __lock_acquire+0x4a5/0x2630 [ 881.782611][T22608] do_futex+0x1ef/0x350 [ 881.782629][T22608] ? __pfx_do_futex+0x10/0x10 [ 881.782649][T22608] ? find_held_lock+0x2b/0x80 [ 881.782665][T22608] __x64_sys_futex+0x34f/0x4d0 [ 881.782686][T22608] ? __fget_files+0x21f/0x3d0 [ 881.782700][T22608] ? __pfx___x64_sys_futex+0x10/0x10 [ 881.782726][T22608] do_syscall_64+0x106/0xf80 [ 881.782745][T22608] ? clear_bhb_loop+0x40/0x90 [ 881.782764][T22608] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 881.782779][T22608] RIP: 0033:0x7f24be59c799 [ 881.782793][T22608] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 881.782808][T22608] RSP: 002b:00007f24bf3bf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 881.782823][T22608] RAX: ffffffffffffffda RBX: 00007f24be815fa8 RCX: 00007f24be59c799 [ 881.782833][T22608] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f24be815fa8 [ 881.782842][T22608] RBP: 00007f24be815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 881.782851][T22608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 881.782860][T22608] R13: 00007f24be816038 R14: 00007ffef1acf590 R15: 00007ffef1acf678 [ 881.782880][T22608] [ 883.914445][T22625] FAULT_INJECTION: forcing a failure. [ 883.914445][T22625] name failslab, interval 1, probability 0, space 0, times 0 [ 884.015908][T22625] CPU: 0 UID: 0 PID: 22625 Comm: syz.5.6043 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 884.015946][T22625] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 884.015954][T22625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 884.015964][T22625] Call Trace: [ 884.015971][T22625] [ 884.015978][T22625] dump_stack_lvl+0x100/0x190 [ 884.016006][T22625] should_fail_ex.cold+0x5/0xa [ 884.016025][T22625] should_failslab+0xc2/0x120 [ 884.016049][T22625] __kmalloc_cache_noprof+0x7a/0x6f0 [ 884.016074][T22625] ? alloc_ucounts+0x13d/0x5c0 [ 884.016094][T22625] ? _setid_policy_lookup+0x218/0x3e0 [ 884.016119][T22625] alloc_ucounts+0x13d/0x5c0 [ 884.016139][T22625] ? __pfx_alloc_ucounts+0x10/0x10 [ 884.016164][T22625] set_cred_ucounts+0xcd/0x200 [ 884.016189][T22625] __sys_setresuid+0x666/0x1280 [ 884.016208][T22625] do_syscall_64+0x106/0xf80 [ 884.016228][T22625] ? clear_bhb_loop+0x40/0x90 [ 884.016246][T22625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 884.016262][T22625] RIP: 0033:0x7f24be59c799 [ 884.016277][T22625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 884.016292][T22625] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 884.016307][T22625] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 884.016317][T22625] RDX: 0000000000008080 RSI: 0000000000000007 RDI: 0000000000000002 [ 884.016326][T22625] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 884.016335][T22625] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 884.016344][T22625] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 884.016365][T22625] [ 884.536667][T22630] zero sized request [ 884.920091][T22645] mkiss: ax0: crc mode is auto. [ 885.985784][T22661] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 886.224910][T22661] File: /dev/ram5 PID: 22661 Comm: syz.2.6058 [ 887.258216][T22694] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6068'. [ 888.029775][T22704] netlink: 342 bytes leftover after parsing attributes in process `syz.1.6072'. [ 888.675777][T22721] netlink: 186 bytes leftover after parsing attributes in process `syz.2.6078'. [ 889.105937][T22727] openvswitch: netlink: Flow get message rejected, Key attribute missing. [ 890.443998][T22752] kvm_intel: kvm [22751]: vcpu0, guest rIP: 0xfff0 Unhandled WRMSR(0x1d9) = 0xfffffffffffffffe [ 892.641015][T20022] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 895.354613][T22816] FAULT_INJECTION: forcing a failure. [ 895.354613][T22816] name failslab, interval 1, probability 0, space 0, times 0 [ 895.436807][T22816] CPU: 0 UID: 0 PID: 22816 Comm: syz.2.6112 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 895.436844][T22816] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 895.436853][T22816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 895.436862][T22816] Call Trace: [ 895.436869][T22816] [ 895.436875][T22816] dump_stack_lvl+0x100/0x190 [ 895.436906][T22816] should_fail_ex.cold+0x5/0xa [ 895.436926][T22816] ? process_preds+0x4a2/0x1d90 [ 895.436948][T22816] should_failslab+0xc2/0x120 [ 895.436965][T22816] __kmalloc_noprof+0xe0/0x850 [ 895.436994][T22816] process_preds+0x4a2/0x1d90 [ 895.437020][T22816] ? create_filter_start.constprop.0+0x134/0x310 [ 895.437046][T22816] create_filter+0x140/0x210 [ 895.437069][T22816] ? __pfx_create_filter+0x10/0x10 [ 895.437093][T22816] ? find_held_lock+0x2b/0x80 [ 895.437118][T22816] apply_event_filter+0x220/0x500 [ 895.437143][T22816] ? __pfx_apply_event_filter+0x10/0x10 [ 895.437172][T22816] event_filter_write+0x16d/0x290 [ 895.437192][T22816] vfs_write+0x2aa/0x1070 [ 895.437216][T22816] ? __pfx_event_filter_write+0x10/0x10 [ 895.437235][T22816] ? __pfx_vfs_write+0x10/0x10 [ 895.437257][T22816] ? __fget_files+0x215/0x3d0 [ 895.437276][T22816] ? __fget_files+0x21f/0x3d0 [ 895.437296][T22816] ksys_write+0x12a/0x250 [ 895.437309][T22816] ? __pfx_ksys_write+0x10/0x10 [ 895.437330][T22816] do_syscall_64+0x106/0xf80 [ 895.437352][T22816] ? clear_bhb_loop+0x40/0x90 [ 895.437373][T22816] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 895.437389][T22816] RIP: 0033:0x7f2dd8b9c799 [ 895.437403][T22816] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 895.437418][T22816] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 895.437434][T22816] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 895.437444][T22816] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 895.437453][T22816] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 895.437463][T22816] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 895.437473][T22816] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 895.437495][T22816] [ 897.027101][T22833] netlink: 306 bytes leftover after parsing attributes in process `syz.1.6118'. [ 897.437080][T22837] mkiss: ax0: crc mode is auto. [ 898.037316][T22842] FAULT_INJECTION: forcing a failure. [ 898.037316][T22842] name failslab, interval 1, probability 0, space 0, times 0 [ 898.092098][T22842] CPU: 0 UID: 0 PID: 22842 Comm: syz.2.6121 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 898.092136][T22842] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 898.092145][T22842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 898.092155][T22842] Call Trace: [ 898.092162][T22842] [ 898.092169][T22842] dump_stack_lvl+0x100/0x190 [ 898.092198][T22842] should_fail_ex.cold+0x5/0xa [ 898.092217][T22842] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 898.092241][T22842] should_failslab+0xc2/0x120 [ 898.092258][T22842] __kmalloc_noprof+0xe0/0x850 [ 898.092284][T22842] acpi_ns_get_normalized_pathname+0x95/0x250 [ 898.092308][T22842] acpi_ds_call_control_method+0x5d4/0xab0 [ 898.092398][T22842] acpi_ps_parse_aml+0xacd/0x1120 [ 898.092421][T22842] acpi_ps_execute_method+0x5c4/0xe90 [ 898.092445][T22842] acpi_ns_evaluate+0x640/0x1670 [ 898.092469][T22842] acpi_evaluate_object+0x420/0xe00 [ 898.092488][T22842] ? kasan_save_stack+0x30/0x50 [ 898.092510][T22842] ? kasan_save_track+0x14/0x30 [ 898.092536][T22842] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 898.092558][T22842] acpi_evaluate_integer+0xdf/0x220 [ 898.092584][T22842] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 898.092613][T22842] ? __pfx_status_show+0x10/0x10 [ 898.092627][T22842] status_show+0xa0/0x120 [ 898.092642][T22842] ? __pfx_status_show+0x10/0x10 [ 898.092661][T22842] dev_attr_show+0x52/0xa0 [ 898.092680][T22842] ? __pfx_dev_attr_show+0x10/0x10 [ 898.092696][T22842] sysfs_kf_seq_show+0x217/0x3a0 [ 898.092727][T22842] seq_read_iter+0x32f/0x1270 [ 898.092760][T22842] kernfs_fop_read_iter+0x46c/0x610 [ 898.092778][T22842] ? rw_verify_area+0xce/0x6d0 [ 898.092800][T22842] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 898.092820][T22842] vfs_read+0x825/0xb30 [ 898.092845][T22842] ? __pfx_vfs_read+0x10/0x10 [ 898.092883][T22842] ksys_read+0x12a/0x250 [ 898.092905][T22842] ? __pfx_ksys_read+0x10/0x10 [ 898.092933][T22842] do_syscall_64+0x106/0xf80 [ 898.092954][T22842] ? clear_bhb_loop+0x40/0x90 [ 898.092973][T22842] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 898.092989][T22842] RIP: 0033:0x7f2dd8b9c799 [ 898.093005][T22842] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 898.093020][T22842] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 898.093036][T22842] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 898.093047][T22842] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 898.093056][T22842] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 898.093066][T22842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 898.093076][T22842] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 898.093097][T22842] [ 899.520570][T22842] ACPI Error: Could not allocate 10 bytes (20251212/nsnames-308) [ 899.541992][T22868] netlink: 'syz.6.6130': attribute type 7 has an invalid length. [ 899.581735][T22868] netlink: 17 bytes leftover after parsing attributes in process `syz.6.6130'. [ 900.136558][T22884] netlink: 338 bytes leftover after parsing attributes in process `syz.6.6134'. [ 900.551505][T22894] FAULT_INJECTION: forcing a failure. [ 900.551505][T22894] name failslab, interval 1, probability 0, space 0, times 0 [ 900.732813][T22894] CPU: 0 UID: 0 PID: 22894 Comm: syz.6.6136 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 900.732850][T22894] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 900.732859][T22894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 900.732869][T22894] Call Trace: [ 900.732875][T22894] [ 900.732881][T22894] dump_stack_lvl+0x100/0x190 [ 900.732910][T22894] should_fail_ex.cold+0x5/0xa [ 900.732931][T22894] ? ima_alloc_init_template+0xb6/0x6d0 [ 900.732948][T22894] should_failslab+0xc2/0x120 [ 900.732964][T22894] __kmalloc_noprof+0xe0/0x850 [ 900.732987][T22894] ? find_held_lock+0x2b/0x80 [ 900.733001][T22894] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 900.733024][T22894] ima_alloc_init_template+0xb6/0x6d0 [ 900.733040][T22894] ? take_dentry_name_snapshot+0x310/0x7c0 [ 900.733063][T22894] ima_store_measurement+0x1e3/0x5b0 [ 900.733088][T22894] ? __pfx_ima_store_measurement+0x10/0x10 [ 900.733113][T22894] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 900.733140][T22894] process_measurement+0x19cc/0x2350 [ 900.733171][T22894] ? stack_trace_save+0x8e/0xc0 [ 900.733187][T22894] ? __pfx_process_measurement+0x10/0x10 [ 900.733210][T22894] ? __lock_acquire+0x4a5/0x2630 [ 900.733228][T22894] ? __kasan_slab_alloc+0x89/0x90 [ 900.733241][T22894] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 900.733262][T22894] ? init_file+0x95/0x480 [ 900.733277][T22894] ? alloc_empty_file+0x73/0x1c0 [ 900.733294][T22894] ? alloc_file_pseudo+0x13a/0x230 [ 900.733311][T22894] ? ksys_mmap_pgoff+0x232/0x650 [ 900.733326][T22894] ? __x64_sys_mmap+0x125/0x190 [ 900.733346][T22894] ? do_syscall_64+0x106/0xf80 [ 900.733389][T22894] ? __pfx_aa_file_perm+0x10/0x10 [ 900.733415][T22894] ima_file_mmap+0x1c4/0x1f0 [ 900.733464][T22894] ? __pfx_ima_file_mmap+0x10/0x10 [ 900.733493][T22894] security_mmap_file+0x278/0x9b0 [ 900.733513][T22894] vm_mmap_pgoff+0xec/0x470 [ 900.733534][T22894] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 900.733550][T22894] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 900.733570][T22894] ? hugetlbfs_get_inode+0x36e/0x750 [ 900.733627][T22894] ksys_mmap_pgoff+0x273/0x650 [ 900.733644][T22894] ? __x64_sys_futex+0x358/0x4d0 [ 900.733665][T22894] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 900.733683][T22894] ? xfd_validate_state+0x129/0x190 [ 900.733707][T22894] __x64_sys_mmap+0x125/0x190 [ 900.733731][T22894] do_syscall_64+0x106/0xf80 [ 900.733751][T22894] ? clear_bhb_loop+0x40/0x90 [ 900.733769][T22894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.733785][T22894] RIP: 0033:0x7f9ae459c799 [ 900.733799][T22894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 900.733815][T22894] RSP: 002b:00007f9ae27f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 900.733830][T22894] RAX: ffffffffffffffda RBX: 00007f9ae4816180 RCX: 00007f9ae459c799 [ 900.733843][T22894] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 900.733852][T22894] RBP: 00007f9ae4632c99 R08: ffffffffffffffff R09: 0000300000020000 [ 900.733862][T22894] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 900.733871][T22894] R13: 00007f9ae4816218 R14: 00007f9ae4816180 R15: 00007ffce73d53c8 [ 900.733891][T22894] [ 901.462102][T22880] syz.2.6131 (22880): /proc/22870/oom_adj is deprecated, please use /proc/22870/oom_score_adj instead. [ 901.482753][ T30] audit: type=1804 audit(1773433341.490:20): pid=22894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.6.6136" name="anon_hugepage" dev="hugetlbfs" ino=349496 res=0 errno=0 [ 902.156496][T22911] netlink: 'syz.6.6143': attribute type 21 has an invalid length. [ 902.206820][T22911] netlink: 326 bytes leftover after parsing attributes in process `syz.6.6143'. [ 902.536474][T22914] netlink: 25 bytes leftover after parsing attributes in process `syz.6.6144'. [ 904.576412][T22946] FAULT_INJECTION: forcing a failure. [ 904.576412][T22946] name failslab, interval 1, probability 0, space 0, times 0 [ 904.651649][T22946] CPU: 0 UID: 0 PID: 22946 Comm: syz.6.6155 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 904.651687][T22946] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 904.651696][T22946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 904.651705][T22946] Call Trace: [ 904.651712][T22946] [ 904.651719][T22946] dump_stack_lvl+0x100/0x190 [ 904.651747][T22946] should_fail_ex.cold+0x5/0xa [ 904.651767][T22946] should_failslab+0xc2/0x120 [ 904.651783][T22946] __kmalloc_cache_noprof+0x7a/0x6f0 [ 904.651803][T22946] ? landlock_init_hierarchy_log+0xa9/0x820 [ 904.651828][T22946] landlock_init_hierarchy_log+0xa9/0x820 [ 904.651852][T22946] landlock_merge_ruleset+0x67b/0x830 [ 904.651869][T22946] ? prepare_creds+0x5ee/0x950 [ 904.651893][T22946] __do_sys_landlock_restrict_self+0x2a6/0x9e0 [ 904.651921][T22946] do_syscall_64+0x106/0xf80 [ 904.651941][T22946] ? clear_bhb_loop+0x40/0x90 [ 904.651960][T22946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 904.651975][T22946] RIP: 0033:0x7f9ae459c799 [ 904.651990][T22946] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 904.652005][T22946] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 904.652020][T22946] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 904.652030][T22946] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005 [ 904.652039][T22946] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 904.652048][T22946] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 904.652057][T22946] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 904.652077][T22946] [ 905.305799][T22948] zswap: compressor not available [ 907.007195][T22974] netlink: 74 bytes leftover after parsing attributes in process `syz.5.6162'. [ 907.094968][T22974] random: crng reseeded on system resumption [ 907.251519][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bfc2c00: rx timeout, send abort [ 907.259984][ C0] vcan0: j1939_tp_rxtimer: 0xffff88805bfc3c00: rx timeout, send abort [ 907.277757][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805bfc2c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 907.292191][ C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805bfc3c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 907.313827][ T5174] ERROR: Out of memory at tomoyo_memory_ok. [ 908.720553][T23015] FAULT_INJECTION: forcing a failure. [ 908.720553][T23015] name failslab, interval 1, probability 0, space 0, times 0 [ 908.770587][T23015] CPU: 0 UID: 0 PID: 23015 Comm: syz.2.6177 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 908.770627][T23015] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 908.770636][T23015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 908.770646][T23015] Call Trace: [ 908.770652][T23015] [ 908.770659][T23015] dump_stack_lvl+0x100/0x190 [ 908.770689][T23015] should_fail_ex.cold+0x5/0xa [ 908.770708][T23015] should_failslab+0xc2/0x120 [ 908.770732][T23015] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 908.770755][T23015] ? acpi_ut_create_generic_state+0x61/0xc0 [ 908.770774][T23015] ? __pfx_acpi_ut_trace+0x10/0x10 [ 908.770795][T23015] acpi_ut_create_generic_state+0x61/0xc0 [ 908.770812][T23015] acpi_ps_init_scope+0x3a/0x240 [ 908.770831][T23015] acpi_ds_init_aml_walk+0x1f6/0x680 [ 908.770852][T23015] acpi_ps_execute_method+0x39d/0xe90 [ 908.770876][T23015] acpi_ns_evaluate+0x640/0x1670 [ 908.770904][T23015] acpi_evaluate_object+0x420/0xe00 [ 908.770919][T23015] ? kasan_save_stack+0x30/0x50 [ 908.770940][T23015] ? kasan_save_track+0x14/0x30 [ 908.770966][T23015] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 908.770989][T23015] acpi_evaluate_integer+0xdf/0x220 [ 908.771012][T23015] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 908.771041][T23015] ? __pfx_status_show+0x10/0x10 [ 908.771055][T23015] status_show+0xa0/0x120 [ 908.771070][T23015] ? __pfx_status_show+0x10/0x10 [ 908.771089][T23015] dev_attr_show+0x52/0xa0 [ 908.771107][T23015] ? __pfx_dev_attr_show+0x10/0x10 [ 908.771124][T23015] sysfs_kf_seq_show+0x217/0x3a0 [ 908.771147][T23015] seq_read_iter+0x32f/0x1270 [ 908.771178][T23015] kernfs_fop_read_iter+0x46c/0x610 [ 908.771196][T23015] ? rw_verify_area+0xce/0x6d0 [ 908.771217][T23015] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 908.771235][T23015] vfs_read+0x825/0xb30 [ 908.771260][T23015] ? __pfx_vfs_read+0x10/0x10 [ 908.771295][T23015] ksys_read+0x12a/0x250 [ 908.771317][T23015] ? __pfx_ksys_read+0x10/0x10 [ 908.771345][T23015] do_syscall_64+0x106/0xf80 [ 908.771366][T23015] ? clear_bhb_loop+0x40/0x90 [ 908.771384][T23015] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 908.771401][T23015] RIP: 0033:0x7f2dd8b9c799 [ 908.771415][T23015] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 908.771430][T23015] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 908.771445][T23015] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 908.771456][T23015] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 908.771466][T23015] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 908.771475][T23015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 908.771484][T23015] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 908.771505][T23015] [ 909.178059][T23020] FAULT_INJECTION: forcing a failure. [ 909.178059][T23020] name failslab, interval 1, probability 0, space 0, times 0 [ 909.190901][T23020] CPU: 0 UID: 0 PID: 23020 Comm: syz.6.6180 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 909.190938][T23020] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 909.190947][T23020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 909.190958][T23020] Call Trace: [ 909.190966][T23020] [ 909.190972][T23020] dump_stack_lvl+0x100/0x190 [ 909.191001][T23020] should_fail_ex.cold+0x5/0xa [ 909.191021][T23020] ? process_preds+0x452/0x1d90 [ 909.191042][T23020] should_failslab+0xc2/0x120 [ 909.191058][T23020] __kmalloc_noprof+0xe0/0x850 [ 909.191086][T23020] process_preds+0x452/0x1d90 [ 909.191112][T23020] ? create_filter_start.constprop.0+0x134/0x310 [ 909.191137][T23020] create_filter+0x140/0x210 [ 909.191159][T23020] ? __pfx_create_filter+0x10/0x10 [ 909.191183][T23020] ? find_held_lock+0x2b/0x80 [ 909.191200][T23020] apply_event_filter+0x220/0x500 [ 909.191223][T23020] ? __pfx_apply_event_filter+0x10/0x10 [ 909.191251][T23020] event_filter_write+0x16d/0x290 [ 909.191270][T23020] vfs_write+0x2aa/0x1070 [ 909.191294][T23020] ? __pfx_event_filter_write+0x10/0x10 [ 909.191313][T23020] ? __pfx_vfs_write+0x10/0x10 [ 909.191335][T23020] ? __fget_files+0x215/0x3d0 [ 909.191354][T23020] ? __fget_files+0x21f/0x3d0 [ 909.191374][T23020] ksys_write+0x12a/0x250 [ 909.191388][T23020] ? __pfx_ksys_write+0x10/0x10 [ 909.191408][T23020] do_syscall_64+0x106/0xf80 [ 909.191428][T23020] ? clear_bhb_loop+0x40/0x90 [ 909.191447][T23020] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 909.191464][T23020] RIP: 0033:0x7f9ae459c799 [ 909.191479][T23020] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 909.191494][T23020] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 909.191509][T23020] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 909.191520][T23020] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 909.191529][T23020] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 909.191539][T23020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 909.191548][T23020] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 909.191569][T23020] [ 910.786698][T23051] netlink: 'syz.2.6189': attribute type 21 has an invalid length. [ 910.849390][T23051] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6189'. [ 910.921428][T23047] Invalid ELF header magic: != ELF [ 912.467788][T23091] openvswitch: netlink: IP tunnel dst address not specified [ 912.684744][T23087] zswap: compressor not available [ 913.757532][T23107] zswap: compressor 000 not available [ 914.040279][T23120] netlink: 252 bytes leftover after parsing attributes in process `syz.2.6212'. [ 914.247211][T23125] FAULT_INJECTION: forcing a failure. [ 914.247211][T23125] name failslab, interval 1, probability 0, space 0, times 0 [ 914.314587][T23125] CPU: 0 UID: 0 PID: 23125 Comm: syz.2.6213 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 914.314623][T23125] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 914.314632][T23125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 914.314642][T23125] Call Trace: [ 914.314648][T23125] [ 914.314655][T23125] dump_stack_lvl+0x100/0x190 [ 914.314683][T23125] should_fail_ex.cold+0x5/0xa [ 914.314702][T23125] should_failslab+0xc2/0x120 [ 914.314718][T23125] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 914.314740][T23125] ? dup_fd+0x4d/0xd10 [ 914.314754][T23125] ? do_futex+0x192/0x350 [ 914.314776][T23125] dup_fd+0x4d/0xd10 [ 914.314789][T23125] ? bpf_lsm_capable+0x9/0x10 [ 914.314805][T23125] ? security_capable+0x80/0x260 [ 914.314832][T23125] __x64_sys_close_range+0x405/0x5d0 [ 914.314850][T23125] ? __pfx___x64_sys_close_range+0x10/0x10 [ 914.314872][T23125] do_syscall_64+0x106/0xf80 [ 914.314893][T23125] ? clear_bhb_loop+0x40/0x90 [ 914.314911][T23125] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 914.314927][T23125] RIP: 0033:0x7f2dd8b9c799 [ 914.314941][T23125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 914.314955][T23125] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 914.314971][T23125] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 914.314981][T23125] RDX: 0000000000000002 RSI: fffffffffffff001 RDI: 0000000000000000 [ 914.314990][T23125] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 914.314999][T23125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 914.315008][T23125] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 914.315028][T23125] [ 915.483598][T23142] netlink: 'syz.2.6219': attribute type 27 has an invalid length. [ 915.516716][T23142] netlink: 'syz.2.6219': attribute type 28 has an invalid length. [ 915.545841][T23142] netlink: 'syz.2.6219': attribute type 29 has an invalid length. [ 915.575355][T23142] netlink: 'syz.2.6219': attribute type 30 has an invalid length. [ 915.592697][T23144] ERROR: Out of memory at tomoyo_memory_ok. [ 915.600698][T23142] netlink: 'syz.2.6219': attribute type 31 has an invalid length. [ 915.632087][T23142] netlink: 'syz.2.6219': attribute type 32 has an invalid length. [ 915.657001][T23142] netlink: 'syz.2.6219': attribute type 33 has an invalid length. [ 915.686984][T23142] netlink: 'syz.2.6219': attribute type 35 has an invalid length. [ 915.713355][T23142] netlink: 'syz.2.6219': attribute type 37 has an invalid length. [ 915.746283][T23142] netlink: 18 bytes leftover after parsing attributes in process `syz.2.6219'. [ 916.279601][T23157] FAULT_INJECTION: forcing a failure. [ 916.279601][T23157] name failslab, interval 1, probability 0, space 0, times 0 [ 916.373072][T23157] CPU: 0 UID: 0 PID: 23157 Comm: syz.2.6226 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 916.373109][T23157] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 916.373117][T23157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 916.373126][T23157] Call Trace: [ 916.373132][T23157] [ 916.373139][T23157] dump_stack_lvl+0x100/0x190 [ 916.373167][T23157] should_fail_ex.cold+0x5/0xa [ 916.373186][T23157] should_failslab+0xc2/0x120 [ 916.373203][T23157] __kmalloc_cache_noprof+0x7a/0x6f0 [ 916.373223][T23157] ? snd_seq_prioq_new+0x3f/0x110 [ 916.373244][T23157] ? lockdep_init_map_type+0x5c/0x250 [ 916.373267][T23157] snd_seq_prioq_new+0x3f/0x110 [ 916.373287][T23157] snd_seq_queue_alloc+0x153/0x590 [ 916.373309][T23157] snd_seq_ioctl_create_queue+0xa9/0x370 [ 916.373332][T23157] call_seq_client_ctl+0xa3/0x130 [ 916.373357][T23157] snd_seq_kernel_client_ctl+0x77/0xd0 [ 916.373380][T23157] alloc_seq_queue+0xdb/0x180 [ 916.373396][T23157] ? __pfx_alloc_seq_queue+0x10/0x10 [ 916.373421][T23157] ? mark_held_locks+0x40/0x70 [ 916.373439][T23157] ? _raw_spin_unlock_irq+0x23/0x50 [ 916.373465][T23157] ? lockdep_hardirqs_on+0x78/0x100 [ 916.373489][T23157] snd_seq_oss_open+0x2b2/0xa10 [ 916.373508][T23157] odev_open+0x79/0xc0 [ 916.373530][T23157] ? __pfx_odev_open+0x10/0x10 [ 916.373552][T23157] soundcore_open+0x2e3/0x5a0 [ 916.373569][T23157] ? __pfx_soundcore_open+0x10/0x10 [ 916.373584][T23157] chrdev_open+0x234/0x6a0 [ 916.373599][T23157] ? __pfx_apparmor_file_open+0x10/0x10 [ 916.373623][T23157] ? __pfx_chrdev_open+0x10/0x10 [ 916.373640][T23157] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 916.373661][T23157] do_dentry_open+0x6d8/0x1660 [ 916.373676][T23157] ? __pfx_chrdev_open+0x10/0x10 [ 916.373696][T23157] vfs_open+0x82/0x3f0 [ 916.373717][T23157] path_openat+0x208c/0x31a0 [ 916.373740][T23157] ? __pfx_path_openat+0x10/0x10 [ 916.373762][T23157] do_file_open+0x20e/0x430 [ 916.373779][T23157] ? __pfx_do_file_open+0x10/0x10 [ 916.373808][T23157] ? alloc_fd+0x476/0x790 [ 916.373825][T23157] ? do_getname+0x191/0x390 [ 916.373845][T23157] do_sys_openat2+0x10d/0x1e0 [ 916.373864][T23157] ? __pfx_do_sys_openat2+0x10/0x10 [ 916.373884][T23157] ? __fget_files+0x21f/0x3d0 [ 916.373903][T23157] __x64_sys_openat+0x12d/0x210 [ 916.373923][T23157] ? __pfx___x64_sys_openat+0x10/0x10 [ 916.373949][T23157] do_syscall_64+0x106/0xf80 [ 916.373972][T23157] ? clear_bhb_loop+0x40/0x90 [ 916.373990][T23157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 916.374006][T23157] RIP: 0033:0x7f2dd8b9c799 [ 916.374021][T23157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 916.374036][T23157] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 916.374051][T23157] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 916.374061][T23157] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 916.374071][T23157] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 916.374080][T23157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 916.374089][T23157] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 916.374112][T23157] [ 919.231464][T23195] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6237'. [ 919.307083][T23195] netlink: 13 bytes leftover after parsing attributes in process `syz.2.6237'. [ 920.310365][T23217] FAULT_INJECTION: forcing a failure. [ 920.310365][T23217] name failslab, interval 1, probability 0, space 0, times 0 [ 920.384443][T23217] CPU: 0 UID: 0 PID: 23217 Comm: syz.5.6244 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 920.384480][T23217] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 920.384489][T23217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 920.384500][T23217] Call Trace: [ 920.384505][T23217] [ 920.384512][T23217] dump_stack_lvl+0x100/0x190 [ 920.384541][T23217] should_fail_ex.cold+0x5/0xa [ 920.384560][T23217] should_failslab+0xc2/0x120 [ 920.384577][T23217] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 920.384600][T23217] ? acpi_ut_create_generic_state+0x61/0xc0 [ 920.384618][T23217] ? __pfx_acpi_ut_trace+0x10/0x10 [ 920.384638][T23217] acpi_ut_create_generic_state+0x61/0xc0 [ 920.384654][T23217] acpi_ps_init_scope+0x3a/0x240 [ 920.384673][T23217] acpi_ds_init_aml_walk+0x1f6/0x680 [ 920.384702][T23217] acpi_ps_execute_method+0x39d/0xe90 [ 920.384727][T23217] acpi_ns_evaluate+0x640/0x1670 [ 920.384754][T23217] acpi_evaluate_object+0x420/0xe00 [ 920.384768][T23217] ? kasan_save_stack+0x30/0x50 [ 920.384790][T23217] ? kasan_save_track+0x14/0x30 [ 920.384815][T23217] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 920.384837][T23217] acpi_evaluate_integer+0xdf/0x220 [ 920.384859][T23217] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 920.384890][T23217] ? __pfx_status_show+0x10/0x10 [ 920.384903][T23217] status_show+0xa0/0x120 [ 920.384918][T23217] ? __pfx_status_show+0x10/0x10 [ 920.384938][T23217] dev_attr_show+0x52/0xa0 [ 920.384956][T23217] ? __pfx_dev_attr_show+0x10/0x10 [ 920.384973][T23217] sysfs_kf_seq_show+0x217/0x3a0 [ 920.384996][T23217] seq_read_iter+0x32f/0x1270 [ 920.385028][T23217] kernfs_fop_read_iter+0x46c/0x610 [ 920.385045][T23217] ? rw_verify_area+0xce/0x6d0 [ 920.385066][T23217] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 920.385084][T23217] vfs_read+0x825/0xb30 [ 920.385109][T23217] ? __pfx_vfs_read+0x10/0x10 [ 920.385145][T23217] ksys_read+0x12a/0x250 [ 920.385166][T23217] ? __pfx_ksys_read+0x10/0x10 [ 920.385195][T23217] do_syscall_64+0x106/0xf80 [ 920.385214][T23217] ? clear_bhb_loop+0x40/0x90 [ 920.385233][T23217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.385249][T23217] RIP: 0033:0x7f24be59c799 [ 920.385263][T23217] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 920.385278][T23217] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 920.385299][T23217] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 920.385310][T23217] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 920.385319][T23217] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 920.385328][T23217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.385337][T23217] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 920.385358][T23217] [ 921.375520][T23243] ERROR: Out of memory at tomoyo_memory_ok. [ 922.286007][T23259] netlink: 266 bytes leftover after parsing attributes in process `syz.5.6252'. [ 922.458513][T20022] Bluetooth: hci0: unexpected event 0x08 length: 435 > 4 [ 922.615727][T23270] FAULT_INJECTION: forcing a failure. [ 922.615727][T23270] name fail_futex, interval 1, probability 0, space 0, times 0 [ 922.702679][T23270] CPU: 0 UID: 0 PID: 23270 Comm: syz.5.6255 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 922.702716][T23270] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 922.702725][T23270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 922.702734][T23270] Call Trace: [ 922.702741][T23270] [ 922.702748][T23270] dump_stack_lvl+0x100/0x190 [ 922.702776][T23270] should_fail_ex.cold+0x5/0xa [ 922.702795][T23270] get_futex_key+0x1d2/0x1620 [ 922.702818][T23270] ? __pfx_get_futex_key+0x10/0x10 [ 922.702843][T23270] futex_wake+0xea/0x530 [ 922.702868][T23270] ? __pfx_futex_wake+0x10/0x10 [ 922.702895][T23270] ? proc_id_connector+0x2ed/0x650 [ 922.702993][T23270] do_futex+0x32b/0x350 [ 922.703014][T23270] ? __pfx_do_futex+0x10/0x10 [ 922.703034][T23270] ? find_held_lock+0x2b/0x80 [ 922.703053][T23270] __x64_sys_futex+0x34f/0x4d0 [ 922.703075][T23270] ? __pfx___x64_sys_futex+0x10/0x10 [ 922.703101][T23270] do_syscall_64+0x106/0xf80 [ 922.703120][T23270] ? clear_bhb_loop+0x40/0x90 [ 922.703139][T23270] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 922.703154][T23270] RIP: 0033:0x7f24be59c799 [ 922.703168][T23270] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 922.703183][T23270] RSP: 002b:00007f24bf3bf0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 922.703198][T23270] RAX: ffffffffffffffda RBX: 00007f24be815fa8 RCX: 00007f24be59c799 [ 922.703208][T23270] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f24be815fac [ 922.703218][T23270] RBP: 00007f24be815fa0 R08: 0000000000000000 R09: 0000000000000000 [ 922.703227][T23270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 922.703236][T23270] R13: 00007f24be816038 R14: 00007ffef1acf590 R15: 00007ffef1acf678 [ 922.703256][T23270] [ 923.024009][T23278] random: crng reseeded on system resumption [ 923.256774][T23284] sp0: Synchronizing with TNC [ 923.569882][T23274] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 923.595789][T23274] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 923.696751][T23274] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 923.743108][T23274] page_type: f5(slab) [ 923.769465][T23274] raw: 00fff00000000040 ffff88801fed5000 dead000000000100 dead000000000122 [ 923.819212][T23274] raw: 0000000000000000 0000000800130013 00000000f5000000 0000000000000000 [ 923.859887][T23274] head: 00fff00000000040 ffff88801fed5000 dead000000000100 dead000000000122 [ 923.906842][T23274] head: 0000000000000000 0000000800130013 00000000f5000000 0000000000000000 [ 923.946550][T23274] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 923.980857][T23274] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 924.029444][T23274] page dumped because: unmovable page [ 924.060656][T23274] page_owner tracks the page as allocated [ 924.068545][ T5174] ERROR: Out of memory at tomoyo_memory_ok. [ 924.098682][T23274] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 86, tgid 86 (kworker/u8:5), ts 850786333946, free_ts 806087693815 [ 924.200520][T23274] post_alloc_hook+0x153/0x170 [ 924.223870][T23274] get_page_from_freelist+0x111d/0x3140 [ 924.258873][T23274] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 924.264839][T23274] new_slab+0xa6/0x6c0 [ 924.281416][T23274] refill_objects+0x26b/0x400 [ 924.292114][T23274] __pcs_replace_empty_main+0x1ab/0x600 [ 924.304386][T23274] kmem_cache_alloc_node_noprof+0x569/0x6f0 [ 924.317031][T23274] kmalloc_reserve+0x148/0x350 [ 924.335795][T23274] __alloc_skb+0x185/0x710 [ 924.356241][T23274] inet_netconf_notify_devconf+0x9d/0x170 [ 924.376332][T23274] inetdev_event+0xa70/0x17f0 [ 924.391949][T23274] notifier_call_chain+0x99/0x420 [ 924.408821][T23274] call_netdevice_notifiers_info+0xbe/0x110 [ 924.419985][T23303] FAULT_INJECTION: forcing a failure. [ 924.419985][T23303] name failslab, interval 1, probability 0, space 0, times 0 [ 924.439860][T23274] unregister_netdevice_many_notify+0x1208/0x2580 [ 924.459329][T23274] ops_undo_list+0x8ff/0xab0 [ 924.468513][T23303] CPU: 0 UID: 0 PID: 23303 Comm: syz.2.6260 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 924.468556][T23303] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 924.468565][T23303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 924.468574][T23303] Call Trace: [ 924.468580][T23303] [ 924.468587][T23303] dump_stack_lvl+0x100/0x190 [ 924.468621][T23303] should_fail_ex.cold+0x5/0xa [ 924.468640][T23303] should_failslab+0xc2/0x120 [ 924.468658][T23303] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 924.468693][T23303] ? __d_alloc+0x34/0xa80 [ 924.468710][T23303] ? __pfx_inode_set_ctime_to_ts+0x10/0x10 [ 924.468727][T23303] ? lockdep_hardirqs_on+0x78/0x100 [ 924.468750][T23303] __d_alloc+0x34/0xa80 [ 924.468769][T23303] d_alloc+0x4a/0x1e0 [ 924.468787][T23303] d_alloc_name+0x83/0xb0 [ 924.468803][T23303] ? __pfx_d_alloc_name+0x10/0x10 [ 924.468822][T23303] ? dput.part.0+0xdd/0x570 [ 924.468842][T23303] simple_fill_super+0x4c3/0x680 [ 924.468860][T23303] ? __pfx_nfsd_fill_super+0x10/0x10 [ 924.468908][T23303] nfsd_fill_super+0x98/0x560 [ 924.468924][T23303] ? __pfx_set_anon_super_fc+0x10/0x10 [ 924.468947][T23303] ? __pfx_nfsd_fill_super+0x10/0x10 [ 924.468964][T23303] get_tree_keyed+0x10e/0x1d0 [ 924.468992][T23303] vfs_get_tree+0x92/0x320 [ 924.469012][T23303] path_mount+0x7d0/0x23d0 [ 924.469034][T23303] ? __pfx_path_mount+0x10/0x10 [ 924.469051][T23303] ? lockdep_hardirqs_on+0x78/0x100 [ 924.469073][T23303] ? putname+0xb1/0x110 [ 924.469088][T23303] ? kmem_cache_free+0x124/0x6a0 [ 924.469114][T23303] ? __x64_sys_mount+0x293/0x310 [ 924.469130][T23303] __x64_sys_mount+0x293/0x310 [ 924.469148][T23303] ? __pfx___x64_sys_mount+0x10/0x10 [ 924.469180][T23303] do_syscall_64+0x106/0xf80 [ 924.469200][T23303] ? clear_bhb_loop+0x40/0x90 [ 924.469219][T23303] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 924.469236][T23303] RIP: 0033:0x7f2dd8b9c799 [ 924.469250][T23303] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 924.469264][T23303] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 924.469279][T23303] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 924.469289][T23303] RDX: 00002000000001c0 RSI: 00002000000000c0 RDI: 0000000000000000 [ 924.469299][T23303] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 924.469309][T23303] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 924.469320][T23303] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 924.469340][T23303] [ 924.472050][T23274] cleanup_net+0x499/0x920 [ 925.120174][T23274] page last free pid 21094 tgid 21092 stack trace: [ 925.133260][T23274] __free_frozen_pages+0x7e1/0x10d0 [ 925.145808][T23274] qlist_free_all+0x47/0xe0 [ 925.155425][T23274] kasan_quarantine_reduce+0x1a0/0x1f0 [ 925.169041][T23274] __kasan_slab_alloc+0x69/0x90 [ 925.179145][T23274] kmem_cache_alloc_noprof+0x241/0x6e0 [ 925.191250][T23274] __pmd_alloc+0xbf/0x950 [ 925.200261][T23274] __handle_mm_fault+0xa99/0x2b60 [ 925.211050][T23274] handle_mm_fault+0x36d/0xa20 [ 925.225719][T23274] do_user_addr_fault+0x74c/0x12f0 [ 925.245802][T23274] exc_page_fault+0x6f/0xd0 [ 925.252520][T23274] asm_exc_page_fault+0x26/0x30 [ 925.570313][T23316] FAULT_INJECTION: forcing a failure. [ 925.570313][T23316] name failslab, interval 1, probability 0, space 0, times 0 [ 925.629940][T23316] CPU: 0 UID: 0 PID: 23316 Comm: syz.6.6261 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 925.629976][T23316] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 925.629985][T23316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 925.629995][T23316] Call Trace: [ 925.630001][T23316] [ 925.630008][T23316] dump_stack_lvl+0x100/0x190 [ 925.630045][T23316] should_fail_ex.cold+0x5/0xa [ 925.630065][T23316] should_failslab+0xc2/0x120 [ 925.630082][T23316] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 925.630105][T23316] ? acpi_ut_create_generic_state+0x61/0xc0 [ 925.630122][T23316] ? __pfx_acpi_ut_trace+0x10/0x10 [ 925.630142][T23316] acpi_ut_create_generic_state+0x61/0xc0 [ 925.630159][T23316] acpi_ps_init_scope+0x3a/0x240 [ 925.630178][T23316] acpi_ds_init_aml_walk+0x1f6/0x680 [ 925.630200][T23316] acpi_ps_execute_method+0x39d/0xe90 [ 925.630223][T23316] acpi_ns_evaluate+0x640/0x1670 [ 925.630248][T23316] acpi_evaluate_object+0x420/0xe00 [ 925.630262][T23316] ? kasan_save_stack+0x30/0x50 [ 925.630284][T23316] ? kasan_save_track+0x14/0x30 [ 925.630309][T23316] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 925.630330][T23316] acpi_evaluate_integer+0xdf/0x220 [ 925.630353][T23316] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 925.630383][T23316] ? __pfx_status_show+0x10/0x10 [ 925.630396][T23316] status_show+0xa0/0x120 [ 925.630411][T23316] ? __pfx_status_show+0x10/0x10 [ 925.630433][T23316] dev_attr_show+0x52/0xa0 [ 925.630450][T23316] ? __pfx_dev_attr_show+0x10/0x10 [ 925.630467][T23316] sysfs_kf_seq_show+0x217/0x3a0 [ 925.630491][T23316] seq_read_iter+0x32f/0x1270 [ 925.630523][T23316] kernfs_fop_read_iter+0x46c/0x610 [ 925.630539][T23316] ? rw_verify_area+0xce/0x6d0 [ 925.630560][T23316] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 925.630578][T23316] vfs_read+0x825/0xb30 [ 925.630603][T23316] ? __pfx_vfs_read+0x10/0x10 [ 925.630639][T23316] ksys_read+0x12a/0x250 [ 925.630661][T23316] ? __pfx_ksys_read+0x10/0x10 [ 925.630689][T23316] do_syscall_64+0x106/0xf80 [ 925.630709][T23316] ? clear_bhb_loop+0x40/0x90 [ 925.630727][T23316] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 925.630744][T23316] RIP: 0033:0x7f9ae459c799 [ 925.630758][T23316] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 925.630773][T23316] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 925.630788][T23316] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 925.630798][T23316] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 925.630810][T23316] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 925.630825][T23316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 925.630838][T23316] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 925.630860][T23316] [ 926.590521][T23333] netdevsim netdevsim1 netdevsim0: entered allmulticast mode [ 927.329090][T23356] ERROR: Out of memory at tomoyo_memory_ok. [ 927.371040][T23356] FAULT_INJECTION: forcing a failure. [ 927.371040][T23356] name failslab, interval 1, probability 0, space 0, times 0 [ 927.415144][T23356] CPU: 0 UID: 0 PID: 23356 Comm: syz.2.6278 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 927.415182][T23356] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 927.415191][T23356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 927.415202][T23356] Call Trace: [ 927.415207][T23356] [ 927.415214][T23356] dump_stack_lvl+0x100/0x190 [ 927.415243][T23356] should_fail_ex.cold+0x5/0xa [ 927.415262][T23356] should_failslab+0xc2/0x120 [ 927.415279][T23356] __kmalloc_cache_noprof+0x7a/0x6f0 [ 927.415299][T23356] ? tracing_open+0x371/0xef0 [ 927.415317][T23356] ? seq_open+0x116/0x170 [ 927.415339][T23356] tracing_open+0x371/0xef0 [ 927.415360][T23356] do_dentry_open+0x6d8/0x1660 [ 927.415375][T23356] ? __pfx_tracing_open+0x10/0x10 [ 927.415397][T23356] vfs_open+0x82/0x3f0 [ 927.415420][T23356] path_openat+0x208c/0x31a0 [ 927.415442][T23356] ? __pfx_path_openat+0x10/0x10 [ 927.415465][T23356] do_file_open+0x20e/0x430 [ 927.415482][T23356] ? __pfx_do_file_open+0x10/0x10 [ 927.415511][T23356] ? alloc_fd+0x476/0x790 [ 927.415528][T23356] ? do_getname+0x191/0x390 [ 927.415548][T23356] do_sys_openat2+0x10d/0x1e0 [ 927.415567][T23356] ? __pfx_do_sys_openat2+0x10/0x10 [ 927.415587][T23356] ? __fget_files+0x21f/0x3d0 [ 927.415606][T23356] __x64_sys_openat+0x12d/0x210 [ 927.415632][T23356] ? __pfx___x64_sys_openat+0x10/0x10 [ 927.415660][T23356] do_syscall_64+0x106/0xf80 [ 927.415681][T23356] ? clear_bhb_loop+0x40/0x90 [ 927.415700][T23356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 927.415717][T23356] RIP: 0033:0x7f2dd8b9c799 [ 927.415732][T23356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 927.415747][T23356] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 927.415761][T23356] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 927.415771][T23356] RDX: 1a6b75d638929210 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 927.415782][T23356] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 927.415792][T23356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 927.415802][T23356] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 927.415823][T23356] [ 929.099115][T20022] Bluetooth: hci0: Received unexpected HCI Event 0x00 [ 929.420646][T23401] netlink: 'syz.6.6293': attribute type 1 has an invalid length. [ 929.452100][T23401] netlink: 'syz.6.6293': attribute type 6 has an invalid length. [ 929.605857][T20022] Bluetooth: hci2: unexpected event 0x20 length: 123 > 7 [ 929.745501][T23408] netlink: 342 bytes leftover after parsing attributes in process `syz.6.6296'. [ 929.787649][T23408] netlink: 302 bytes leftover after parsing attributes in process `syz.6.6296'. [ 931.589074][T23451] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6312'. [ 931.635717][T23451] netlink: 354 bytes leftover after parsing attributes in process `syz.6.6312'. [ 931.790539][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 931.796925][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 933.193992][T23483] FAULT_INJECTION: forcing a failure. [ 933.193992][T23483] name failslab, interval 1, probability 0, space 0, times 0 [ 933.237645][T23483] CPU: 0 UID: 0 PID: 23483 Comm: syz.5.6323 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 933.237681][T23483] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 933.237690][T23483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 933.237699][T23483] Call Trace: [ 933.237706][T23483] [ 933.237712][T23483] dump_stack_lvl+0x100/0x190 [ 933.237741][T23483] should_fail_ex.cold+0x5/0xa [ 933.237760][T23483] should_failslab+0xc2/0x120 [ 933.237776][T23483] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 933.237798][T23483] ? acpi_ut_create_generic_state+0x61/0xc0 [ 933.237820][T23483] acpi_ut_create_generic_state+0x61/0xc0 [ 933.237837][T23483] acpi_ds_scope_stack_push+0x70/0x790 [ 933.237857][T23483] acpi_ds_init_aml_walk+0x2d8/0x680 [ 933.237877][T23483] acpi_ps_execute_method+0x39d/0xe90 [ 933.237901][T23483] acpi_ns_evaluate+0x640/0x1670 [ 933.237926][T23483] acpi_evaluate_object+0x420/0xe00 [ 933.237940][T23483] ? kasan_save_stack+0x30/0x50 [ 933.237962][T23483] ? kasan_save_track+0x14/0x30 [ 933.237987][T23483] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 933.238008][T23483] acpi_evaluate_integer+0xdf/0x220 [ 933.238031][T23483] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 933.238064][T23483] ? __pfx_status_show+0x10/0x10 [ 933.238078][T23483] status_show+0xa0/0x120 [ 933.238093][T23483] ? __pfx_status_show+0x10/0x10 [ 933.238112][T23483] dev_attr_show+0x52/0xa0 [ 933.238131][T23483] ? __pfx_dev_attr_show+0x10/0x10 [ 933.238148][T23483] sysfs_kf_seq_show+0x217/0x3a0 [ 933.238171][T23483] seq_read_iter+0x32f/0x1270 [ 933.238203][T23483] kernfs_fop_read_iter+0x46c/0x610 [ 933.238220][T23483] ? rw_verify_area+0xce/0x6d0 [ 933.238257][T23483] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 933.238276][T23483] vfs_read+0x825/0xb30 [ 933.238302][T23483] ? __pfx_vfs_read+0x10/0x10 [ 933.238339][T23483] ksys_read+0x12a/0x250 [ 933.238361][T23483] ? __pfx_ksys_read+0x10/0x10 [ 933.238396][T23483] do_syscall_64+0x106/0xf80 [ 933.238418][T23483] ? clear_bhb_loop+0x40/0x90 [ 933.238438][T23483] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 933.238454][T23483] RIP: 0033:0x7f24be59c799 [ 933.238469][T23483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 933.238484][T23483] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 933.238500][T23483] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 933.238510][T23483] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 933.238520][T23483] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 933.238529][T23483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 933.238538][T23483] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 933.238559][T23483] [ 933.521215][T23483] ACPI Error: ffff8880355a9000 walk still has a scope list (20251212/dswstate-694) [ 934.473205][T23504] random: crng reseeded on system resumption [ 934.516541][T23504] Restarting kernel threads ... [ 934.540058][T23504] Done restarting kernel threads. [ 934.620052][T23504] sp0: Synchronizing with TNC [ 935.518909][T23525] FAULT_INJECTION: forcing a failure. [ 935.518909][T23525] name failslab, interval 1, probability 0, space 0, times 0 [ 935.666559][T23525] CPU: 0 UID: 0 PID: 23525 Comm: syz.5.6335 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 935.666597][T23525] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 935.666607][T23525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 935.666617][T23525] Call Trace: [ 935.666624][T23525] [ 935.666631][T23525] dump_stack_lvl+0x100/0x190 [ 935.666660][T23525] should_fail_ex.cold+0x5/0xa [ 935.666680][T23525] should_failslab+0xc2/0x120 [ 935.666697][T23525] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 935.666720][T23525] ? acpi_ut_create_generic_state+0x61/0xc0 [ 935.666744][T23525] acpi_ut_create_generic_state+0x61/0xc0 [ 935.666762][T23525] acpi_ds_scope_stack_push+0x70/0x790 [ 935.666783][T23525] acpi_ds_init_aml_walk+0x2d8/0x680 [ 935.666804][T23525] acpi_ps_execute_method+0x39d/0xe90 [ 935.666828][T23525] acpi_ns_evaluate+0x640/0x1670 [ 935.666852][T23525] acpi_evaluate_object+0x420/0xe00 [ 935.666867][T23525] ? kasan_save_stack+0x30/0x50 [ 935.666888][T23525] ? kasan_save_track+0x14/0x30 [ 935.666914][T23525] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 935.666936][T23525] acpi_evaluate_integer+0xdf/0x220 [ 935.666958][T23525] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 935.666988][T23525] ? __pfx_status_show+0x10/0x10 [ 935.667002][T23525] status_show+0xa0/0x120 [ 935.667017][T23525] ? __pfx_status_show+0x10/0x10 [ 935.667038][T23525] dev_attr_show+0x52/0xa0 [ 935.667056][T23525] ? __pfx_dev_attr_show+0x10/0x10 [ 935.667073][T23525] sysfs_kf_seq_show+0x217/0x3a0 [ 935.667097][T23525] seq_read_iter+0x32f/0x1270 [ 935.667128][T23525] kernfs_fop_read_iter+0x46c/0x610 [ 935.667146][T23525] ? rw_verify_area+0xce/0x6d0 [ 935.667167][T23525] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 935.667193][T23525] vfs_read+0x825/0xb30 [ 935.667220][T23525] ? __pfx_vfs_read+0x10/0x10 [ 935.667258][T23525] ksys_read+0x12a/0x250 [ 935.667280][T23525] ? __pfx_ksys_read+0x10/0x10 [ 935.667308][T23525] do_syscall_64+0x106/0xf80 [ 935.667328][T23525] ? clear_bhb_loop+0x40/0x90 [ 935.667347][T23525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.667363][T23525] RIP: 0033:0x7f24be59c799 [ 935.667377][T23525] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 935.667392][T23525] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 935.667407][T23525] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 935.667418][T23525] RDX: 000000000000007a RSI: 0000200000000240 RDI: 0000000000000004 [ 935.667428][T23525] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 935.667437][T23525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 935.667446][T23525] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 935.667468][T23525] [ 935.667479][T23525] ACPI Error: [ 936.704443][T23541] FAULT_INJECTION: forcing a failure. [ 936.704443][T23541] name failslab, interval 1, probability 0, space 0, times 0 [ 936.778122][T23541] CPU: 0 UID: 0 PID: 23541 Comm: syz.6.6341 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 936.778159][T23541] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 936.778169][T23541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 936.778179][T23541] Call Trace: [ 936.778185][T23541] [ 936.778192][T23541] dump_stack_lvl+0x100/0x190 [ 936.778221][T23541] should_fail_ex.cold+0x5/0xa [ 936.778240][T23541] should_failslab+0xc2/0x120 [ 936.778257][T23541] __kmalloc_cache_noprof+0x7a/0x6f0 [ 936.778277][T23541] ? madvise_collapse+0x1b5/0xbe0 [ 936.778300][T23541] madvise_collapse+0x1b5/0xbe0 [ 936.778321][T23541] ? find_held_lock+0x2b/0x80 [ 936.778336][T23541] ? finish_task_switch.isra.0+0x200/0xb80 [ 936.778353][T23541] ? __pfx_madvise_collapse+0x10/0x10 [ 936.778371][T23541] ? __pfx_rcu_is_watching+0x1/0x10 [ 936.778400][T23541] madvise_vma_behavior+0x1987/0x3050 [ 936.778421][T23541] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 936.778439][T23541] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 936.778465][T23541] ? mas_prev+0x9b/0xf0 [ 936.778485][T23541] ? __pfx_mas_prev+0x10/0x10 [ 936.778511][T23541] ? find_vma_prev+0xd8/0x150 [ 936.778527][T23541] ? futex_unqueue+0x133/0x2c0 [ 936.778545][T23541] ? __pfx_find_vma_prev+0x10/0x10 [ 936.778567][T23541] ? __futex_wait+0x256/0x300 [ 936.778593][T23541] madvise_walk_vmas+0x2fe/0xa90 [ 936.778614][T23541] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 936.778637][T23541] madvise_do_behavior+0x1ea/0x510 [ 936.778657][T23541] ? __pfx_madvise_do_behavior+0x10/0x10 [ 936.778675][T23541] ? down_read+0x13b/0x460 [ 936.778706][T23541] do_madvise+0x195/0x240 [ 936.778723][T23541] ? __pfx_do_madvise+0x10/0x10 [ 936.778740][T23541] ? do_futex+0x192/0x350 [ 936.778772][T23541] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 936.778794][T23541] __x64_sys_madvise+0xa9/0x110 [ 936.778811][T23541] ? lockdep_hardirqs_on+0x78/0x100 [ 936.778830][T23541] do_syscall_64+0x106/0xf80 [ 936.778849][T23541] ? clear_bhb_loop+0x40/0x90 [ 936.778868][T23541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 936.778884][T23541] RIP: 0033:0x7f9ae459c799 [ 936.778898][T23541] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 936.778912][T23541] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 936.778928][T23541] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 936.778938][T23541] RDX: 0000000000000019 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 936.778948][T23541] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 936.778958][T23541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 936.778968][T23541] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 936.778990][T23541] [ 937.649830][T23546] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6342'. [ 937.743659][T23546] netlink: 302 bytes leftover after parsing attributes in process `syz.2.6342'. [ 938.072353][T23525] ffff888029c7a000 walk still has a scope list (20251212/dswstate-694) [ 938.861985][T23573] usb usb24: usbfs: process 23573 (syz.5.6352) did not claim interface 0 before use [ 939.892907][T23592] FAULT_INJECTION: forcing a failure. [ 939.892907][T23592] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 939.955287][T23592] CPU: 0 UID: 0 PID: 23592 Comm: syz.5.6359 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 939.955325][T23592] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 939.955334][T23592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 939.955345][T23592] Call Trace: [ 939.955351][T23592] [ 939.955358][T23592] dump_stack_lvl+0x100/0x190 [ 939.955388][T23592] should_fail_ex.cold+0x5/0xa [ 939.955404][T23592] ? prepare_alloc_pages+0x16d/0x5f0 [ 939.955424][T23592] should_fail_alloc_page+0xeb/0x140 [ 939.955442][T23592] prepare_alloc_pages+0x1f0/0x5f0 [ 939.955463][T23592] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 939.955486][T23592] ? xa_load+0x153/0x2c0 [ 939.955508][T23592] ? __pfx_xa_load+0x10/0x10 [ 939.955535][T23592] ? __lock_acquire+0x4a5/0x2630 [ 939.955554][T23592] ? workingset_refault+0x477/0xf60 [ 939.955579][T23592] ? workingset_refault+0x477/0xf60 [ 939.955602][T23592] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 939.955631][T23592] ? __lock_acquire+0x4a5/0x2630 [ 939.955656][T23592] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 939.955681][T23592] ? policy_nodemask+0xed/0x4f0 [ 939.955709][T23592] alloc_pages_mpol+0x1fb/0x550 [ 939.955726][T23592] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 939.955743][T23592] ? swap_entry_swapped+0x1ff/0x2b0 [ 939.955759][T23592] ? __pfx_swap_entry_swapped+0x10/0x10 [ 939.955778][T23592] folio_alloc_mpol_noprof+0x36/0x340 [ 939.955799][T23592] swap_cache_alloc_folio+0x1a8/0x300 [ 939.955822][T23592] ? __pfx_swap_cache_alloc_folio+0x10/0x10 [ 939.955842][T23592] ? __pfx_get_swap_device+0x10/0x10 [ 939.955857][T23592] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 939.955882][T23592] read_swap_cache_async+0xd9/0x480 [ 939.955903][T23592] ? __pfx_read_swap_cache_async+0x10/0x10 [ 939.955924][T23592] ? find_held_lock+0x2b/0x80 [ 939.955937][T23592] ? find_held_lock+0x2b/0x80 [ 939.955950][T23592] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 939.955967][T23592] ? swapin_walk_pmd_entry+0x2d9/0x640 [ 939.955988][T23592] swapin_walk_pmd_entry+0x2fd/0x640 [ 939.956007][T23592] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 939.956025][T23592] ? __lock_acquire+0x4a5/0x2630 [ 939.956044][T23592] ? tomoyo_path_perm+0x29c/0x460 [ 939.956060][T23592] ? kasan_save_stack+0x3f/0x50 [ 939.956081][T23592] ? kasan_save_stack+0x30/0x50 [ 939.956105][T23592] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 939.956123][T23592] walk_pgd_range+0xc04/0x1eb0 [ 939.956159][T23592] ? __pfx_walk_pgd_range+0x10/0x10 [ 939.956183][T23592] ? __lock_acquire+0x4a5/0x2630 [ 939.956204][T23592] __walk_page_range+0x163/0x820 [ 939.956235][T23592] walk_page_range_vma_unsafe+0x209/0x8f0 [ 939.956262][T23592] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 939.956286][T23592] ? lock_acquire+0x1cf/0x380 [ 939.956305][T23592] ? finish_task_switch.isra.0+0x200/0xb80 [ 939.956323][T23592] ? rcu_is_watching+0x12/0xc0 [ 939.956347][T23592] walk_page_range_vma+0x63/0x90 [ 939.956371][T23592] madvise_vma_behavior+0x1e14/0x3050 [ 939.956392][T23592] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 939.956410][T23592] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 939.956433][T23592] ? mas_prev+0x9b/0xf0 [ 939.956453][T23592] ? __pfx_mas_prev+0x10/0x10 [ 939.956479][T23592] ? find_vma_prev+0xd8/0x150 [ 939.956494][T23592] ? futex_unqueue+0x133/0x2c0 [ 939.956513][T23592] ? __pfx_find_vma_prev+0x10/0x10 [ 939.956535][T23592] ? __futex_wait+0x256/0x300 [ 939.956561][T23592] madvise_walk_vmas+0x2fe/0xa90 [ 939.956582][T23592] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 939.956605][T23592] madvise_do_behavior+0x1ea/0x510 [ 939.956624][T23592] ? __pfx_madvise_do_behavior+0x10/0x10 [ 939.956643][T23592] ? down_read+0x13b/0x460 [ 939.956674][T23592] do_madvise+0x195/0x240 [ 939.956691][T23592] ? __pfx_do_madvise+0x10/0x10 [ 939.956762][T23592] ? do_futex+0x192/0x350 [ 939.956785][T23592] ? __fget_files+0x21f/0x3d0 [ 939.956813][T23592] __x64_sys_madvise+0xa9/0x110 [ 939.956832][T23592] ? lockdep_hardirqs_on+0x78/0x100 [ 939.956852][T23592] do_syscall_64+0x106/0xf80 [ 939.956871][T23592] ? clear_bhb_loop+0x40/0x90 [ 939.956890][T23592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 939.956906][T23592] RIP: 0033:0x7f24be59c799 [ 939.956921][T23592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 939.956936][T23592] RSP: 002b:00007f24bf3bf028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 939.956951][T23592] RAX: ffffffffffffffda RBX: 00007f24be815fa0 RCX: 00007f24be59c799 [ 939.956962][T23592] RDX: 0000000100000003 RSI: 0000000001010001 RDI: 0000000000000000 [ 939.956973][T23592] RBP: 00007f24be632c99 R08: 0000000000000000 R09: 0000000000000000 [ 939.956982][T23592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 939.956992][T23592] R13: 00007f24be816038 R14: 00007f24be815fa0 R15: 00007ffef1acf678 [ 939.957012][T23592] [ 940.747146][T23599] zswap: compressor not available [ 941.605350][T23622] FAULT_INJECTION: forcing a failure. [ 941.605350][T23622] name failslab, interval 1, probability 0, space 0, times 0 [ 941.653195][T23622] CPU: 0 UID: 0 PID: 23622 Comm: syz.2.6369 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 941.653241][T23622] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 941.653250][T23622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 941.653259][T23622] Call Trace: [ 941.653266][T23622] [ 941.653273][T23622] dump_stack_lvl+0x100/0x190 [ 941.653303][T23622] should_fail_ex.cold+0x5/0xa [ 941.653322][T23622] should_failslab+0xc2/0x120 [ 941.653339][T23622] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 941.653362][T23622] ? mas_alloc_nodes+0x280/0x390 [ 941.653384][T23622] mas_alloc_nodes+0x280/0x390 [ 941.653404][T23622] mas_preallocate+0x39c/0xf10 [ 941.653436][T23622] ? __pfx_mas_preallocate+0x10/0x10 [ 941.653468][T23622] ? __asan_memset+0x23/0x50 [ 941.653489][T23622] ? init_multi_vma_prep+0x33c/0x650 [ 941.653510][T23622] commit_merge+0x3e3/0xbd0 [ 941.653533][T23622] ? __pfx_commit_merge+0x10/0x10 [ 941.653552][T23622] ? __pfx_free_pgtables+0x10/0x10 [ 941.653577][T23622] vma_expand+0x7df/0xcf0 [ 941.653600][T23622] ? __pfx_vma_expand+0x10/0x10 [ 941.653622][T23622] ? can_vma_merge_right+0xa5/0x530 [ 941.653644][T23622] vma_merge_new_range+0x2ce/0xa30 [ 941.653664][T23622] ? __sanitizer_cov_trace_const_cmp2+0x1/0x20 [ 941.653692][T23622] __mmap_region+0x900/0x29e0 [ 941.653714][T23622] ? update_cfs_rq_load_avg+0x51/0x550 [ 941.653732][T23622] ? __pfx___mmap_region+0x10/0x10 [ 941.653758][T23622] ? set_next_entity+0x11e/0x9c0 [ 941.653782][T23622] ? __lock_acquire+0x4a5/0x2630 [ 941.653800][T23622] ? find_held_lock+0x2b/0x80 [ 941.653822][T23622] ? find_held_lock+0x2b/0x80 [ 941.653836][T23622] ? finish_task_switch.isra.0+0x200/0xb80 [ 941.653852][T23622] ? finish_task_switch.isra.0+0x200/0xb80 [ 941.653876][T23622] ? trace_sched_exit_tp+0x13a/0x180 [ 941.653894][T23622] ? __schedule+0x1000/0x6120 [ 941.653937][T23622] ? rcu_is_watching+0x12/0xc0 [ 941.653959][T23622] ? cap_capable+0x107/0x460 [ 941.653985][T23622] mmap_region+0x180/0x3e0 [ 941.654010][T23622] do_mmap+0xc63/0x12f0 [ 941.654031][T23622] ? __pfx_do_mmap+0x10/0x10 [ 941.654047][T23622] ? __pfx_down_write_killable+0x10/0x10 [ 941.654073][T23622] vm_mmap_pgoff+0x29e/0x470 [ 941.654093][T23622] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 941.654111][T23622] ? do_futex+0x192/0x350 [ 941.654130][T23622] ? __pfx_do_futex+0x10/0x10 [ 941.654152][T23622] ksys_mmap_pgoff+0xe1/0x650 [ 941.654168][T23622] ? __x64_sys_futex+0x34f/0x4d0 [ 941.654186][T23622] ? __x64_sys_futex+0x358/0x4d0 [ 941.654204][T23622] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 941.654221][T23622] ? xfd_validate_state+0x129/0x190 [ 941.654246][T23622] __x64_sys_mmap+0x125/0x190 [ 941.654269][T23622] do_syscall_64+0x106/0xf80 [ 941.654288][T23622] ? clear_bhb_loop+0x40/0x90 [ 941.654307][T23622] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 941.654322][T23622] RIP: 0033:0x7f2dd8b9c799 [ 941.654337][T23622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 941.654352][T23622] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 941.654367][T23622] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 941.654377][T23622] RDX: 00000000000000df RSI: 0000000000000005 RDI: 0000000000000000 [ 941.654386][T23622] RBP: 00007f2dd8c32c99 R08: 0000000000000002 R09: 0000000000008000 [ 941.654396][T23622] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 941.654405][T23622] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 941.654435][T23622] [ 942.615816][T23638] FAULT_INJECTION: forcing a failure. [ 942.615816][T23638] name failslab, interval 1, probability 0, space 0, times 0 [ 942.665982][T23638] CPU: 0 UID: 0 PID: 23638 Comm: syz.6.6373 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 942.666020][T23638] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 942.666028][T23638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 942.666039][T23638] Call Trace: [ 942.666046][T23638] [ 942.666052][T23638] dump_stack_lvl+0x100/0x190 [ 942.666081][T23638] should_fail_ex.cold+0x5/0xa [ 942.666102][T23638] should_failslab+0xc2/0x120 [ 942.666118][T23638] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 942.666142][T23638] ? __alloc_skb+0x140/0x710 [ 942.666166][T23638] __alloc_skb+0x140/0x710 [ 942.666187][T23638] ? __alloc_skb+0x5b7/0x710 [ 942.666205][T23638] ? __pfx___alloc_skb+0x10/0x10 [ 942.666230][T23638] inet6_ifmcaddr_notify+0xd6/0x1d0 [ 942.666319][T23638] ? __pfx_inet6_ifmcaddr_notify+0x10/0x10 [ 942.666342][T23638] __ipv6_dev_mc_dec+0x297/0x340 [ 942.666366][T23638] ipv6_mc_destroy_dev+0x2cd/0x690 [ 942.666387][T23638] ? __local_bh_enable_ip+0x9e/0x120 [ 942.666416][T23638] addrconf_ifdown.isra.0+0x148a/0x1b70 [ 942.666472][T23638] ? __pfx_addrconf_ifdown.isra.0+0x10/0x10 [ 942.666495][T23638] ? tls_dev_event+0x2c9/0x10f0 [ 942.666546][T23638] ? net_generic+0xea/0x2a0 [ 942.666614][T23638] addrconf_notify+0x458/0x19c0 [ 942.666631][T23638] ? ip6mr_device_event+0x1bc/0x230 [ 942.666676][T23638] notifier_call_chain+0x99/0x420 [ 942.666701][T23638] call_netdevice_notifiers_info+0xbe/0x110 [ 942.666728][T23638] unregister_netdevice_many_notify+0x1208/0x2580 [ 942.666758][T23638] ? __pfx_unregister_netdevice_many_notify+0x10/0x10 [ 942.666781][T23638] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 942.666814][T23638] unregister_netdevice_queue+0x30b/0x3c0 [ 942.666836][T23638] ? __pfx_unregister_netdevice_queue+0x10/0x10 [ 942.666859][T23638] ? __pfx_locks_remove_file+0x10/0x10 [ 942.666881][T23638] ppp_release+0x211/0x230 [ 942.666940][T23638] ? __pfx_ppp_release+0x10/0x10 [ 942.666958][T23638] __fput+0x3ff/0xb40 [ 942.666982][T23638] task_work_run+0x150/0x240 [ 942.667004][T23638] ? __pfx_task_work_run+0x10/0x10 [ 942.667030][T23638] exit_to_user_mode_loop+0x100/0x4a0 [ 942.667052][T23638] do_syscall_64+0x668/0xf80 [ 942.667072][T23638] ? clear_bhb_loop+0x40/0x90 [ 942.667091][T23638] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.667107][T23638] RIP: 0033:0x7f9ae459c799 [ 942.667122][T23638] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 942.667138][T23638] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 942.667154][T23638] RAX: 0000000000000000 RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 942.667164][T23638] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 942.667173][T23638] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 942.667183][T23638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 942.667192][T23638] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 942.667213][T23638] [ 943.383808][T23650] FAULT_INJECTION: forcing a failure. [ 943.383808][T23650] name failslab, interval 1, probability 0, space 0, times 0 [ 943.407224][T23650] CPU: 0 UID: 0 PID: 23650 Comm: syz.6.6377 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 943.407267][T23650] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 943.407276][T23650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 943.407286][T23650] Call Trace: [ 943.407292][T23650] [ 943.407299][T23650] dump_stack_lvl+0x100/0x190 [ 943.407328][T23650] should_fail_ex.cold+0x5/0xa [ 943.407347][T23650] should_failslab+0xc2/0x120 [ 943.407364][T23650] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 943.407387][T23650] ? sock_alloc_inode+0x25/0x1c0 [ 943.407413][T23650] ? __pfx_sock_alloc_inode+0x10/0x10 [ 943.407437][T23650] sock_alloc_inode+0x25/0x1c0 [ 943.407459][T23650] alloc_inode+0x68/0x250 [ 943.407479][T23650] sock_alloc+0x44/0x280 [ 943.407499][T23650] ? security_socket_create+0x7f/0x250 [ 943.407524][T23650] __sock_create+0xc2/0x860 [ 943.407543][T23650] __sys_socket+0x14d/0x260 [ 943.407559][T23650] ? __pfx___sys_socket+0x10/0x10 [ 943.407581][T23650] __x64_sys_socket+0x72/0xb0 [ 943.407597][T23650] ? lockdep_hardirqs_on+0x78/0x100 [ 943.407618][T23650] do_syscall_64+0x106/0xf80 [ 943.407637][T23650] ? clear_bhb_loop+0x40/0x90 [ 943.407656][T23650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.407672][T23650] RIP: 0033:0x7f9ae459c799 [ 943.407686][T23650] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 943.407700][T23650] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 943.407715][T23650] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 943.407725][T23650] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000015 [ 943.407734][T23650] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 943.407744][T23650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.407753][T23650] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 943.407773][T23650] [ 943.407784][T23650] socket: no more sockets [ 943.647113][T23648] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6375'. [ 943.808087][T23648] gretap0: refused to change device tx_queue_len [ 944.572952][T23669] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6385'. [ 944.941489][T23677] netlink: 25 bytes leftover after parsing attributes in process `syz.2.6389'. [ 945.223538][T23682] netlink: 244 bytes leftover after parsing attributes in process `syz.6.6391'. [ 945.659778][T23695] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6397'. [ 945.688091][T23695] netlink: 354 bytes leftover after parsing attributes in process `syz.6.6397'. [ 946.849188][T23717] netlink: 266 bytes leftover after parsing attributes in process `syz.1.6405'. [ 946.883995][T23717] IPv6: NLM_F_CREATE should be specified when creating new route [ 948.600658][T23756] netlink: 326 bytes leftover after parsing attributes in process `syz.2.6418'. [ 948.746497][T23760] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6420'. [ 948.798336][T23760] veth0_vlan: entered allmulticast mode [ 948.952045][ T30] audit: type=1800 audit(1773451733.329:21): pid=23758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.6419" name="trace_marker" dev="tracefs" ino=786 res=0 errno=0 [ 950.074498][T23787] usb usb24: usbfs: process 23787 (syz.6.6430) did not claim interface 0 before use [ 951.078517][T23811] FAULT_INJECTION: forcing a failure. [ 951.078517][T23811] name failslab, interval 1, probability 0, space 0, times 0 [ 951.170033][T23811] CPU: 0 UID: 0 PID: 23811 Comm: syz.6.6438 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 951.170071][T23811] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 951.170080][T23811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 951.170090][T23811] Call Trace: [ 951.170095][T23811] [ 951.170102][T23811] dump_stack_lvl+0x100/0x190 [ 951.170131][T23811] should_fail_ex.cold+0x5/0xa [ 951.170151][T23811] should_failslab+0xc2/0x120 [ 951.170167][T23811] __kmalloc_cache_noprof+0x7a/0x6f0 [ 951.170187][T23811] ? alloc_mnt_ns+0xce/0x520 [ 951.170212][T23811] alloc_mnt_ns+0xce/0x520 [ 951.170234][T23811] copy_mnt_ns+0x220/0xc30 [ 951.170251][T23811] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 951.170271][T23811] ? create_new_namespaces+0x30/0xac0 [ 951.170288][T23811] ? rcu_is_watching+0x12/0xc0 [ 951.170312][T23811] create_new_namespaces+0xd3/0xac0 [ 951.170328][T23811] ? bpf_lsm_capable+0x9/0x10 [ 951.170343][T23811] ? security_capable+0x80/0x260 [ 951.170368][T23811] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 951.170386][T23811] ksys_unshare+0x473/0xad0 [ 951.170406][T23811] ? __pfx_ksys_unshare+0x10/0x10 [ 951.170433][T23811] __x64_sys_unshare+0x31/0x40 [ 951.170451][T23811] do_syscall_64+0x106/0xf80 [ 951.170472][T23811] ? clear_bhb_loop+0x40/0x90 [ 951.170491][T23811] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 951.170507][T23811] RIP: 0033:0x7f9ae459c799 [ 951.170521][T23811] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 951.170535][T23811] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 951.170550][T23811] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 951.170560][T23811] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 951.170569][T23811] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 951.170578][T23811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 951.170587][T23811] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 951.170606][T23811] [ 952.365963][T23830] netlink: 266 bytes leftover after parsing attributes in process `syz.6.6444'. [ 952.421285][T23830] IPv6: NLM_F_CREATE should be specified when creating new route [ 953.972696][T23861] [U] ^@ [ 954.510936][T23878] netlink: 330 bytes leftover after parsing attributes in process `syz.5.6459'. [ 954.564868][T23882] ERROR: Out of memory at tomoyo_memory_ok. [ 956.378402][T23923] vivid-007: ================= START STATUS ================= [ 956.423943][T23923] vivid-007: Generate PTS: true [ 956.428854][T23923] vivid-007: Generate SCR: true [ 956.464767][T23923] tpg source WxH: 320x240 (Y'CbCr) [ 956.469926][T23923] tpg field: 1 [ 956.536224][T23923] tpg crop: (0,0)/320x240 [ 956.551599][T23923] tpg compose: (0,0)/320x240 [ 956.577221][T23923] tpg colorspace: 8 [ 956.605161][T23923] tpg transfer function: 0/0 [ 956.637495][T23923] tpg Y'CbCr encoding: 0/0 [ 956.691409][T23923] tpg quantization: 0/0 [ 956.769310][T23923] tpg RGB range: 0/2 [ 956.799563][T23923] vivid-007: ================== END STATUS ================== [ 956.882934][T23940] netlink: 334 bytes leftover after parsing attributes in process `syz.1.6476'. [ 960.413792][T24016] netlink: 338 bytes leftover after parsing attributes in process `syz.1.6504'. [ 961.249536][T24043] netlink: 146 bytes leftover after parsing attributes in process `syz.5.6515'. [ 961.503224][T24049] netlink: 50 bytes leftover after parsing attributes in process `syz.5.6517'. [ 962.512796][T24072] netlink: 138 bytes leftover after parsing attributes in process `syz.2.6525'. [ 965.112597][T24124] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6544'. [ 965.170209][T24124] netlink: 25 bytes leftover after parsing attributes in process `syz.2.6544'. [ 966.424095][T24157] mkiss: ax0: crc mode is auto. [ 966.833472][T24173] random: crng reseeded on system resumption [ 967.918954][T24193] netlink: 'syz.5.6569': attribute type 27 has an invalid length. [ 967.956144][T24193] netlink: 146 bytes leftover after parsing attributes in process `syz.5.6569'. [ 968.353915][T24196] netlink: 318 bytes leftover after parsing attributes in process `syz.5.6570'. [ 968.913217][T24179] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 969.721026][ T5826] Bluetooth: hci4: command 0x0406 tx timeout [ 971.417305][T24266] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6593'. [ 971.878127][T24272] zswap: compressor not available [ 975.476907][T24352] netlink: 330 bytes leftover after parsing attributes in process `syz.6.6624'. [ 976.591411][T24378] FAULT_INJECTION: forcing a failure. [ 976.591411][T24378] name failslab, interval 1, probability 0, space 0, times 0 [ 976.685802][T24378] CPU: 0 UID: 0 PID: 24378 Comm: syz.6.6634 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 976.685839][T24378] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 976.685849][T24378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 976.685858][T24378] Call Trace: [ 976.685865][T24378] [ 976.685872][T24378] dump_stack_lvl+0x100/0x190 [ 976.685900][T24378] should_fail_ex.cold+0x5/0xa [ 976.685920][T24378] should_failslab+0xc2/0x120 [ 976.685937][T24378] __kmalloc_cache_noprof+0x7a/0x6f0 [ 976.685957][T24378] ? alloc_fs_context+0x57/0xf40 [ 976.685974][T24378] ? lockdep_hardirqs_on+0x78/0x100 [ 976.685998][T24378] alloc_fs_context+0x57/0xf40 [ 976.686019][T24378] __x64_sys_fsopen+0xed/0x220 [ 976.686040][T24378] do_syscall_64+0x106/0xf80 [ 976.686060][T24378] ? clear_bhb_loop+0x40/0x90 [ 976.686079][T24378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 976.686094][T24378] RIP: 0033:0x7f9ae459c799 [ 976.686108][T24378] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 976.686123][T24378] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 976.686138][T24378] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 976.686149][T24378] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 976.686157][T24378] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 976.686174][T24378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 976.686183][T24378] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 976.686204][T24378] [ 977.941409][T24392] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6638'. [ 978.558193][T24403] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6643'. [ 978.681398][T24403] team0 (unregistering): Port device team_slave_0 removed [ 978.750383][T24403] team0 (unregistering): Port device team_slave_1 removed [ 979.578224][T20022] Bluetooth: hci0: unexpected event 0x09 length: 435 > 3 [ 980.174508][T24439] netlink: 'syz.1.6656': attribute type 33 has an invalid length. [ 980.311723][T24439] netlink: 322 bytes leftover after parsing attributes in process `syz.1.6656'. [ 980.932783][T24451] netlink: 338 bytes leftover after parsing attributes in process `syz.2.6659'. [ 980.975039][T24451] team_slave_0: entered allmulticast mode [ 982.566773][T24471] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6667'. [ 984.078640][T24501] netlink: 'syz.5.6678': attribute type 33 has an invalid length. [ 985.824304][T24540] netlink: 252 bytes leftover after parsing attributes in process `syz.6.6691'. [ 985.863060][T24540] netlink: 252 bytes leftover after parsing attributes in process `syz.6.6691'. [ 987.807362][T24575] FAULT_INJECTION: forcing a failure. [ 987.807362][T24575] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 987.886721][T24575] CPU: 0 UID: 0 PID: 24575 Comm: syz.6.6706 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 987.886757][T24575] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 987.886766][T24575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 987.886777][T24575] Call Trace: [ 987.886783][T24575] [ 987.886789][T24575] dump_stack_lvl+0x100/0x190 [ 987.886817][T24575] should_fail_ex.cold+0x5/0xa [ 987.886833][T24575] ? prepare_alloc_pages+0x16d/0x5f0 [ 987.886852][T24575] should_fail_alloc_page+0xeb/0x140 [ 987.886869][T24575] prepare_alloc_pages+0x1f0/0x5f0 [ 987.886889][T24575] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 987.886916][T24575] ? stack_trace_save+0x8e/0xc0 [ 987.886932][T24575] ? __pfx_stack_trace_save+0x10/0x10 [ 987.886947][T24575] ? stack_depot_save_flags+0x27/0x9d0 [ 987.886979][T24575] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 987.887006][T24575] ? kasan_save_stack+0x3f/0x50 [ 987.887029][T24575] ? kasan_save_stack+0x30/0x50 [ 987.887050][T24575] ? kasan_save_track+0x14/0x30 [ 987.887072][T24575] ? system_heap_allocate+0xeb/0x1170 [ 987.887177][T24575] ? __x64_sys_ioctl+0x18e/0x210 [ 987.887198][T24575] ? do_syscall_64+0x106/0xf80 [ 987.887218][T24575] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.887245][T24575] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 987.887272][T24575] ? policy_nodemask+0xed/0x4f0 [ 987.887289][T24575] alloc_pages_mpol+0x1fb/0x550 [ 987.887306][T24575] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 987.887324][T24575] ? lockdep_init_map_type+0x5c/0x250 [ 987.887346][T24575] alloc_pages_noprof+0x131/0x390 [ 987.887363][T24575] system_heap_allocate+0x2d2/0x1170 [ 987.887391][T24575] ? __pfx_system_heap_allocate+0x10/0x10 [ 987.887420][T24575] ? rep_movs_alternative+0x4a/0x90 [ 987.887438][T24575] dma_heap_ioctl+0x37f/0x5e0 [ 987.887462][T24575] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 987.887482][T24575] ? find_held_lock+0x2b/0x80 [ 987.887505][T24575] ? __pfx_dma_heap_ioctl+0x10/0x10 [ 987.887527][T24575] __x64_sys_ioctl+0x18e/0x210 [ 987.887549][T24575] do_syscall_64+0x106/0xf80 [ 987.887568][T24575] ? clear_bhb_loop+0x40/0x90 [ 987.887587][T24575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 987.887603][T24575] RIP: 0033:0x7f9ae459c799 [ 987.887617][T24575] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 987.887632][T24575] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 987.887648][T24575] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 987.887659][T24575] RDX: 0000200000000140 RSI: ffffffffffdffe00 RDI: 0000000000000006 [ 987.887670][T24575] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 987.887679][T24575] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 987.887689][T24575] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 987.887711][T24575] [ 990.473023][T24623] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6723'. [ 990.951151][T24637] netlink: 62 bytes leftover after parsing attributes in process `syz.5.6727'. [ 993.045106][T24683] netlink: 342 bytes leftover after parsing attributes in process `syz.2.6740'. [ 993.254764][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 993.262524][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 993.441705][T24681] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6739'. [ 993.843485][T24697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 993.910938][T24697] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 993.976653][T24697] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 994.027476][T24695] FAULT_INJECTION: forcing a failure. [ 994.027476][T24695] name failslab, interval 1, probability 0, space 0, times 0 [ 994.047476][T24697] page_type: f5(slab) [ 994.068963][T24697] raw: 00fff00000000040 ffff88801fed5000 dead000000000122 0000000000000000 [ 994.140985][T24697] raw: 0000000000000000 0000000800130013 00000000f5000000 0000000000000000 [ 994.191039][T24697] head: 00fff00000000040 ffff88801fed5000 dead000000000122 0000000000000000 [ 994.225531][T24697] head: 0000000000000000 0000000800130013 00000000f5000000 0000000000000000 [ 994.246995][T24695] CPU: 0 UID: 0 PID: 24695 Comm: syz.2.6745 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 994.247034][T24695] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 994.247042][T24695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 994.247052][T24695] Call Trace: [ 994.247059][T24695] [ 994.247067][T24695] dump_stack_lvl+0x100/0x190 [ 994.247096][T24695] should_fail_ex.cold+0x5/0xa [ 994.247116][T24695] should_failslab+0xc2/0x120 [ 994.247132][T24695] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 994.247154][T24695] ? __kernfs_new_node+0xd2/0x960 [ 994.247180][T24695] __kernfs_new_node+0xd2/0x960 [ 994.247203][T24695] ? __pfx___kernfs_new_node+0x10/0x10 [ 994.247229][T24695] ? find_held_lock+0x2b/0x80 [ 994.247244][T24695] ? kernfs_root+0xee/0x2a0 [ 994.247263][T24695] ? kernfs_root+0xee/0x2a0 [ 994.247288][T24695] kernfs_new_node+0x11b/0x1a0 [ 994.247314][T24695] __kernfs_create_file+0x53/0x350 [ 994.247334][T24695] sysfs_add_file_mode_ns+0x207/0x3c0 [ 994.247364][T24695] internal_create_group+0x593/0xf40 [ 994.247391][T24695] ? __pfx_internal_create_group+0x10/0x10 [ 994.247417][T24695] ? kernfs_create_link+0x1bd/0x240 [ 994.247438][T24695] internal_create_groups+0x9d/0x150 [ 994.247463][T24695] device_add+0x71a/0x1950 [ 994.247482][T24695] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 994.247506][T24695] ? __pfx_device_add+0x10/0x10 [ 994.247523][T24695] ? lockdep_init_map_type+0x5c/0x250 [ 994.247544][T24695] ? __init_waitqueue_head+0xca/0x150 [ 994.247570][T24695] netdev_register_kobject+0x1a9/0x3d0 [ 994.247598][T24695] register_netdevice+0x12e0/0x2210 [ 994.247625][T24695] ? __pfx_register_netdevice+0x10/0x10 [ 994.247650][T24695] ? __pfx_loopback_net_init+0x10/0x10 [ 994.247667][T24695] register_netdev+0x34/0x50 [ 994.247688][T24695] loopback_net_init+0x7a/0x170 [ 994.247704][T24695] ? __pfx_loopback_net_init+0x10/0x10 [ 994.247718][T24695] ops_init+0x1e2/0x5f0 [ 994.247741][T24695] setup_net+0x118/0x3a0 [ 994.247763][T24695] ? __pfx_setup_net+0x10/0x10 [ 994.247782][T24695] ? lockdep_init_map_type+0x5c/0x250 [ 994.247802][T24695] ? mutex_init_lockep+0x110/0x150 [ 994.247825][T24695] copy_net_ns+0x46f/0x7c0 [ 994.247849][T24695] create_new_namespaces+0x3ea/0xac0 [ 994.247871][T24695] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 994.247889][T24695] ksys_unshare+0x473/0xad0 [ 994.247909][T24695] ? __pfx_ksys_unshare+0x10/0x10 [ 994.247935][T24695] __x64_sys_unshare+0x31/0x40 [ 994.247953][T24695] do_syscall_64+0x106/0xf80 [ 994.247987][T24695] ? clear_bhb_loop+0x40/0x90 [ 994.248007][T24695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 994.248026][T24695] RIP: 0033:0x7f2dd8b9c799 [ 994.248040][T24695] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 994.248056][T24695] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 994.248071][T24695] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 994.248082][T24695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 994.248091][T24695] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 994.248100][T24695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 994.248110][T24695] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 994.248131][T24695] [ 994.954652][T24697] head: 00fff00000000002 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 994.979317][T24697] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 995.009761][T24697] page dumped because: unmovable page [ 995.027410][T24697] page_owner tracks the page as allocated [ 995.045293][T24697] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 24499, tgid 24495 (syz.2.6676), ts 984604210126, free_ts 963109816105 [ 995.151476][T24697] post_alloc_hook+0x153/0x170 [ 995.164625][T24697] get_page_from_freelist+0x111d/0x3140 [ 995.170220][T24697] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 995.231588][T24697] new_slab+0xa6/0x6c0 [ 995.236527][T24697] refill_objects+0x26b/0x400 [ 995.241249][T24697] __pcs_replace_empty_main+0x1ab/0x600 [ 995.294162][ T5174] ERROR: Out of memory at tomoyo_memory_ok. [ 995.301144][T24697] kmem_cache_alloc_node_noprof+0x569/0x6f0 [ 995.321409][T24697] kmalloc_reserve+0x148/0x350 [ 995.358971][T24697] __alloc_skb+0x185/0x710 [ 995.368452][T24697] __pskb_copy_fclone+0xec/0xcb0 [ 995.388753][T24697] tipc_msg_reassemble+0x34d/0x4f0 [ 995.401587][T24697] tipc_mcast_xmit+0x56b/0xfc0 [ 995.418377][T24697] tipc_send_group_bcast+0x76b/0xa20 [ 995.433987][T24697] __tipc_sendmsg+0x4a3/0x1ae0 [ 995.438857][T24697] tipc_sendmsg+0x4f/0x70 [ 995.471626][T24697] ____sys_sendmsg+0x9e1/0xb70 [ 995.491603][T24697] page last free pid 24088 tgid 24086 stack trace: [ 995.498605][T24697] __free_frozen_pages+0x7e1/0x10d0 [ 995.545567][T24697] stack_depot_save_flags+0x435/0x9d0 [ 995.550981][T24697] kasan_save_stack+0x3f/0x50 [ 995.592087][T24697] kasan_save_track+0x14/0x30 [ 995.596838][T24697] __kasan_slab_alloc+0x89/0x90 [ 995.632012][T24697] kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 995.657459][T24697] __alloc_skb+0x140/0x710 [ 995.676777][T24697] sock_wmalloc+0xd4/0x120 [ 995.681239][T24697] pppol2tp_sendmsg+0x1ab/0x5e0 [ 995.721755][T24697] ____sys_sendmsg+0x9e1/0xb70 [ 995.726590][T24697] ___sys_sendmsg+0x190/0x1e0 [ 995.731283][T24697] __sys_sendmmsg+0x205/0x430 [ 995.771882][T24697] __x64_sys_sendmmsg+0x9c/0x100 [ 995.782681][T24697] do_syscall_64+0x106/0xf80 [ 995.787335][T24697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 997.473539][T24733] input: f as /devices/virtual/input/input11 [ 998.345281][T24739] [U]  [ 998.348092][T24739] [U] [ 998.350768][T24739] [U] [ 998.353445][T24739] [U] [ 998.510793][T24739] [U] [ 998.513527][T24739] [U] [ 998.516207][T24739] [U] [ 998.518912][T24739] [U] [ 998.624179][T24739] [U] [ 998.626997][T24739] [U] [ 998.629680][T24739] [U] [ 998.632380][T24739] [U] [ 998.775940][T24739] [U] [ 998.778691][T24739] [U] [ 998.781376][T24739] [U] [ 998.784071][T24739] [U] [ 998.913939][T24739] [U] [ 998.916661][T24739] [U] [ 998.919361][T24739] [U] [ 998.922055][T24739] [U] [ 999.144866][T24739] [U] [ 1000.276436][T24774] FAULT_INJECTION: forcing a failure. [ 1000.276436][T24774] name failslab, interval 1, probability 0, space 0, times 0 [ 1000.289514][T24774] CPU: 0 UID: 0 PID: 24774 Comm: syz.6.6769 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1000.289551][T24774] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1000.289560][T24774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1000.289570][T24774] Call Trace: [ 1000.289577][T24774] [ 1000.289584][T24774] dump_stack_lvl+0x100/0x190 [ 1000.289613][T24774] should_fail_ex.cold+0x5/0xa [ 1000.289632][T24774] should_failslab+0xc2/0x120 [ 1000.289648][T24774] __kmalloc_cache_noprof+0x7a/0x6f0 [ 1000.289667][T24774] ? tipc_service_create+0xb1/0x340 [ 1000.289694][T24774] tipc_service_create+0xb1/0x340 [ 1000.289714][T24774] ? tipc_service_find+0x161/0x1c0 [ 1000.289736][T24774] tipc_nametbl_subscribe+0x892/0xa80 [ 1000.289763][T24774] ? __pfx_tipc_nametbl_subscribe+0x10/0x10 [ 1000.289789][T24774] ? lockdep_init_map_type+0x5c/0x250 [ 1000.289812][T24774] tipc_sub_subscribe+0x4ba/0x730 [ 1000.289835][T24774] tipc_conn_rcv_sub+0x21e/0x3d0 [ 1000.289863][T24774] tipc_topsrv_kern_subscr+0x20b/0x3c0 [ 1000.289884][T24774] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 1000.289906][T24774] ? net_generic+0xea/0x2a0 [ 1000.289929][T24774] tipc_group_create+0x4ab/0x660 [ 1000.289952][T24774] tipc_setsockopt+0x611/0xe30 [ 1000.289977][T24774] ? __pfx_tipc_setsockopt+0x10/0x10 [ 1000.290007][T24774] ? __pfx_tipc_setsockopt+0x10/0x10 [ 1000.290030][T24774] do_sock_setsockopt+0xf3/0x1d0 [ 1000.290057][T24774] __sys_setsockopt+0x119/0x190 [ 1000.290080][T24774] __x64_sys_setsockopt+0xbd/0x160 [ 1000.290099][T24774] ? do_syscall_64+0x95/0xf80 [ 1000.290119][T24774] ? lockdep_hardirqs_on+0x78/0x100 [ 1000.290139][T24774] do_syscall_64+0x106/0xf80 [ 1000.290158][T24774] ? clear_bhb_loop+0x40/0x90 [ 1000.290178][T24774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1000.290194][T24774] RIP: 0033:0x7f9ae459c799 [ 1000.290209][T24774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1000.290224][T24774] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 1000.290239][T24774] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 1000.290250][T24774] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 1000.290259][T24774] RBP: 00007f9ae4632c99 R08: 0000000000000014 R09: 0000000000000000 [ 1000.290269][T24774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1000.290278][T24774] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 1000.290299][T24774] [ 1000.290313][T24774] tipc: Service creation failed, no memory [ 1000.546608][T24774] tipc: Failed to subscribe for {3845806496,0,4294967295} [ 1001.666797][T24785] netlink: 'syz.2.6771': attribute type 1 has an invalid length. [ 1001.761187][T24785] netlink: 330 bytes leftover after parsing attributes in process `syz.2.6771'. [ 1004.547334][T24819] netlink: 54 bytes leftover after parsing attributes in process `syz.5.6785'. [ 1004.618858][T24821] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6784'. [ 1005.023554][T24825] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6787'. [ 1005.080623][T24829] netlink: 13 bytes leftover after parsing attributes in process `syz.5.6787'. [ 1005.940288][T24837] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6791'. [ 1006.245036][T24843] netlink: 330 bytes leftover after parsing attributes in process `syz.1.6792'. [ 1006.712454][T24848] FAULT_INJECTION: forcing a failure. [ 1006.712454][T24848] name failslab, interval 1, probability 0, space 0, times 0 [ 1006.827291][T24848] CPU: 0 UID: 0 PID: 24848 Comm: syz.2.6795 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1006.827328][T24848] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1006.827336][T24848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1006.827347][T24848] Call Trace: [ 1006.827353][T24848] [ 1006.827359][T24848] dump_stack_lvl+0x100/0x190 [ 1006.827387][T24848] should_fail_ex.cold+0x5/0xa [ 1006.827406][T24848] ? tomoyo_init_log+0x1224/0x20c0 [ 1006.827425][T24848] should_failslab+0xc2/0x120 [ 1006.827441][T24848] __kmalloc_noprof+0xe0/0x850 [ 1006.827471][T24848] tomoyo_init_log+0x1224/0x20c0 [ 1006.827494][T24848] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1006.827523][T24848] ? __pfx_tomoyo_init_log+0x10/0x10 [ 1006.827547][T24848] tomoyo_write_log2+0x2ed/0xbc0 [ 1006.827569][T24848] tomoyo_supervisor+0x15e/0x1340 [ 1006.827594][T24848] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 1006.827625][T24848] ? kasan_quarantine_put+0x104/0x240 [ 1006.827649][T24848] ? tomoyo_check_path_acl+0x141/0x210 [ 1006.827666][T24848] ? tomoyo_check_acl+0x1f7/0x410 [ 1006.827691][T24848] tomoyo_path_permission+0x270/0x3b0 [ 1006.827709][T24848] tomoyo_check_open_permission+0x37f/0x3c0 [ 1006.827733][T24848] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1006.827771][T24848] ? do_raw_spin_lock+0x128/0x260 [ 1006.827794][T24848] ? path_get+0x61/0x80 [ 1006.827814][T24848] tomoyo_file_open+0x6b/0x90 [ 1006.827841][T24848] security_file_open+0xb5/0x1e0 [ 1006.827860][T24848] do_dentry_open+0x5aa/0x1660 [ 1006.827877][T24848] ? security_inode_permission+0xbf/0x250 [ 1006.827897][T24848] vfs_open+0x82/0x3f0 [ 1006.827921][T24848] path_openat+0x208c/0x31a0 [ 1006.827943][T24848] ? __pfx_path_openat+0x10/0x10 [ 1006.827966][T24848] do_file_open+0x20e/0x430 [ 1006.827983][T24848] ? __pfx_do_file_open+0x10/0x10 [ 1006.828013][T24848] ? alloc_fd+0x476/0x790 [ 1006.828030][T24848] ? do_getname+0x191/0x390 [ 1006.828049][T24848] do_sys_openat2+0x10d/0x1e0 [ 1006.828069][T24848] ? __pfx_do_sys_openat2+0x10/0x10 [ 1006.828097][T24848] ? __fget_files+0x21f/0x3d0 [ 1006.828117][T24848] __x64_sys_openat+0x12d/0x210 [ 1006.828137][T24848] ? __pfx___x64_sys_openat+0x10/0x10 [ 1006.828165][T24848] do_syscall_64+0x106/0xf80 [ 1006.828185][T24848] ? clear_bhb_loop+0x40/0x90 [ 1006.828204][T24848] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1006.828221][T24848] RIP: 0033:0x7f2dd8b9c799 [ 1006.828235][T24848] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1006.828250][T24848] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1006.828264][T24848] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 1006.828275][T24848] RDX: 0000000000000100 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 1006.828285][T24848] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1006.828295][T24848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1006.828304][T24848] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 1006.828325][T24848] [ 1009.972866][T24876] netlink: 17 bytes leftover after parsing attributes in process `syz.5.6802'. [ 1010.760617][T24893] netlink: 'syz.6.6809': attribute type 1 has an invalid length. [ 1010.799006][T24893] netlink: 'syz.6.6809': attribute type 6 has an invalid length. [ 1011.104349][T24899] FAULT_INJECTION: forcing a failure. [ 1011.104349][T24899] name failslab, interval 1, probability 0, space 0, times 0 [ 1011.159868][T24899] CPU: 0 UID: 0 PID: 24899 Comm: syz.6.6812 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1011.159905][T24899] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1011.159914][T24899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1011.159924][T24899] Call Trace: [ 1011.159930][T24899] [ 1011.159936][T24899] dump_stack_lvl+0x100/0x190 [ 1011.159967][T24899] should_fail_ex.cold+0x5/0xa [ 1011.159987][T24899] should_failslab+0xc2/0x120 [ 1011.160005][T24899] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1011.160029][T24899] ? sk_prot_alloc+0x60/0x2a0 [ 1011.160044][T24899] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 1011.160065][T24899] ? security_inode_alloc+0x3b/0x2c0 [ 1011.160084][T24899] sk_prot_alloc+0x60/0x2a0 [ 1011.160100][T24899] sk_alloc+0x36/0xe80 [ 1011.160120][T24899] unix_create1+0xa6/0x700 [ 1011.160213][T24899] unix_create+0x145/0x270 [ 1011.160237][T24899] __sock_create+0x339/0x860 [ 1011.160257][T24899] __sys_socketpair+0x1e4/0x5b0 [ 1011.160275][T24899] ? __pfx___sys_socketpair+0x10/0x10 [ 1011.160291][T24899] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1011.160308][T24899] ? xfd_validate_state+0x129/0x190 [ 1011.160342][T24899] __x64_sys_socketpair+0x96/0x100 [ 1011.160360][T24899] ? lockdep_hardirqs_on+0x78/0x100 [ 1011.160384][T24899] do_syscall_64+0x106/0xf80 [ 1011.160405][T24899] ? clear_bhb_loop+0x40/0x90 [ 1011.160424][T24899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1011.160440][T24899] RIP: 0033:0x7f9ae459c799 [ 1011.160454][T24899] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1011.160469][T24899] RSP: 002b:00007f9ae53a5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1011.160483][T24899] RAX: ffffffffffffffda RBX: 00007f9ae4815fa0 RCX: 00007f9ae459c799 [ 1011.160494][T24899] RDX: 8000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 1011.160503][T24899] RBP: 00007f9ae4632c99 R08: 0000000000000000 R09: 0000000000000000 [ 1011.160513][T24899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1011.160522][T24899] R13: 00007f9ae4816038 R14: 00007f9ae4815fa0 R15: 00007ffce73d53c8 [ 1011.160543][T24899] [ 1014.550531][T24946] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6826'. [ 1017.123296][T24997] netlink: 338 bytes leftover after parsing attributes in process `syz.1.6839'. [ 1018.583760][T25015] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6844'. [ 1018.665126][T25015] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1018.977400][T25015] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1020.093939][T25033] blktrace: Concurrent blktraces are not allowed on loop2 [ 1022.643258][T25051] FAULT_INJECTION: forcing a failure. [ 1022.643258][T25051] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1022.727672][T25064] netlink: 342 bytes leftover after parsing attributes in process `syz.5.6864'. [ 1022.812687][T25051] CPU: 0 UID: 0 PID: 25051 Comm: syz.2.6858 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1022.812726][T25051] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1022.812735][T25051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1022.812753][T25051] Call Trace: [ 1022.812762][T25051] [ 1022.812769][T25051] dump_stack_lvl+0x100/0x190 [ 1022.812800][T25051] should_fail_ex.cold+0x5/0xa [ 1022.812819][T25051] get_futex_key+0x1d2/0x1620 [ 1022.812845][T25051] ? __pfx_get_futex_key+0x10/0x10 [ 1022.812871][T25051] futex_wake+0xea/0x530 [ 1022.812896][T25051] ? __pfx_futex_wake+0x10/0x10 [ 1022.812925][T25051] ? putname+0xb1/0x110 [ 1022.812939][T25051] ? kmem_cache_free+0x124/0x6a0 [ 1022.812964][T25051] do_futex+0x32b/0x350 [ 1022.812984][T25051] ? __pfx_do_futex+0x10/0x10 [ 1022.813001][T25051] ? __pfx_do_sys_openat2+0x10/0x10 [ 1022.813022][T25051] ? __fget_files+0x21f/0x3d0 [ 1022.813039][T25051] __x64_sys_futex+0x34f/0x4d0 [ 1022.813059][T25051] ? __x64_sys_openat+0x12d/0x210 [ 1022.813078][T25051] ? __pfx___x64_sys_futex+0x10/0x10 [ 1022.813105][T25051] do_syscall_64+0x106/0xf80 [ 1022.813125][T25051] ? clear_bhb_loop+0x40/0x90 [ 1022.813143][T25051] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1022.813159][T25051] RIP: 0033:0x7f2dd8b9c799 [ 1022.813173][T25051] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1022.813189][T25051] RSP: 002b:00007f2dd9a870e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1022.813205][T25051] RAX: ffffffffffffffda RBX: 00007f2dd8e16098 RCX: 00007f2dd8b9c799 [ 1022.813215][T25051] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2dd8e1609c [ 1022.813225][T25051] RBP: 00007f2dd8e16090 R08: 0000000000000000 R09: 0000000000000000 [ 1022.813234][T25051] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 1022.813242][T25051] R13: 00007f2dd8e16128 R14: 00007ffc731b28f0 R15: 00007ffc731b29d8 [ 1022.813268][T25051] [ 1022.813491][ T30] audit: type=1326 audit(1773451807.142:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25049 comm="syz.2.6858" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2dd8b9c799 code=0x0 [ 1023.076245][T25066] netlink: 62 bytes leftover after parsing attributes in process `syz.6.6863'. [ 1023.436239][T25067] [U] ^@ [ 1025.826063][T25118] FAULT_INJECTION: forcing a failure. [ 1025.826063][T25118] name failslab, interval 1, probability 0, space 0, times 0 [ 1025.918476][T25118] CPU: 0 UID: 0 PID: 25118 Comm: syz.2.6879 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1025.918515][T25118] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1025.918525][T25118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1025.918534][T25118] Call Trace: [ 1025.918540][T25118] [ 1025.918547][T25118] dump_stack_lvl+0x100/0x190 [ 1025.918580][T25118] should_fail_ex.cold+0x5/0xa [ 1025.918598][T25118] should_failslab+0xc2/0x120 [ 1025.918614][T25118] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 1025.918637][T25118] ? sk_prot_alloc+0x60/0x2a0 [ 1025.918650][T25118] ? kmem_cache_alloc_noprof+0x292/0x6e0 [ 1025.918671][T25118] ? security_inode_alloc+0x3b/0x2c0 [ 1025.918689][T25118] sk_prot_alloc+0x60/0x2a0 [ 1025.918705][T25118] sk_alloc+0x36/0xe80 [ 1025.918726][T25118] unix_create1+0xa6/0x700 [ 1025.918751][T25118] unix_create+0x145/0x270 [ 1025.918775][T25118] __sock_create+0x339/0x860 [ 1025.918796][T25118] __sys_socketpair+0x1e4/0x5b0 [ 1025.918814][T25118] ? __pfx___sys_socketpair+0x10/0x10 [ 1025.918830][T25118] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 1025.918847][T25118] ? xfd_validate_state+0x129/0x190 [ 1025.918873][T25118] __x64_sys_socketpair+0x96/0x100 [ 1025.918890][T25118] ? lockdep_hardirqs_on+0x78/0x100 [ 1025.918910][T25118] do_syscall_64+0x106/0xf80 [ 1025.918939][T25118] ? clear_bhb_loop+0x40/0x90 [ 1025.918966][T25118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1025.918983][T25118] RIP: 0033:0x7f2dd8b9c799 [ 1025.918998][T25118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1025.919013][T25118] RSP: 002b:00007f2dd9aa8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035 [ 1025.919027][T25118] RAX: ffffffffffffffda RBX: 00007f2dd8e15fa0 RCX: 00007f2dd8b9c799 [ 1025.919038][T25118] RDX: 8000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 1025.919047][T25118] RBP: 00007f2dd8c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 1025.919056][T25118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1025.919065][T25118] R13: 00007f2dd8e16038 R14: 00007f2dd8e15fa0 R15: 00007ffc731b29d8 [ 1025.919085][T25118] [ 1027.948114][T25149] binder: 25148:25149 ioctl c0306201 0 returned -14 [ 1028.843233][T25167] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6895'. [ 1029.754288][T25182] Invalid ELF header magic: != ELF [ 1032.684440][T25243] sp0: Synchronizing with TNC [ 1032.715600][T25247] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6924'. [ 1033.336009][T25260] netlink: 12 bytes leftover after parsing attributes in process `syz.2.6928'. [ 1033.418079][T25260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6928'. [ 1033.861955][T25266] netlink: 186 bytes leftover after parsing attributes in process `syz.6.6930'. [ 1033.925269][T25266] netlink: 186 bytes leftover after parsing attributes in process `syz.6.6930'. [ 1035.726909][T25298] netlink: 306 bytes leftover after parsing attributes in process `syz.1.6941'. [ 1036.115340][T25310] netlink: 146 bytes leftover after parsing attributes in process `syz.1.6945'. [ 1037.071547][T20022] Bluetooth: hci2: unexpected subevent 0x01 length: 3 < 18 [ 1039.250021][ T30] audit: type=1326 audit(1773451823.570:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25364 comm="syz.1.6963" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7cd299c799 code=0x0 [ 1039.850629][T25375] netlink: 504 bytes leftover after parsing attributes in process `syz.2.6966'. [ 1040.846588][T25388] netlink: 'syz.6.6970': attribute type 15 has an invalid length. [ 1040.940888][T25388] netlink: 'syz.6.6970': attribute type 16 has an invalid length. [ 1040.948926][T25392] sp0: Synchronizing with TNC [ 1041.068741][T25388] netlink: 194 bytes leftover after parsing attributes in process `syz.6.6970'. [ 1041.243434][T25397] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6973'. [ 1042.175359][T25424] netlink: 25 bytes leftover after parsing attributes in process `syz.2.6984'. [ 1043.780217][T25451] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6992'. [ 1044.237029][T25458] netlink: 326 bytes leftover after parsing attributes in process `syz.1.6995'. [ 1044.289133][T25458] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 1044.296425][T25458] IPv6: NLM_F_CREATE should be set when creating new route [ 1044.303675][T25458] IPv6: NLM_F_CREATE should be set when creating new route [ 1044.913574][T25470] sp0: Synchronizing with TNC [ 1045.398102][T25483] netlink: 32 bytes leftover after parsing attributes in process `syz.6.7003'. [ 1045.542988][T25481] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 1047.227236][T20022] Bluetooth: hci4: unexpected subevent 0x18 length: 123 > 19 [ 1047.235267][T20022] Bluetooth: hci4: Unable to find connection for dst f9:56:cc:cc:70:a9 sid 0x00 [ 1047.256781][T25521] binder: 25519:25521 ioctl c0306201 200000000000 returned -11 [ 1048.077758][T25535] zswap: compressor  not available [ 1048.134364][T25544] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 1048.562834][T25543] zswap: compressor not available [ 1051.254314][T25581] zswap: compressor not available [ 1052.744847][T25614] bond0: option all_slaves_active: invalid value () [ 1053.016045][T25622] netlink: 13 bytes leftover after parsing attributes in process `syz.5.7046'. [ 1054.528739][T25643] [ 1054.531101][T25643] ====================================================== [ 1054.538188][T25643] WARNING: possible circular locking dependency detected [ 1054.545189][T25643] syzkaller #0 Tainted: G U W L XTNJ [ 1054.551144][T25643] ------------------------------------------------------ [ 1054.558137][T25643] syz.5.7054/25643 is trying to acquire lock: [ 1054.564197][T25643] ffff88805a5516e8 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x4ca/0xcb0 [ 1054.575672][T25643] [ 1054.575672][T25643] but task is already holding lock: [ 1054.583119][T25643] ffff888058468260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1054.592067][T25643] [ 1054.592067][T25643] which lock already depends on the new lock. [ 1054.592067][T25643] [ 1054.602447][T25643] [ 1054.602447][T25643] the existing dependency chain (in reverse order) is: [ 1054.611529][T25643] [ 1054.611529][T25643] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}: [ 1054.619248][T25643] lock_sock_nested+0x41/0xf0 [ 1054.624446][T25643] smc_listen_out+0x1f5/0x4b0 [ 1054.629628][T25643] smc_listen_work+0x4c2/0x50e0 [ 1054.634983][T25643] process_one_work+0x9d7/0x1920 [ 1054.640430][T25643] worker_thread+0x5da/0xe40 [ 1054.645528][T25643] kthread+0x370/0x450 [ 1054.650107][T25643] ret_from_fork+0x754/0xd80 [ 1054.655206][T25643] ret_from_fork_asm+0x1a/0x30 [ 1054.660485][T25643] [ 1054.660485][T25643] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}: [ 1054.670734][T25643] __lock_acquire+0x14b8/0x2630 [ 1054.676094][T25643] lock_acquire+0x1cf/0x380 [ 1054.681104][T25643] __flush_work+0x4de/0xcb0 [ 1054.686132][T25643] cancel_work_sync+0xd1/0xf0 [ 1054.691312][T25643] smc_clcsock_release+0x5f/0xe0 [ 1054.696831][T25643] __smc_release+0x5c2/0x880 [ 1054.701932][T25643] smc_close_non_accepted+0xda/0x200 [ 1054.707827][T25643] smc_close_active+0x4ff/0x1070 [ 1054.713284][T25643] __smc_release+0x634/0x880 [ 1054.718465][T25643] smc_release+0x1fc/0x620 [ 1054.723383][T25643] __sock_release+0xb3/0x260 [ 1054.728503][T25643] sock_close+0x1c/0x30 [ 1054.733168][T25643] __fput+0x3ff/0xb40 [ 1054.737658][T25643] task_work_run+0x150/0x240 [ 1054.742780][T25643] exit_to_user_mode_loop+0x100/0x4a0 [ 1054.748663][T25643] do_syscall_64+0x668/0xf80 [ 1054.753767][T25643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.760163][T25643] [ 1054.760163][T25643] other info that might help us debug this: [ 1054.760163][T25643] [ 1054.770372][T25643] Possible unsafe locking scenario: [ 1054.770372][T25643] [ 1054.777821][T25643] CPU0 CPU1 [ 1054.783166][T25643] ---- ---- [ 1054.788515][T25643] lock(sk_lock-AF_SMC/1); [ 1054.793023][T25643] lock((work_completion)(&new_smc->smc_listen_work)); [ 1054.802460][T25643] lock(sk_lock-AF_SMC/1); [ 1054.809489][T25643] lock((work_completion)(&new_smc->smc_listen_work)); [ 1054.816406][T25643] [ 1054.816406][T25643] *** DEADLOCK *** [ 1054.816406][T25643] [ 1054.824536][T25643] 3 locks held by syz.5.7054/25643: [ 1054.829737][T25643] #0: ffff88803d6a4cc8 (&sb->s_type->i_mutex_key#14){+.+.}-{4:4}, at: __sock_release+0x86/0x260 [ 1054.840432][T25643] #1: ffff888058468260 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x3a5/0x620 [ 1054.849827][T25643] #2: ffffffff8e7e73e0 (rcu_read_lock){....}-{1:3}, at: __flush_work+0xfd/0xcb0 [ 1054.858949][T25643] [ 1054.858949][T25643] stack backtrace: [ 1054.864839][T25643] CPU: 0 UID: 0 PID: 25643 Comm: syz.5.7054 Tainted: G U W L XTNJ syzkaller #0 PREEMPT(full) [ 1054.864870][T25643] Tainted: [U]=USER, [W]=WARN, [L]=SOFTLOCKUP, [X]=AUX, [T]=RANDSTRUCT, [N]=TEST, [J]=FWCTL [ 1054.864878][T25643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 1054.864888][T25643] Call Trace: [ 1054.864894][T25643] [ 1054.864901][T25643] dump_stack_lvl+0x100/0x190 [ 1054.864924][T25643] print_circular_bug.cold+0x178/0x1c7 [ 1054.864948][T25643] check_noncircular+0x146/0x160 [ 1054.864968][T25643] __lock_acquire+0x14b8/0x2630 [ 1054.864989][T25643] lock_acquire+0x1cf/0x380 [ 1054.865006][T25643] ? __flush_work+0x4ca/0xcb0 [ 1054.865027][T25643] ? mark_held_locks+0x40/0x70 [ 1054.865045][T25643] ? __flush_work+0x4ca/0xcb0 [ 1054.865065][T25643] __flush_work+0x4de/0xcb0 [ 1054.865085][T25643] ? __flush_work+0x4ca/0xcb0 [ 1054.865107][T25643] ? __pfx___flush_work+0x10/0x10 [ 1054.865128][T25643] ? __pfx_wq_barrier_func+0x10/0x10 [ 1054.865147][T25643] ? __pfx___might_resched+0x10/0x10 [ 1054.865170][T25643] cancel_work_sync+0xd1/0xf0 [ 1054.865184][T25643] smc_clcsock_release+0x5f/0xe0 [ 1054.865202][T25643] __smc_release+0x5c2/0x880 [ 1054.865218][T25643] ? __pfx_sock_def_readable+0x10/0x10 [ 1054.865237][T25643] smc_close_non_accepted+0xda/0x200 [ 1054.865254][T25643] smc_close_active+0x4ff/0x1070 [ 1054.865273][T25643] __smc_release+0x634/0x880 [ 1054.865288][T25643] smc_release+0x1fc/0x620 [ 1054.865304][T25643] __sock_release+0xb3/0x260 [ 1054.865324][T25643] ? __pfx_sock_close+0x10/0x10 [ 1054.865344][T25643] sock_close+0x1c/0x30 [ 1054.865363][T25643] __fput+0x3ff/0xb40 [ 1054.865382][T25643] task_work_run+0x150/0x240 [ 1054.865402][T25643] ? __pfx_task_work_run+0x10/0x10 [ 1054.865424][T25643] exit_to_user_mode_loop+0x100/0x4a0 [ 1054.865444][T25643] do_syscall_64+0x668/0xf80 [ 1054.865464][T25643] ? clear_bhb_loop+0x40/0x90 [ 1054.865481][T25643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1054.865496][T25643] RIP: 0033:0x7f24be59c799 [ 1054.865510][T25643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 1054.865525][T25643] RSP: 002b:00007ffef1acf7d8 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 1054.865539][T25643] RAX: 0000000000000000 RBX: 00007f24be817da0 RCX: 00007f24be59c799 [ 1054.865549][T25643] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003 [ 1054.865557][T25643] RBP: 00007f24be817da0 R08: 00007f24be816038 R09: 0000000000000000 [ 1054.865572][T25643] R10: 00000000005d7ee4 R11: 0000000000000246 R12: 00000000001017d2 [ 1054.865581][T25643] R13: 00007f24be815fac R14: 00000000001015dd R15: 00007ffef1acf8e0 [ 1054.865595][T25643] [ 1055.532878][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 1055.539190][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1056.427150][ T165] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1056.609853][ T165] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1056.652807][ T165] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1056.705212][ T165] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1056.843901][ T165] bridge_slave_1: left allmulticast mode [ 1056.849558][ T165] bridge_slave_1: left promiscuous mode [ 1056.879894][ T165] bridge0: port 2(bridge_slave_1) entered disabled state [ 1056.911588][ T165] bridge_slave_0: left allmulticast mode [ 1056.917242][ T165] bridge_slave_0: left promiscuous mode [ 1056.948500][ T165] bridge0: port 1(bridge_slave_0) entered disabled state [ 1057.097484][ T165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1057.107962][ T165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1057.131261][ T165] bond0 (unregistering): Released all slaves [ 1057.227537][ T165] hsr_slave_0: left promiscuous mode [ 1057.236018][ T165] hsr_slave_1: left promiscuous mode [ 1057.250682][ T165] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1057.258084][ T165] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1057.285571][ T165] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1057.295156][ T165] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1057.324551][ T165] veth1_macvtap: left promiscuous mode [ 1057.330071][ T165] veth0_macvtap: left promiscuous mode [ 1057.349922][ T165] veth1_vlan: left promiscuous mode [ 1057.355956][ T165] veth0_vlan: left promiscuous mode [ 1057.440086][ T165] team0 (unregistering): Port device team_slave_1 removed [ 1057.450142][ T165] team0 (unregistering): Port device team_slave_0 removed [ 1057.622690][ T165] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1057.676969][ T165] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1057.725690][ T165] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1057.764803][ T165] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1057.856687][ T165] batadv0: left allmulticast mode [ 1057.871230][ T165] batadv0: left promiscuous mode [ 1057.876288][ T165] bridge0: port 3(batadv0) entered disabled state [ 1057.900188][ T165] bridge_slave_1: left allmulticast mode [ 1057.911988][ T165] bridge_slave_1: left promiscuous mode [ 1057.931618][ T165] bridge0: port 2(bridge_slave_1) entered disabled state [ 1057.939646][ T165] bridge_slave_0: left allmulticast mode [ 1057.948045][ T165] bridge_slave_0: left promiscuous mode [ 1057.961749][ T165] bridge0: port 1(bridge_slave_0) entered disabled state [ 1058.044264][ T165] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1058.055781][ T165] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1058.066245][ T165] bond0 (unregistering): Released all slaves [ 1058.237254][ T165] hsr_slave_0: left promiscuous mode [ 1058.245806][ T165] hsr_slave_1: left promiscuous mode [ 1058.260806][ T165] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1058.268209][ T165] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1058.294786][ T165] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1058.313763][ T165] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1058.333764][ T165] veth1_macvtap: left promiscuous mode [ 1058.339324][ T165] veth0_macvtap: left promiscuous mode [ 1058.358814][ T165] veth1_vlan: left promiscuous mode [ 1058.365426][ T165] veth0_vlan: left promiscuous mode [ 1058.533678][ T165] team0 (unregistering): Port device team_slave_1 removed [ 1058.553219][ T165] team0 (unregistering): Port device team_slave_0 removed