last executing test programs: 6.663440229s ago: executing program 0 (id=1004): memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x400001, 0x0) socket(0x1a, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x8) mkdir$auto(&(0x7f00000001c0)='./file0\x00', 0x0) mount$auto(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000)='cifs\x00', 0x8000, &(0x7f0000000240)="8983b4d503e98c29ac0907551c70860db5cca27b1ab4bc56020b5d379e3632275ddfcea8c9fa21b267c9caaecb3712fa39bdf3664db83c2a79a27345e968ee01e9943d") mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, 0x0, 0xffffffffffff8004) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r2 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) read$auto_vhci_fops_hci_vhci(r2, 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) mlock$auto(0x6, 0x5) madvise$auto(0x0, 0x300007, 0x18) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000180)="4c91f2c388274610e12c861bb2bfd9800e9b394b", 0x14) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) fstatfs$auto(0x3, 0xfffffffffffffffd) r3 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@isdn={0x22, 0xff, 0xf7, 0x3, 0x7c}, 0xa) connect$auto(r3, &(0x7f0000000080)=@in={0x2, 0x4e22, @remote}, 0x50) 6.310036088s ago: executing program 2 (id=1006): r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0xd73, 0x7) mknod$auto(&(0x7f0000000080)='}[,&*}\x00', 0xe6c, 0x17) chown$auto(&(0x7f00000001c0)='}[,&*}\x00', 0x0, 0x0) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) removexattrat$auto(r0, &(0x7f0000000000)='}[,&*}\x00', 0xb, &(0x7f0000000040)=':(\x00') 6.022325632s ago: executing program 0 (id=1010): mmap$auto(0x0, 0x2020009, 0x3, 0xff, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x59, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4040000) getsockname$auto(0xffffffffffffffff, &(0x7f0000000000)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x2003}}, 0x0) sysfs$auto(0x2, 0x1f, 0x0) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x101d0, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) clone$auto(0x20003b46, 0xfe, 0x0, 0x0, 0x2) 5.90442663s ago: executing program 0 (id=1011): mmap$auto(0x0, 0x40006, 0xdf, 0x200009b72, 0x7, 0x28000) r0 = io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x1, 0x0) setsockopt$auto(r1, 0x29, 0x3c, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r2 = socket(0x2, 0x1, 0x0) r3 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000000)='/dev/binderfs/binder1\x00', 0x8340, 0x0) ioctl$auto_BINDER_SET_MAX_THREADS(r3, 0x40046205, &(0x7f0000000180)) socket(0x22, 0x80000, 0x77820fd) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x26241, 0x20) socket(0x12, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@isdn={0x22, 0xfb, 0x8, 0xe, 0x8}, 0x6a) socket(0x2, 0x1, 0x106) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000000)="b68161a86e8da4110338a92ca863a91beaa8558206154cc5") listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x20000000000e31, 0x40000000000a5, 0x8000) r4 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, 0x0, 0x8a880, 0x0) pread64$auto(r4, 0x0, 0x7fff, 0x3) 5.763532115s ago: executing program 1 (id=1012): r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0x80000e9e, 0x3, 0xd, 0x250, 0x100000000, 0x2c2, 0x800002017d, 0x4, 0x40, 0xd, 0xd59, 0xfb, 0xff, 0x21, 0x100000005]}, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_DISABLE_SEID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="013b"], 0x14}, 0x1, 0x0, 0x0, 0x880}, 0x810) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f0000000180), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) timer_create$auto(0x8, 0x0, 0x0) timer_getoverrun$auto(0x0) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000800), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000940)={'ipvlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000980)={0x40, r3, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_PAGE={0x5}, @ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x9}, @ETHTOOL_A_MODULE_EEPROM_OFFSET={0x8, 0x2, 0x4}, @ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x6}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0xc000) 5.603814456s ago: executing program 1 (id=1013): socket(0x22, 0x1, 0x106) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) io_uring_setup$auto(0xff, 0x0) io_uring_setup$auto(0x8, 0x0) socket(0xa, 0x3, 0x100) socket(0x2, 0x2, 0x1) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x0, @empty}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0xffeb}, 0x1, 0x0, 0x5, 0x7}, 0x8}, 0xffffffff, 0xb00) mmap$auto(0x401, 0x20009, 0x3, 0x13, 0x8, 0x20a) read$auto(0x3, 0x0, 0x80) select$auto(0x32, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x1, 0x106) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) set_mempolicy$auto(0x2, 0x0, 0x4) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x400000000000003, 0x28, 0x6, 0x0, 0x56d) mmap$auto(0x800000, 0x20000a00006, 0x100, 0x91, 0xffffffffffffffff, 0x2ffffffffffe) r2 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000000), 0x123000, 0x0) ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(r2, 0x80085502, 0x0) mmap$auto(0x0, 0x400008, 0x0, 0x9b72, 0x2, 0x8000) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000580), r1) sendmsg$auto_NETDEV_CMD_PAGE_POOL_GET(r0, &(0x7f0000000680)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0xc0}, 0xc, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[], 0x74}, 0x1, 0x0, 0x0, 0x840}, 0x1) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0x2, 0x1, 0x106) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd14\x00', 0x2, 0x0) setreuid$auto(0x15, 0x5) 4.867327389s ago: executing program 0 (id=1014): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sda\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r0, 0x7fff) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/irq/default_smp_affinity\x00', 0x2, 0x0) r1 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r1, 0x0, 0x1) select$auto(0x5, &(0x7f00000000c0)={[0xeeda, 0x7, 0x4, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x0, 0x6, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) 4.602571285s ago: executing program 1 (id=1015): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000100), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000200)=ANY=[@ANYBLOB="20909bd44b1e2c75a943cd36c815f7b364f920b2ded60c16f5af4a9ba8bf36aec104a1bea1c93217dd6ad7dc4b44a14828f3ce5e656bf3ed32c52fb9430b8e6016531227775ce9f7a82d4e6e2b911bc3c344d75b329f460773f5a213f79a20a98aeff1", @ANYRES16=r0, @ANYBLOB="000837bd700003dcdf2510000000"], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x20080010) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r2 = socket(0x11, 0x3, 0x9) r3 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0x2, 0x1, 0x106) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon13\x00', 0x440, 0x0) socket(0x29, 0x2, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x20b82, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket(0x10, 0x2, 0x14) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000000a14af"], 0x14}, 0x1, 0x0, 0x0, 0x80c3}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xffffffffffffff14, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYRES8=r5], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x200440c0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfc7c, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40c0}, 0x48050) sendmmsg$auto(r6, &(0x7f0000000080)={{0x0, 0x8001c01, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x7}, 0x3d55, 0x0) r7 = getpid() mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) process_vm_readv$auto(r7, 0x0, 0x800000001, 0x0, 0x6, 0x0) prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x5) sched_getparam$auto(r7, &(0x7f00000000c0)={0x1}) close_range$auto(0x2, 0x8, 0x0) r8 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYRES32=r1, @ANYRES8=r2, @ANYRES8=r8], 0x18}, 0x1, 0x0, 0x0, 0x60008044}, 0x20008000) write$auto(r3, &(0x7f0000000000)='-\x00', 0xfdef) 4.490805231s ago: executing program 0 (id=1016): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) mkdir$auto(&(0x7f00000000c0)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', 0x8001) mount$auto(0x0, &(0x7f0000000040)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06', &(0x7f0000000240)='nfsd\x00', 0x10400, 0x0) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') setfsuid$auto(0xee00) symlink$auto(&(0x7f0000000080)='}[,&*}\x00\x0e\x15F\xf7\x1a\xd1K+\xedy\xc6\x9bb\x94\xb4^\xc2\x83%\xfbw}\xfb_P\"\x19\xdfi\xe9hA|Q\x8a_F\x04:Q\x90\'\x06\x00', &(0x7f0000000140)='}[,&*}\x00') ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) unshare$auto(0x40000080) mmap$auto(0x200, 0x4020007, 0x9, 0x100000000001ff, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x140082, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x6) r3 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000006c0), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r3, 0xffffffffffdffe00, &(0x7f0000000140)) 3.454501164s ago: executing program 2 (id=1018): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card1/pcm1c/sub0/hw_params\x00', 0x141001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x1000, 0x9, 0x3, 0xb) ioctl$auto(r1, 0x8936, 0x1) write$auto(r0, &(0x7f0000000040)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x6) 2.477767088s ago: executing program 3 (id=1020): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = io_uring_setup$auto(0x40000002c55, 0x0) dup2$auto(r0, 0xffffffffffffffff) openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x332, 0x6, 0x3, 0x40eb2, 0xffffffffffffffff, 0xffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x801, 0x106) mmap$auto(0x5, 0x2020009, 0xf101, 0x810, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x1000000000000006, 0xf8, 0xfffffffffffffffa, 0x9000) r1 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r2 = socket(0xa, 0x3, 0x3b) getsockopt$auto(r2, 0x29, 0x20, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r1, 0x0, 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/devlink/:ata2--scsi:1:0:0:0/auto_remove_on\x00', 0x1, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x40000080) futex$auto(0xfffffffffffffffe, 0xb, 0x47, 0x0, 0x0, 0x2) select$auto(0x8, &(0x7f00000002c0)={[0x8, 0x1, 0x8000000000000000, 0xfffffffffffffff9, 0x3, 0xeb5, 0x6e01, 0x0, 0x4, 0x8, 0x38, 0x9, 0x2, 0x7, 0x4, 0x1ff]}, &(0x7f0000000340)={[0x2, 0x1, 0x3, 0x0, 0x5, 0xffff, 0x1, 0x1b0d1de2, 0x6, 0xffffffffffffb6f8, 0x3, 0x100, 0x9, 0x5, 0x6, 0x5]}, &(0x7f00000003c0)={[0x4, 0xfffffffffffffa97, 0x2, 0x6, 0x8, 0x9, 0xa83, 0x4, 0x6, 0x9, 0x1, 0xfffffffffffffffd, 0x6cf0efe, 0x8, 0xfff, 0x8000]}, &(0x7f0000000440)={0x7f, 0x7ff}) openat$auto_nsim_nexthop_bucket_activity_fops_fib(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/fib/nexthop_bucket_activity\x00', 0x1, 0x0) 2.182725585s ago: executing program 2 (id=1021): r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) migrate_pages$auto(0x0, 0x99, 0x0, &(0x7f00000001c0)=0x7b) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioctl$auto_XFS_IOC_FSINUMBERS(r2, 0xc0205867, &(0x7f0000000440)={&(0x7f00000000c0)=0x8, 0x9, &(0x7f0000000380)="faec9d9613d03d452aa7882c9aafe830c1b7e6be3977a5f15a3c995c044ae1cf0ddfc5c32368ddf19b5e37177c76caa8a888b16e4fd8c3938a91ad30801fcbf688ac795f07db9e20ead673bcf9b7465c7caae5d5fc4c0dfb6bfc4b1703487e43e0ff02a070e02b19e9cf109da05ffedec153d8fb5087f1691908802e1ee1ea2481c568f8d3f210e2b66b980f8f2e38e8702c418d253ac1afe81b19a6ccd66984d505affc1d3e5640822cd95309a8edf79a470dc78f0de3030be0f124c1159b", &(0x7f0000000100)=0x4}) mq_timedsend$auto(r2, 0x0, 0x2, 0x9, 0x0) ioctl$auto_SNDCTL_DSP_CHANNELS(r1, 0xc0045006, &(0x7f00000001c0)) r3 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SYNC(r3, 0x5001, 0x0) read$auto(r1, 0x0, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) socket(0x22, 0x3, 0x0) sendfile$auto(r0, r4, 0x0, 0x1000200) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0xc, 0x940, 0x1ffde, 0x7, 0x6, 0x3ff, 0x10000, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x3, 0x5, 0x5, 0x8000, 0x0, 0x0, 0x4, 0xfffffffe, 0x2, 0x0, 0x10001, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x800, 0x2, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0xe3a, 0x0, 0x1]}, 0x400, 0x44) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x80000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r5, 0xc1105517, &(0x7f0000000140)={{@raw=0x80000000, 0x304, 0x1, 0x8, "3112d598004a614d19e22af9ffb683dbede3d0bf828bbfba40f035f4be6b7fe000900000000000755015e48d", @raw=0xffffffff}, 0x3, 0x3, 0x4, @inferred, @integer={0x1, 0xfffffffffffffff9, 0x8}, "7a9fc199a16a2311eacf2fc7ae1da978dc3e8090334fdd7327b386425608af790ada71bdd70925450e24e87212f0bcab84a16f7ce8cbce0bb32777702b8d7c2d"}) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) socket(0x1e, 0x805, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x5, 0x0) fsopen$auto(0x0, 0x1) fsconfig$auto(r6, 0x1, &(0x7f00000001c0)='+\x00', &(0x7f0000000280), 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000b00)='/dev/cuse\x00', 0x0, 0x0) 1.967354497s ago: executing program 3 (id=1022): mmap$auto(0x0, 0x4, 0x1ff, 0x40eb1, 0x401, 0x300000000001) r0 = socket(0x2b, 0x1, 0x149) bind$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0x4001}, 0x4006b) mmap$auto(0x0, 0x30009, 0x4000000000df, 0x4000eb1, 0x401, 0x8000) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) semctl$auto(0xa, 0x2, 0x13, 0xde) r1 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS0\x00', 0x101e81, 0x0) write$auto_tty_fops_tty_io(r2, &(0x7f0000000680)="1f9319c707498de36a6eedfcfaa139bb5f55cf18b4ee56510d38c0f1006a40000000000000003a556e204dbdd72555ac78", 0x31) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) ioctl$auto_I2C_SMBUS(r1, 0x720, &(0x7f0000000080)) recvmmsg$auto(0x3, 0x0, 0x80000401, 0x4000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x5) r3 = socket(0x11, 0xa, 0x9) bind$auto(r3, 0x0, 0x9) sendmsg$auto_OVS_FLOW_CMD_SET(r1, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x24}, 0x1, 0x0, 0x0, 0x90}, 0x10) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) listen$auto(0x3, 0x81) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kpagecount\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x1000}, 0x100000007) 1.643233288s ago: executing program 2 (id=1023): symlink$auto(0x0, &(0x7f0000000440)='./file0\x00') mount$auto(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x200, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptypc\x00', 0x6a0001, 0x0) close_range$auto(0x2, 0x8, 0x0) getpid() mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(0xffffffffffffffff, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) inotify_add_watch$auto(0xffffffffffffffff, 0x0, 0x1000e6e) personality$auto(0x5) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/softnet_stat\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000826bd7000fedbdf250300000008000400b70a0000060007000080000008000200", @ANYRES32=r2, @ANYBLOB="0a0005000180c200000e00000a0001000180c200000e00000a000100000000000000000008000200", @ANYRES32=r2, @ANYBLOB="060006ff05000000080003009b"], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004810}, 0x800) preadv$auto(0xffffffffffffffff, &(0x7f0000009180)={0x0, 0x7}, 0x26, 0x800000000080, 0x5) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r1, &(0x7f0000000300)=""/241, 0xf1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(r0, 0x0, 0x42, 0x5fa) 1.377505083s ago: executing program 1 (id=1024): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3d, 0x1, 0x0, 0x5, 0x0) mmap$auto(0x0, 0xffff, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) preadv$auto(0x3, &(0x7f0000000040)={0x0, 0x5}, 0x3, 0xf8, 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x800, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_CREATE_VM(r1, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.237392863s ago: executing program 0 (id=1025): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) (async) close_range$auto(0x2, 0x8, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) (async) open(&(0x7f00000000c0)='./file0\x00', 0x40000, 0x31) (async) mmap$auto(0x9, 0x200, 0x4, 0x18, 0x3, 0x0) (async) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x01\x00\x01\x00\x00\x00\x00\x00\xc7k', 0x81) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x5, 0x10000000) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), 0xffffffffffffffff) (async) openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000100), 0x80080, 0x0) (async) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x24048084) (async) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x2ab01, 0x0) ioctl$auto_USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket(0xa, 0x1, 0x84) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x40080, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000400)={{0xc, 0x23, 0xa6, 0x83}, "66ac010005000000000068d190eb0d4a4cada7272464294b9183349eef4c1f028fdcc8ecc66fdd02316f064ebd893007abb4c0bbc3b822f66eaf240963110d61771552c03de65800", 0x2}) ioctl$auto_UI_DEV_CREATE(0xffffffffffffffff, 0x5501, 0x0) io_uring_setup$auto(0xa, 0x0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) close_range$auto(0x2, 0x8, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) unshare$auto(0x40000080) socket(0x11, 0x80003, 0x300) socket(0xa, 0x1, 0x84) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video15\x00', 0x2040, 0x0) (async) r3 = open(&(0x7f0000000000)='.\x00', 0x200001, 0x501) getdents$auto(r3, 0x0, 0x400018) 1.10887837s ago: executing program 3 (id=1026): r0 = open(&(0x7f0000000080)='./file0\x00', 0x261c2, 0x84) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r0, r2, 0x4, 0x302f, r1, @relative_id=0x13, 0xe600}, 0xf) bpf$auto(0x2, &(0x7f00000000c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0x91) 906.869221ms ago: executing program 3 (id=1027): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) r0 = io_uring_setup$auto(0x6, 0x0) (async) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket(0x5, 0x4, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) (async) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) (async, rerun: 64) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) (rerun: 64) ioctl$auto_BTRFS_IOC_SCAN_DEV(r0, 0x50009404, &(0x7f0000000000)={@raw=0x1a6d, "6627a5fa9b5222408d16f5f7abf2a169a7afac027cc58099814777b70790ff62ac282a09f552cb4021818534712fd1a80e679b1ad53f3382e30235a88d3af913e611d5bf8b5ae591a4495ab7de166939d17c841d7046782af6c2c49622ebc8271dd82cf76913af1d63dc6f8d6bdc7cf31827bf48c279a546d7f9c61a78f2d2ae10200c6fc5e5d6ef90cdf38cafa466d49019ed63ec6d053869c9acea51ea911f848daddf435f3bf1f77389844de3aefca7adbf1e5efe3336dcf410461af17ac55dc2e1336ad813eccf3c82e9bcc365213db3c6b69d77411263a47298252b70314ee6159ee3739c0ee34e3ddcbab25b2e3406c69c43829ff0f62bf82f65d4ff88b415a86ff9b66279e16483b1f36b70dbaaafd77458a6c132ba1546a2d20b36cd9ee67478ca0cfc8d67eaa39f11b283579283587996dce7f264a762f3230a79f9eac735c7c60f2659a61a797120f63e01cb621241b10963cfa2afbb88cffe653ae1d6de940b5328b8af9c52ac08e25886ce2b9ea030da912772709af628c1a44e88721a64ba9a90d6256c0dcef1422083f0be70fab5375ebb9f767ac7c7e522ffedafa275c7562390c7f294cc85d092c709dc760eb1ed6d6157818a17bdfb58373103ade7429da061f1e7f497414410e7e8c40dc5c87a1ded565cc9b7e223aa88346162ea9839ed63ea59b6294f7283787754b27e90259df80d56b573619f486b8202e35cda6bfb0c83ad2c9444fffcda8b5da86b7d943061bdb9712283a931a42d9cb1fef85858901c01b7fa57ff583d62d1e9ab89ea315634e532877e0f42b19e3bd22844130e343f5e98afe1a832c20bdaa9ea0d6edfbf30660f1734412da428705dae93d349f0e697a6667a70680cea8dd85b598cedaaff2654593c074404aff83593f2fc1bb3a9f7a40b25fa6ab2b6238cf0a4ee1c74d95b149a09ea560794c57efc559ac90204fa2d58de301ef47c71cd12bc3f8019538c88b6b74ef7afa035d3e022600bd03ec60ff5f43aef705ff14c6f60e8e4785bb8016c8a14f22008f534d3ab9e6aadbb49e9785c49f83aa222c54f579e71562d96440813e19107052434f5ddcb17956b97da0257109bf0184221425a0ea1d80194f34685bfc4599d6c9013449180009e3fa22de5e8ca6e58f4534e763a6bbc358f99dc25c730a6247770cd1e26f914a571c2ec39d93d76b865d715aae3040460378dfd84e030e7d8b34aa2a16fe8c024b3170382a41cd854ffe5b555550604062c3a7871b03d07f35e06a36856195494a2c5650bc05fd7880772cb70daee7f5b0bebc7169ef3547aecea53ffca47c28f52cd359147eb226aa6072f06b86a6bb1bf82fd57436b00ca5b06d966e4f72fb6a538919910d4c6da3fd604bab3887e40d8bc37b6988977e37956060af1be0ae46886f3afaa97e2df78efe90b095a09233611b05d7f49e5ea44988ca57a2e3949c163cad8a5a89ae47c33e5e34a2c6e16f5ae98feaf47ccf4c62a63e0fa7093bff52c358a96a6ad1eaa32598e617fd65c67f785518f71ffcfbbdeeb87639e5616ecb8e94ea840a7fbd6f600f3bc1e076b5ae4248c8244c0799cc1b280a6f088b28ccbd2fd80bbbc44811ec836d2d0a57a95d69aadb3484a7405fede0eade52305bd269178caeea0d9dd0a908e99ad4d3ac62943744e72fd125a2fb6df7f0f2ddef3bbcc6f4861fe2f23d6f7c1df8a78289f690176bfec1392c7559a0350a850035826fd6ec050568ea3b76065538ff7560afe7599de1584bf0fd3c900d5673276e4e4e132204a3f9b6f6afaf426669865f9038fdd06b22ca85d754484d50c5f03518ef0e17c73c657b85754cb259482c5d1781b18d05449d0b75c5546ef1a6a3526eba2d2ee20a6be40358b4bc573cb4cc162b6497db6aea2527edef8f80e3b2045df53cf4aca1322940a3689f9bacbec5af4cbcae0b046cc2fcbd3cb0a518a9e465d3c3427725d039adf1bc1227ef11da5d35192c1da5829d4946359b7d26fe41dc3bb837722a13fc7547418796a1bb29f994c59a871131849aa29b687ae52bffcb3631db2c42a62ea6fda9ae38470656cf13fada02f3ab17ac57867a9a0ae2c40a2eca593974013787caaf00a54ae7d3ed198aeacc743b494471fb77fa823991c6f0a36f8b59d8b31db43a4ef55c23d61acfa802575c42b85c269c43be9f5eb322f94d7c9281cd3af8d7bfcee40be1f854ee6334d7d3e225d91bd39c2554a27fd63112bed972f88a6bc1609cf6d5b42f15ea13a5b66032014463f7c0acf5733d2b41261e1609527913c8ae75301327132f63dd2192fb558ba20afb0b832038c5024cd71737b94c20015af1ef77968804dde5beb7cf466232dfec01631b63de749db5ee7386ff8035c2e23c4d98e2fd6dca2154bf577f15c1eb3dcd7b7d080076b88e8f49a506ce90e499de6d58e19aca4203fe561723dc7249df0808b6c36fc313eefbf695d73bbd042fc4a374f1a4402db4f9feedd0c4611568b58d52d596ca4cf49639c4ca020bf24d5b964cde2eac35fe358a8f6c7f8bbe8bac2b31c33b6f82e1c42e124a5e7027d84494eb411945434a654c3ddbbe3284a90cca53f44164683bca684a30be2d9bef611c8baac542573fcef4072563f5b70bcec7001e34026d390c2859b01728a0e3a66e3a3355137629218130d08f39cd6c05ff3b205830022d8ba46df876db00eecd5443af7d5046b3d9ec5bc4c4c1e555c9e3862ae8e6befb14a0c22b2a758b8498589fc02fe490024dc9ee7114b813a261bd314ae74b62f725f1509998666543dd59183bcdafc3752c9a5e01d9cb5e215a838602d600ae0556758be75d8a63f5e13fe7d89dcd083d0b099c1864850339bb41ca7333708bd5fc7c28f1cd49b856f05c2f1e0f805f029f2d4b065eacbe8db5c68b68cde9e267d961cd358b26795829e4624829fa838dcbd711cd61fad7ae42ee9fde0523741d939eb03f03360d23a9b2054bc82e7de31686ec7589f29f87576b9eb53c8c430a9f4a4defd871a9f14ab41323e45ec2054b53849c78635f4d2764fd88e6880cb3a5b4030e0b78018d3afa0b2d18bd2e65626378401e4fe6e48af2b8f62f53816962b35f445f308355e2b0b94a59fec0d2a0db00f43c6ed98355454e130d5b25b61053c340ea3870c21791d0686e06bf3028b8eca6254a71605f507950f0dffcaa8c5443aa21db265000d21a1e07a3f65ccd15bbfe1a3d666568fc93b64d3b72e6b091f92c4e27673f875424b7d10da1d08543eb3ec3a88775d26d542f94c80eee5c342419a743469cfb0eb816330ffde0cde085a9b7d4f58160d0a7c20b3de97f7451ae5d7a661aac41c7d0441e22e87e0c716f84a0289eb2a0fc97ac061513041ceb50fe817c4feb2d9439bd61728a78852ea6cd6b96fd561c8c874e93774096335dadd31c903b93e212a616de39c261ffd39fb13090111e478efe4c8170e8f8ddaca4266daa2f57f1069d7e388693405d79d8b33a163c521ce2cefd4cb737cd0b0a8b182ced428ff18f88a326738447375134527ab79486b152c2389860344ae486a1638126293eb4930ff6a14783c696e829187c1730e03396fcf2f4c6af0afd8f40e663a5b20ece08bcb3aadd3dc0a09f031dd461d9d8fcb89f0c0333f4d7c1e5ed83a538ec54cefaa911cf683d2b78ba360de4f564a11071018e26d115545649d7e3241bcad6b148a9459f136ae489107a12e28dafd5ee1c3b13c49a08e4ea25733cde588f9f0ed01a972c5517b22167e1af9b3009f5b1a90cf7a743da53ea525431e3e4ff274a8ec4a14916f50c6d551b0fdde43e8e8271e0bb4a524765f0b01292e74db3bac05ccac66b0f63ff7fba122e290d3186b39fcbca0a7b81228aab59b134e40777162016b34c0ecc73208f96f37b7c3a79e4ef186f2b23372a0b4a5f4fca8c44df80bc7fdae5c6d596ae5cd6cfa3780ab4217d892f5a22b0e679e62c78490f6d1390fcd156f1c5994fe60e738d453d3907541c1bba0ec0834e2473effd465523e16add10fd12c2742d80be9c02ce16993bb5485b99f1cc02c98fcc6467e90b5565732a8f19221d3dd26a1237f2108a8133c3450ee67101fa1b86724cc84a49cd272a02d40c11766a9e28d56436d555de620c52ffaf5f3b4363e6557188f2e1ccf50469cf4007a5249844600c0c06d9665ff7e240dfef2286796e1bb29575e880804652c5fede22c053e76044b2cb860064b757f8c0db8e0380ead0a8a3aa68e85f1afd5d2d3c94f416513168b548324a23f39d7eba2a8ca4ffd0ce52a393b7101c8c9af5e6a8ed8526fd9afb8fdfeb9a8c5e7ef9015bcebfa33352834479d2c00bbabefbc1b5ed630e5042a9669e75517a066fea1e0e2992a45a7116a06a97cd2a86dcbf422d8317caaf58c66ab4eaebe5442d05b96d471d58b432121d28f7555ddeb54efce1758299a1a8e4d08f19fb890c702d83dfc1183b51baf8aba7d2995f3c8008a9c3aed2aaba8990113a1422c9efc91ee740164e2c741659196fc1baad5ca574cf079c66cc2e2c63568e5782dd6615f7e6212cf97ae22c532027d1b02798a137efe35a070f99e83e952315ce6eac71668a98e707ba895a9d131b4b250f34c1ff2525f33034e8cc7043d3a46eaa0827f4f46116f8de68b5735c9a376984a2b84eb7c12f990254fbde3097d245929e6d563048e04375e7003de2dd93a65ad919356400cfce3f5d5570ac41bb5983ab8688f64d371ffdb9b9f3ee5a95fc77aa2d13362cda9cc323e174921ca501b219af3bda7554bd2304fea890e6f9ba6ca1c407eb8032edcbb58af1c58533ab76cb67e4992f926c0c8fde212defec3d9c75ddc71f5979110e49d5384de8d0d9ed6b584a177a56fcf72e9a86e6766e058d9700c621a9b433ceeb10192730090d6ff5b84f668b1a55f69882944c61d3ccf607f52f29f36eff539d2a1e73bab915837c9797a8f1ed659d81d6a078eee04cf861708d87f10375308ffd917278e9ad216234715e606957269a5a456325a0a97313c767fc9995bf3d4e64b17a35f0875176f3882dda57a9072e0781441928628bf5546c246309442ad62bc2f978ddf86db2d1ea10e21440a90005f92b153a1a7480f8a3c58b314d613f226f4c20a4c9f00518d74db2c1da6d91869508593cb19e4d0f85e4c7fa8baabe007e788c718618ebaad563ba3fd6111e38cf7ba8554f6635b7399a8682a0cc5f2944bfa3316633fc6ffbd538ec1d6b7f5075a2d5a60b60ba1aaa779a92219c5ff4f53bd1524359ba9cba2378b71ce800fd2d422e8556ec2534a530ec1da4079f7d5313565d5cc97625790efb0baa511e85c5b6464408420375416b57c498201711f7da9d01ba2cc18057cd9e3f3ff946e906f134239709c6e6f378eac73575530db0c3caa88e1f890bad9919830091599194e95be6281002aed37b77e16732ff5c9cb459e7870f0d6bdf051b6ab3cd85734eee449ddd3d3fa1f70004225939757049dcdf83d4129c75fd14ec741fb616a27ef9738a296cb853c0a87d5bd42f596fb73cda9edf400b934fdec51b7072bafbe35c0c32cc5f32110ee633886f23769ee5012701e8eaecbebd76d196805a7653179f55afb900611f9618afd5bf315ce3e29247e758150ff5f51fdc57b5268af895ec358bcee51dc2883a566672c26302c2a285c9fc225419cdc4c3481a33d5b09b330f83f9d2973d44d2780c19e42646d3ae97102173aa4d8cbbb254cbb6caae086e38a28f412d87b20181c20e1b096000370a41838cb2165d8e8340bdce07e74a12a787ae8604b83590f"}) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001040), r0) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001140)={&(0x7f0000001000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001100)={&(0x7f0000001080)={0x3c, r2, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x5}, @NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x3}, @NL80211_ATTR_HE_BSS_COLOR={0x18, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x2}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40010}, 0x80) (async) modify_ldt$auto(0x11, 0x0, 0x10) (async) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) ioctl$auto(r3, 0xc1205531, r0) 699.447839ms ago: executing program 2 (id=1028): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, 0x0, 0x34d802, 0x0) socket(0x2, 0x1, 0x106) statmount$auto(&(0x7f0000000000)={0x5, @raw=0xd7, 0x3, 0x1, 0x5}, 0x0, 0xe, 0xfffffff8) openat$auto_vrr_range_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, 0x0, 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) r1 = socket(0x1d, 0x2, 0x6) r2 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r1, &(0x7f0000000040)=@can={0x1d, r3, 0xfd}, 0x6a) openat$auto_proc_gid_map_operations_base(0xffffffffffffff9c, &(0x7f0000001480)='/proc/thread-self/gid_map\x00', 0x0, 0x0) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x3, 0x16, 0x10000000940, 0x4001ffe0, 0xffffffff, 0x1, 0x2, 0x9, 0x5, 0xfff, 0x7, 0xb0, 0x9, 0x7, 0x10000003, 0x5, 0x7, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x400000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x6]}, 0x1fe, 0x85) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) read$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffffff, 0x0, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 468.350054ms ago: executing program 3 (id=1029): io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x3000, 0x6, 0x4, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0x6, 0x8c48, 0x29f, 0x100, 0x7ffffffb, 0x101, 0x6, 0x3}, {0x100, 0x1, 0x52, 0x5, 0x2, 0x40, 0x76c5, 0x8, 0x100000000}}) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0xf, 0x200000000018, 0x9, 0x63, 0x0, 0x0, 0x0, 0xffc, 0x5, 0x80000000000000a, 0x0, 0x9, 0x9, 0xffffffff80000000, 0xd, 0x6, 0x2}) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r0 = gettid() kill$auto(r0, 0x11) 402.721318ms ago: executing program 2 (id=1030): unshare$auto(0x40000080) mmap$auto(0x0, 0x8000002000c, 0x7, 0x6b52, 0xffffffffffffffff, 0x8800) mmap$auto(0xfffffffffffffffe, 0x400008, 0xdf, 0x75, 0x2, 0x9) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0xfd) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x2, 0x88) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'team0\x00', 0x0}) bpf$auto(0x10, &(0x7f00000000c0)=@bpf_attr_5={@target_ifindex=r3, r2, 0x4, 0x1, r1, @relative_id=0x13, 0xe600}, 0xf) open(0x0, 0x221c2, 0x84) bpf$auto(0x2, &(0x7f00000001c0)=@link_detach, 0xc) r4 = bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, 0xffff, 0x0, 0x7}, 0xc) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) socket(0x26, 0x1, 0xfffffffb) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x80302, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nbd7/queue/max_discard_segments\x00', 0x80000, 0x0) read$auto(r6, 0x0, 0x9) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_NL80211_CMD_SET_STATION(r4, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000740)={&(0x7f0000000780)=ANY=[@ANYBLOB="b4040000", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fcdbdf25120000008c040f009cb728683fc5d0bb93f1d4efb167b11c99ee235062aa0c297aa9e7ba16a0275d162a31ef6116c2aefbea78b92df84a88231c4bd73be20c5e2c65a21f3571b4ed4a5b7afda81298878c78fef89719adf212b002213b3810d28ea32fc8ee2c8e5eeb42a6afbe7d44360d6e914db1875d2898c373720078700c731864c43cd3fc3ac2f83300e074c35597b50b3863b458d341772ce7647080f3bc6ee50a7b4fba630666fceb8c1ad772a1f4a27044b6e69481093410dffca660a12520a066940ff6714b403fd7b6195e9649c26d7b441754b0c8505fd512038fa5c2d90d29ec0e7f22a52a1cfff80d9ce4347b542a35e1ae17b1d00f478020d111df5004ede30d28f54449ddd64a7d02f66e8ce64071c7b179e7b46a17fab2d8dfcf4d9d85a228eab6788282f3ffd951bd7818714965906d64c38592d00cb81f0a6ee030520b533a5f9074b20e9763a11bbfba2ea2853b3011d504374a082dd485b2be4f5c3abfb2e8a0c2ab7688769a67a2d0d738abd8241b7da7de866126b12455cdd9f7de85d7753509f9e2a53099c340f426e1c462cacab276823cfe7943fce2bdc85db88e2c7ee15cac196d69b148399aed29f576e141607b2b1a6cde95f7d3e558421d68844dc0b7e779779ffdc700ee4f48eac9b0855bcd9f0e89c1657bac13d2a4cb20798bcf3c8cc1a454da41cea1359a3310375fc1d47d79b5bb6fc9cfdd7f486b97d6fd376645371f604494375ff50721d518307d03968d717259ac509b1a2426a2918533af7671267d04f19e4d47ea2af54fcc40e0146ef326c4e6150f2c1194c84e124e3a7aa67f993a4660dacc87188c67ed2d3758a77b341bca83ff7ffe5d182c0401876be966a11bf8d614695c85b56999a2b762d2d49ea1cc5704e79ae7a6c29cd4aa9f290e8443fcfb91b0e6560aeb79946b7aaed0f08c13c0e807e315301e6c2250a8f5f3c2b1c6201e55e10baaa0dc800297e52a3ff8557701881ab8536124e80f39a85ea2eb03892197e09f460047c133b760e98312162bc42a2344258ba9b95bad14d2df591a87e47787fd9f61f1b8b6a1fd4198114826d91d845496169d5bac619850275c646b4021352f0018df31484542dd7f0269b5d8c6891617476470bddb4ca7d009a36fbd165e3b7b5359d592848874b622c7cbac7633f8aa17f5f75cdf0c7b900bf861693962f242dfffe25d81fac650aa199765c7af944181ab370a0da2257d2b89576a40f0c50f9114b96c9e669b3e81eb45739a0c856f6be11c24aa62ab255c19e4c94d4c2a540b8622677babe12d8fb1dc30e3bc3a906a7bee46791211720b4ccdef8b8c1e4542f471599bb022c8476485707a90a1be92419f2b781f5bc4a79a264e3a34f2dc6edecbc6959bcf0fc641d16318756577bb3551ba165d908246520b52a6ef860ff03e1f3b98ab8d16db3cd74f422f16291d424e65d00e66f3e04be2140312fa35d8761987c7cd77e61e304ac4823e9eb34ed89619c1bce1db4702580420b052c69ca2310fcc640e0c4bb5b64162e17fb5062296615329dd4ef7f1690046a9443009d9c974d694c7eb59dbd5e1b2a5f9c84017662895a15b0ae5e2798c6de885ad71ffafcd987f157e2a7b25718e67935705008a009c00000004004a0108000a010600"/1205], 0x4b4}, 0x1, 0x0, 0x0, 0x6010}, 0x44008085) write$auto(r5, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0xb) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) r7 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r7, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000180)={0x6, 0x0}) fcntl$auto_F_SETFD(0xffffffffffffffff, 0x2, 0x4) ioctl$auto_PPPIOCSPASS(r7, 0x40107447, &(0x7f00000000c0)={0x9, 0x0}) write$auto(r7, 0x0, 0x6) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_smc_pnetid(&(0x7f0000000080), r8) 372.321746ms ago: executing program 3 (id=1031): r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x1, 0x0) connect$auto(0x3, &(0x7f00000000c0)=@vsock={0x28, 0x0, 0x2710, @hyper}, 0x55) ioctl$auto(0x3, 0x541b, 0xfffffffffffff4e0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) getrlimit$auto(0x3, 0x0) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r1, 0xc0045002, 0x0) ioctl$auto_BLKFLSBUF(0xffffffffffffffff, 0x1261, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) lseek$auto(0x3, 0xffffffffff800002, 0x10) ioctl$auto_BLKFLSBUF(r2, 0x1261, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x9}, 0x8) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x84) 271.538547ms ago: executing program 1 (id=1032): r0 = open(&(0x7f0000000000)='./file0\x00', 0x4242, 0xe1d2b27bdc14aabc) fallocate$auto(r0, 0xfffffffc, 0x10001, 0x2) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) lseek$auto(0x3, 0x2, 0x4) 0s ago: executing program 1 (id=1033): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/024/001\x00', 0x40001, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000200)={0x0, 0x1, 0x4a47, 0x81, 0x9f, 0x8, 0x0}) mmap$auto(0x3, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) io_uring_setup$auto(0xa, 0x0) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dri/card0\x00', 0x1, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0x5, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) fsconfig$auto(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x640, 0x0) read$auto_mon_fops_binary_mon_bin(r2, 0x0, 0x0) ioctl$auto_MON_IOCG_STATS(r2, 0x80089203, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x0, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000140), 0xa000, 0x0) memfd_secret$auto(0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x84000d, 0x402, 0x3) r3 = fsopen$auto(0x0, 0x1) fsconfig$auto(r3, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) fcntl$auto(r1, 0x410, 0x0) mknod$auto(&(0x7f0000000080)='./file0\x00', 0x8, 0x6) close_range$auto(0x2, 0xa, 0x0) kernel console output (not intermixed with test programs): 295561][ T7710] RIP: 0033:0x7f0977b9c799 [ 177.295581][ T7710] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 177.295606][ T7710] RSP: 002b:00007f0978b120e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 177.295630][ T7710] RAX: ffffffffffffffda RBX: 00007f0977e15fa8 RCX: 00007f0977b9c799 [ 177.295646][ T7710] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0977e15fa8 [ 177.295661][ T7710] RBP: 00007f0977e15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 177.295676][ T7710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.295691][ T7710] R13: 00007f0977e16038 R14: 00007ffc77d66120 R15: 00007ffc77d66208 [ 177.295738][ T7710] [ 177.877740][ T7727] FAULT_INJECTION: forcing a failure. [ 177.877740][ T7727] name failslab, interval 1, probability 0, space 0, times 0 [ 177.920733][ T7727] CPU: 1 UID: 0 PID: 7727 Comm: syz.1.372 Tainted: G U syzkaller #0 PREEMPT(full) [ 177.920779][ T7727] Tainted: [U]=USER [ 177.920789][ T7727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 177.920806][ T7727] Call Trace: [ 177.920815][ T7727] [ 177.920826][ T7727] dump_stack_lvl+0x100/0x190 [ 177.920874][ T7727] should_fail_ex.cold+0x5/0xa [ 177.920907][ T7727] ? ops_init+0x77/0x5f0 [ 177.920939][ T7727] should_failslab+0xc2/0x120 [ 177.920976][ T7727] __kmalloc_noprof+0xe0/0x850 [ 177.921018][ T7727] ? nfsd_net_init+0x2b4/0x3d0 [ 177.921066][ T7727] ops_init+0x77/0x5f0 [ 177.921111][ T7727] setup_net+0x118/0x3a0 [ 177.921148][ T7727] ? __pfx_setup_net+0x10/0x10 [ 177.921180][ T7727] ? lockdep_init_map_type+0x5c/0x250 [ 177.921216][ T7727] ? mutex_init_lockep+0x110/0x150 [ 177.921259][ T7727] copy_net_ns+0x46f/0x7c0 [ 177.921302][ T7727] create_new_namespaces+0x3ea/0xac0 [ 177.921337][ T7727] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 177.921370][ T7727] ksys_unshare+0x473/0xad0 [ 177.921406][ T7727] ? __pfx_ksys_unshare+0x10/0x10 [ 177.921454][ T7727] __x64_sys_unshare+0x31/0x40 [ 177.921487][ T7727] do_syscall_64+0x106/0xf80 [ 177.921519][ T7727] ? clear_bhb_loop+0x40/0x90 [ 177.921552][ T7727] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.921582][ T7727] RIP: 0033:0x7febcdf9c799 [ 177.921604][ T7727] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 177.921630][ T7727] RSP: 002b:00007febcedf9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 177.921656][ T7727] RAX: ffffffffffffffda RBX: 00007febce216090 RCX: 00007febcdf9c799 [ 177.921674][ T7727] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 177.921691][ T7727] RBP: 00007febce032c99 R08: 0000000000000000 R09: 0000000000000000 [ 177.921707][ T7727] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 177.921723][ T7727] R13: 00007febce216128 R14: 00007febce216090 R15: 00007fffcbb32498 [ 177.921763][ T7727] [ 178.520742][ T7738] KVM: debugfs: duplicate directory 7738-4 [ 179.058823][ T7755] binder: 7754:7755 ioctl 40046205 0 returned -22 [ 179.134491][ T7759] FAULT_INJECTION: forcing a failure. [ 179.134491][ T7759] name failslab, interval 1, probability 0, space 0, times 0 [ 179.168028][ T7759] CPU: 1 UID: 0 PID: 7759 Comm: syz.3.380 Tainted: G U syzkaller #0 PREEMPT(full) [ 179.168055][ T7759] Tainted: [U]=USER [ 179.168060][ T7759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 179.168069][ T7759] Call Trace: [ 179.168074][ T7759] [ 179.168080][ T7759] dump_stack_lvl+0x100/0x190 [ 179.168107][ T7759] should_fail_ex.cold+0x5/0xa [ 179.168126][ T7759] should_failslab+0xc2/0x120 [ 179.168142][ T7759] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 179.168163][ T7759] ? shmem_alloc_inode+0x25/0x50 [ 179.168182][ T7759] ? __pfx_shmem_alloc_inode+0x10/0x10 [ 179.168199][ T7759] shmem_alloc_inode+0x25/0x50 [ 179.168213][ T7759] alloc_inode+0x68/0x250 [ 179.168232][ T7759] new_inode+0x22/0x1c0 [ 179.168251][ T7759] shmem_get_inode+0x212/0x1040 [ 179.168271][ T7759] ? __pfx_shmem_get_inode+0x10/0x10 [ 179.168295][ T7759] __shmem_file_setup+0x184/0x490 [ 179.168315][ T7759] ? __pfx___shmem_file_setup+0x10/0x10 [ 179.168334][ T7759] ? do_raw_spin_lock+0x128/0x260 [ 179.168353][ T7759] ? find_held_lock+0x2b/0x80 [ 179.168366][ T7759] ? alloc_fd+0x476/0x790 [ 179.168378][ T7759] ? alloc_fd+0x476/0x790 [ 179.168393][ T7759] memfd_alloc_file+0x247/0x620 [ 179.168411][ T7759] ? _raw_spin_unlock+0x28/0x50 [ 179.168426][ T7759] ? __pfx_memfd_alloc_file+0x10/0x10 [ 179.168449][ T7759] __do_sys_memfd_create+0x236/0x3d0 [ 179.168469][ T7759] do_syscall_64+0x106/0xf80 [ 179.168485][ T7759] ? clear_bhb_loop+0x40/0x90 [ 179.168507][ T7759] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.168522][ T7759] RIP: 0033:0x7faea859c799 [ 179.168535][ T7759] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 179.168548][ T7759] RSP: 002b:00007faea948d028 EFLAGS: 00000246 ORIG_RAX: 000000000000013f [ 179.168562][ T7759] RAX: ffffffffffffffda RBX: 00007faea8816090 RCX: 00007faea859c799 [ 179.168571][ T7759] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 179.168579][ T7759] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 179.168587][ T7759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.168595][ T7759] R13: 00007faea8816128 R14: 00007faea8816090 R15: 00007ffc6b949878 [ 179.168614][ T7759] [ 179.843345][ T7765] input: f as /devices/virtual/input/input7 [ 179.845337][ T7779] kexec: Could not allocate control_code_buffer [ 179.966813][ T7765] zram: Removed device: zram0 [ 180.212843][ T7793] FAULT_INJECTION: forcing a failure. [ 180.212843][ T7793] name failslab, interval 1, probability 0, space 0, times 0 [ 180.234745][ T7793] CPU: 0 UID: 0 PID: 7793 Comm: syz.0.387 Tainted: G U syzkaller #0 PREEMPT(full) [ 180.234790][ T7793] Tainted: [U]=USER [ 180.234799][ T7793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 180.234816][ T7793] Call Trace: [ 180.234824][ T7793] [ 180.234834][ T7793] dump_stack_lvl+0x100/0x190 [ 180.234881][ T7793] should_fail_ex.cold+0x5/0xa [ 180.234913][ T7793] should_failslab+0xc2/0x120 [ 180.234942][ T7793] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 180.234982][ T7793] ? __proc_create+0x2cb/0x8c0 [ 180.235028][ T7793] __proc_create+0x2cb/0x8c0 [ 180.235068][ T7793] ? __pfx___proc_create+0x10/0x10 [ 180.235119][ T7793] proc_mkdir+0x81/0x170 [ 180.235144][ T7793] ? __pfx_proc_mkdir+0x10/0x10 [ 180.235167][ T7793] ? cache_register_net+0x137/0x5e0 [ 180.235203][ T7793] ? cache_register_net+0x137/0x5e0 [ 180.235246][ T7793] cache_register_net+0x18f/0x5e0 [ 180.235286][ T7793] nfsd_export_init+0x16e/0x250 [ 180.235332][ T7793] ? __pfx_nfsd_net_init+0x10/0x10 [ 180.235395][ T7793] nfsd_net_init+0x33/0x3d0 [ 180.235448][ T7793] ? __pfx_nfsd_net_init+0x10/0x10 [ 180.235488][ T7793] ops_init+0x1e2/0x5f0 [ 180.235535][ T7793] setup_net+0x118/0x3a0 [ 180.235568][ T7793] ? __pfx_setup_net+0x10/0x10 [ 180.235600][ T7793] ? lockdep_init_map_type+0x5c/0x250 [ 180.235635][ T7793] ? mutex_init_lockep+0x110/0x150 [ 180.235678][ T7793] copy_net_ns+0x46f/0x7c0 [ 180.235720][ T7793] create_new_namespaces+0x3ea/0xac0 [ 180.235758][ T7793] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 180.235788][ T7793] ksys_unshare+0x473/0xad0 [ 180.235819][ T7793] ? __pfx_ksys_unshare+0x10/0x10 [ 180.235863][ T7793] __x64_sys_unshare+0x31/0x40 [ 180.235893][ T7793] do_syscall_64+0x106/0xf80 [ 180.235923][ T7793] ? clear_bhb_loop+0x40/0x90 [ 180.235957][ T7793] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.235982][ T7793] RIP: 0033:0x7f0977b9c799 [ 180.236004][ T7793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.236028][ T7793] RSP: 002b:00007f0978af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 180.236051][ T7793] RAX: ffffffffffffffda RBX: 00007f0977e16090 RCX: 00007f0977b9c799 [ 180.236067][ T7793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 180.236081][ T7793] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 180.236094][ T7793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.236107][ T7793] R13: 00007f0977e16128 R14: 00007f0977e16090 R15: 00007ffc77d66208 [ 180.236140][ T7793] [ 180.290098][ T7795] size and base must be multiples of 4 kiB [ 180.534114][ T7795] CPU: 1 UID: 0 PID: 7795 Comm: syz.2.388 Tainted: G U syzkaller #0 PREEMPT(full) [ 180.534154][ T7795] Tainted: [U]=USER [ 180.534162][ T7795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 180.534176][ T7795] Call Trace: [ 180.534184][ T7795] [ 180.534192][ T7795] dump_stack_lvl+0x100/0x190 [ 180.534236][ T7795] mtrr_del.cold+0x72/0x85 [ 180.534267][ T7795] mtrr_ioctl+0xbc8/0xcf0 [ 180.534301][ T7795] ? __pfx_mtrr_ioctl+0x10/0x10 [ 180.534341][ T7795] ? find_held_lock+0x2b/0x80 [ 180.534375][ T7795] ? __fget_files+0x21f/0x3d0 [ 180.534399][ T7795] ? __pfx_mtrr_ioctl+0x10/0x10 [ 180.534433][ T7795] proc_reg_unlocked_ioctl+0x229/0x320 [ 180.534472][ T7795] ? __pfx_proc_reg_unlocked_ioctl+0x10/0x10 [ 180.534514][ T7795] __x64_sys_ioctl+0x18e/0x210 [ 180.534553][ T7795] do_syscall_64+0x106/0xf80 [ 180.534585][ T7795] ? clear_bhb_loop+0x40/0x90 [ 180.534620][ T7795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 180.534647][ T7795] RIP: 0033:0x7f146099c799 [ 180.534669][ T7795] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 180.534693][ T7795] RSP: 002b:00007f14617a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 180.534719][ T7795] RAX: ffffffffffffffda RBX: 00007f1460c15fa0 RCX: 00007f146099c799 [ 180.534733][ T7795] RDX: 0000000000000000 RSI: 0000000040104d04 RDI: 0000000000000000 [ 180.534748][ T7795] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 180.534763][ T7795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 180.534779][ T7795] R13: 00007f1460c16038 R14: 00007f1460c15fa0 R15: 00007ffd8e183168 [ 180.534815][ T7795] [ 180.877109][ T7783] syz.1.384 (7783) used greatest stack depth: 19672 bytes left [ 181.930417][ T7839] vivid-007: ================= START STATUS ================= [ 181.944756][ T7839] vivid-007: Generate PTS: true [ 182.011872][ T7839] vivid-007: Generate SCR: true [ 182.084538][ T7839] tpg source WxH: 320x240 (Y'CbCr) [ 182.104803][ T7839] tpg field: 1 [ 182.117432][ T7839] tpg crop: (0,0)/320x240 [ 182.132319][ T7839] tpg compose: (0,0)/320x240 [ 182.164838][ T7839] tpg colorspace: 8 [ 182.168700][ T7839] tpg transfer function: 0/0 [ 182.215080][ T7839] tpg Y'CbCr encoding: 0/0 [ 182.219863][ T7839] tpg quantization: 0/0 [ 182.224069][ T7839] tpg RGB range: 0/2 [ 182.326917][ T7839] vivid-007: ================== END STATUS ================== [ 184.940201][ T7902] zswap: compressor not available [ 185.255461][ T7901] can: request_module (can-proto-5) failed. [ 185.522436][ T7919] FAULT_INJECTION: forcing a failure. [ 185.522436][ T7919] name fail_futex, interval 1, probability 0, space 0, times 0 [ 185.606587][ T7919] CPU: 1 UID: 0 PID: 7919 Comm: syz.2.413 Tainted: G U syzkaller #0 PREEMPT(full) [ 185.606634][ T7919] Tainted: [U]=USER [ 185.606644][ T7919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 185.606660][ T7919] Call Trace: [ 185.606670][ T7919] [ 185.606681][ T7919] dump_stack_lvl+0x100/0x190 [ 185.606729][ T7919] should_fail_ex.cold+0x5/0xa [ 185.606756][ T7919] ? tomoyo_path_number_perm+0x46d/0x580 [ 185.606805][ T7919] get_futex_key+0x1d2/0x1620 [ 185.606844][ T7919] ? __pfx_get_futex_key+0x10/0x10 [ 185.606890][ T7919] futex_wake+0xea/0x530 [ 185.606942][ T7919] ? __pfx_futex_wake+0x10/0x10 [ 185.606992][ T7919] ? do_vfs_ioctl+0x226/0x13e0 [ 185.607039][ T7919] do_futex+0x32b/0x350 [ 185.607075][ T7919] ? __pfx_do_futex+0x10/0x10 [ 185.607112][ T7919] ? find_held_lock+0x2b/0x80 [ 185.607144][ T7919] __x64_sys_futex+0x34f/0x4d0 [ 185.607182][ T7919] ? __fget_files+0x21f/0x3d0 [ 185.607207][ T7919] ? __pfx___x64_sys_futex+0x10/0x10 [ 185.607256][ T7919] do_syscall_64+0x106/0xf80 [ 185.607289][ T7919] ? clear_bhb_loop+0x40/0x90 [ 185.607323][ T7919] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.607352][ T7919] RIP: 0033:0x7f146099c799 [ 185.607376][ T7919] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.607403][ T7919] RSP: 002b:00007f14617a40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 185.607430][ T7919] RAX: ffffffffffffffda RBX: 00007f1460c15fa8 RCX: 00007f146099c799 [ 185.607448][ T7919] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1460c15fac [ 185.607466][ T7919] RBP: 00007f1460c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 185.607482][ T7919] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 185.607499][ T7919] R13: 00007f1460c16038 R14: 00007ffd8e183080 R15: 00007ffd8e183168 [ 185.607537][ T7919] [ 189.109384][ T8033] netlink: 28 bytes leftover after parsing attributes in process `syz.0.432'. [ 189.258229][ T8033] ipvlan0: entered promiscuous mode [ 189.263843][ T8033] ipvlan0: entered allmulticast mode [ 189.269679][ T8033] veth0_vlan: entered allmulticast mode [ 190.878925][ T8076] netlink: 146 bytes leftover after parsing attributes in process `syz.0.438'. [ 190.973162][ T29] audit: type=1800 audit(1843104522.158:5): pid=8081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.439" name="members" dev="configfs" ino=21162 res=0 errno=0 [ 193.157578][ T8121] ima: policy update failed [ 193.171238][ T29] audit: type=1802 audit(1843104524.358:6): pid=8121 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.449" res=0 errno=0 [ 194.637302][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.644238][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 196.149604][ T8172] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 196.930578][ T8173] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 202.472368][ T8304] openvswitch: netlink: VXLAN extension message has 4 unknown bytes. [ 202.758800][ T8311] netlink: 4 bytes leftover after parsing attributes in process `syz.1.485'. [ 202.769043][ T8311] netlink: 'syz.1.485': attribute type 1 has an invalid length. [ 202.776745][ T8311] netlink: 13 bytes leftover after parsing attributes in process `syz.1.485'. [ 203.090496][ T7597] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 204.152249][ T8325] binder: 8323:8325 ioctl c018620c 0 returned -22 [ 204.989384][ T8341] FAULT_INJECTION: forcing a failure. [ 204.989384][ T8341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.047099][ T8341] CPU: 1 UID: 0 PID: 8341 Comm: syz.3.491 Tainted: G U syzkaller #0 PREEMPT(full) [ 205.047124][ T8341] Tainted: [U]=USER [ 205.047129][ T8341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 205.047140][ T8341] Call Trace: [ 205.047145][ T8341] [ 205.047151][ T8341] dump_stack_lvl+0x100/0x190 [ 205.047192][ T8341] should_fail_ex.cold+0x5/0xa [ 205.047221][ T8341] _copy_from_user+0x2e/0xd0 [ 205.047247][ T8341] restore_sigcontext+0xcd/0x6a0 [ 205.047275][ T8341] ? __pfx_restore_sigcontext+0x10/0x10 [ 205.047326][ T8341] ? __pfx_restore_altstack+0x10/0x10 [ 205.047359][ T8341] ? _raw_spin_unlock_irq+0x23/0x50 [ 205.047386][ T8341] ? lockdep_hardirqs_on+0x78/0x100 [ 205.047421][ T8341] __do_sys_rt_sigreturn+0x229/0x2c0 [ 205.047453][ T8341] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 205.047495][ T8341] do_syscall_64+0x106/0xf80 [ 205.047525][ T8341] ? clear_bhb_loop+0x40/0x90 [ 205.047557][ T8341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.047583][ T8341] RIP: 0033:0x7faea853db19 [ 205.047620][ T8341] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 205.047652][ T8341] RSP: 002b:00007faea94ada80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 205.047676][ T8341] RAX: ffffffffffffffda RBX: 00007faea8815fa0 RCX: 00007faea853db19 [ 205.047695][ T8341] RDX: 00007faea94ada80 RSI: 00007faea94adbb0 RDI: 0000000000000011 [ 205.047711][ T8341] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 205.047727][ T8341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.047743][ T8341] R13: 00007faea8816038 R14: 00007faea8815fa0 R15: 00007ffc6b949878 [ 205.047778][ T8341] [ 205.060004][ T8341] FAULT_INJECTION: forcing a failure. [ 205.060004][ T8341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 205.253609][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 205.264125][ T8341] CPU: 0 UID: 0 PID: 8341 Comm: syz.3.491 Tainted: G U syzkaller #0 PREEMPT(full) [ 205.264167][ T8341] Tainted: [U]=USER [ 205.264176][ T8341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 205.264191][ T8341] Call Trace: [ 205.264199][ T8341] [ 205.264209][ T8341] dump_stack_lvl+0x100/0x190 [ 205.264253][ T8341] should_fail_ex.cold+0x5/0xa [ 205.264285][ T8341] _copy_from_user+0x2e/0xd0 [ 205.264312][ T8341] restore_altstack+0x98/0x170 [ 205.264346][ T8341] ? __pfx_restore_altstack+0x10/0x10 [ 205.264382][ T8341] ? _raw_spin_unlock_irq+0x23/0x50 [ 205.264410][ T8341] ? lockdep_hardirqs_on+0x78/0x100 [ 205.264441][ T8341] ? _raw_spin_unlock_irq+0x2e/0x50 [ 205.264472][ T8341] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 205.264506][ T8341] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 205.264549][ T8341] do_syscall_64+0x106/0xf80 [ 205.264579][ T8341] ? clear_bhb_loop+0x40/0x90 [ 205.264611][ T8341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.264638][ T8341] RIP: 0033:0x7faea853db19 [ 205.264660][ T8341] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 205.264685][ T8341] RSP: 002b:00007faea94ada80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 205.264710][ T8341] RAX: ffffffffffffffda RBX: 00007faea8815fa0 RCX: 00007faea853db19 [ 205.264728][ T8341] RDX: 00007faea94ada80 RSI: 00007faea94adbb0 RDI: 0000000000000011 [ 205.264745][ T8341] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 205.264761][ T8341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.264776][ T8341] R13: 00007faea8816038 R14: 00007faea8815fa0 R15: 00007ffc6b949878 [ 205.264812][ T8341] [ 207.271992][ T8320] Bluetooth: hci0: command 0x2016 tx timeout [ 207.553895][ T29] audit: type=1807 audit(1843104538.738:7): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 207.648240][ T29] audit: type=1802 audit(1843104538.768:8): pid=8388 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.500" res=0 errno=0 [ 207.723521][ T8351] netlink: 'syz.3.495': attribute type 10 has an invalid length. [ 207.734099][ T8351] netlink: 330 bytes leftover after parsing attributes in process `syz.3.495'. [ 208.073096][ T8387] ima: policy update failed [ 208.118317][ T29] audit: type=1802 audit(1843104539.298:9): pid=8387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.500" res=0 errno=0 [ 209.466571][ T8428] Invalid ELF header magic: != ELF [ 210.760528][ T8433] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 210.808689][ T8433] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 211.102747][ T8433] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 211.248087][ T8433] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 211.273965][ T8433] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 211.353315][ T7587] Bluetooth: hci0: command 0x2016 tx timeout [ 211.538160][ T8433] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 211.553790][ T8433] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 211.699196][ T8433] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 211.719131][ T8433] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 213.269520][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 213.428929][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 213.457256][ T8523] zram: Added device: zram0 [ 213.489712][ T8524] futex_wake_op: syz.0.518 tries to shift op by -2048; fix this program [ 213.556004][ T8524] futex_wake_op: syz.0.518 tries to shift op by -2048; fix this program [ 213.594730][ T7597] Bluetooth: hci2: command 0x0406 tx timeout [ 213.752171][ T7597] Bluetooth: hci3: command 0x0406 tx timeout [ 215.349118][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 215.509233][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 215.668859][ T7597] Bluetooth: hci2: command 0x0406 tx timeout [ 215.829397][ T7597] Bluetooth: hci3: command 0x0406 tx timeout [ 217.290982][ T8581] Invalid ELF header magic: != ELF [ 217.491316][ T8581] Invalid ELF header magic: != ELF [ 219.481466][ T8632] netlink: 20 bytes leftover after parsing attributes in process `syz.2.533'. [ 220.258847][ T8656] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 220.302466][ T8656] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 220.339055][ T8656] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 220.349083][ T8656] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 220.669628][ T8672] FAULT_INJECTION: forcing a failure. [ 220.669628][ T8672] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 220.759356][ T8672] CPU: 1 UID: 0 PID: 8672 Comm: syz.0.539 Tainted: G U syzkaller #0 PREEMPT(full) [ 220.759399][ T8672] Tainted: [U]=USER [ 220.759406][ T8672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 220.759420][ T8672] Call Trace: [ 220.759428][ T8672] [ 220.759437][ T8672] dump_stack_lvl+0x100/0x190 [ 220.759478][ T8672] should_fail_ex.cold+0x5/0xa [ 220.759506][ T8672] _copy_from_user+0x2e/0xd0 [ 220.759530][ T8672] get_itimerspec64+0x16c/0x2f0 [ 220.759560][ T8672] ? __pfx_get_itimerspec64+0x10/0x10 [ 220.759587][ T8672] ? __pfx_do_futex+0x10/0x10 [ 220.759623][ T8672] __x64_sys_timerfd_settime+0x15f/0x280 [ 220.759657][ T8672] ? __pfx___x64_sys_timerfd_settime+0x10/0x10 [ 220.759693][ T8672] ? xfd_validate_state+0x129/0x190 [ 220.759737][ T8672] do_syscall_64+0x106/0xf80 [ 220.759765][ T8672] ? clear_bhb_loop+0x40/0x90 [ 220.759804][ T8672] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.759829][ T8672] RIP: 0033:0x7f0977b9c799 [ 220.759850][ T8672] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 220.759874][ T8672] RSP: 002b:00007f0978b12028 EFLAGS: 00000246 ORIG_RAX: 000000000000011e [ 220.759897][ T8672] RAX: ffffffffffffffda RBX: 00007f0977e15fa0 RCX: 00007f0977b9c799 [ 220.759913][ T8672] RDX: 0000200000000040 RSI: 0000000000000003 RDI: ffffffffffffffff [ 220.759928][ T8672] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 220.759943][ T8672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.759957][ T8672] R13: 00007f0977e16038 R14: 00007f0977e15fa0 R15: 00007ffc77d66208 [ 220.759989][ T8672] [ 221.204291][ T29] audit: type=1800 audit(1843104552.378:10): pid=8679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.538" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 222.312722][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 222.320531][ T8320] Bluetooth: hci0: command 0x2016 tx timeout [ 222.388667][ T8320] Bluetooth: hci3: command 0x0406 tx timeout [ 222.395094][ T8320] Bluetooth: hci2: command 0x0406 tx timeout [ 223.027811][ T8720] netlink: 4 bytes leftover after parsing attributes in process `syz.1.546'. [ 223.931189][ T8729] FAULT_INJECTION: forcing a failure. [ 223.931189][ T8729] name failslab, interval 1, probability 0, space 0, times 0 [ 223.945909][ T8729] CPU: 1 UID: 0 PID: 8729 Comm: syz.1.548 Tainted: G U syzkaller #0 PREEMPT(full) [ 223.945943][ T8729] Tainted: [U]=USER [ 223.945949][ T8729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 223.945958][ T8729] Call Trace: [ 223.945966][ T8729] [ 223.945973][ T8729] dump_stack_lvl+0x100/0x190 [ 223.946001][ T8729] should_fail_ex.cold+0x5/0xa [ 223.946020][ T8729] ? memcg_list_lru_alloc+0x4ec/0x740 [ 223.946041][ T8729] should_failslab+0xc2/0x120 [ 223.946063][ T8729] __kmalloc_noprof+0xe0/0x850 [ 223.946088][ T8729] ? ipcget+0xee/0xf50 [ 223.946106][ T8729] memcg_list_lru_alloc+0x4ec/0x740 [ 223.946132][ T8729] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 223.946152][ T8729] ? rcu_read_unlock+0x17/0x60 [ 223.946173][ T8729] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 223.946196][ T8729] __memcg_slab_post_alloc_hook+0x130/0x990 [ 223.946218][ T8729] ? kasan_save_track+0x14/0x30 [ 223.946242][ T8729] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 223.946263][ T8729] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 223.946285][ T8729] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 223.946299][ T8729] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 223.946313][ T8729] alloc_inode+0x68/0x250 [ 223.946332][ T8729] new_inode+0x22/0x1c0 [ 223.946352][ T8729] hugetlbfs_get_inode+0x313/0x750 [ 223.946369][ T8729] hugetlb_file_setup+0x3cc/0x5b0 [ 223.946386][ T8729] newseg+0xabb/0xed0 [ 223.946405][ T8729] ? __pfx_newseg+0x10/0x10 [ 223.946419][ T8729] ? down_write+0x146/0x1f0 [ 223.946439][ T8729] ? ksys_write+0x190/0x250 [ 223.946451][ T8729] ? ksys_write+0x190/0x250 [ 223.946466][ T8729] ipcget+0xee/0xf50 [ 223.946483][ T8729] ? do_futex+0x192/0x350 [ 223.946515][ T8729] ? __pfx_do_futex+0x10/0x10 [ 223.946551][ T8729] ? __pfx_ipcget+0x10/0x10 [ 223.946567][ T8729] ? __x64_sys_futex+0x34f/0x4d0 [ 223.946583][ T8729] ? __x64_sys_futex+0x358/0x4d0 [ 223.946603][ T8729] __x64_sys_shmget+0x13b/0x1b0 [ 223.946620][ T8729] ? __pfx___x64_sys_shmget+0x10/0x10 [ 223.946641][ T8729] do_syscall_64+0x106/0xf80 [ 223.946658][ T8729] ? clear_bhb_loop+0x40/0x90 [ 223.946675][ T8729] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.946690][ T8729] RIP: 0033:0x7febcdf9c799 [ 223.946703][ T8729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 223.946717][ T8729] RSP: 002b:00007febcee1a028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 223.946731][ T8729] RAX: ffffffffffffffda RBX: 00007febce215fa0 RCX: 00007febcdf9c799 [ 223.946741][ T8729] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 223.946750][ T8729] RBP: 00007febce032c99 R08: 0000000000000000 R09: 0000000000000000 [ 223.946759][ T8729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 223.946768][ T8729] R13: 00007febce216038 R14: 00007febce215fa0 R15: 00007fffcbb32498 [ 223.946814][ T8729] [ 225.149486][ T8746] netlink: 28 bytes leftover after parsing attributes in process `syz.3.551'. [ 225.872142][ T8751] FAULT_INJECTION: forcing a failure. [ 225.872142][ T8751] name failslab, interval 1, probability 0, space 0, times 0 [ 225.886990][ T8751] CPU: 1 UID: 0 PID: 8751 Comm: syz.2.552 Tainted: G U syzkaller #0 PREEMPT(full) [ 225.887014][ T8751] Tainted: [U]=USER [ 225.887019][ T8751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 225.887028][ T8751] Call Trace: [ 225.887033][ T8751] [ 225.887038][ T8751] dump_stack_lvl+0x100/0x190 [ 225.887064][ T8751] should_fail_ex.cold+0x5/0xa [ 225.887094][ T8751] should_failslab+0xc2/0x120 [ 225.887110][ T8751] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 225.887134][ T8751] ? taskstats_exit+0x650/0xbd0 [ 225.887159][ T8751] taskstats_exit+0x650/0xbd0 [ 225.887180][ T8751] ? __pfx_acct_update_integrals+0x10/0x10 [ 225.887203][ T8751] ? __pfx_taskstats_exit+0x10/0x10 [ 225.887226][ T8751] ? rcu_read_lock_any_held+0x6a/0xa0 [ 225.887239][ T8751] ? exit_signals+0x395/0xaf0 [ 225.887256][ T8751] do_exit+0x659/0x2b60 [ 225.887277][ T8751] ? __pfx_do_exit+0x10/0x10 [ 225.887295][ T8751] ? do_raw_spin_lock+0x128/0x260 [ 225.887315][ T8751] ? find_held_lock+0x2b/0x80 [ 225.887328][ T8751] ? get_signal+0x7e0/0x21e0 [ 225.887344][ T8751] do_group_exit+0xd5/0x2a0 [ 225.887363][ T8751] get_signal+0x1ec7/0x21e0 [ 225.887380][ T8751] ? rcu_read_lock_any_held+0x6a/0xa0 [ 225.887397][ T8751] ? __pfx_get_signal+0x10/0x10 [ 225.887412][ T8751] ? do_futex+0x192/0x350 [ 225.887432][ T8751] arch_do_signal_or_restart+0x91/0x770 [ 225.887448][ T8751] ? bpf_lsm_capable+0x9/0x10 [ 225.887463][ T8751] ? security_capable+0x80/0x260 [ 225.887482][ T8751] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 225.887505][ T8751] ? __pfx___x64_sys_futex+0x10/0x10 [ 225.887527][ T8751] exit_to_user_mode_loop+0x86/0x4a0 [ 225.887547][ T8751] do_syscall_64+0x668/0xf80 [ 225.887563][ T8751] ? clear_bhb_loop+0x40/0x90 [ 225.887581][ T8751] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.887595][ T8751] RIP: 0033:0x7f146099c799 [ 225.887608][ T8751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 225.887622][ T8751] RSP: 002b:00007f145ebf60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 225.887646][ T8751] RAX: fffffffffffffe00 RBX: 00007f1460c16188 RCX: 00007f146099c799 [ 225.887656][ T8751] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1460c16188 [ 225.887664][ T8751] RBP: 00007f1460c16180 R08: 0000000000000000 R09: 0000000000000000 [ 225.887673][ T8751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.887681][ T8751] R13: 00007f1460c16218 R14: 00007ffd8e183080 R15: 00007ffd8e183168 [ 225.887699][ T8751] [ 225.924160][ T8754] program syz.3.553 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 226.923766][ T8765] FAULT_INJECTION: forcing a failure. [ 226.923766][ T8765] name fail_futex, interval 1, probability 0, space 0, times 0 [ 226.967182][ T8765] CPU: 0 UID: 0 PID: 8765 Comm: syz.2.555 Tainted: G U syzkaller #0 PREEMPT(full) [ 226.967227][ T8765] Tainted: [U]=USER [ 226.967236][ T8765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 226.967252][ T8765] Call Trace: [ 226.967260][ T8765] [ 226.967271][ T8765] dump_stack_lvl+0x100/0x190 [ 226.967319][ T8765] should_fail_ex.cold+0x5/0xa [ 226.967346][ T8765] ? tomoyo_path_number_perm+0x46d/0x580 [ 226.967395][ T8765] get_futex_key+0x1d2/0x1620 [ 226.967434][ T8765] ? __pfx_get_futex_key+0x10/0x10 [ 226.967490][ T8765] futex_wake+0xea/0x530 [ 226.967536][ T8765] ? __pfx_futex_wake+0x10/0x10 [ 226.967585][ T8765] ? do_vfs_ioctl+0x226/0x13e0 [ 226.967625][ T8765] do_futex+0x32b/0x350 [ 226.967661][ T8765] ? __pfx_do_futex+0x10/0x10 [ 226.967697][ T8765] ? find_held_lock+0x2b/0x80 [ 226.967728][ T8765] __x64_sys_futex+0x34f/0x4d0 [ 226.967766][ T8765] ? __fget_files+0x21f/0x3d0 [ 226.967791][ T8765] ? __pfx___x64_sys_futex+0x10/0x10 [ 226.967840][ T8765] do_syscall_64+0x106/0xf80 [ 226.967872][ T8765] ? clear_bhb_loop+0x40/0x90 [ 226.967907][ T8765] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.967936][ T8765] RIP: 0033:0x7f146099c799 [ 226.967958][ T8765] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.967984][ T8765] RSP: 002b:00007f14617a40e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 226.968011][ T8765] RAX: ffffffffffffffda RBX: 00007f1460c15fa8 RCX: 00007f146099c799 [ 226.968030][ T8765] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1460c15fac [ 226.968048][ T8765] RBP: 00007f1460c15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 226.968064][ T8765] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 226.968082][ T8765] R13: 00007f1460c16038 R14: 00007ffd8e183080 R15: 00007ffd8e183168 [ 226.968117][ T8765] [ 227.533513][ T8769] sp0: Synchronizing with TNC [ 232.524264][ T8871] FAULT_INJECTION: forcing a failure. [ 232.524264][ T8871] name failslab, interval 1, probability 0, space 0, times 0 [ 232.544041][ T8871] CPU: 0 UID: 0 PID: 8871 Comm: syz.1.573 Tainted: G U syzkaller #0 PREEMPT(full) [ 232.544085][ T8871] Tainted: [U]=USER [ 232.544093][ T8871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 232.544109][ T8871] Call Trace: [ 232.544117][ T8871] [ 232.544128][ T8871] dump_stack_lvl+0x100/0x190 [ 232.544173][ T8871] should_fail_ex.cold+0x5/0xa [ 232.544204][ T8871] should_failslab+0xc2/0x120 [ 232.544232][ T8871] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 232.544288][ T8871] ? __anon_vma_prepare+0xae/0x5e0 [ 232.544332][ T8871] ? __pfx_filemap_map_pages+0x10/0x10 [ 232.544369][ T8871] __anon_vma_prepare+0xae/0x5e0 [ 232.544410][ T8871] ? __pfx_filemap_map_pages+0x10/0x10 [ 232.544457][ T8871] __vmf_anon_prepare+0x11f/0x250 [ 232.544492][ T8871] do_fault+0x152/0x1990 [ 232.544529][ T8871] __handle_mm_fault+0x180f/0x2b60 [ 232.544583][ T8871] ? __pfx___handle_mm_fault+0x10/0x10 [ 232.544623][ T8871] ? pte_offset_map_lock+0x174/0x320 [ 232.544651][ T8871] ? find_held_lock+0x2b/0x80 [ 232.544690][ T8871] ? follow_page_pte+0x5b3/0x1400 [ 232.544728][ T8871] handle_mm_fault+0x36d/0xa20 [ 232.544772][ T8871] __get_user_pages+0xf9c/0x34d0 [ 232.544815][ T8871] ? __pfx___get_user_pages+0x10/0x10 [ 232.544857][ T8871] populate_vma_page_range+0x267/0x3f0 [ 232.544893][ T8871] ? __pfx_populate_vma_page_range+0x10/0x10 [ 232.544925][ T8871] ? __pfx_find_vma_intersection+0x10/0x10 [ 232.544955][ T8871] ? do_mmap+0x93f/0x12f0 [ 232.544985][ T8871] __mm_populate+0x107/0x3a0 [ 232.545015][ T8871] ? __pfx___mm_populate+0x10/0x10 [ 232.545051][ T8871] ? up_write+0x290/0x4f0 [ 232.545091][ T8871] vm_mmap_pgoff+0x37f/0x470 [ 232.545126][ T8871] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 232.545154][ T8871] ? __fget_files+0x215/0x3d0 [ 232.545183][ T8871] ? __fget_files+0x21f/0x3d0 [ 232.545218][ T8871] ksys_mmap_pgoff+0x3c8/0x650 [ 232.545244][ T8871] ? __x64_sys_futex+0x34f/0x4d0 [ 232.545278][ T8871] ? __x64_sys_futex+0x358/0x4d0 [ 232.545314][ T8871] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 232.545344][ T8871] ? xfd_validate_state+0x129/0x190 [ 232.545387][ T8871] __x64_sys_mmap+0x125/0x190 [ 232.545445][ T8871] do_syscall_64+0x106/0xf80 [ 232.545477][ T8871] ? clear_bhb_loop+0x40/0x90 [ 232.545511][ T8871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.545538][ T8871] RIP: 0033:0x7febcdf9c799 [ 232.545562][ T8871] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.545589][ T8871] RSP: 002b:00007febcedd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 232.545615][ T8871] RAX: ffffffffffffffda RBX: 00007febce216180 RCX: 00007febcdf9c799 [ 232.545635][ T8871] RDX: 0000000000000003 RSI: 0000000000000009 RDI: 0000000000000000 [ 232.545651][ T8871] RBP: 00007febce032c99 R08: 0000000000000003 R09: 0000000000008000 [ 232.545667][ T8871] R10: 0000000000008012 R11: 0000000000000246 R12: 0000000000000000 [ 232.545683][ T8871] R13: 00007febce216218 R14: 00007febce216180 R15: 00007fffcbb32498 [ 232.545718][ T8871] [ 232.976139][ T8864] netlink: 4 bytes leftover after parsing attributes in process `syz.3.572'. [ 234.084438][ T8898] FAULT_INJECTION: forcing a failure. [ 234.084438][ T8898] name failslab, interval 1, probability 0, space 0, times 0 [ 234.136230][ T8898] CPU: 1 UID: 0 PID: 8898 Comm: syz.2.578 Tainted: G U syzkaller #0 PREEMPT(full) [ 234.136280][ T8898] Tainted: [U]=USER [ 234.136288][ T8898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 234.136304][ T8898] Call Trace: [ 234.136317][ T8898] [ 234.136329][ T8898] dump_stack_lvl+0x100/0x190 [ 234.136372][ T8898] should_fail_ex.cold+0x5/0xa [ 234.136404][ T8898] ? __register_sysctl_table+0xac/0x1650 [ 234.136445][ T8898] should_failslab+0xc2/0x120 [ 234.136473][ T8898] __kmalloc_noprof+0xe0/0x850 [ 234.136530][ T8898] __register_sysctl_table+0xac/0x1650 [ 234.136570][ T8898] ? is_module_address+0x5f/0xf0 [ 234.136607][ T8898] ? __pfx___register_sysctl_table+0x10/0x10 [ 234.136648][ T8898] ? is_module_address+0x69/0xf0 [ 234.136682][ T8898] ? register_net_sysctl_sz+0x222/0x430 [ 234.136730][ T8898] nf_ct_net_init+0x249/0x370 [ 234.136759][ T8898] ? __pfx_nf_ct_net_init+0x10/0x10 [ 234.136786][ T8898] ops_init+0x1e2/0x5f0 [ 234.136835][ T8898] setup_net+0x118/0x3a0 [ 234.136872][ T8898] ? __pfx_setup_net+0x10/0x10 [ 234.136907][ T8898] ? lockdep_init_map_type+0x5c/0x250 [ 234.136946][ T8898] ? mutex_init_lockep+0x110/0x150 [ 234.136989][ T8898] copy_net_ns+0x46f/0x7c0 [ 234.137032][ T8898] create_new_namespaces+0x3ea/0xac0 [ 234.137071][ T8898] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 234.137104][ T8898] ksys_unshare+0x473/0xad0 [ 234.137141][ T8898] ? __pfx_ksys_unshare+0x10/0x10 [ 234.137190][ T8898] __x64_sys_unshare+0x31/0x40 [ 234.137223][ T8898] do_syscall_64+0x106/0xf80 [ 234.137259][ T8898] ? clear_bhb_loop+0x40/0x90 [ 234.137293][ T8898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.137327][ T8898] RIP: 0033:0x7f146099c799 [ 234.137352][ T8898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 234.137379][ T8898] RSP: 002b:00007f1461783028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 234.137408][ T8898] RAX: ffffffffffffffda RBX: 00007f1460c16090 RCX: 00007f146099c799 [ 234.137427][ T8898] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 234.137445][ T8898] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 234.137462][ T8898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.137480][ T8898] R13: 00007f1460c16128 R14: 00007f1460c16090 R15: 00007ffd8e183168 [ 234.137519][ T8898] [ 234.800443][ T8906] FAULT_INJECTION: forcing a failure. [ 234.800443][ T8906] name failslab, interval 1, probability 0, space 0, times 0 [ 234.835414][ T8906] CPU: 1 UID: 0 PID: 8906 Comm: syz.0.579 Tainted: G U syzkaller #0 PREEMPT(full) [ 234.835461][ T8906] Tainted: [U]=USER [ 234.835471][ T8906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 234.835488][ T8906] Call Trace: [ 234.835497][ T8906] [ 234.835509][ T8906] dump_stack_lvl+0x100/0x190 [ 234.835558][ T8906] should_fail_ex.cold+0x5/0xa [ 234.835590][ T8906] ? __register_sysctl_table+0xac/0x1650 [ 234.835634][ T8906] should_failslab+0xc2/0x120 [ 234.835663][ T8906] __kmalloc_noprof+0xe0/0x850 [ 234.835709][ T8906] __register_sysctl_table+0xac/0x1650 [ 234.835749][ T8906] ? is_module_address+0x5f/0xf0 [ 234.835788][ T8906] ? __pfx___register_sysctl_table+0x10/0x10 [ 234.835831][ T8906] ? is_module_address+0x69/0xf0 [ 234.835864][ T8906] ? register_net_sysctl_sz+0x222/0x430 [ 234.835910][ T8906] brnf_init_net+0x289/0x450 [ 234.835944][ T8906] ? __pfx_brnf_init_net+0x10/0x10 [ 234.835973][ T8906] ops_init+0x1e2/0x5f0 [ 234.836010][ T8906] setup_net+0x118/0x3a0 [ 234.836042][ T8906] ? __pfx_setup_net+0x10/0x10 [ 234.836071][ T8906] ? lockdep_init_map_type+0x5c/0x250 [ 234.836104][ T8906] ? mutex_init_lockep+0x110/0x150 [ 234.836145][ T8906] copy_net_ns+0x46f/0x7c0 [ 234.836182][ T8906] create_new_namespaces+0x3ea/0xac0 [ 234.836218][ T8906] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 234.836249][ T8906] ksys_unshare+0x473/0xad0 [ 234.836292][ T8906] ? __pfx_ksys_unshare+0x10/0x10 [ 234.836339][ T8906] __x64_sys_unshare+0x31/0x40 [ 234.836372][ T8906] do_syscall_64+0x106/0xf80 [ 234.836403][ T8906] ? clear_bhb_loop+0x40/0x90 [ 234.836454][ T8906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.836484][ T8906] RIP: 0033:0x7f0977b9c799 [ 234.836505][ T8906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 234.836532][ T8906] RSP: 002b:00007f0978af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 234.836557][ T8906] RAX: ffffffffffffffda RBX: 00007f0977e16090 RCX: 00007f0977b9c799 [ 234.836575][ T8906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 234.836592][ T8906] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 234.836608][ T8906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.836625][ T8906] R13: 00007f0977e16128 R14: 00007f0977e16090 R15: 00007ffc77d66208 [ 234.836662][ T8906] [ 239.821252][ T9003] openvswitch: netlink: Tunnel attr 0 has unexpected len 0 expected 8 [ 240.344562][ T9014] FAULT_INJECTION: forcing a failure. [ 240.344562][ T9014] name failslab, interval 1, probability 0, space 0, times 0 [ 240.430551][ T9014] CPU: 1 UID: 0 PID: 9014 Comm: syz.1.605 Tainted: G U syzkaller #0 PREEMPT(full) [ 240.430591][ T9014] Tainted: [U]=USER [ 240.430598][ T9014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 240.430611][ T9014] Call Trace: [ 240.430618][ T9014] [ 240.430627][ T9014] dump_stack_lvl+0x100/0x190 [ 240.430658][ T9014] should_fail_ex.cold+0x5/0xa [ 240.430676][ T9014] should_failslab+0xc2/0x120 [ 240.430695][ T9014] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 240.430718][ T9014] ? __proc_create+0x2cb/0x8c0 [ 240.430744][ T9014] __proc_create+0x2cb/0x8c0 [ 240.430776][ T9014] ? __pfx___proc_create+0x10/0x10 [ 240.430803][ T9014] ? _raw_write_unlock+0x28/0x50 [ 240.430820][ T9014] ? proc_register+0x559/0x8a0 [ 240.430836][ T9014] proc_create_reg+0x75/0x170 [ 240.430853][ T9014] proc_create_data+0x86/0x110 [ 240.430868][ T9014] ? __pfx_proc_create_data+0x10/0x10 [ 240.430882][ T9014] ? cache_register_net+0x137/0x5e0 [ 240.430901][ T9014] ? cache_register_net+0x137/0x5e0 [ 240.430923][ T9014] cache_register_net+0x2d6/0x5e0 [ 240.430944][ T9014] nfsd_export_init+0xb6/0x250 [ 240.430968][ T9014] ? __pfx_nfsd_net_init+0x10/0x10 [ 240.430992][ T9014] nfsd_net_init+0x33/0x3d0 [ 240.431014][ T9014] ? __pfx_nfsd_net_init+0x10/0x10 [ 240.431036][ T9014] ops_init+0x1e2/0x5f0 [ 240.431057][ T9014] setup_net+0x118/0x3a0 [ 240.431077][ T9014] ? __pfx_setup_net+0x10/0x10 [ 240.431094][ T9014] ? lockdep_init_map_type+0x5c/0x250 [ 240.431114][ T9014] ? mutex_init_lockep+0x110/0x150 [ 240.431136][ T9014] copy_net_ns+0x46f/0x7c0 [ 240.431166][ T9014] create_new_namespaces+0x3ea/0xac0 [ 240.431188][ T9014] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 240.431206][ T9014] ksys_unshare+0x473/0xad0 [ 240.431225][ T9014] ? __pfx_ksys_unshare+0x10/0x10 [ 240.431250][ T9014] __x64_sys_unshare+0x31/0x40 [ 240.431271][ T9014] do_syscall_64+0x106/0xf80 [ 240.431288][ T9014] ? clear_bhb_loop+0x40/0x90 [ 240.431306][ T9014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 240.431321][ T9014] RIP: 0033:0x7febcdf9c799 [ 240.431335][ T9014] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 240.431350][ T9014] RSP: 002b:00007febcedf9028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 240.431371][ T9014] RAX: ffffffffffffffda RBX: 00007febce216090 RCX: 00007febcdf9c799 [ 240.431383][ T9014] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 240.431392][ T9014] RBP: 00007febce032c99 R08: 0000000000000000 R09: 0000000000000000 [ 240.431401][ T9014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 240.431411][ T9014] R13: 00007febce216128 R14: 00007febce216090 R15: 00007fffcbb32498 [ 240.431432][ T9014] [ 242.091986][ T9037] FAULT_INJECTION: forcing a failure. [ 242.091986][ T9037] name failslab, interval 1, probability 0, space 0, times 0 [ 242.294317][ T9037] CPU: 1 UID: 0 PID: 9037 Comm: syz.1.613 Tainted: G U syzkaller #0 PREEMPT(full) [ 242.294361][ T9037] Tainted: [U]=USER [ 242.294369][ T9037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 242.294383][ T9037] Call Trace: [ 242.294392][ T9037] [ 242.294402][ T9037] dump_stack_lvl+0x100/0x190 [ 242.294450][ T9037] should_fail_ex.cold+0x5/0xa [ 242.294483][ T9037] should_failslab+0xc2/0x120 [ 242.294512][ T9037] __kmalloc_cache_noprof+0x7a/0x6f0 [ 242.294549][ T9037] ? refill_pi_state_cache+0x91/0x260 [ 242.294592][ T9037] refill_pi_state_cache+0x91/0x260 [ 242.294631][ T9037] futex_lock_pi+0x177/0x7b0 [ 242.294672][ T9037] ? __pfx_futex_lock_pi+0x10/0x10 [ 242.294724][ T9037] ? __pfx___futex_wait+0x10/0x10 [ 242.294798][ T9037] ? __pfx_futex_wake_mark+0x10/0x10 [ 242.294848][ T9037] ? __get_user_nocheck_8+0x20/0x20 [ 242.294877][ T9037] ? do_vfs_ioctl+0x226/0x13e0 [ 242.294921][ T9037] do_futex+0x18a/0x350 [ 242.294958][ T9037] ? __pfx_do_futex+0x10/0x10 [ 242.294996][ T9037] ? find_held_lock+0x2b/0x80 [ 242.295025][ T9037] __x64_sys_futex+0x34f/0x4d0 [ 242.295066][ T9037] ? __pfx___x64_sys_futex+0x10/0x10 [ 242.295117][ T9037] do_syscall_64+0x106/0xf80 [ 242.295148][ T9037] ? clear_bhb_loop+0x40/0x90 [ 242.295183][ T9037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.295211][ T9037] RIP: 0033:0x7febcdf9c799 [ 242.295234][ T9037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.295261][ T9037] RSP: 002b:00007febcedf9028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 242.295287][ T9037] RAX: ffffffffffffffda RBX: 00007febce216090 RCX: 00007febcdf9c799 [ 242.295306][ T9037] RDX: 0000000000000009 RSI: 0000000000000006 RDI: 0000000000000000 [ 242.295322][ T9037] RBP: 00007febce032c99 R08: 0000000000000000 R09: 000000008000fff5 [ 242.295340][ T9037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.295357][ T9037] R13: 00007febce216128 R14: 00007febce216090 R15: 00007fffcbb32498 [ 242.295395][ T9037] [ 244.555401][ T9076] netlink: 12 bytes leftover after parsing attributes in process `syz.0.622'. [ 247.088735][ T8320] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 247.860513][ T9104] netlink: 'syz.2.627': attribute type 1 has an invalid length. [ 249.119516][ T9124] smpboot: CPU 1 is now offline [ 249.680522][ T9140] netlink: 4 bytes leftover after parsing attributes in process `syz.1.631'. [ 251.563848][ T9176] hsr_slave_0: hsr_addr_subst_dest: Unknown node [ 251.570895][ T9176] hsr_slave_1: hsr_addr_subst_dest: Unknown node [ 254.780688][ T9238] FAULT_INJECTION: forcing a failure. [ 254.780688][ T9238] name failslab, interval 1, probability 0, space 0, times 0 [ 254.969072][ T9238] CPU: 0 UID: 0 PID: 9238 Comm: syz.1.652 Tainted: G U syzkaller #0 PREEMPT(full) [ 254.969099][ T9238] Tainted: [U]=USER [ 254.969104][ T9238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 254.969113][ T9238] Call Trace: [ 254.969118][ T9238] [ 254.969124][ T9238] dump_stack_lvl+0x100/0x190 [ 254.969151][ T9238] should_fail_ex.cold+0x5/0xa [ 254.969169][ T9238] should_failslab+0xc2/0x120 [ 254.969185][ T9238] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 254.969207][ T9238] ? __kernfs_new_node+0xd2/0x960 [ 254.969228][ T9238] ? kstrdup+0xb3/0xe0 [ 254.969251][ T9238] __kernfs_new_node+0xd2/0x960 [ 254.969272][ T9238] ? __pfx___kernfs_new_node+0x10/0x10 [ 254.969297][ T9238] ? find_held_lock+0x2b/0x80 [ 254.969310][ T9238] ? kernfs_root+0xee/0x2a0 [ 254.969327][ T9238] ? kernfs_root+0xee/0x2a0 [ 254.969350][ T9238] kernfs_new_node+0x11b/0x1a0 [ 254.969375][ T9238] __kernfs_create_file+0x53/0x350 [ 254.969393][ T9238] cgroup_addrm_files+0x4d8/0xb90 [ 254.969423][ T9238] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 254.969444][ T9238] ? __pfx___xa_store+0x10/0x10 [ 254.969470][ T9238] ? do_raw_spin_unlock+0x145/0x1e0 [ 254.969494][ T9238] css_populate_dir+0x161/0x590 [ 254.969513][ T9238] cgroup_apply_control_enable+0x40a/0xbd0 [ 254.969543][ T9238] cgroup_mkdir+0x57f/0x1330 [ 254.969567][ T9238] ? __pfx_cgroup_mkdir+0x10/0x10 [ 254.969589][ T9238] kernfs_iop_mkdir+0x111/0x190 [ 254.969610][ T9238] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 254.969630][ T9238] vfs_mkdir+0x361/0x850 [ 254.969652][ T9238] filename_mkdirat+0x48b/0x5e0 [ 254.969670][ T9238] ? __pfx_filename_mkdirat+0x10/0x10 [ 254.969686][ T9238] ? strncpy_from_user+0x19d/0x2d0 [ 254.969710][ T9238] ? do_getname+0x191/0x390 [ 254.969729][ T9238] __x64_sys_mkdir+0x6b/0x90 [ 254.969745][ T9238] do_syscall_64+0x106/0xf80 [ 254.969762][ T9238] ? clear_bhb_loop+0x40/0x90 [ 254.969779][ T9238] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 254.969794][ T9238] RIP: 0033:0x7febcdf9c799 [ 254.969808][ T9238] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 254.969821][ T9238] RSP: 002b:00007febcedd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 254.969836][ T9238] RAX: ffffffffffffffda RBX: 00007febce216180 RCX: 00007febcdf9c799 [ 254.969846][ T9238] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 254.969854][ T9238] RBP: 00007febce032c99 R08: 0000000000000000 R09: 0000000000000000 [ 254.969863][ T9238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 254.969871][ T9238] R13: 00007febce216218 R14: 00007febce216180 R15: 00007fffcbb32498 [ 254.969891][ T9238] [ 254.969913][ T9238] cgroup: cgroup_addrm_files: failed to add force_empty, err=-12 [ 256.074092][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.086159][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.148069][ T9256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.656'. [ 258.181055][ T9281] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 258.971336][ T9291] scsi_dev_info_list_add_str: bad dev info string '' '' '' [ 259.412601][ T9310] FAULT_INJECTION: forcing a failure. [ 259.412601][ T9310] name fail_futex, interval 1, probability 0, space 0, times 0 [ 259.464057][ T9310] CPU: 0 UID: 0 PID: 9310 Comm: syz.1.669 Tainted: G U syzkaller #0 PREEMPT(full) [ 259.464083][ T9310] Tainted: [U]=USER [ 259.464088][ T9310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 259.464098][ T9310] Call Trace: [ 259.464103][ T9310] [ 259.464109][ T9310] dump_stack_lvl+0x100/0x190 [ 259.464136][ T9310] should_fail_ex.cold+0x5/0xa [ 259.464152][ T9310] ? tomoyo_path_number_perm+0x46d/0x580 [ 259.464177][ T9310] get_futex_key+0x1d2/0x1620 [ 259.464197][ T9310] ? __pfx_get_futex_key+0x10/0x10 [ 259.464220][ T9310] futex_wake+0xea/0x530 [ 259.464243][ T9310] ? __pfx_futex_wake+0x10/0x10 [ 259.464267][ T9310] ? do_vfs_ioctl+0x226/0x13e0 [ 259.464290][ T9310] do_futex+0x32b/0x350 [ 259.464308][ T9310] ? __pfx_do_futex+0x10/0x10 [ 259.464327][ T9310] ? find_held_lock+0x2b/0x80 [ 259.464342][ T9310] __x64_sys_futex+0x34f/0x4d0 [ 259.464362][ T9310] ? __fget_files+0x21f/0x3d0 [ 259.464375][ T9310] ? __pfx___x64_sys_futex+0x10/0x10 [ 259.464400][ T9310] do_syscall_64+0x106/0xf80 [ 259.464417][ T9310] ? clear_bhb_loop+0x40/0x90 [ 259.464434][ T9310] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 259.464449][ T9310] RIP: 0033:0x7febcdf9c799 [ 259.464462][ T9310] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 259.464477][ T9310] RSP: 002b:00007febcee1a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 259.464491][ T9310] RAX: ffffffffffffffda RBX: 00007febce215fa8 RCX: 00007febcdf9c799 [ 259.464500][ T9310] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007febce215fac [ 259.464509][ T9310] RBP: 00007febce215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 259.464639][ T9310] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 259.464649][ T9310] R13: 00007febce216038 R14: 00007fffcbb323b0 R15: 00007fffcbb32498 [ 259.464669][ T9310] [ 259.976383][ T9315] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 261.814079][ T9368] netlink: 28 bytes leftover after parsing attributes in process `syz.0.682'. [ 263.782502][ T9416] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 263.840651][ T9416] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 263.871500][ T9422] can: request_module (can-proto-5) failed. [ 264.004336][ T9430] netlink: 186 bytes leftover after parsing attributes in process `syz.2.693'. [ 264.093721][ T9422] can: request_module (can-proto-5) failed. [ 264.259972][ T9422] can: request_module (can-proto-5) failed. [ 264.367932][ T9422] can: request_module (can-proto-5) failed. [ 264.466039][ T9422] can: request_module (can-proto-5) failed. [ 264.536721][ T9449] FAULT_INJECTION: forcing a failure. [ 264.536721][ T9449] name failslab, interval 1, probability 0, space 0, times 0 [ 264.575066][ T9422] can: request_module (can-proto-5) failed. [ 264.610928][ T9449] CPU: 0 UID: 0 PID: 9449 Comm: syz.0.698 Tainted: G U syzkaller #0 PREEMPT(full) [ 264.610955][ T9449] Tainted: [U]=USER [ 264.610960][ T9449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 264.610969][ T9449] Call Trace: [ 264.610976][ T9449] [ 264.610982][ T9449] dump_stack_lvl+0x100/0x190 [ 264.611016][ T9449] should_fail_ex.cold+0x5/0xa [ 264.611035][ T9449] should_failslab+0xc2/0x120 [ 264.611051][ T9449] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 264.611073][ T9449] ? __proc_create+0x2cb/0x8c0 [ 264.611116][ T9449] __proc_create+0x2cb/0x8c0 [ 264.611139][ T9449] ? __pfx___proc_create+0x10/0x10 [ 264.611169][ T9449] _proc_mkdir+0xb9/0x210 [ 264.611183][ T9449] ? __pfx__proc_mkdir+0x10/0x10 [ 264.611196][ T9449] ? net_generic+0xea/0x2a0 [ 264.611218][ T9449] nfs_fs_proc_net_init+0x9b/0x1e0 [ 264.611237][ T9449] nfs_net_init+0x130/0x340 [ 264.611257][ T9449] ? __pfx_nfs_net_init+0x10/0x10 [ 264.611274][ T9449] ops_init+0x1e2/0x5f0 [ 264.611295][ T9449] setup_net+0x118/0x3a0 [ 264.611315][ T9449] ? __pfx_setup_net+0x10/0x10 [ 264.611332][ T9449] ? lockdep_init_map_type+0x5c/0x250 [ 264.611357][ T9449] ? mutex_init_lockep+0x110/0x150 [ 264.611380][ T9449] copy_net_ns+0x46f/0x7c0 [ 264.611402][ T9449] create_new_namespaces+0x3ea/0xac0 [ 264.611423][ T9449] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 264.611440][ T9449] ksys_unshare+0x473/0xad0 [ 264.611459][ T9449] ? __pfx_ksys_unshare+0x10/0x10 [ 264.611492][ T9449] __x64_sys_unshare+0x31/0x40 [ 264.611510][ T9449] do_syscall_64+0x106/0xf80 [ 264.611527][ T9449] ? clear_bhb_loop+0x40/0x90 [ 264.611545][ T9449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.611560][ T9449] RIP: 0033:0x7f0977b9c799 [ 264.611583][ T9449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.611600][ T9449] RSP: 002b:00007f0978af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 264.611615][ T9449] RAX: ffffffffffffffda RBX: 00007f0977e16090 RCX: 00007f0977b9c799 [ 264.611625][ T9449] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 264.611634][ T9449] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 264.611643][ T9449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.611652][ T9449] R13: 00007f0977e16128 R14: 00007f0977e16090 R15: 00007ffc77d66208 [ 264.611672][ T9449] [ 264.953312][ T9454] FAULT_INJECTION: forcing a failure. [ 264.953312][ T9454] name failslab, interval 1, probability 0, space 0, times 0 [ 264.966779][ T9454] CPU: 0 UID: 0 PID: 9454 Comm: syz.2.700 Tainted: G U syzkaller #0 PREEMPT(full) [ 264.966804][ T9454] Tainted: [U]=USER [ 264.966810][ T9454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 264.966819][ T9454] Call Trace: [ 264.966826][ T9454] [ 264.966833][ T9454] dump_stack_lvl+0x100/0x190 [ 264.966859][ T9454] should_fail_ex.cold+0x5/0xa [ 264.966878][ T9454] should_failslab+0xc2/0x120 [ 264.966894][ T9454] __kmalloc_cache_noprof+0x7a/0x6f0 [ 264.966913][ T9454] ? snd_seq_timer_new+0x44/0x1b0 [ 264.966935][ T9454] snd_seq_timer_new+0x44/0x1b0 [ 264.966954][ T9454] snd_seq_queue_alloc+0x177/0x590 [ 264.966972][ T9454] snd_seq_ioctl_create_queue+0xa9/0x370 [ 264.966994][ T9454] call_seq_client_ctl+0xa3/0x130 [ 264.967015][ T9454] snd_seq_kernel_client_ctl+0x77/0xd0 [ 264.967036][ T9454] alloc_seq_queue+0xdb/0x180 [ 264.967057][ T9454] ? __pfx_alloc_seq_queue+0x10/0x10 [ 264.967095][ T9454] ? mark_held_locks+0x40/0x70 [ 264.967113][ T9454] ? _raw_spin_unlock_irq+0x23/0x50 [ 264.967129][ T9454] ? lockdep_hardirqs_on+0x78/0x100 [ 264.967148][ T9454] snd_seq_oss_open+0x2b2/0xa10 [ 264.967172][ T9454] odev_open+0x79/0xc0 [ 264.967189][ T9454] ? __pfx_odev_open+0x10/0x10 [ 264.967208][ T9454] soundcore_open+0x2e3/0x5a0 [ 264.967231][ T9454] ? __pfx_soundcore_open+0x10/0x10 [ 264.967250][ T9454] chrdev_open+0x234/0x6a0 [ 264.967265][ T9454] ? __pfx_apparmor_file_open+0x10/0x10 [ 264.967286][ T9454] ? __pfx_chrdev_open+0x10/0x10 [ 264.967301][ T9454] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 264.967320][ T9454] do_dentry_open+0x6d8/0x1660 [ 264.967334][ T9454] ? __pfx_chrdev_open+0x10/0x10 [ 264.967353][ T9454] vfs_open+0x82/0x3f0 [ 264.967374][ T9454] path_openat+0x208c/0x31a0 [ 264.967395][ T9454] ? __pfx_path_openat+0x10/0x10 [ 264.967416][ T9454] do_file_open+0x20e/0x430 [ 264.967432][ T9454] ? __pfx_do_file_open+0x10/0x10 [ 264.967459][ T9454] ? alloc_fd+0x476/0x790 [ 264.967475][ T9454] ? do_getname+0x191/0x390 [ 264.967494][ T9454] do_sys_openat2+0x10d/0x1e0 [ 264.967512][ T9454] ? __pfx_do_sys_openat2+0x10/0x10 [ 264.967531][ T9454] ? __fget_files+0x21f/0x3d0 [ 264.967549][ T9454] __x64_sys_openat+0x12d/0x210 [ 264.967572][ T9454] ? __pfx___x64_sys_openat+0x10/0x10 [ 264.967597][ T9454] do_syscall_64+0x106/0xf80 [ 264.967614][ T9454] ? clear_bhb_loop+0x40/0x90 [ 264.967641][ T9454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 264.967657][ T9454] RIP: 0033:0x7f146099c799 [ 264.967671][ T9454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 264.967688][ T9454] RSP: 002b:00007f14617a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 264.967704][ T9454] RAX: ffffffffffffffda RBX: 00007f1460c15fa0 RCX: 00007f146099c799 [ 264.967714][ T9454] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 264.967724][ T9454] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 264.967733][ T9454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 264.967742][ T9454] R13: 00007f1460c16038 R14: 00007f1460c15fa0 R15: 00007ffd8e183168 [ 264.967762][ T9454] [ 266.839052][ T9485] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 270.577761][ T9549] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.36.1), cmd(2) [ 271.344613][ T9554] FAULT_INJECTION: forcing a failure. [ 271.344613][ T9554] name fail_futex, interval 1, probability 0, space 0, times 0 [ 271.410120][ T9569] FAULT_INJECTION: forcing a failure. [ 271.410120][ T9569] name failslab, interval 1, probability 0, space 0, times 0 [ 271.476494][ T9569] CPU: 0 UID: 0 PID: 9569 Comm: syz.3.725 Tainted: G U syzkaller #0 PREEMPT(full) [ 271.476518][ T9569] Tainted: [U]=USER [ 271.476523][ T9569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 271.476531][ T9569] Call Trace: [ 271.476537][ T9569] [ 271.476543][ T9569] dump_stack_lvl+0x100/0x190 [ 271.476568][ T9569] should_fail_ex.cold+0x5/0xa [ 271.476585][ T9569] ? tomoyo_realpath_from_path+0xb6/0x690 [ 271.476603][ T9569] should_failslab+0xc2/0x120 [ 271.476619][ T9569] __kmalloc_noprof+0xe0/0x850 [ 271.476644][ T9569] tomoyo_realpath_from_path+0xb6/0x690 [ 271.476665][ T9569] tomoyo_path_number_perm+0x23c/0x580 [ 271.476686][ T9569] ? tomoyo_path_number_perm+0x22e/0x580 [ 271.476710][ T9569] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 271.476750][ T9569] ? find_held_lock+0x2b/0x80 [ 271.476763][ T9569] ? __fget_files+0x215/0x3d0 [ 271.476776][ T9569] ? hook_file_ioctl_common+0x146/0x410 [ 271.476803][ T9569] ? __fget_files+0x21f/0x3d0 [ 271.476818][ T9569] security_file_ioctl+0xd3/0x230 [ 271.476842][ T9569] __x64_sys_ioctl+0xb7/0x210 [ 271.476864][ T9569] do_syscall_64+0x106/0xf80 [ 271.476881][ T9569] ? clear_bhb_loop+0x40/0x90 [ 271.476907][ T9569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.476925][ T9569] RIP: 0033:0x7faea859c799 [ 271.476938][ T9569] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.476952][ T9569] RSP: 002b:00007faea94ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 271.476966][ T9569] RAX: ffffffffffffffda RBX: 00007faea8815fa0 RCX: 00007faea859c799 [ 271.476975][ T9569] RDX: 0000000000000003 RSI: 000000000000000e RDI: 0000000000000003 [ 271.476984][ T9569] RBP: 00007faea94ae090 R08: 0000000000000000 R09: 0000000000000000 [ 271.476992][ T9569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 271.477000][ T9569] R13: 00007faea8816038 R14: 00007faea8815fa0 R15: 00007ffc6b949878 [ 271.477019][ T9569] [ 271.477026][ T9569] ERROR: Out of memory at tomoyo_realpath_from_path. [ 271.724938][ T9554] CPU: 0 UID: 0 PID: 9554 Comm: syz.1.721 Tainted: G U syzkaller #0 PREEMPT(full) [ 271.724965][ T9554] Tainted: [U]=USER [ 271.724971][ T9554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 271.724980][ T9554] Call Trace: [ 271.724985][ T9554] [ 271.724992][ T9554] dump_stack_lvl+0x100/0x190 [ 271.725018][ T9554] should_fail_ex.cold+0x5/0xa [ 271.725033][ T9554] ? tomoyo_path_number_perm+0x46d/0x580 [ 271.725058][ T9554] get_futex_key+0x1d2/0x1620 [ 271.725078][ T9554] ? __pfx_get_futex_key+0x10/0x10 [ 271.725101][ T9554] futex_wake+0xea/0x530 [ 271.725123][ T9554] ? __pfx_futex_wake+0x10/0x10 [ 271.725148][ T9554] ? do_vfs_ioctl+0x226/0x13e0 [ 271.725169][ T9554] do_futex+0x32b/0x350 [ 271.725188][ T9554] ? __pfx_do_futex+0x10/0x10 [ 271.725206][ T9554] ? find_held_lock+0x2b/0x80 [ 271.725222][ T9554] __x64_sys_futex+0x34f/0x4d0 [ 271.725242][ T9554] ? __fget_files+0x21f/0x3d0 [ 271.725255][ T9554] ? __pfx___x64_sys_futex+0x10/0x10 [ 271.725286][ T9554] do_syscall_64+0x106/0xf80 [ 271.725305][ T9554] ? clear_bhb_loop+0x40/0x90 [ 271.725323][ T9554] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.725339][ T9554] RIP: 0033:0x7febcdf9c799 [ 271.725352][ T9554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.725365][ T9554] RSP: 002b:00007febcee1a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 271.725380][ T9554] RAX: ffffffffffffffda RBX: 00007febce215fa8 RCX: 00007febcdf9c799 [ 271.725389][ T9554] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007febce215fac [ 271.725398][ T9554] RBP: 00007febce215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 271.725407][ T9554] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 271.725415][ T9554] R13: 00007febce216038 R14: 00007fffcbb323b0 R15: 00007fffcbb32498 [ 271.725433][ T9554] [ 273.269300][ T9576] netlink: 146 bytes leftover after parsing attributes in process `syz.3.726'. [ 275.148269][ T9610] FAULT_INJECTION: forcing a failure. [ 275.148269][ T9610] name failslab, interval 1, probability 0, space 0, times 0 [ 275.219801][ T9610] CPU: 0 UID: 0 PID: 9610 Comm: syz.0.734 Tainted: G U syzkaller #0 PREEMPT(full) [ 275.219826][ T9610] Tainted: [U]=USER [ 275.219831][ T9610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 275.219840][ T9610] Call Trace: [ 275.219845][ T9610] [ 275.219851][ T9610] dump_stack_lvl+0x100/0x190 [ 275.219877][ T9610] should_fail_ex.cold+0x5/0xa [ 275.219893][ T9610] ? tomoyo_encode2+0xfb/0x3c0 [ 275.219909][ T9610] should_failslab+0xc2/0x120 [ 275.219924][ T9610] __kmalloc_noprof+0xe0/0x850 [ 275.219945][ T9610] ? d_absolute_path+0x136/0x1b0 [ 275.219977][ T9610] tomoyo_encode2+0xfb/0x3c0 [ 275.219996][ T9610] tomoyo_encode+0x29/0x50 [ 275.220011][ T9610] tomoyo_realpath_from_path+0x18c/0x690 [ 275.220031][ T9610] tomoyo_path_number_perm+0x23c/0x580 [ 275.220053][ T9610] ? tomoyo_path_number_perm+0x22e/0x580 [ 275.220076][ T9610] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 275.220117][ T9610] ? find_held_lock+0x2b/0x80 [ 275.220130][ T9610] ? __fget_files+0x215/0x3d0 [ 275.220143][ T9610] ? hook_file_ioctl_common+0x146/0x410 [ 275.220169][ T9610] ? __fget_files+0x21f/0x3d0 [ 275.220185][ T9610] security_file_ioctl+0xd3/0x230 [ 275.220209][ T9610] __x64_sys_ioctl+0xb7/0x210 [ 275.220230][ T9610] do_syscall_64+0x106/0xf80 [ 275.220248][ T9610] ? clear_bhb_loop+0x40/0x90 [ 275.220265][ T9610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 275.220280][ T9610] RIP: 0033:0x7f0977b9c799 [ 275.220292][ T9610] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 275.220306][ T9610] RSP: 002b:00007f0978b12028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 275.220320][ T9610] RAX: ffffffffffffffda RBX: 00007f0977e15fa0 RCX: 00007f0977b9c799 [ 275.220330][ T9610] RDX: 0000000000000003 RSI: 000000000000000e RDI: 0000000000000003 [ 275.220338][ T9610] RBP: 00007f0978b12090 R08: 0000000000000000 R09: 0000000000000000 [ 275.220347][ T9610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 275.220355][ T9610] R13: 00007f0977e16038 R14: 00007f0977e15fa0 R15: 00007ffc77d66208 [ 275.220374][ T9610] [ 275.220388][ T9610] ERROR: Out of memory at tomoyo_realpath_from_path. [ 276.029525][ T9614] zswap: compressor not available [ 276.152954][ T9614] FAULT_INJECTION: forcing a failure. [ 276.152954][ T9614] name failslab, interval 1, probability 0, space 0, times 0 [ 276.256466][ T9614] CPU: 0 UID: 0 PID: 9614 Comm: syz.3.735 Tainted: G U syzkaller #0 PREEMPT(full) [ 276.256497][ T9614] Tainted: [U]=USER [ 276.256503][ T9614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 276.256531][ T9614] Call Trace: [ 276.256538][ T9614] [ 276.256544][ T9614] dump_stack_lvl+0x100/0x190 [ 276.256737][ T9614] should_fail_ex.cold+0x5/0xa [ 276.256772][ T9614] should_failslab+0xc2/0x120 [ 276.256814][ T9614] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 276.256859][ T9614] ? __kernfs_new_node+0xd2/0x960 [ 276.256885][ T9614] __kernfs_new_node+0xd2/0x960 [ 276.256905][ T9614] ? __lock_acquire+0x4a5/0x2630 [ 276.256925][ T9614] ? __pfx___kernfs_new_node+0x10/0x10 [ 276.256949][ T9614] ? find_held_lock+0x2b/0x80 [ 276.256961][ T9614] ? kernfs_root+0xee/0x2a0 [ 276.256979][ T9614] ? kernfs_root+0xee/0x2a0 [ 276.257003][ T9614] kernfs_new_node+0x11b/0x1a0 [ 276.257028][ T9614] __kernfs_create_file+0x53/0x350 [ 276.257052][ T9614] sysfs_add_file_mode_ns+0x207/0x3c0 [ 276.257076][ T9614] internal_create_group+0x593/0xf40 [ 276.257101][ T9614] ? __pfx_internal_create_group+0x10/0x10 [ 276.257122][ T9614] ? sysfs_create_dir_ns+0x14c/0x2b0 [ 276.257140][ T9614] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 276.257164][ T9614] ? find_held_lock+0x2b/0x80 [ 276.257177][ T9614] ? kobject_add_internal+0x25f/0x930 [ 276.257200][ T9614] internal_create_groups+0x9d/0x150 [ 276.257221][ T9614] kobject_add_internal+0x317/0x930 [ 276.257247][ T9614] kobject_init_and_add+0x121/0x180 [ 276.257370][ T9614] ? __pfx_kobject_init_and_add+0x10/0x10 [ 276.257405][ T9614] nfs_netns_sysfs_setup+0x12a/0x200 [ 276.257446][ T9614] nfs_net_init+0x10a/0x340 [ 276.257467][ T9614] ? __pfx_nfs_net_init+0x10/0x10 [ 276.257485][ T9614] ops_init+0x1e2/0x5f0 [ 276.257507][ T9614] setup_net+0x118/0x3a0 [ 276.257526][ T9614] ? __pfx_setup_net+0x10/0x10 [ 276.257544][ T9614] ? lockdep_init_map_type+0x5c/0x250 [ 276.257565][ T9614] ? mutex_init_lockep+0x110/0x150 [ 276.257594][ T9614] copy_net_ns+0x46f/0x7c0 [ 276.257622][ T9614] create_new_namespaces+0x3ea/0xac0 [ 276.257646][ T9614] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 276.257666][ T9614] ksys_unshare+0x473/0xad0 [ 276.257685][ T9614] ? __pfx_ksys_unshare+0x10/0x10 [ 276.257711][ T9614] __x64_sys_unshare+0x31/0x40 [ 276.257729][ T9614] do_syscall_64+0x106/0xf80 [ 276.257746][ T9614] ? clear_bhb_loop+0x40/0x90 [ 276.257765][ T9614] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 276.257781][ T9614] RIP: 0033:0x7faea859c799 [ 276.257927][ T9614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 276.257944][ T9614] RSP: 002b:00007faea948d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 276.257960][ T9614] RAX: ffffffffffffffda RBX: 00007faea8816090 RCX: 00007faea859c799 [ 276.257971][ T9614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 276.257981][ T9614] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 276.257991][ T9614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 276.258000][ T9614] R13: 00007faea8816128 R14: 00007faea8816090 R15: 00007ffc6b949878 [ 276.258021][ T9614] [ 276.693674][ T9614] kobject: kobject_add_internal failed for nfs_client (error: -12 parent: net) [ 279.816770][ T9663] futex_wake_op: syz.3.744 tries to shift op by -2048; fix this program [ 280.550608][ T9669] FAULT_INJECTION: forcing a failure. [ 280.550608][ T9669] name failslab, interval 1, probability 0, space 0, times 0 [ 280.728959][ T9669] CPU: 0 UID: 0 PID: 9669 Comm: syz.2.746 Tainted: G U L syzkaller #0 PREEMPT(full) [ 280.728989][ T9669] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 280.728995][ T9669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 280.729004][ T9669] Call Trace: [ 280.729009][ T9669] [ 280.729016][ T9669] dump_stack_lvl+0x100/0x190 [ 280.729053][ T9669] should_fail_ex.cold+0x5/0xa [ 280.729072][ T9669] ? __register_sysctl_table+0xbe4/0x1650 [ 280.729098][ T9669] should_failslab+0xc2/0x120 [ 280.729114][ T9669] __kmalloc_noprof+0xe0/0x850 [ 280.729140][ T9669] __register_sysctl_table+0xbe4/0x1650 [ 280.729167][ T9669] ? __pfx___register_sysctl_table+0x10/0x10 [ 280.729189][ T9669] ? is_module_address+0x69/0xf0 [ 280.729213][ T9669] ? register_net_sysctl_sz+0x222/0x430 [ 280.729236][ T9669] ? __asan_memcpy+0x3c/0x60 [ 280.729257][ T9669] ? __pfx_nf_lwtunnel_net_init+0x10/0x10 [ 280.729276][ T9669] nf_lwtunnel_net_init+0x60/0xf0 [ 280.729294][ T9669] ops_init+0x1e2/0x5f0 [ 280.729315][ T9669] setup_net+0x118/0x3a0 [ 280.729334][ T9669] ? __pfx_setup_net+0x10/0x10 [ 280.729350][ T9669] ? lockdep_init_map_type+0x5c/0x250 [ 280.729370][ T9669] ? mutex_init_lockep+0x110/0x150 [ 280.729391][ T9669] copy_net_ns+0x46f/0x7c0 [ 280.729413][ T9669] create_new_namespaces+0x3ea/0xac0 [ 280.729433][ T9669] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 280.729450][ T9669] ksys_unshare+0x473/0xad0 [ 280.729469][ T9669] ? __pfx_ksys_unshare+0x10/0x10 [ 280.729493][ T9669] __x64_sys_unshare+0x31/0x40 [ 280.729510][ T9669] do_syscall_64+0x106/0xf80 [ 280.729527][ T9669] ? clear_bhb_loop+0x40/0x90 [ 280.729548][ T9669] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.729562][ T9669] RIP: 0033:0x7f146099c799 [ 280.729576][ T9669] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 280.729597][ T9669] RSP: 002b:00007f14617a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 280.729613][ T9669] RAX: ffffffffffffffda RBX: 00007f1460c15fa0 RCX: 00007f146099c799 [ 280.729623][ T9669] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 280.729632][ T9669] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 280.729641][ T9669] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.729650][ T9669] R13: 00007f1460c16038 R14: 00007f1460c15fa0 R15: 00007ffd8e183168 [ 280.729670][ T9669] [ 280.735199][ T9669] sysctl could not get directory: /net/netfilter -12 [ 281.065285][ T9679] netlink: 52 bytes leftover after parsing attributes in process `syz.3.748'. [ 281.352620][ T9676] can: request_module (can-proto-0) failed. [ 281.648707][ T9695] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 282.719239][ T9720] netlink: 29 bytes leftover after parsing attributes in process `syz.1.754'. [ 283.679881][ T9733] FAULT_INJECTION: forcing a failure. [ 283.679881][ T9733] name failslab, interval 1, probability 0, space 0, times 0 [ 283.748273][ T9733] CPU: 0 UID: 0 PID: 9733 Comm: syz.0.757 Tainted: G U L syzkaller #0 PREEMPT(full) [ 283.748303][ T9733] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 283.748308][ T9733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 283.748318][ T9733] Call Trace: [ 283.748323][ T9733] [ 283.748330][ T9733] dump_stack_lvl+0x100/0x190 [ 283.748357][ T9733] should_fail_ex.cold+0x5/0xa [ 283.748376][ T9733] should_failslab+0xc2/0x120 [ 283.748391][ T9733] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 283.748412][ T9733] ? security_file_alloc+0x34/0x2c0 [ 283.748428][ T9733] ? trace_kmem_cache_alloc+0xf3/0x120 [ 283.748446][ T9733] security_file_alloc+0x34/0x2c0 [ 283.748461][ T9733] init_file+0x95/0x480 [ 283.748479][ T9733] alloc_empty_file+0x73/0x1c0 [ 283.748497][ T9733] alloc_file_pseudo+0x13a/0x230 [ 283.748518][ T9733] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 283.748536][ T9733] ? security_inode_init_security_anon+0x7b/0x230 [ 283.748561][ T9733] __anon_inode_getfile+0xe8/0x280 [ 283.748577][ T9733] ? _copy_to_user+0xaf/0xd0 [ 283.748592][ T9733] io_uring_setup.cold+0x19e3/0x1d09 [ 283.748615][ T9733] ? __pfx_io_uring_setup+0x10/0x10 [ 283.748642][ T9733] ? __pfx_do_futex+0x10/0x10 [ 283.748670][ T9733] ? xfd_validate_state+0x129/0x190 [ 283.748696][ T9733] __x64_sys_io_uring_setup+0xc2/0x170 [ 283.748715][ T9733] do_syscall_64+0x106/0xf80 [ 283.748732][ T9733] ? clear_bhb_loop+0x40/0x90 [ 283.748751][ T9733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.748767][ T9733] RIP: 0033:0x7f0977b9c799 [ 283.748780][ T9733] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.748794][ T9733] RSP: 002b:00007f0978b12028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 283.748808][ T9733] RAX: ffffffffffffffda RBX: 00007f0977e15fa0 RCX: 00007f0977b9c799 [ 283.748818][ T9733] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006 [ 283.748826][ T9733] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 283.748834][ T9733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.748849][ T9733] R13: 00007f0977e16038 R14: 00007f0977e15fa0 R15: 00007ffc77d66208 [ 283.748869][ T9733] [ 284.335258][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.335283][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.352059][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.361686][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.361902][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.372465][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.391843][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.399550][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.399731][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.407175][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.424633][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.432242][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.432429][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.440529][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.468049][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.477476][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.477854][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.485771][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.518699][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.526462][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.526674][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.549195][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.566913][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.577864][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.578058][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.586493][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.602571][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.611893][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.612198][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.622486][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.638479][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.648672][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.648862][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.656194][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.673696][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.684582][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.684771][ T8320] Bluetooth: hci2: unexpected event 0x3e length: 505 > 260 [ 284.698616][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.714986][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.721833][ T8320] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 284.722070][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.738588][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.745571][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.754202][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.762053][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.769957][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.776882][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.785602][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.793265][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.804504][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.811587][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.819435][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.826377][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.834224][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.841632][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.849392][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.856557][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.864845][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.873087][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.881647][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.889693][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.897323][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.908784][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.919311][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.927799][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.935778][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.942899][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.953430][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.960594][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.968415][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.975971][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 284.984485][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 284.992315][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.000003][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.007255][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.016819][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.023889][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.031968][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.039190][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.046868][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.054121][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.062289][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.072281][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.080987][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.089726][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.097732][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.105423][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.114077][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.131833][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.141966][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.149923][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.158644][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.165961][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.188059][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.196651][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.204672][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.211577][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.219568][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.226468][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.235727][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.242762][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.250721][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.257697][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.268638][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.275531][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.285529][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.293064][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.302554][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.309651][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.318247][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.325559][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.333538][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.343415][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.351730][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.359941][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.368392][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.375757][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.384267][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.393006][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.401346][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.409287][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.417743][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.425112][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.435160][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.442188][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.452023][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.459459][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.467786][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.477610][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.485648][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.493265][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.502363][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.516954][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.525172][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.533688][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.541981][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.556766][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.566471][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.574291][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.582669][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.589697][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.598392][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.608127][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.616739][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.624355][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.633571][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.641610][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.650451][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.657441][ T8320] Bluetooth: hci2: unexpected subevent 0x02 length: 504 > 260 [ 285.665943][ T8320] Bluetooth: hci2: Dropping invalid advertising data [ 285.836396][ T9760] NFSD: Failed to start, no listeners configured. [ 286.951293][ T9773] netlink: 28 bytes leftover after parsing attributes in process `syz.3.764'. [ 287.082649][ T9773] bond0: (slave bond_slave_0): Releasing backup interface [ 287.712515][ T9795] netlink: 330 bytes leftover after parsing attributes in process `syz.3.768'. [ 289.427786][ T9800] FAULT_INJECTION: forcing a failure. [ 289.427786][ T9800] name failslab, interval 1, probability 0, space 0, times 0 [ 289.609007][ T9800] CPU: 0 UID: 0 PID: 9800 Comm: syz.2.767 Tainted: G U L syzkaller #0 PREEMPT(full) [ 289.609037][ T9800] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 289.609043][ T9800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 289.609052][ T9800] Call Trace: [ 289.609057][ T9800] [ 289.609063][ T9800] dump_stack_lvl+0x100/0x190 [ 289.609089][ T9800] should_fail_ex.cold+0x5/0xa [ 289.609108][ T9800] ? memcg_list_lru_alloc+0x4ec/0x740 [ 289.609128][ T9800] should_failslab+0xc2/0x120 [ 289.609143][ T9800] __kmalloc_noprof+0xe0/0x850 [ 289.609164][ T9800] ? ipcget+0xee/0xf50 [ 289.609182][ T9800] memcg_list_lru_alloc+0x4ec/0x740 [ 289.609208][ T9800] ? __pfx_memcg_list_lru_alloc+0x10/0x10 [ 289.609228][ T9800] ? rcu_read_unlock+0x17/0x60 [ 289.609253][ T9800] ? get_mem_cgroup_from_objcg+0xd3/0x330 [ 289.609275][ T9800] __memcg_slab_post_alloc_hook+0x130/0x990 [ 289.609295][ T9800] ? kasan_save_track+0x14/0x30 [ 289.609318][ T9800] kmem_cache_alloc_lru_noprof+0x592/0x6e0 [ 289.609339][ T9800] ? hugetlbfs_alloc_inode+0x8c/0x1d0 [ 289.609358][ T9800] hugetlbfs_alloc_inode+0x8c/0x1d0 [ 289.609372][ T9800] ? __pfx_hugetlbfs_alloc_inode+0x10/0x10 [ 289.609386][ T9800] alloc_inode+0x68/0x250 [ 289.609405][ T9800] new_inode+0x22/0x1c0 [ 289.609425][ T9800] hugetlbfs_get_inode+0x313/0x750 [ 289.609443][ T9800] hugetlb_file_setup+0x3cc/0x5b0 [ 289.609460][ T9800] newseg+0xabb/0xed0 [ 289.609479][ T9800] ? __pfx_newseg+0x10/0x10 [ 289.609493][ T9800] ? down_write+0x146/0x1f0 [ 289.609513][ T9800] ? ksys_write+0x190/0x250 [ 289.609525][ T9800] ? ksys_write+0x190/0x250 [ 289.609541][ T9800] ipcget+0xee/0xf50 [ 289.609555][ T9800] ? do_futex+0x192/0x350 [ 289.609574][ T9800] ? __pfx_do_futex+0x10/0x10 [ 289.609595][ T9800] ? __pfx_ipcget+0x10/0x10 [ 289.609611][ T9800] ? __x64_sys_futex+0x34f/0x4d0 [ 289.609627][ T9800] ? __x64_sys_futex+0x358/0x4d0 [ 289.609651][ T9800] __x64_sys_shmget+0x13b/0x1b0 [ 289.609667][ T9800] ? __pfx___x64_sys_shmget+0x10/0x10 [ 289.609688][ T9800] do_syscall_64+0x106/0xf80 [ 289.609705][ T9800] ? clear_bhb_loop+0x40/0x90 [ 289.609723][ T9800] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.609745][ T9800] RIP: 0033:0x7f146099c799 [ 289.609759][ T9800] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.609773][ T9800] RSP: 002b:00007f145e7d3028 EFLAGS: 00000246 ORIG_RAX: 000000000000001d [ 289.609788][ T9800] RAX: ffffffffffffffda RBX: 00007f1460c16270 RCX: 00007f146099c799 [ 289.609798][ T9800] RDX: 0000000079e56dc9 RSI: 0000000000000003 RDI: 0000000100000000 [ 289.609808][ T9800] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 289.609817][ T9800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.609826][ T9800] R13: 00007f1460c16308 R14: 00007f1460c16270 R15: 00007ffd8e183168 [ 289.609845][ T9800] [ 289.929082][ T9825] FAULT_INJECTION: forcing a failure. [ 289.929082][ T9825] name failslab, interval 1, probability 0, space 0, times 0 [ 289.942841][ T9825] CPU: 0 UID: 0 PID: 9825 Comm: syz.3.773 Tainted: G U L syzkaller #0 PREEMPT(full) [ 289.942868][ T9825] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 289.942874][ T9825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 289.942884][ T9825] Call Trace: [ 289.942891][ T9825] [ 289.942898][ T9825] dump_stack_lvl+0x100/0x190 [ 289.942925][ T9825] should_fail_ex.cold+0x5/0xa [ 289.942943][ T9825] should_failslab+0xc2/0x120 [ 289.942959][ T9825] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 289.942981][ T9825] ? __d_alloc+0x34/0xa80 [ 289.943002][ T9825] __d_alloc+0x34/0xa80 [ 289.943020][ T9825] d_alloc_parallel+0x111/0x14e0 [ 289.943044][ T9825] ? look_up_lock_class+0x55/0x120 [ 289.943062][ T9825] ? register_lock_class+0x40/0x560 [ 289.943082][ T9825] ? __pfx_d_alloc_parallel+0x10/0x10 [ 289.943104][ T9825] ? lockdep_init_map_type+0x5c/0x250 [ 289.943124][ T9825] ? lockdep_init_map_type+0x5c/0x250 [ 289.943146][ T9825] __lookup_slow+0x193/0x460 [ 289.943165][ T9825] ? __pfx___lookup_slow+0x10/0x10 [ 289.943193][ T9825] ? __d_lookup+0x266/0x4a0 [ 289.943221][ T9825] lookup_slow+0x50/0x70 [ 289.943239][ T9825] link_path_walk+0x1377/0x1cc0 [ 289.943266][ T9825] path_openat+0x1be/0x31a0 [ 289.943279][ T9825] ? kasan_save_stack+0x3f/0x50 [ 289.943300][ T9825] ? kasan_save_stack+0x30/0x50 [ 289.943320][ T9825] ? kasan_save_track+0x14/0x30 [ 289.943339][ T9825] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 289.943364][ T9825] ? __pfx_path_openat+0x10/0x10 [ 289.943385][ T9825] do_file_open+0x20e/0x430 [ 289.943411][ T9825] ? __pfx_do_file_open+0x10/0x10 [ 289.943440][ T9825] ? alloc_fd+0x476/0x790 [ 289.943457][ T9825] ? do_getname+0x191/0x390 [ 289.943477][ T9825] do_sys_openat2+0x10d/0x1e0 [ 289.943497][ T9825] ? __pfx_do_sys_openat2+0x10/0x10 [ 289.943524][ T9825] __x64_sys_openat+0x12d/0x210 [ 289.943544][ T9825] ? __pfx___x64_sys_openat+0x10/0x10 [ 289.943569][ T9825] do_syscall_64+0x106/0xf80 [ 289.943586][ T9825] ? clear_bhb_loop+0x40/0x90 [ 289.943603][ T9825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.943625][ T9825] RIP: 0033:0x7faea859c799 [ 289.943641][ T9825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.943654][ T9825] RSP: 002b:00007faea946c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 289.943669][ T9825] RAX: ffffffffffffffda RBX: 00007faea8816180 RCX: 00007faea859c799 [ 289.943678][ T9825] RDX: 0000000000183841 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 289.943688][ T9825] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 289.943697][ T9825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.943739][ T9825] R13: 00007faea8816218 R14: 00007faea8816180 R15: 00007ffc6b949878 [ 289.943760][ T9825] [ 291.476637][ T9849] netlink: 28 bytes leftover after parsing attributes in process `syz.0.781'. [ 291.617152][ T9849] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 291.625995][ T9849] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 291.669930][ T9849] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 291.702119][ T9849] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 295.937423][ T7597] Bluetooth: hci2: Malformed Event: 0x13 [ 297.253317][ T9928] netlink: 8 bytes leftover after parsing attributes in process `syz.3.800'. [ 297.273197][ T29] audit: type=1326 audit(1843104628.458:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9924 comm="syz.2.799" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f146099c799 code=0x0 [ 297.764133][ T9936] netlink: 'syz.0.801': attribute type 1 has an invalid length. [ 298.885358][ T9938] zswap: compressor not available [ 299.079270][ T9953] FAULT_INJECTION: forcing a failure. [ 299.079270][ T9953] name failslab, interval 1, probability 0, space 0, times 0 [ 299.103544][ T9941] zswap: compressor not available [ 299.129143][ T9945] FAULT_INJECTION: forcing a failure. [ 299.129143][ T9945] name failslab, interval 1, probability 0, space 0, times 0 [ 299.187484][ T9945] CPU: 0 UID: 0 PID: 9945 Comm: syz.1.802 Tainted: G U L syzkaller #0 PREEMPT(full) [ 299.187513][ T9945] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 299.187520][ T9945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 299.187529][ T9945] Call Trace: [ 299.187535][ T9945] [ 299.187541][ T9945] dump_stack_lvl+0x100/0x190 [ 299.187569][ T9945] should_fail_ex.cold+0x5/0xa [ 299.187588][ T9945] should_failslab+0xc2/0x120 [ 299.187604][ T9945] __kmalloc_cache_noprof+0x7a/0x6f0 [ 299.187622][ T9945] ? call_usermodehelper_setup+0xaf/0x360 [ 299.187648][ T9945] ? __pfx_free_modprobe_argv+0x10/0x10 [ 299.187667][ T9945] call_usermodehelper_setup+0xaf/0x360 [ 299.187702][ T9945] __request_module+0x3c7/0x6c0 [ 299.187729][ T9945] ? __pfx___request_module+0x10/0x10 [ 299.187755][ T9945] ? crypto_alg_lookup+0x10c/0x1e0 [ 299.187769][ T9945] ? crypto_alg_lookup+0x10c/0x1e0 [ 299.187791][ T9945] crypto_alg_mod_lookup+0x257/0x5d0 [ 299.187809][ T9945] crypto_has_alg+0x22/0x80 [ 299.187824][ T9945] zswap_compressor_param_set+0xea/0x9d0 [ 299.187850][ T9945] param_attr_store+0x199/0x300 [ 299.187866][ T9945] ? __pfx_param_attr_store+0x10/0x10 [ 299.187880][ T9945] module_attr_store+0x58/0x80 [ 299.187900][ T9945] ? __pfx_module_attr_store+0x10/0x10 [ 299.187921][ T9945] sysfs_kf_write+0xf2/0x150 [ 299.187940][ T9945] kernfs_fop_write_iter+0x3e0/0x5f0 [ 299.187954][ T9945] ? __pfx_sysfs_kf_write+0x10/0x10 [ 299.187974][ T9945] vfs_write+0x6ac/0x1070 [ 299.187996][ T9945] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 299.188013][ T9945] ? __pfx_vfs_write+0x10/0x10 [ 299.188047][ T9945] ksys_write+0x12a/0x250 [ 299.188060][ T9945] ? __pfx_ksys_write+0x10/0x10 [ 299.188080][ T9945] do_syscall_64+0x106/0xf80 [ 299.188097][ T9945] ? clear_bhb_loop+0x40/0x90 [ 299.188115][ T9945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.188129][ T9945] RIP: 0033:0x7febcdf9c799 [ 299.188143][ T9945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.188157][ T9945] RSP: 002b:00007febcedd8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 299.188173][ T9945] RAX: ffffffffffffffda RBX: 00007febce216180 RCX: 00007febcdf9c799 [ 299.188184][ T9945] RDX: 0000000000100082 RSI: 0000000000000000 RDI: 0000000000000003 [ 299.188192][ T9945] RBP: 00007febce032c99 R08: 0000000000000000 R09: 0000000000000000 [ 299.188201][ T9945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.188209][ T9945] R13: 00007febce216218 R14: 00007febce216180 R15: 00007fffcbb32498 [ 299.188228][ T9945] [ 299.536960][ T9945] zswap: compressor ? not available [ 299.754454][ T9953] CPU: 0 UID: 0 PID: 9953 Comm: syz.0.803 Tainted: G U L syzkaller #0 PREEMPT(full) [ 299.754482][ T9953] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 299.754488][ T9953] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 299.754496][ T9953] Call Trace: [ 299.754502][ T9953] [ 299.754508][ T9953] dump_stack_lvl+0x100/0x190 [ 299.754533][ T9953] should_fail_ex.cold+0x5/0xa [ 299.754551][ T9953] should_failslab+0xc2/0x120 [ 299.754566][ T9953] __kmalloc_cache_noprof+0x7a/0x6f0 [ 299.754585][ T9953] ? proc_thread_self_get_link+0x1a6/0x210 [ 299.754610][ T9953] proc_thread_self_get_link+0x1a6/0x210 [ 299.754640][ T9953] pick_link+0xac2/0x13c0 [ 299.754659][ T9953] ? __pfx_proc_thread_self_get_link+0x10/0x10 [ 299.754682][ T9953] step_into_slowpath+0x9ba/0xf90 [ 299.754707][ T9953] ? __pfx_step_into_slowpath+0x10/0x10 [ 299.754730][ T9953] ? lookup_fast+0x2da/0x600 [ 299.754748][ T9953] ? inode_permission+0x374/0x620 [ 299.754769][ T9953] link_path_walk+0xf28/0x1cc0 [ 299.754796][ T9953] path_openat+0x1be/0x31a0 [ 299.754809][ T9953] ? kasan_save_stack+0x3f/0x50 [ 299.754832][ T9953] ? kasan_save_stack+0x30/0x50 [ 299.754852][ T9953] ? kasan_save_track+0x14/0x30 [ 299.754873][ T9953] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 299.754898][ T9953] ? __pfx_path_openat+0x10/0x10 [ 299.754919][ T9953] do_file_open+0x20e/0x430 [ 299.754935][ T9953] ? __pfx_do_file_open+0x10/0x10 [ 299.754962][ T9953] ? alloc_fd+0x476/0x790 [ 299.754978][ T9953] ? do_getname+0x191/0x390 [ 299.754996][ T9953] do_sys_openat2+0x10d/0x1e0 [ 299.755015][ T9953] ? __pfx_do_sys_openat2+0x10/0x10 [ 299.755040][ T9953] __x64_sys_openat+0x12d/0x210 [ 299.755059][ T9953] ? __pfx___x64_sys_openat+0x10/0x10 [ 299.755085][ T9953] do_syscall_64+0x106/0xf80 [ 299.755102][ T9953] ? clear_bhb_loop+0x40/0x90 [ 299.755121][ T9953] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.755136][ T9953] RIP: 0033:0x7f0977b9c799 [ 299.755148][ T9953] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.755162][ T9953] RSP: 002b:00007f0978af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 299.755176][ T9953] RAX: ffffffffffffffda RBX: 00007f0977e16090 RCX: 00007f0977b9c799 [ 299.755186][ T9953] RDX: 0000000000008800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 299.755195][ T9953] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 299.755203][ T9953] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.755211][ T9953] R13: 00007f0977e16128 R14: 00007f0977e16090 R15: 00007ffc77d66208 [ 299.755230][ T9953] [ 300.029864][ C0] hrtimer: interrupt took 271337031 ns [ 300.235070][ T9972] queue_state_write: unsupported operation '' [ 300.243022][ T9972] queue_state_write: use 'run', 'start' or 'kick' [ 301.964653][T10010] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 302.108693][T10010] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 302.287693][T10010] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 302.383699][T10010] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 302.895936][T10024] netlink: 28 bytes leftover after parsing attributes in process `syz.0.819'. [ 303.425381][T10041] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 303.991348][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 304.148935][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 304.308740][ T7597] Bluetooth: hci2: command 0x0406 tx timeout [ 304.388625][ T7597] Bluetooth: hci3: command 0x0406 tx timeout [ 317.065360][T10188] netlink: 330 bytes leftover after parsing attributes in process `syz.3.850'. [ 317.257428][T10192] capability: warning: `syz.2.852' uses deprecated v2 capabilities in a way that may be insecure [ 317.359941][T10191] netlink: Invalid conntrack timeout [ 317.514955][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.522195][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.834578][T10200] FAULT_INJECTION: forcing a failure. [ 317.834578][T10200] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 317.989478][T10200] CPU: 0 UID: 0 PID: 10200 Comm: syz.0.854 Tainted: G U L syzkaller #0 PREEMPT(full) [ 317.989508][T10200] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 317.989514][T10200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 317.989523][T10200] Call Trace: [ 317.989528][T10200] [ 317.989534][T10200] dump_stack_lvl+0x100/0x190 [ 317.989560][T10200] should_fail_ex.cold+0x5/0xa [ 317.989578][T10200] _copy_from_user+0x2e/0xd0 [ 317.989594][T10200] restore_altstack+0x98/0x170 [ 317.989614][T10200] ? __pfx_restore_altstack+0x10/0x10 [ 317.989633][T10200] ? _raw_spin_unlock_irq+0x23/0x50 [ 317.989648][T10200] ? lockdep_hardirqs_on+0x78/0x100 [ 317.989665][T10200] ? _raw_spin_unlock_irq+0x2e/0x50 [ 317.989681][T10200] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 317.989699][T10200] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 317.989723][T10200] do_syscall_64+0x106/0xf80 [ 317.989739][T10200] ? clear_bhb_loop+0x40/0x90 [ 317.989762][T10200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.989778][T10200] RIP: 0033:0x7f0977b3db19 [ 317.989792][T10200] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 317.989807][T10200] RSP: 002b:00007f0978b11a80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 317.989830][T10200] RAX: ffffffffffffffda RBX: 00007f0977e15fa0 RCX: 00007f0977b3db19 [ 317.989840][T10200] RDX: 00007f0978b11a80 RSI: 00007f0978b11bb0 RDI: 0000000000000011 [ 317.989850][T10200] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 317.989859][T10200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.989867][T10200] R13: 00007f0977e16038 R14: 00007f0977e15fa0 R15: 00007ffc77d66208 [ 317.989887][T10200] [ 318.187940][T10198] hugetlbfs: syz.3.853 (10198): Using mlock ulimits for SHM_HUGETLB is obsolete [ 320.040154][T10237] FAULT_INJECTION: forcing a failure. [ 320.040154][T10237] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 320.239804][T10237] CPU: 0 UID: 0 PID: 10237 Comm: syz.2.862 Tainted: G U L syzkaller #0 PREEMPT(full) [ 320.239832][T10237] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 320.239838][T10237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 320.239847][T10237] Call Trace: [ 320.239851][T10237] [ 320.239858][T10237] dump_stack_lvl+0x100/0x190 [ 320.239883][T10237] should_fail_ex.cold+0x5/0xa [ 320.239901][T10237] _copy_to_user+0x32/0xd0 [ 320.239916][T10237] simple_read_from_buffer+0xcb/0x170 [ 320.239940][T10237] proc_fail_nth_read+0x1af/0x230 [ 320.239958][T10237] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 320.239976][T10237] ? rw_verify_area+0xce/0x6d0 [ 320.239996][T10237] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 320.240013][T10237] vfs_read+0x1e4/0xb30 [ 320.240037][T10237] ? __pfx_vfs_read+0x10/0x10 [ 320.240059][T10237] ? __fget_files+0x215/0x3d0 [ 320.240075][T10237] ? __fget_files+0x21f/0x3d0 [ 320.240093][T10237] ksys_read+0x12a/0x250 [ 320.240114][T10237] ? __pfx_ksys_read+0x10/0x10 [ 320.240141][T10237] do_syscall_64+0x106/0xf80 [ 320.240158][T10237] ? clear_bhb_loop+0x40/0x90 [ 320.240175][T10237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.240190][T10237] RIP: 0033:0x7f146095cfce [ 320.240202][T10237] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 320.240216][T10237] RSP: 002b:00007f14617a3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 320.240233][T10237] RAX: ffffffffffffffda RBX: 00007f14617a46c0 RCX: 00007f146095cfce [ 320.240242][T10237] RDX: 000000000000000f RSI: 00007f14617a40a0 RDI: 0000000000000004 [ 320.240251][T10237] RBP: 00007f14617a4090 R08: 0000000000000000 R09: 0000000000000000 [ 320.240259][T10237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 320.240267][T10237] R13: 00007f1460c16038 R14: 00007f1460c15fa0 R15: 00007ffd8e183168 [ 320.240286][T10237] [ 321.255510][T10248] zswap: compressor not available [ 322.732773][T10256] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 322.840674][T10256] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 322.895681][T10256] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 322.984012][T10256] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 323.044467][T10286] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input16 [ 323.623971][T10299] Invalid ELF header magic: != ELF [ 323.863449][T10299] Invalid ELF header magic: != ELF [ 324.003027][T10299] Invalid ELF header magic: != ELF [ 324.123231][T10299] Invalid ELF header magic: != ELF [ 324.329178][T10312] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(5) [ 324.548713][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 324.870626][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 324.948949][ T7597] Bluetooth: hci2: command 0x0406 tx timeout [ 325.030685][ T7597] Bluetooth: hci3: command 0x0406 tx timeout [ 327.049189][T10354] FAULT_INJECTION: forcing a failure. [ 327.049189][T10354] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 327.117711][T10354] CPU: 0 UID: 0 PID: 10354 Comm: syz.0.883 Tainted: G U L syzkaller #0 PREEMPT(full) [ 327.117739][T10354] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 327.117745][T10354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 327.117754][T10354] Call Trace: [ 327.117759][T10354] [ 327.117765][T10354] dump_stack_lvl+0x100/0x190 [ 327.117792][T10354] should_fail_ex.cold+0x5/0xa [ 327.117811][T10354] _copy_to_iter+0x1f3/0x1720 [ 327.117837][T10354] ? chacha_block_generic+0x211/0x330 [ 327.117854][T10354] ? __pfx__copy_to_iter+0x10/0x10 [ 327.117880][T10354] ? lockdep_hardirqs_on+0x78/0x100 [ 327.117897][T10354] ? crng_make_state+0x2b0/0x6c0 [ 327.117922][T10354] get_random_bytes_user+0x17b/0x3d0 [ 327.117944][T10354] ? __pfx_get_random_bytes_user+0x10/0x10 [ 327.117969][T10354] ? do_futex+0x192/0x350 [ 327.117990][T10354] ? do_sock_setsockopt+0x101/0x1d0 [ 327.118008][T10354] ? kfree+0x2ec/0x6b0 [ 327.118026][T10354] ? import_ubuf+0x1b6/0x220 [ 327.118048][T10354] __x64_sys_getrandom+0x183/0x290 [ 327.118070][T10354] ? __pfx___x64_sys_getrandom+0x10/0x10 [ 327.118101][T10354] do_syscall_64+0x106/0xf80 [ 327.118117][T10354] ? clear_bhb_loop+0x40/0x90 [ 327.118134][T10354] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.118149][T10354] RIP: 0033:0x7f0977b9c799 [ 327.118162][T10354] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 327.118184][T10354] RSP: 002b:00007f0978b12028 EFLAGS: 00000246 ORIG_RAX: 000000000000013e [ 327.118200][T10354] RAX: ffffffffffffffda RBX: 00007f0977e15fa0 RCX: 00007f0977b9c799 [ 327.118211][T10354] RDX: 0000000000000003 RSI: 0000000006000000 RDI: 0000000000000000 [ 327.118220][T10354] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 327.118229][T10354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.118238][T10354] R13: 00007f0977e16038 R14: 00007f0977e15fa0 R15: 00007ffc77d66208 [ 327.118257][T10354] [ 329.380314][T10391] vhci_hcd vhci_hcd.2: invalid port number 194 [ 329.403284][T10391] vhci_hcd vhci_hcd.2: invalid port number 194 [ 329.709289][T10397] WARNING! power/level is deprecated; use power/control instead [ 330.005500][T10403] vmstat_refresh: nr_hugetlb -8192 [ 330.121175][T10404] hub 1-0:1.0: USB hub found [ 330.156129][T10404] hub 1-0:1.0: 1 port detected [ 330.401479][T10411] random: crng reseeded on system resumption [ 330.500248][T10413] zram: Added device: zram1 [ 330.522120][T10411] hub 1-0:1.0: USB hub found [ 330.591769][T10411] hub 1-0:1.0: 1 port detected [ 330.827162][T10414] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 330.845233][T10413] zswap: compressor i not available [ 330.930492][T10414] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 331.000881][T10414] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 331.089484][T10414] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 331.372548][T10434] Invalid ELF header magic: != ELF [ 332.215171][T10447] netlink: 280 bytes leftover after parsing attributes in process `syz.0.906'. [ 332.875753][ T7597] Bluetooth: hci0: command 0x2016 tx timeout [ 332.890933][T10459] FAULT_INJECTION: forcing a failure. [ 332.890933][T10459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 332.954761][ T7597] Bluetooth: hci1: command 0x0406 tx timeout [ 332.999764][T10459] CPU: 0 UID: 0 PID: 10459 Comm: syz.3.909 Tainted: G U L syzkaller #0 PREEMPT(full) [ 332.999794][T10459] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 332.999799][T10459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 332.999809][T10459] Call Trace: [ 332.999814][T10459] [ 332.999821][T10459] dump_stack_lvl+0x100/0x190 [ 332.999847][T10459] should_fail_ex.cold+0x5/0xa [ 332.999865][T10459] _copy_from_user+0x2e/0xd0 [ 332.999881][T10459] restore_altstack+0x98/0x170 [ 332.999899][T10459] ? __pfx_restore_altstack+0x10/0x10 [ 332.999920][T10459] ? _raw_spin_unlock_irq+0x23/0x50 [ 332.999936][T10459] ? lockdep_hardirqs_on+0x78/0x100 [ 332.999956][T10459] ? _raw_spin_unlock_irq+0x2e/0x50 [ 332.999982][T10459] __do_sys_rt_sigreturn+0x1ab/0x2c0 [ 333.000070][T10459] ? __pfx___do_sys_rt_sigreturn+0x10/0x10 [ 333.000099][T10459] do_syscall_64+0x106/0xf80 [ 333.000118][T10459] ? clear_bhb_loop+0x40/0x90 [ 333.000137][T10459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 333.000153][T10459] RIP: 0033:0x7faea853db19 [ 333.000167][T10459] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25 [ 333.000181][T10459] RSP: 002b:00007faea94ada80 EFLAGS: 00000246 ORIG_RAX: 000000000000000f [ 333.000195][T10459] RAX: ffffffffffffffda RBX: 00007faea8815fa0 RCX: 00007faea853db19 [ 333.000205][T10459] RDX: 00007faea94ada80 RSI: 00007faea94adbb0 RDI: 0000000000000011 [ 333.000215][T10459] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 333.000224][T10459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 333.000232][T10459] R13: 00007faea8816038 R14: 00007faea8815fa0 R15: 00007ffc6b949878 [ 333.000252][T10459] [ 333.485865][ T7597] Bluetooth: hci2: command 0x0406 tx timeout [ 333.492202][ T7597] Bluetooth: hci3: command 0x0406 tx timeout [ 337.971240][T10525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.925'. [ 338.188998][T10525] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 338.406989][T10525] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 338.573924][T10525] bond0 (unregistering): Released all slaves [ 338.636290][ T29] audit: type=1800 audit(1843104669.818:12): pid=10549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.929" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 340.033347][T10563] program syz.3.933 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 343.731957][T10635] Invalid ELF header magic: != ELF [ 345.658340][T10651] random: crng reseeded on system resumption [ 346.006127][ T29] audit: type=1800 audit(1843104677.178:13): pid=10655 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.955" name="trace_pipe" dev="tracefs" ino=3167 res=0 errno=0 [ 346.510165][T10677] bond0: no command found in slaves file - use +ifname or -ifname [ 346.525441][T10663] FAULT_INJECTION: forcing a failure. [ 346.525441][T10663] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 346.586997][T10663] CPU: 0 UID: 0 PID: 10663 Comm: syz.0.957 Tainted: G U L syzkaller #0 PREEMPT(full) [ 346.587025][T10663] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 346.587031][T10663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 346.587039][T10663] Call Trace: [ 346.587045][T10663] [ 346.587051][T10663] dump_stack_lvl+0x100/0x190 [ 346.587078][T10663] should_fail_ex.cold+0x5/0xa [ 346.587094][T10663] ? prepare_alloc_pages+0x16d/0x5f0 [ 346.587112][T10663] should_fail_alloc_page+0xeb/0x140 [ 346.587128][T10663] prepare_alloc_pages+0x1f0/0x5f0 [ 346.587144][T10663] ? unwind_get_return_address+0x59/0xa0 [ 346.587162][T10663] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 346.587197][T10663] ? stack_trace_save+0x8e/0xc0 [ 346.587212][T10663] ? __pfx_stack_trace_save+0x10/0x10 [ 346.587228][T10663] ? stack_depot_save_flags+0x27/0x9d0 [ 346.587252][T10663] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 346.587274][T10663] ? kasan_save_stack+0x3f/0x50 [ 346.587297][T10663] ? kasan_save_track+0x14/0x30 [ 346.587317][T10663] ? __kasan_slab_alloc+0x89/0x90 [ 346.587330][T10663] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 346.587356][T10663] ? security_inode_alloc+0x3b/0x2c0 [ 346.587377][T10663] ? inode_init_always_gfp+0xced/0x1040 [ 346.587391][T10663] ? alloc_inode+0x8e/0x250 [ 346.587408][T10663] ? sock_alloc+0x44/0x280 [ 346.587425][T10663] ? __sock_create+0xc2/0x860 [ 346.587444][T10663] ? __sys_socket+0x14d/0x260 [ 346.587463][T10663] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 346.587487][T10663] ? policy_nodemask+0xed/0x4f0 [ 346.587503][T10663] alloc_pages_mpol+0x1fb/0x550 [ 346.587519][T10663] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 346.587538][T10663] ? sk_prot_alloc+0x10b/0x2a0 [ 346.587556][T10663] ___kmalloc_large_node+0x104/0x150 [ 346.587575][T10663] __kmalloc_large_node_noprof+0x1c/0x70 [ 346.587593][T10663] __kmalloc_noprof+0x5be/0x850 [ 346.587617][T10663] sk_prot_alloc+0x10b/0x2a0 [ 346.587638][T10663] sk_alloc+0x36/0xe80 [ 346.587654][T10663] can_create+0x1e5/0x630 [ 346.587673][T10663] __sock_create+0x339/0x860 [ 346.587697][T10663] __sys_socket+0x14d/0x260 [ 346.587711][T10663] ? __pfx___sys_socket+0x10/0x10 [ 346.587731][T10663] __x64_sys_socket+0x72/0xb0 [ 346.587744][T10663] ? lockdep_hardirqs_on+0x78/0x100 [ 346.587761][T10663] do_syscall_64+0x106/0xf80 [ 346.587778][T10663] ? clear_bhb_loop+0x40/0x90 [ 346.587795][T10663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 346.587810][T10663] RIP: 0033:0x7f0977b9c799 [ 346.587823][T10663] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 346.587838][T10663] RSP: 002b:00007f0978af1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 346.587853][T10663] RAX: ffffffffffffffda RBX: 00007f0977e16090 RCX: 00007f0977b9c799 [ 346.587863][T10663] RDX: 0000000000000006 RSI: 0000000000000002 RDI: 000000000000001d [ 346.587872][T10663] RBP: 00007f0977c32c99 R08: 0000000000000000 R09: 0000000000000000 [ 346.587881][T10663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 346.587889][T10663] R13: 00007f0977e16128 R14: 00007f0977e16090 R15: 00007ffc77d66208 [ 346.587908][T10663] [ 347.726630][T10671] < [ 348.182666][T10691] netlink: 246 bytes leftover after parsing attributes in process `syz.3.963'. [ 348.918850][T10714] ptp ptp0: new virtual clock ptp1 [ 349.003604][T10714] ptp ptp0: guarantee physical clock free running [ 351.291473][ T5910] usb usb40-port2: attempt power cycle [ 351.956845][ T5910] usb usb40-port2: unable to enumerate USB device [ 353.307712][ T29] audit: type=1326 audit(1843104684.488:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.2.980" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f146099c799 code=0x0 [ 353.752414][ T8320] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 354.738994][T10831] netlink: 28 bytes leftover after parsing attributes in process `syz.2.985'. [ 354.974146][T10839] Invalid ELF header magic: != ELF [ 357.574628][T10926] can: request_module (can-proto-5) failed. [ 358.672189][T10945] FAULT_INJECTION: forcing a failure. [ 358.672189][T10945] name failslab, interval 1, probability 0, space 0, times 0 [ 358.839664][T10945] CPU: 0 UID: 0 PID: 10945 Comm: syz.2.999 Tainted: G U L syzkaller #0 PREEMPT(full) [ 358.839692][T10945] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 358.839698][T10945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 358.839708][T10945] Call Trace: [ 358.839713][T10945] [ 358.839719][T10945] dump_stack_lvl+0x100/0x190 [ 358.839882][T10945] should_fail_ex.cold+0x5/0xa [ 358.839916][T10945] should_failslab+0xc2/0x120 [ 358.839948][T10945] __kmalloc_cache_noprof+0x7a/0x6f0 [ 358.839976][T10945] ? __kthread_create_on_node+0xce/0x3f0 [ 358.840005][T10945] ? lockdep_init_map_type+0x5c/0x250 [ 358.840030][T10945] ? __pfx_rescuer_thread+0x10/0x10 [ 358.840049][T10945] __kthread_create_on_node+0xce/0x3f0 [ 358.840067][T10945] ? __pfx___kthread_create_on_node+0x10/0x10 [ 358.840089][T10945] ? __pfx_vsnprintf+0x10/0x10 [ 358.840205][T10945] ? __pfx_rescuer_thread+0x10/0x10 [ 358.840226][T10945] kthread_create_on_node+0xc7/0x100 [ 358.840244][T10945] ? __pfx_kthread_create_on_node+0x10/0x10 [ 358.840260][T10945] ? __pfx_scnprintf+0x10/0x10 [ 358.840286][T10945] init_rescuer+0x31b/0x540 [ 358.840305][T10945] ? __pfx_init_rescuer+0x10/0x10 [ 358.840328][T10945] ? wq_adjust_max_active+0x352/0x4a0 [ 358.840350][T10945] __alloc_workqueue+0xc90/0x1880 [ 358.840370][T10945] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 358.840410][T10945] alloc_workqueue_noprof+0xd2/0x200 [ 358.840427][T10945] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 358.840450][T10945] ? __pfx___debug_object_init+0x10/0x10 [ 358.840542][T10945] nci_register_device+0x511/0xb80 [ 358.840612][T10945] ? __pfx_nci_register_device+0x10/0x10 [ 358.840637][T10945] ? lockdep_init_map_type+0x5c/0x250 [ 358.840659][T10945] virtual_ncidev_open+0x141/0x220 [ 358.840730][T10945] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 358.840746][T10945] misc_open+0x26d/0x450 [ 358.840796][T10945] ? __pfx_misc_open+0x10/0x10 [ 358.840809][T10945] chrdev_open+0x234/0x6a0 [ 358.840828][T10945] ? __pfx_apparmor_file_open+0x10/0x10 [ 358.840879][T10945] ? __pfx_chrdev_open+0x10/0x10 [ 358.840895][T10945] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 358.840922][T10945] do_dentry_open+0x6d8/0x1660 [ 358.840936][T10945] ? __pfx_chrdev_open+0x10/0x10 [ 358.840955][T10945] vfs_open+0x82/0x3f0 [ 358.840975][T10945] path_openat+0x208c/0x31a0 [ 358.840996][T10945] ? __pfx_path_openat+0x10/0x10 [ 358.841017][T10945] do_file_open+0x20e/0x430 [ 358.841033][T10945] ? __pfx_do_file_open+0x10/0x10 [ 358.841066][T10945] ? alloc_fd+0x476/0x790 [ 358.841087][T10945] ? do_getname+0x191/0x390 [ 358.841106][T10945] do_sys_openat2+0x10d/0x1e0 [ 358.841131][T10945] ? __pfx_do_sys_openat2+0x10/0x10 [ 358.841157][T10945] __x64_sys_openat+0x12d/0x210 [ 358.841177][T10945] ? __pfx___x64_sys_openat+0x10/0x10 [ 358.841204][T10945] do_syscall_64+0x106/0xf80 [ 358.841221][T10945] ? clear_bhb_loop+0x40/0x90 [ 358.841247][T10945] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 358.841262][T10945] RIP: 0033:0x7f146099c799 [ 358.841277][T10945] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 358.841291][T10945] RSP: 002b:00007f14617a4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 358.841307][T10945] RAX: ffffffffffffffda RBX: 00007f1460c15fa0 RCX: 00007f146099c799 [ 358.841317][T10945] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 358.841329][T10945] RBP: 00007f1460a32c99 R08: 0000000000000000 R09: 0000000000000000 [ 358.841339][T10945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 358.841348][T10945] R13: 00007f1460c16038 R14: 00007f1460c15fa0 R15: 00007ffd8e183168 [ 358.841367][T10945] [ 359.220410][T10945] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -ENOMEM [ 359.621448][T10968] cifs: Unknown parameter ') Up̢{V ]762']Ψ!gʮ79fM<*ysEh' [ 360.153498][T10947] Invalid ELF header magic: != ELF [ 360.305897][T10982] bridge_slave_1: left allmulticast mode [ 360.339561][T10982] bridge_slave_1: left promiscuous mode [ 360.380618][T10982] bridge0: port 2(bridge_slave_1) entered disabled state [ 362.150795][T11008] FAULT_INJECTION: forcing a failure. [ 362.150795][T11008] name failslab, interval 1, probability 0, space 0, times 0 [ 362.201239][T11008] CPU: 0 UID: 0 PID: 11008 Comm: syz.3.1017 Tainted: G U L syzkaller #0 PREEMPT(full) [ 362.201269][T11008] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 362.201274][T11008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 362.201283][T11008] Call Trace: [ 362.201288][T11008] [ 362.201294][T11008] dump_stack_lvl+0x100/0x190 [ 362.201321][T11008] should_fail_ex.cold+0x5/0xa [ 362.201339][T11008] ? constrain_params_by_rules+0x175/0xcc0 [ 362.201455][T11008] should_failslab+0xc2/0x120 [ 362.201472][T11008] __kmalloc_noprof+0xe0/0x850 [ 362.201492][T11008] ? unwind_get_return_address+0x59/0xa0 [ 362.201519][T11008] constrain_params_by_rules+0x175/0xcc0 [ 362.201539][T11008] ? stack_trace_save+0x8e/0xc0 [ 362.201567][T11008] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 362.201587][T11008] ? __kasan_kmalloc+0xaa/0xb0 [ 362.201607][T11008] ? snd_pcm_oss_change_params_locked+0x247/0x39f0 [ 362.201677][T11008] ? snd_pcm_oss_make_ready+0xeb/0x1b0 [ 362.201699][T11008] ? snd_pcm_oss_sync+0x1de/0x840 [ 362.201717][T11008] ? rcu_is_watching+0x12/0xc0 [ 362.201744][T11008] ? snd_interval_refine+0x2d0/0x580 [ 362.201786][T11008] snd_pcm_hw_refine+0x7e7/0xad0 [ 362.201812][T11008] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 362.201836][T11008] ? __asan_memset+0x23/0x50 [ 362.201857][T11008] ? _snd_pcm_hw_param_min+0x1ea/0x670 [ 362.201882][T11008] snd_pcm_oss_change_params_locked+0x2594/0x39f0 [ 362.201917][T11008] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 362.201940][T11008] ? __pfx___mutex_lock+0x10/0x10 [ 362.202000][T11008] snd_pcm_oss_make_ready+0xeb/0x1b0 [ 362.202025][T11008] snd_pcm_oss_sync+0x1de/0x840 [ 362.202043][T11008] snd_pcm_oss_release+0x238/0x300 [ 362.202058][T11008] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 362.202072][T11008] __fput+0x3ff/0xb40 [ 362.202093][T11008] task_work_run+0x150/0x240 [ 362.202114][T11008] ? __pfx_task_work_run+0x10/0x10 [ 362.202138][T11008] exit_to_user_mode_loop+0x100/0x4a0 [ 362.202159][T11008] do_syscall_64+0x668/0xf80 [ 362.202175][T11008] ? clear_bhb_loop+0x40/0x90 [ 362.202193][T11008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 362.202208][T11008] RIP: 0033:0x7faea859c799 [ 362.202222][T11008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 362.202236][T11008] RSP: 002b:00007faea948d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 362.202250][T11008] RAX: 0000000000000000 RBX: 00007faea8816090 RCX: 00007faea859c799 [ 362.202260][T11008] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 362.202269][T11008] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 362.202278][T11008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 362.202286][T11008] R13: 00007faea8816128 R14: 00007faea8816090 R15: 00007ffc6b949878 [ 362.202306][T11008] [ 364.868897][ T8320] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 365.614520][ T29] audit: type=1804 audit(1843104696.798:15): pid=11049 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1025" name="/newroot/281/file0" dev="tmpfs" ino=1557 res=1 errno=0 [ 365.730237][T11057] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1028'. [ 366.148422][T11068] Console: switching to colour VGA+ 80x25 [ 366.299233][T11070] ================================================================== [ 366.299251][T11070] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 366.299379][T11070] Read of size 256 at addr ffff88807edef860 by task syz.3.1031/11070 [ 366.299391][T11070] [ 366.299402][T11070] CPU: 0 UID: 0 PID: 11070 Comm: syz.3.1031 Tainted: G U L syzkaller #0 PREEMPT(full) [ 366.299424][T11070] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 366.299429][T11070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 366.299439][T11070] Call Trace: [ 366.299444][T11070] [ 366.299450][T11070] dump_stack_lvl+0x100/0x190 [ 366.299471][T11070] print_report+0x156/0x4c9 [ 366.299492][T11070] ? __virt_addr_valid+0x81/0x620 [ 366.299514][T11070] ? __phys_addr+0xe8/0x180 [ 366.299531][T11070] ? fbcon_prepare_logo+0x94e/0xc60 [ 366.299552][T11070] kasan_report+0xdf/0x1e0 [ 366.299568][T11070] ? fbcon_prepare_logo+0x94e/0xc60 [ 366.299591][T11070] kasan_check_range+0x10f/0x1e0 [ 366.299608][T11070] __asan_memcpy+0x23/0x60 [ 366.299627][T11070] fbcon_prepare_logo+0x94e/0xc60 [ 366.299651][T11070] fbcon_init+0x10a0/0x1820 [ 366.299673][T11070] visual_init+0x320/0x620 [ 366.299710][T11070] do_bind_con_driver.isra.0+0x636/0x9c0 [ 366.299730][T11070] store_bind+0x609/0x730 [ 366.299748][T11070] ? __pfx_store_bind+0x10/0x10 [ 366.299857][T11070] dev_attr_store+0x58/0x80 [ 366.299937][T11070] ? __pfx_dev_attr_store+0x10/0x10 [ 366.299958][T11070] sysfs_kf_write+0xf2/0x150 [ 366.299995][T11070] kernfs_fop_write_iter+0x3e0/0x5f0 [ 366.300009][T11070] ? __pfx_sysfs_kf_write+0x10/0x10 [ 366.300026][T11070] vfs_write+0x6ac/0x1070 [ 366.300049][T11070] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 366.300064][T11070] ? __pfx_vfs_write+0x10/0x10 [ 366.300090][T11070] ksys_write+0x12a/0x250 [ 366.300102][T11070] ? __pfx_ksys_write+0x10/0x10 [ 366.300114][T11070] ? kcov_ioctl+0x16a/0x720 [ 366.300145][T11070] do_syscall_64+0x106/0xf80 [ 366.300162][T11070] ? clear_bhb_loop+0x40/0x90 [ 366.300179][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.300194][T11070] RIP: 0033:0x7faea859c799 [ 366.300207][T11070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.300221][T11070] RSP: 002b:00007faea944b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 366.300236][T11070] RAX: ffffffffffffffda RBX: 00007faea8816270 RCX: 00007faea859c799 [ 366.300247][T11070] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 366.300256][T11070] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 366.300265][T11070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.300274][T11070] R13: 00007faea8816308 R14: 00007faea8816270 R15: 00007ffc6b949878 [ 366.300288][T11070] [ 366.300294][T11070] [ 366.300298][T11070] Allocated by task 11053: [ 366.300306][T11070] kasan_save_stack+0x30/0x50 [ 366.300327][T11070] kasan_save_track+0x14/0x30 [ 366.300347][T11070] __kasan_kmalloc+0xaa/0xb0 [ 366.300366][T11070] __kmalloc_node_track_caller_noprof+0x304/0x850 [ 366.300389][T11070] kmalloc_reserve+0xe8/0x350 [ 366.300482][T11070] __alloc_skb+0x185/0x710 [ 366.300496][T11070] rtmsg_ifinfo_build_skb+0x81/0x260 [ 366.300558][T11070] unregister_netdevice_many_notify+0x12b6/0x2580 [ 366.300600][T11070] ops_undo_list+0x8ff/0xab0 [ 366.300638][T11070] setup_net+0x1fa/0x3a0 [ 366.300654][T11070] copy_net_ns+0x46f/0x7c0 [ 366.300672][T11070] create_new_namespaces+0x3ea/0xac0 [ 366.300687][T11070] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 366.300701][T11070] ksys_unshare+0x473/0xad0 [ 366.300723][T11070] __x64_sys_unshare+0x31/0x40 [ 366.300738][T11070] do_syscall_64+0x106/0xf80 [ 366.300762][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.300777][T11070] [ 366.300780][T11070] Freed by task 11053: [ 366.300787][T11070] kasan_save_stack+0x30/0x50 [ 366.300808][T11070] kasan_save_track+0x14/0x30 [ 366.300828][T11070] kasan_save_free_info+0x3b/0x70 [ 366.300845][T11070] __kasan_slab_free+0x5f/0x80 [ 366.300857][T11070] kfree+0x1f6/0x6b0 [ 366.300872][T11070] skb_free_head+0x119/0x220 [ 366.300884][T11070] skb_release_data+0x79b/0x9d0 [ 366.300899][T11070] consume_skb+0xc4/0x110 [ 366.300915][T11070] netlink_broadcast_filtered+0x3cc/0xf50 [ 366.300962][T11070] nlmsg_notify+0xb1/0x290 [ 366.300980][T11070] unregister_netdevice_many_notify+0x175e/0x2580 [ 366.300998][T11070] ops_undo_list+0x8ff/0xab0 [ 366.301014][T11070] setup_net+0x1fa/0x3a0 [ 366.301030][T11070] copy_net_ns+0x46f/0x7c0 [ 366.301054][T11070] create_new_namespaces+0x3ea/0xac0 [ 366.301069][T11070] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 366.301083][T11070] ksys_unshare+0x473/0xad0 [ 366.301098][T11070] __x64_sys_unshare+0x31/0x40 [ 366.301113][T11070] do_syscall_64+0x106/0xf80 [ 366.301129][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.301143][T11070] [ 366.301146][T11070] The buggy address belongs to the object at ffff88807edef000 [ 366.301146][T11070] which belongs to the cache kmalloc-2k of size 2048 [ 366.301158][T11070] The buggy address is located 96 bytes to the right of [ 366.301158][T11070] allocated 2048-byte region [ffff88807edef000, ffff88807edef800) [ 366.301173][T11070] [ 366.301177][T11070] The buggy address belongs to the physical page: [ 366.301185][T11070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7ede8 [ 366.301203][T11070] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 366.301214][T11070] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 366.301228][T11070] page_type: f5(slab) [ 366.301242][T11070] raw: 00fff00000000040 ffff88813fe3d000 dead000000000100 dead000000000122 [ 366.301259][T11070] raw: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 366.301273][T11070] head: 00fff00000000040 ffff88813fe3d000 dead000000000100 dead000000000122 [ 366.301287][T11070] head: 0000000000000000 0000000800080008 00000000f5000000 0000000000000000 [ 366.301300][T11070] head: 00fff00000000003 ffffea0001fb7a01 00000000ffffffff 00000000ffffffff [ 366.301313][T11070] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 366.301321][T11070] page dumped because: kasan: bad access detected [ 366.301334][T11070] page_owner tracks the page as allocated [ 366.301339][T11070] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5823, tgid 5823 (syz-executor), ts 85610405223, free_ts 85417842452 [ 366.301365][T11070] post_alloc_hook+0x153/0x170 [ 366.301383][T11070] get_page_from_freelist+0x111d/0x3140 [ 366.301403][T11070] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 366.301423][T11070] new_slab+0xa6/0x6c0 [ 366.301437][T11070] refill_objects+0x26b/0x400 [ 366.301454][T11070] __pcs_replace_empty_main+0x1ab/0x600 [ 366.301473][T11070] __kmalloc_cache_noprof+0x493/0x6f0 [ 366.301489][T11070] rtnl_newlink+0x126/0x2380 [ 366.301505][T11070] rtnetlink_rcv_msg+0x95e/0xe90 [ 366.301520][T11070] netlink_rcv_skb+0x159/0x420 [ 366.301536][T11070] netlink_unicast+0x5aa/0x870 [ 366.301552][T11070] netlink_sendmsg+0x8b0/0xda0 [ 366.301568][T11070] __sys_sendto+0x468/0x4b0 [ 366.301582][T11070] __x64_sys_sendto+0xe0/0x1c0 [ 366.301595][T11070] do_syscall_64+0x106/0xf80 [ 366.301609][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.301623][T11070] page last free pid 23 tgid 23 stack trace: [ 366.301631][T11070] __free_frozen_pages+0x7e1/0x10d0 [ 366.301647][T11070] __folio_put+0x3b4/0x540 [ 366.301673][T11070] skb_release_data+0x667/0x9d0 [ 366.301689][T11070] napi_consume_skb+0x1f6/0x320 [ 366.301710][T11070] skb_defer_free_flush+0x1f1/0x290 [ 366.301770][T11070] net_rx_action+0x3ca/0xf20 [ 366.301784][T11070] handle_softirqs+0x1eb/0x9e0 [ 366.301798][T11070] run_ksoftirqd+0x38/0x60 [ 366.301810][T11070] smpboot_thread_fn+0x3d3/0xaa0 [ 366.301827][T11070] kthread+0x370/0x450 [ 366.301843][T11070] ret_from_fork+0x754/0xd80 [ 366.301869][T11070] ret_from_fork_asm+0x1a/0x30 [ 366.301884][T11070] [ 366.301887][T11070] Memory state around the buggy address: [ 366.301895][T11070] ffff88807edef700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 366.301905][T11070] ffff88807edef780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 366.301914][T11070] >ffff88807edef800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.301922][T11070] ^ [ 366.301930][T11070] ffff88807edef880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.301939][T11070] ffff88807edef900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 366.301947][T11070] ================================================================== [ 366.332966][T11070] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 366.332986][T11070] CPU: 0 UID: 0 PID: 11070 Comm: syz.3.1031 Tainted: G U L syzkaller #0 PREEMPT(full) [ 366.333010][T11070] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 366.333017][T11070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026 [ 366.333027][T11070] Call Trace: [ 366.333032][T11070] [ 366.333038][T11070] dump_stack_lvl+0x100/0x190 [ 366.333065][T11070] vpanic+0x552/0x970 [ 366.333080][T11070] ? __pfx_vpanic+0x10/0x10 [ 366.333097][T11070] ? fbcon_prepare_logo+0x94e/0xc60 [ 366.333119][T11070] panic+0xd1/0xe0 [ 366.333131][T11070] ? __pfx_panic+0x10/0x10 [ 366.333145][T11070] ? fbcon_prepare_logo+0x94e/0xc60 [ 366.333165][T11070] ? preempt_schedule_common+0x42/0xc0 [ 366.333185][T11070] check_panic_on_warn.cold+0x19/0x34 [ 366.333200][T11070] end_report.part.0+0x3a/0x90 [ 366.333221][T11070] kasan_report.cold+0xe/0x18 [ 366.333241][T11070] ? fbcon_prepare_logo+0x94e/0xc60 [ 366.333264][T11070] kasan_check_range+0x10f/0x1e0 [ 366.333281][T11070] __asan_memcpy+0x23/0x60 [ 366.333299][T11070] fbcon_prepare_logo+0x94e/0xc60 [ 366.333324][T11070] fbcon_init+0x10a0/0x1820 [ 366.333349][T11070] visual_init+0x320/0x620 [ 366.333364][T11070] do_bind_con_driver.isra.0+0x636/0x9c0 [ 366.333389][T11070] store_bind+0x609/0x730 [ 366.333415][T11070] ? __pfx_store_bind+0x10/0x10 [ 366.333432][T11070] dev_attr_store+0x58/0x80 [ 366.333455][T11070] ? __pfx_dev_attr_store+0x10/0x10 [ 366.333477][T11070] sysfs_kf_write+0xf2/0x150 [ 366.333495][T11070] kernfs_fop_write_iter+0x3e0/0x5f0 [ 366.333510][T11070] ? __pfx_sysfs_kf_write+0x10/0x10 [ 366.333527][T11070] vfs_write+0x6ac/0x1070 [ 366.333549][T11070] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 366.333564][T11070] ? __pfx_vfs_write+0x10/0x10 [ 366.333590][T11070] ksys_write+0x12a/0x250 [ 366.333602][T11070] ? __pfx_ksys_write+0x10/0x10 [ 366.333613][T11070] ? kcov_ioctl+0x16a/0x720 [ 366.333637][T11070] do_syscall_64+0x106/0xf80 [ 366.333654][T11070] ? clear_bhb_loop+0x40/0x90 [ 366.333671][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.333685][T11070] RIP: 0033:0x7faea859c799 [ 366.333698][T11070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.333713][T11070] RSP: 002b:00007faea944b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 366.333728][T11070] RAX: ffffffffffffffda RBX: 00007faea8816270 RCX: 00007faea859c799 [ 366.333739][T11070] RDX: 0000000000000084 RSI: 0000200000000040 RDI: 0000000000000003 [ 366.333748][T11070] RBP: 00007faea8632c99 R08: 0000000000000000 R09: 0000000000000000 [ 366.333757][T11070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.333767][T11070] R13: 00007faea8816308 R14: 00007faea8816270 R15: 00007ffc6b949878 [ 366.333781][T11070] [ 366.333848][T11070] Kernel Offset: disabled