last executing test programs: 20.754807757s ago: executing program 1 (id=2434): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socketpair$auto(0x1e, 0x4000005, 0x8000000000000000, 0x0) r1 = io_uring_setup$auto(0x1, 0x0) close_range$auto(r0, r0, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x3, 0x5, 0x7, 0x0) socket(0x2, 0x5, 0x0) getsockopt$auto(0x6, 0x84, 0x7d, 0x0, &(0x7f00000000c0)=0x10000) read$auto(r3, 0x0, 0x20) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) ioctl$auto_SG_SET_DEBUG(0xffffffffffffffff, 0x227e, &(0x7f0000000240)) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000140), r1) semget$auto(0x3, 0xffffff92, 0x56) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x3000000, 0x0, 0x40000000001, 0x0, 0x10000000000000}, 0xfffffffd}, 0x100003, 0x0) r5 = getpid() process_vm_readv$auto(r5, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000080), 0x10ffffffff}, 0x6, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@iter_create={0x15, 0x8}, 0x7) sendmsg$auto_OVS_DP_CMD_NEW(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x2c}, 0x1, 0x0, 0x0, 0x20000800}, 0x80) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, 0x0, 0x20401, 0x0) unshare$auto(0x40000080) ioctl$auto(r2, 0xc0585611, r2) 19.704881251s ago: executing program 1 (id=2437): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x20802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8001) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000080), 0xffffffffffffffff) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x102, 0x0) ioctl$auto(r2, 0x900064b7, r2) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_KSMBD_EVENT_RPC_REQUEST(r4, 0x0, 0x880) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) prlimit64$auto(0x0, 0x7, &(0x7f0000000cc0)={0xfff, 0xf1c6}, 0x0) poll$auto(&(0x7f0000000f80)={0xffffffffffffffff, 0xa06}, 0x3fa, 0x20) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x1, 0x7, 0x2817, 0x4, 0x200004, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x8, 0x7, 0x5, 0x8}, 0x10) socket(0xa, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) r6 = getegid() setregid$auto(r6, r6) fchown$auto(r5, 0x0, r6) setgid$auto(r6) writev$auto(r3, &(0x7f0000000140)={0x0, 0x5}, 0x5) 19.355656426s ago: executing program 1 (id=2438): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2, 0x3, 0x100) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)={0x24c, 0x0, 0x8, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0x1}, @NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM={0x6, 0xfb, 0x6}, @NL80211_ATTR_WIPHY_ANTENNA_RX={0x8, 0x6a, 0x28d161dd}, @NL80211_ATTR_HE_BSS_COLOR={0xc, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_COLOR={0x5, 0x1, 0x4}]}, @NL80211_ATTR_USE_MFP={0x8, 0x42, 0x4}, @NL80211_ATTR_INACTIVITY_TIMEOUT={0x6, 0x96, 0x5}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0xf3}, @NL80211_ATTR_STA_PLINK_STATE={0x5, 0x74, 0x7e}, @NL80211_ATTR_SAR_SPEC={0x1ec, 0x12c, 0x0, 0x1, [@NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0xffffffff}, @NL80211_SAR_ATTR_SPECS={0x134, 0x2, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xb54d}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x9}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x3}, @NL80211_SAR_ATTR_SPECS_POWER={0x8}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x2}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0xf1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x10000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x53561f72}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x3}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x81}]}, {0x54, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x2}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x699}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x6}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x9}]}]}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0x61}, @NL80211_SAR_ATTR_SPECS={0x9c, 0x2, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x5968348c}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x4}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x7}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x1}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x6}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8000}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x8001}]}, {0x44, 0x0, 0x0, 0x1, [@NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x7}, @NL80211_SAR_ATTR_SPECS_POWER={0x8}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xa13c}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x8}, @NL80211_SAR_ATTR_SPECS_RANGE_INDEX={0x8, 0x2, 0x401}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x5}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0x692}, @NL80211_SAR_ATTR_SPECS_POWER={0x8, 0x1, 0xc}]}]}, @NL80211_SAR_ATTR_TYPE={0x8, 0x1, 0xb447}]}]}, 0x24c}, 0x1, 0x0, 0x0, 0x4000010}, 0x40004) read$auto(r1, 0x0, 0x1060) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc7}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 19.092304268s ago: executing program 1 (id=2439): socket(0x11, 0x1, 0xe) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) socket(0x2, 0x1, 0x106) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r1) sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) io_uring_register$auto(0x2, 0x19, &(0x7f0000000000), 0x41) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) timerfd_create$auto(0x9, 0x0) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/block/loop15/hctx0/sched_tags\x00', 0x169100, 0x0) pread64$auto(r2, 0x0, 0x5000f42a, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x7, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) 12.944095397s ago: executing program 0 (id=2451): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f00000000c0)=@raw_tracepoint={0x0, r0, 0x0, 0x1ff}, 0x6) madvise$auto(0x0, 0x200007, 0x8) 10.050996878s ago: executing program 0 (id=2455): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x80000000000) socket(0x2, 0x3, 0xa) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e00fbe18d073ba65c6df9cd1c8d10ea3ad6d7ac15"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x1900}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mseal$auto(0x0, 0x7dda, 0x0) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 7.714738768s ago: executing program 0 (id=2459): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/apparmor/parameters/debug\x00', 0x182b02, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000280)=0x3) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r1, 0x7b2, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000040)="c80d1b5d3b9b5006ffad165a75d7ad0cd20ef1650fa3750f9204864e243c943ab46eb4347c6ac8d66833d19e478e119af7df47792ea6d3615c8b0aad098e5d6d2a4b0d277cb9dc1e8b36353abe98b54c97b5fdaa215d9636b4f54a6f1ae20631e2584de438ca9ab4b58cc4e3ec02cda4e6ddd06ee51b5db47e515fac3b128351d70acc8ab8", 0x85) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) process_vm_readv$auto(0x0, 0x0, 0x40000000001, 0x0, 0x4, 0x0) capset$auto(0x0, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000013c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_BIND_RX(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000001440)={0x14, r4, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x10) fstat$auto(0x2, 0x0) r5 = socket(0xa, 0x2, 0x88) setsockopt$auto(r5, 0x11, 0x68, 0x0, 0x8) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000180)={0x5, &(0x7f0000000140)={0x8, 0x2, 0x0, @raw=0x423b09cd}}) getsockopt$auto(r6, 0x7, 0x8, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/domain_policy\x00', &(0x7f0000000200)=0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioctl$auto_TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000240)=0x5) 6.709779421s ago: executing program 0 (id=2460): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) bpf$auto_BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000480)=@raw_tracepoint={0x717, r0, 0x0, 0xffffffffffffffff}, 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r1 = syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)=ANY=[@ANYBLOB="54000001", @ANYRES16=r1, @ANYBLOB="010031bd7000fddbdf250c000000"], 0x14}, 0x1, 0x0, 0x0, 0x20008001}, 0x0) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000001040), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01000500027bfddbdf2500000000080008000500000008000100e0e451650800020001"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x14) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000080)={0x1c, r2, 0x400, 0x70bd26, 0x25dfdbff, {}, [@GTPA_MS_ADDRESS={0x8, 0x5, @rand_addr=0x64010102}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x800) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/edac_core/parameters/edac_mc_poll_msec\x00', 0x60301, 0x0) write$auto(0x3, 0x0, 0xffd8) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r3, &(0x7f0000000240)='\x03W\x96l\x15\x00'/21, 0x100000002, 0x100000001) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 6.613158111s ago: executing program 3 (id=2461): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/module/apparmor/parameters/debug\x00', 0x182b02, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r1 = socketcall$auto_SYS_SOCKET(0x1, &(0x7f0000000280)=0x3) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r1, 0x7b2, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000040)="c80d1b5d3b9b5006ffad165a75d7ad0cd20ef1650fa3750f9204864e243c943ab46eb4347c6ac8d66833d19e478e119af7df47792ea6d3615c8b0aad098e5d6d2a4b0d277cb9dc1e8b36353abe98b54c97b5fdaa215d9636b4f54a6f1ae20631e2584de438ca9ab4b58cc4e3ec02cda4e6ddd06ee51b5db47e515fac3b128351d70acc8ab8", 0x85) r2 = getpid() process_vm_readv$auto(r2, 0x0, 0x40000000001, 0x0, 0x4, 0x0) capset$auto(0x0, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x102, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_netdev(&(0x7f00000013c0), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_BIND_RX(r3, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000001440)={0x14, r4, 0x1, 0x70bd2a, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x10) fstat$auto(0x2, 0x0) r5 = socket(0xa, 0x2, 0x88) setsockopt$auto(r5, 0x11, 0x68, 0x0, 0x8) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = ioctl$auto_TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, &(0x7f0000000180)={0x5, &(0x7f0000000140)={0x8, 0x2, 0x0, @raw=0x423b09cd}}) getsockopt$auto(r6, 0x7, 0x8, &(0x7f00000001c0)='/sys/kernel/security/tomoyo/domain_policy\x00', &(0x7f0000000200)=0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioctl$auto_TUNGETVNETHDRSZ(0xffffffffffffffff, 0x800454d7, &(0x7f0000000240)=0x5) 5.802191604s ago: executing program 3 (id=2462): r0 = ioctl$auto_TUNGETVNETHDRSZ2(0xffffffffffffffff, 0x800454d7, &(0x7f0000000040)=0x80) listen$auto(r0, 0x1) socket(0xa, 0x801, 0x84) getpid() close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40000a, 0x80000001, 0x9b72, 0xffffffffffffffff, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x10bb41, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x8002, 0x0) close_range$auto(0x2, 0xa, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(0xffffffffffffffff, 0x4018bc0e, &(0x7f0000000080)={0x5, 0x0, 0x5, 0x1}) mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r2, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) (fail_nth: 14) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), r1) pread64$auto(0xffffffffffffffff, 0x0, 0x1, 0x1) 5.545237165s ago: executing program 2 (id=2463): openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/nbd14/sched/write1_fifo_list\x00', 0x400643, 0x0) unshare$auto(0x8) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/pci_bus/0000:00/cpuaffinity\x00', 0x20800, 0x0) read$auto(r1, &(0x7f00000000c0)='/sys/devices/~latform/vhci_hc$.7/usb23/23-0:1.0/~\xda=\x8eep_81/inver', 0x6864a34) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) r3 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r3, 0xfffffffffffff000, 0x2) landlock_create_ruleset$auto(&(0x7f0000000000)={0x6, 0x400000000000400, 0x9}, 0x9, 0x0) landlock_restrict_self$auto(r3, 0x0) linkat$auto(r2, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)='&&\x00', 0x1400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x108000) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f80, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) mremap$auto(0xfffff000, 0x4, 0x4, 0x7, 0x1001ff000) fsopen$auto(0x0, 0xfffffffc) r5 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(r5, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r5}) madvise$auto(0x0, 0x2003f2, 0x15) 5.142161772s ago: executing program 3 (id=2464): socket(0x11, 0x80003, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x18, 0x3, 0x2) sendmmsg$auto(0x3, 0x0, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x8, 0x9, 0x0) epoll_create$auto(0x4) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = socket(0x11, 0x6, 0x300) sendfile$auto(0x1, r0, 0x0, 0x8fb5) ioctl$auto(0xc8, 0x400454ce, 0xffffffffffffffff) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r1, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x20000080) fcntl$auto(0x0, 0x408, 0x100000) setsockopt$auto_SO_OOBINLINE(0xffffffffffffffff, 0x3, 0xa, &(0x7f0000000080)='nlctrl\x00', 0x2) close_range$auto(0x2, 0xa, 0x0) unshare$auto(0x8000000) semget$auto(0x0, 0x2e4a, 0x8000) semtimedop$auto(0x0, &(0x7f0000000000)={0x7, 0x9, 0x6}, 0x1, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff500"}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/kernel/hung_task_check_interval_secs\x00', 0x88542, 0x0) 3.935935364s ago: executing program 2 (id=2465): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x80000000000) socket(0x2, 0x3, 0xa) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e00fbe18d073ba65c6df9cd1c8d10ea3ad6d7ac15"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x1900}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mseal$auto(0x0, 0x7dda, 0x0) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) 3.109102745s ago: executing program 3 (id=2466): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/net/bond0/bonding/resend_igmp\x00', 0x1e2142, 0x0) sendfile$auto(r0, r0, 0x0, 0x7fff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffff7fffff0005, 0x8) bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f00000000c0)=@raw_tracepoint={0x0, r0, 0x0, 0x1ff}, 0x6) madvise$auto(0x0, 0x200007, 0x8) 2.706501758s ago: executing program 2 (id=2467): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x0) socket(0x11, 0x2, 0x73) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) fanotify_init$auto(0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x800455ca, 0x0) 2.186083052s ago: executing program 0 (id=2468): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) openat$auto_fops_blob_file(0xffffffffffffff9c, &(0x7f0000000040), 0x101400, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) fanotify_init$auto(0x5, 0x0) ioctl$auto_TIOCSETD2(0xffffffffffffffff, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_USB_RAW_IOCTL_EVENT_FETCH(0xffffffffffffffff, 0x80085502, 0x0) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x3, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/input/mice\x00', 0x22002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) write$auto(0x3, 0x0, 0x70) 2.057936644s ago: executing program 2 (id=2469): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/rpc/auth.unix.ip/content\x00', 0x2000, 0x0) pread64$auto(r0, 0x0, 0xf42c, 0x38) mmap$auto(0x0, 0x2020009, 0x800, 0x7fffffffffffffff, r0, 0x0) socket(0x2, 0x1, 0x106) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r2) sendmsg$auto_TCP_METRICS_CMD_DEL(r2, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) io_uring_register$auto(0x2, 0x1a, &(0x7f0000000000), 0x1) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) timerfd_create$auto(0x9, 0x0) r3 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/block/loop15/hctx0/sched_tags\x00', 0x169100, 0x0) pread64$auto(r3, 0x0, 0x5000f42a, 0x100) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x7) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r5, &(0x7f0000000200)={0x0, 0x9}, 0x6) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/smaps_rollup\x00', 0x840, 0x0) 1.931430076s ago: executing program 3 (id=2470): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto_BLKTRACESETUP2(0xffffffffffffffff, 0xc0481273, 0x0) getpgrp(0x0) shmctl$auto_SHM_STAT(0x92, 0xd, &(0x7f0000000140)={{0x9, 0xffffffffffffffff, 0xee01, 0x69a, 0x400, 0x7, 0x9}, 0x0, 0x5, 0x5, 0x20009, @inferred, @raw=0x1000, 0x1, 0x0, 0x0, 0x0}) openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, 0x0, 0xc05, 0x0) r0 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) writev$auto(r0, &(0x7f0000000140)={0x0, 0x5}, 0x5) (fail_nth: 5) 1.304463924s ago: executing program 0 (id=2471): socket(0x11, 0x1, 0xe) mmap$auto(0x0, 0x2020409, 0xa, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x147) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000c00), r1) sendmsg$auto_TCP_METRICS_CMD_DEL(r1, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x40) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) io_uring_register$auto(0x2, 0x19, &(0x7f0000000000), 0x41) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) timerfd_create$auto(0x9, 0x0) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000500)='/sys/kernel/debug/block/loop15/hctx0/sched_tags\x00', 0x169100, 0x0) pread64$auto(r2, 0x0, 0x5000f42a, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x7, 0x0) socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x2440, 0x0) 1.303528207s ago: executing program 3 (id=2472): mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) statmount$auto(0x0, &(0x7f0000000380)={0x4, 0xfffffffd, 0x9, 0x3, 0x16, 0x7, 0x5, 0x3, 0x800000000000006, 0x2, 0x9, 0x5, 0x2, 0x7, 0xb0, 0x9, 0x5, 0x3, 0x3, 0xb414, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffffffe, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xffffffff], "c4cbb7ab40a4d6220aa6d6ea4305f533c9e9bee6fcfc61722ccb678e0e2cba7194bc385b26d84c96723400de3b5aacff44f65a10b6c36a9a55945d88270da0f18327ed7c66498ace94f97e799732311e069e26edbb6db1b0ddede50878458b27f5e2fb6581"}, 0x202, 0x81) r0 = setfsuid$auto(0xee00) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x410, 0xffffffffffffffff, 0x7ffc) r1 = prctl$auto(0xac6, 0xf2, 0xffffffffffffffff, 0x100000001, 0x7e37) getdents64$auto(r1, &(0x7f0000000ac0)={0x5, 0x2, 0x5, 0x10, "5fd42d2266a8a18d1c1de1e81b17ef92fcc21928e7d6a0536f96e09d86aa0325b8315e496588603dfa2eb3c790aa0bb7ded07c016c319a10bf1bce5ae65da02347cfad43ea6334ea7fe1eaf8fa7df21ecfedc214f70172787d7291c1042456d02c20a4fe2e0a2ddc46349489ef00d348e9beaf500ad464c86dcc8769507f8d677bdc7fcce0bd9407ad41e290391c685095eb9e8ae3c49d2b32f3184e8e2ddb381fc50901b4480c8c2735dcfa6c2f2ef92391c9d60a03399da809d257ed50f8d5623ed9bd8949d63f9f5fc26a48955da87393227f92b0ec705599a4d5c2dc05dd6ca0e02c41ecfbce2a27e1fd6b46d05e01c26094c2403512113ceb4ebce2e8a23b4520628270632fc81909efe27cce404503bac907b3a198b9fb74826df86e22650150b4f532f64fc8254415111d5e46d553d0addbb478c2c968a08a88e924275947e9fc3728303269c4439412a5fbed2dd80bf64ae14715f26549e1aa62888201330ecee58c30fabb928d6ce6ec89effc0610c62688d16afe59f0366ab90e4f3d9879be1f79c2a3f648e69e89fce1f2ea3f40a439e33ee847265150acf0c33d83b1ca194b23b0dacdbcf92e6213f9c5a6582e7518efe5e8cca2025b4f487e6f3641d350318c7f1b94fc75d7c2c90de480d391230a8dba0a892c4d9f1828b40e06ff528e2a6b0021595f7594cabfc6b955b4b62eee54e2e96fa18f6c6273c2293888a76c1f7e5424e927b1b6eb31fe427573fc96de81575db6d8003d110f5654b293d4ee17bbff61b283bd7982e5e4d291537f3f0a76fce8371ce794c0f016ee762b0b6cb72ab8b385e1617a117ac72cc6f807020e951ce80fc58c89fb48ff5bc15bfa729eec6f6333d44d65f899f585441a5cf6a485e0a0919c301316e91241215b4f764e87c5cc98b22081e17671ed1fb999e5efb98a81bec5a2ccfc291f29c297832a086dcdbec9321f4bce9f0f932b46c6c11abe9c2d4d5f7dfd52b9e326e64b575c8046cb2c1d612cf15c2391682ee692dd249554ece71c65c6574f3089c1009f71e19f94684b6bbd87bb80784afaa58a3652c896331472ae04c2a5f8e67f5eb56a76fbe10a1e4c9bfb9b916ce5ba015fb26f581bfd2dbc7e9f06e40661814e3086e0b4c1f7bc794248d26eb7c9e8d412679e042c54fb5659805688c25172727fc02c06452710181a53db904f18b0d6bfcdaced3dc9f0712f1e5cfa1d0271e65b8a7371c5e50219b46e06ca89455e7c2501254084285ea757ba5d66bc5a8694cf51289bd5a8c5d6b141307530e895f1082b2bc7498e34393da96b059dca3409b5d00d20ecf4460259b571f7174d01cd8ece0c4f83c0231313c9ae572110c63a14ac4e4ab958c0dacb63eadca9e02cf7117ee451b0ca860e9896ab6a72ce00a7a4b157e7384b35cebbeec238411bc901a5d8541f87dc8e9cbc69777ebefcfcc4bed55902a264ef0ea01017bc6a9e3eadd4ce5a5ce3aead20a7eb441a00a2278e52903eee74b0f9a393406914c8873412713b139abe4a240a185a71877dbec93a633dd29e2685b471eb233f1c41180528a06e150fefb4c89f857dc69dba87a05743df4c011226f0a1271b4f5b3d92756e7d390bcace7bbd0256c67e5d1f3bd8336a3dbd24a236ac1c20da9f42384dad06d4dac824840dc5ad6a71314763a714a05ec056e47bcf7096b34f24323163c33b0bc4662a08fbb9d28c55fe7152d9a9fb402dba7cb3b79571780b62a3dc662b2230b9312eea4af4f0ede14dfc1eca3b7c6d6005a91e497da68f790c1c589188998c946be168f710d89ab718e26103b34d2cad4622de510eade88b088611e942c286d894f630f0c36c0bf3cafbe251ea950954152689010fd912040ed6822f89b96c762693db5bcc5f6aea8f9a9d8a87d48352daa80209b6e191d3dbead277635371b50569d23af86276adc93703c077bb93176af6190e01649b200e32837489000ab23868ff40e26f412eff56bcbee1a6f45dedcdc28bf4004b293436260710eb9a0841e9799e8c059c76626293abc02dc700e00d4c9426e0014502805f137ed46e0aad93ad6b409fb410494134a34a1ec57e362b0f0b156e41931f87b7b155cefd656d3ea4115eec2bd6721efe63fbfa74585407d7b020a5311e567de5b3bc44a899284f385282ba50fa7eaae78c9a3e6a9ab457d5affa6a8e0cae302f62d1411b39fdcae30164217696e22a96d823566ed5234d4ef0ca8ed0f6cf73dc0f48fc13eea6c5f00f0fa770be6e80a583d72e6bc35d5fdf1129874e2d23d1b6668b2cacd872628490a5724b095199e6ce3b2229cab8a8cdc14999738e6a34d6416d4b8aed744da4c62fa94fe03b0fd5aa02db9049a1ac18f9e376afab43c8ddf1d153e107f7ab17e6960c5bbcb0b1f4f04273296ca7676e2d0f7729dc93a47a99d4619cdc0fd0c21434ab5dc7e2bc08006bc1b3bb0cbfba9e0d68bb046b86d4aa11c757d14905a6cd0e6b34bff03ec390e4bf0bba8a1075512d7fc7cb18ab6cac69cfd53c7dd9149d5e8b176366ba25f9541a04fe7da31ea8e93609752cb00eaac8a602d0c5bd538e8187c08c7e0109d85e116ed6b5b0817873dc2cd939bf90c1fa530fa0040e9842e1b8701df3ee3e188cb65c1998c40f6db69e207cdac6122d1c63c2d6a4c657f0e9c43e670f84d569b3b8daf3fb51b3923e8dfd538f63822891c2fabdc0e898902e548c3d8a4d85c1d7779f9f13fd4eb4a041ad5eb6bd3e5e636e52b6dd7c08e5584e613f45e05265c554a6bcb0f9b5cdc727e036a683295843b3282ed679a267908625f2149664f154677906d229dec379d0cc6cfa663192007573eb230cff9c0d4e96ba5b2845b6500524459e0b919bcd599569f51746d37b7ec74da303ae0257caf6292eac562dd930d0b549c96e3b7d5fd119e4c5cda3cdc325b2912b0f5e489d4653b6615358c88e2439fbd4c868fcc21adf1436b25ea75b77dc1559c2e0659eb39ff837228bbc6eab64a8dbbeb9e813d6c79bd8a1fa5c344f8569d016922706999f27c253ad6b87fe772d7a75515b77d1ed973fe6a7abcff1d7bede5217b4b524e07d263ba57fff971d0b0fd9621ffe4b5cb1665ccdbdeb654565040d5e5b10ff1cde5c41158cce32af16bc8e316ca77b8411fb47de92722d181e348a5b40123131cf8d51657a6c7de0d6a33beb0003149027ebd8d23dde55ed5477f00d6cc8b0077bd010346d90be15983b05e313bdfada8338191609320d1cf1b6f227a82816451bea078846a4eb6fb51231bd7980a689cda8462b8e760ce0850bdea2e7db27b4d6edc63864817e32714bc91cc704a2b2da8b0b6420205f6d3fa2a1d6d431810a1ed7c6971db31602ec8aabf05f2c6acc4a64e38c5a92ab293dbc781d4500773d81c0d1f5146132cd28877900c8317bc64f356c1b536e57c3348009f7d81b0450efa01844b91aa5a6883f56c6f4e18e5da00de836f98ea09b2ba451bb1a8f1b3e4aef7ee8841904fd097471c3fc7c8ddae2f1895d794fa5d7766dad77f6ab0e8b08e665fb966d652869d2c7c9e93e66c19552b5e22775293ec96f3469408d419eddacacaf49dd7e69eba32b904e192667c5ba2f74a2c0479b92a0205d3175fd3fbbd59ede6bafefbd16a684b94f885ebdc944424a3b6ed3c1e85879c1449f73ba20329a9a92077cdf0963cf5773b347221a077fc6add86da13e70e8d76b5dbefdda1f415c6a4465fe79d03d6f30699a772264aa4216e500ba059a8c02ba55569878a091bdbd2b47f4f2abf8f67c16195c024e639fb83a13c3f838e6c29d0e853227a38e35a977a75398fde806b9f3fb1886a1fec0a030f6ba004a20bb64a7808695c399a4a5a5f24877ea5d3acef157b616eceadb1dd39f6dce200699ca951cb49c369ef4e578c7d251ecbe08efc798a5cbef8d11cb88442406bce97b7e0d1ee4e7d1f834e2bf92354ea2d153678beaf3053a7a699baf22e36df80187a14e3505c306d0bc43d56f5d5820d28d04adf90e3b02b4315098c80df2a102c5cc80ba2e4a1aa9bdb7b94faa6523437ac5582f9aa5f804d879e8f5d156fa713b2024bbc3f22a3bed576ced05dd4354fb9565384236f4354b8e786157b56bf7e69746afb56129edf0e60154b6cc3758068361df2441bfcc2034ca0bcd00d14edfd1a4caf049c887c821366c840fc254adc640c05fbe3307ae5609e5e6f53ad4bd373bfd1af04c381c73b632e345ab3a7fe8cf74caeb794ff33650ce3005f008a33a452ed876e8e1fe3c4fa0c8f54821cfcb455c6ce90952f1633c3cfc535be39724f3178745e334472b702ecc635d82de5c0d6bbef2cf07f1c3825bbed99f5dece382ca35e28423fe839fac2c58dfbbfe042e2918f64d644a0be8ace6ca0597c838123802f4a1fe4b9eb6c132e0b96aeb0333414f81fffdd132e1f818199a8d840707f70c4751a84eb5f851e074828bc054468c817e219fdeae9e0880a5fea1857092a5f318d5d2a1fb7d3677fd3a25476ef60378f9a474285fbac33d0e46f99ca5f61cff57dc595e28b1a91531d028c19219c6e5f7c98f35a08ed8aaf5f799c00b853e9b7e008f72f3bb085fb733a90526d1b3207f9a8e4e027470387ed1aef5d53f67ed6b7d370d1f7e45c1dcfde684b954a13127da889a394f139900dc0bbedd5078830f773efc690a90d5f93c619d8a1f0c9e2944a4d477222b2f178419e786dc9401818b74ac96b5cbd3a937da2cde3a39e021cd5f40d2220d7b4d5f79859420e2c64e944249c2d3bbfdd2890e8790d1b803f282b2c9d3e2dbc7efc935e9f8211729217934df90c51646bbeaedf410f1fafd47c2bb43fdd7dbbed876092c0f8a4c4f874edee2b31efc61a0788ca5326aa0e1f6cc062339c38b281800fff2c729254e92a2612ce2ae64296152c0bff5d591c2f75cb4d3471d820010a30b48e54eddb91033b7e6a18e93b6ed49f32e2544c7748fb44b1dea5413becaaf19414bd586144a6c8b7550562a3d6fd6d73157b463a9ac379d6bd72a4c46922adcb8298444ebfaaea2a9d1a5d4225b548ad2ff9eaf36b6172694054ef1850fcef998d9883afcea6261178baa0570db510301b7faa67f7ad17fabfc65e5d1c3b1da14720d13b0c903cc9b8f73ea03c36e2e44cbf08dcccfa086a586ffcf0e58b620327ba859fee726c9de3a01af3f2572a891f664e00af9286bf762ec83f0e619d7d177da26dd816ac13ee3aa04339d94740e5b38a2439dec98e9cb5f04c7663840c5b86b6d9583f417a4dafbf66be283eb02260979a64e9074940ddac77dc3eed6c8c6ede1d9149faa69cb98fef7839b63608f72cf5bdbaf116585aa0e39b58ecf64c0cb37e04a6155469b20cb11f8f0f688374f4d80b9bf95ea2f1494388469737d2873b3ba850596c61c81407e16baec6fd2f0693cb58ae34337aa4fca1af41496573d392e36458a19500eaea9b9b8d31f6a8ca8b99778b1638bfce383428947d8401fe711fcb1de9e2a4126c1ceaa369369133e3a8a519d05eba20ceae0ce2d0c9543739d440e9cefaf17d4c84ab954ab52874683428bfb41006530c6c33e5a2f6e8a6562956ed402ad2ec02d27c046b50cb0bb47aae0ab9360f0255293161a082e3efef1d8df365bbc865dd75075bfd197716f5f1836beea87b5c3e535176ce4243d339a208270055924218368b1e3e7b9c1ea299ccfe3a841a757d76d8dc872eadcc257a9b991c583810bafb1423401cf61ad2dac50858f0a2749e411f7e2beb25d9de0231beb7799943df68a45286952ba35ab1639d9dde39f8250212103d2beafa97970"}, 0x1) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0xa, 0x300) sendmmsg$auto(0x3, 0x0, 0x9a6, 0xa00) kexec_load$auto(0x5, 0x2, &(0x7f0000000100)={@kbuf=0x0, 0x2aa7, 0x6c0000c000, 0xc000}, 0x6) unshare$auto(0x40000080) write$auto(0xca, 0x0, 0x7f) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) ioctl$auto(r2, 0x542a, 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804) lstat$auto(0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_VENDOR(r3, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001b00)=ANY=[@ANYBLOB="00000000e5b4f18358e42c40af1be5c948e4fd7d8a1dc9141d637c210ce73d0853", @ANYRES16=r4, @ANYBLOB="05072abd7000fbdbdf256700000018003a01877113077f6488dabc1395ad55e8419458b796a116007f001091378503b2f85689dbc51285abfe6bf1da00000400cc00080023010600000004004a01080077000c0000000410be00690da0955c5cb15464c737c63b97b63507e20efc05aadc0bd7669856e48b5585ddf85b7d4a8a2cfb9916f07740eae15af643fd3eabaf737b26faf67a707e770f7287010c34ef2e8d126e108798653f49a9f656de0ea86fa9a8a20c30a7d777059359ce726bf8447c193132da9c1198e08e83db265cb833d78691e685ec2049b77803a3e7d2d637fa2907ce8073eccca5e5883d69c345f33d5ec27c2c966b753223a11389cc27f08231214d2eb99f364638ad11c3a0d743939d8035d07430ca76de856c28cd4b8343b8d78a4408e1aa9d736d3965104c710e4106b52d911dfb61e0e2d523d48decb3da97a326bc9cb3f220deedfa5dee7f6cc7a07f8469adb48cad9e6fb6e42cc5795d9b7f1f1d339c07a23435c9e605886d0f82ce7199bba3ef102b9a0932a0240df376ea35a56a15166c26aad664614dd2195d5db5e9d455c166ab788c42a9eff5da8ecdb49c1a2c665478e144579e3313d3c566fc78b9247d256d529e1432c49c07f6ec273aa9eaf058a27a9e8ebd3b37603909d04c6ca514e43fe91485a43f9a7255ca69c7e3ad0ae56a476b3867f701a1a8bc40d0cfcf49a02e406c681fc6b5e57a8d6e5c4d62ced571a9c5f64515f58e3779956467b2a15faf2d051c078d08bce3c2deb050af2ba44c93f22918a4cbe2c5bf48ce310144e4277358559092e7446bb0aa494361d91f6e6ac606f5e7db7890f0b752bef5d39c930e5bd872f8963b0502940bdbc1bb0c12274972f7c173cf46dd1377d4ca3ee2cefcfd674f2599ff4707d12391122ccad53e1fb4300c15e83e9dea4a2a51673c7e7f7b0a3034f74455bff149a8e5cd292e0d55cbbc611b7d4d617bab98c99573f50e3ea009f297da0a8ca2932eef2c5f336a5748f13e9b03a04cd1b3902ec8e8b31fc529bbb8d44d51b14aba2dc69c58e17e94c3f81f659468cf3be73ff21f92e6777b5b66f5096fb23054a60f187840f70d4e15d8c86e58f1aa3545d452f527a3e415bd3ac22e27c11115a7fd4840243bd58abe50df1499a368affefa07282e473366c96013cdd3b14632349bd6e6cd2190369e49cdf0aac1974616be75857a32f737eef67818fdc5bea95789042e80ae57af321c05951670d677c5d6529f41793bf594f53a7a4a598ae5f521723eac1b340d4ad85d669fb57598ef1ef2f30fa0f812ada1e3e6ac8b645986fe1c71452978dc6a899cfb97c3d9299ffd35926c98e4f2829036bfb6fd6c7faf48a06bc9a9bef4432977021aa97c255d371eff58fa3c9cf86dfe3112edd6f23bc8a69bee92898327768ed132ab069a1f10ee2d48d06dc03eb2eefaf4621d6c5514a54797742bcf198f79c8cfd6aea80eca8c3de592962281d975d0654519e4de30c4aa98a24173d2f971236731915d814d112c7f0d4f5a2efdea516a640c3092ab05ed9376b36bcec061b4768ff2160104e477150d8df95664feb26a3830f493788c4af723f8ee7c04eb064f775b2211092a64ddaeb474b6c024c279d84f87c77501f6ecd46c640d38c11d4009a15917f66656651f74899ddcc0a2d15060bedc51f812617a67ff08947c5c769d43b7187cd1b9055484514e631fd8009a58e50460b842a593e257e9440305059311e45479878239c6a7264468c3774a227ba0b67063e9d5961af1cc0482e76fb0d7201c8c2fe3196d0e94b45b6ed226f19c4f4304dd185c5626387da0ce6c4755dec9041ea9183ca5b2ccd90c2654d35b7842d7fdf7ec7150eadf13bf757871b216cc750df9ac5eb8686a2f8acebf74187b4c8b48ea690dfda213534d637fba3a9ff46f85ca98d40af10fd2c3c9d166a6e498261a7c256f225ca3d21ed357a4156d76c8e66eb4eedb39b6293f3213c8618d022059494fa0b33872c495d5bd65e2884e81cf9d2f3e1f3b35c5200695cf863cd6f4eddc3377f65612d26bcd6b636996767d51d6724559b156f581ac7a2234479a401daa52675c03b76d54f93648d7121dbb57fff9bbe088774d24be4d5f90790606c6b7349e6dd4f1ffa2ce622cc0bb6abfa863738acea9c892b0ea2f72d40a5d1e38fe750c924a791d51560696001a3b4d78974ab04148a8c8b35f856ab4d58d11a58973c2fb99f5f6500f40fd5080d679f5fd4fe7aeece24c11f0876647a452941ca8e73fe73c8fe1bd5c006a7ab39a5d7975323a7bbee1c6424857e2d8a6f40914cc620cffda0b9e4c8c99a7154ff263b35862b70544dd7c48ef399cbdfa4ba68c9006562f4e0bb09a639a4459bf0f503185c85def0e6670afe73f2272121af987bd30a6f28b09f527d57c24c29c3ddad965f14105efac76d11d38a3935d29ee099cce953d472e5ae188fcf17d5758a36a8188001cd0ba779216720f985ed992bc4eebce274596b00f42ff5701ea90fc6d1c1d5312f772cec044a0b38c7e97bcb7bbc5edf1cdb15c0f0c60ccb68c22daf0f104c991e498dc3d2957a1efe51f9c05ba3cdd939832ecccb965197b9929079927c3396921de5db9c8596379f03647dcdfd2e5029fb8e7cef860373d68c1dfc4ffc2554d7bf0ea4f9082f207caf79e3b92d28860b33b8194af90adc0a1ab13b22c0807beccb317c5a060f5205726f05b9fc9b2a1e4589df1c160ebb3896f589f39efbebe9a7e967e5ad7b3bfa64a573a9b93c6ff0262b4d32ea279c166819fc41f913b97015ecdbff83c22085ac35857fed4149da8c2cb4a28c14d1109260f5dbd8aa9cff4706e8df4505e7e8077b1ecb9213c388f954f4c4f7b5497e6e0a930ec8c0b095c0ab7b6a4128593d7de7ed8a09413aa25c9dd9b2ca8094902fbe99329001e9e48c23209892f951350cc3f85425960cd4851edd574722eb30da1769cfe761d660ae656ab1918f692819ff0becdc6310d5a21802c1cf51a1ee3afdfab4f69a18fca3269d2fd6b35419b87f9dd3a0c549fc69942415627830c43177036854213d1097cefe1191944824db3509d25ee03a1b3c20426069eb075f7d11ceeaa87779e8430698e7827a890051e8b018778d6fa4d7c3bf27fc552675a03c4cd6cd60e84e1c8a4fd2b117a20b66f956c272b9115a29faa5a59a05171fbbe76b0b9b6da597b250aba83c57f475cb0b3a06314baf8daa40bd12838a91d8ed0a937b517114a9fff44378c72ed66b1e0676660927f971352328c32c8d422d1b2b8e3cae29a03569b9bfbd4cf3b6773f1058561bf3d66cda3a4ba067bacec6bf337c10d43753187c0e30347830a8c8ca05ec588cd9e62fcbaf599aa711ae0227e0c0cdc21d9288029e1c4cccf8198b5a0679a703d5b6e4027417633ca21c1647577ebe1049e3938a2d76b98f716682be01d2b7262d6ac03f648a8473294ddac544d78605f58257f117bcc806917a1ac3eadfbc1908916576cff62efb0641051e4e38bc3dcc652eb38cccc7571cd1c5ef93e569ff537c2c0625d538dd8d11ccbca22c2742fe95dc8ba654aba4ec1a998ec1916796b58beb11816cb1a6f7808b7b550ec8f22d25476712265a8dcf85067e50a45cb7b1614ad54d373d9053354e751a586f79c2a80f5e1122bc854d12fe52909b6b8de7f42c521e6c4bd22e1458d834ec30f0a8e32d63b30980a64fa2c641de0f1e34a7c05c7d70d337f9c1af16d35d04a5193d7fb6db37099ab3005f1bfa156ada1efcbfef25dc50d6cd61884949e33909a8fdca3317330cba5c8de728ea3fab94442d1e78a25784bdec7aa230aa27c1ca190c8e0925aa162c13ec5167d9c131a3e916db346003d97c19a87fb518ce9fd65621f5349c13efdce24f200974bc11d97187c8cec2d7922f3f87d1034cf2fc399b2c6403eaf44776cd15b1ecf1c6748b178d09d1fcce16be96bc3b87ab5dac49df00adcee1aa68ff3c2ff7d2743b6d765661d20d0b263a22afa4353532cb2771bd900f8dd5151fe845426eac47dbdccb188b1cd209f3b6bcc1ac6cded5bdac26d9238fa68d0db6a893c693ef54024b2d7c90369d6e20c59d1b48188fd0e549508f4951b040c0e99a66d02ccd1d49b31ddd12aeb4da040a2628052d6a37785218f3bf2229a8d5899dda83e8c769a249450d8f5a946d52e374752b54966c56508fcba7459a76e28bfcee85437c3686704e93ff2c59a87f34cd3db1ee89489a9ef3c18baeddc28c40a6643333d9bb8265a3bc0d1607a8b3771c7f0e656750e36a3213551b42fc39912190a61a9f151faa2266f5eca3686588ca901af07731c94c7a7099e50ae9a9862d4000c70f728b09b5526076149ee7d954058d250610bce7ab42bb908589c7ed913f817a24c9283526d529bc15b3aa5ded65670f1b4e73f32fb9ae6798785eaf5b98dc35fb90771532ec551e9137e9bf6d9024520f3462db3d4aa1e79daf948b435ca05e96e08531f111f094270d780e89fdac2ea1e765a93cd07511fcc5fcb08f734af3700ad2e3d000f7eb843805116bbbeedcc0fc55e349fde0acce4776e399b417f1a6746b6485278bf3c30b4a2a85be9dac16d94b2b998c03a60780a219f7cd8cdde89eb374ade0816ad4ba13531e17fc8c8dccf48c1e9176303d4ab56dd3aa56274fa70c87be6f31cdcd9a70f77d9c32e6b4c6d6d9b32ee4ff124d8e81aca6f172ca48637d35915bde450eb325afc5cfc5dfce02615fe757a512387eb4bba32586a9c2328669230b8a536d1bf72d191094b717b561c043493d9709fb112b03174400d1c2ff0aacc38054668f0d3607c463e1493cc0f4438a24004ba0e8eb8d87f6c63aa1e921af1caef2c3e9b73af791d5916217f6ff91117e694c1d5053dc5c48767db420c1c7ed472bf08ca9723bd019d93da6f9bd0380ae6881febdb5225fce30c337735fda247e1aef1d03fed1dca7c28bcdcbf3ce794c4483f4d48155eb6ab9509c5908bc3ac8800b8ad831fcfaf71560e0dc786d12ab03aa43b13d91f0b3e620063999adec1a9d802e29e2ff0efc8395f79c5365b4cc44b0267de602efbf2d3b47157db25b4ea781724bcf6e957acb64d7673eb1403990d15f6989d30999815233b61d6cfd5f5dc5af9b33ba088ce78d2c74a9ce3e5e769cfe4d87d333bfa9d6c1e7c8c63feca60c92b5b135f39e85ca2e3d7fa481de6a0dfcac5d46ded3d66c52f21354c9aeb2e81504ee78b29e1773224d2bdd3fa238caa17af6bc61c69eb9973edc295d37221399fac5baeb7796ea70e3da702f85cf7a9fd8325e71cbba5052e9d6121211d652315c4dd9746f02a3ae74ce01c1c22dbf7a6060af20738847cdbedde452a049cc828ec22d748d521f09c9397dce378e8cbc1a4b8cf07af1e844c0dd604896e318cbaf6d2c7eb1b04c0340277a5aaa520473b7edfae0a560ff0a7cb3ef6977d79edaac3c83aef6886866e0a1815852df49ab7a195c3c7e097ed98557c01c14e3b4346d71865f875675ee5247939d2a9a0333833599e14823f414eae3eb9bfbe8f7947bd9cab9e87670a07506bdc5422a248e3f6cb2b8bdd6e94753dedb72d6dd1d239c721d1cbe91e8ddb2d96b09dbd7319cc0a803ff5c505a098b603757931f44b1de94074118ee541b57821566f4312d34b4fded0eec4959e98b90adf083fc5e87c5e006b25314f711473d6036225d774b2ce9d5d04aa9b48cc023dab0c4860766a557f274c1d5904ebd5fff52cbec672cd65b1e75eb0b164fcb9126c4ea280b263e562b96d9a8a8d201d45e1eb118d1c670c1ccfabf84e7bf632a5bf865997f187299ca92a3312ebafe4b3d2bbdfbcc636c0227fe685714c16f9cdc49e85e6a21dd67044351eefa4b41e26a6b2fbf2765620f623a45b76caf77f033ae3abab83d1672448674ee2b80685098aa801338007003b002d230000100050800400148004000680d4eb96a75700af8004000080677976920127c5a81e90ad51cceea88cf67e9349c070ef90a727c29a5ac73e7cdcbf1b8ad638ce98f37825d51c9c9137b7ccf1ae6ad2684df8651e28136861cd57bfa2a3bb0bc9464b7e360400f6800004006f002e015c808e2addd757a8e4b359986a5407750edfaed6b03c8651a746d6a677f453a33cb28b23af14e488ad6d28e8e23ea81caacd6f24aee004f2e701b1152e9f763f8a83447ba008f6f86cbb1fe2dbff24f8abe37af8fa4cbb67f1689a9da7036f2fc43a8462123e8d7eca9f833bf130d03ff27d67eacf1646ad50a026a7c08c4cafe77a29ed5aa7ed5c4897c046ba03d6b90254291e3042c318f034fa8b3af527dfdcb6634a2f95977b5758cf2297d7c619d1ac2afa5d2e62aa743243d9508d431c74761eff5069c3e31062664a2e2a76796d451304da167a2044b5fcf66bef78ac82c34a8e2fc8dd37f4f3b0c484b32c0286a18dd7c5e8727fa2a80c5a1dff3805825b0a43d8ba9377040058800800fe00332a00000400a88008005200", @ANYRES32=r0, @ANYBLOB="0400158008008f00030000000000"], 0x1208}, 0x1, 0x0, 0x0, 0x4000}, 0x80) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) socket$nl_generic(0x10, 0x3, 0x10) write$auto(r5, &(0x7f0000000340)=',02.15.4 ]\x98\x0f7V\xd4l\xf2AC\x04\xecQ=\xa2\xce\nO}\x1d\xd7\xb5\x92\xf7\xb2\xc2\xddm\xfbR\xfb\x92x\xd8\xb2\x8a&\xda\\\xa1}&^\x03\x02\xf28\xfd|\xed~\a\xaf\x14\xb5.\x92\"-6.\xb2$\x88\xeb\xdc\x0f\xba$?c\x8b\xcb\xf4q\r\xf5>}4\x99(\xb8D\x15\xb8\xc9U\x14\xd6r\xc9\x81\xbbI\xc9+^\x00\xf6\xb5\xd9\x1e\x89G?/\xc5\x86\xd0\xab\xb3\xfd\xc9?\xa7B\x1b\xdc\xff\xab\xb6~\x96\xd6\x9f\x1d\xfb\xa1dg\x9d\x8d]\xdek\x9c0\xea\xb3\nV\x1d\x10g\xaa\xf9\xf0\xc9\n\x8c\xf25G\x9c\x19\xe5\xd8\xa3\xee\x11\x12f\xd5o\x00\xeaY\n\xe0\x9f\r\xd4\x8e9G\x01\x04\xb2j\xbfYX\x9a)OQ\xedk\xb9\x85\x03c\xf3\x80\x10eG(\x94m81PL\x8d\xa47\x1a\x16\x11\xcd\xcdf\x15\r\x19\xc3\x90\xbe\x12\x85V\xeb\x8d\x97\xf0\x9c!\x86:\xe8\x8b\xa7@l', 0x3) getpid() r6 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0xc1000, 0x0) mmap$auto_tracing_buffers_fops_trace(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x8e051, r6, 0x0) r7 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x364f9cefc8a0a83, 0x0) ioctl$auto_tracing_buffers_fops_trace(r7, 0x5220, 0x0) 981.457784ms ago: executing program 2 (id=2473): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(r0, 0x0, 0x7) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x20802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8001) syz_genetlink_get_family_id$auto_ncsi(&(0x7f0000000080), 0xffffffffffffffff) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dri/card1\x00', 0x102, 0x0) ioctl$auto(r2, 0x900064b7, r2) r3 = openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x103041, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_KSMBD_EVENT_RPC_REQUEST(r4, 0x0, 0x880) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) prlimit64$auto(0x0, 0x7, &(0x7f0000000cc0)={0xfff, 0xf1c6}, 0x0) poll$auto(&(0x7f0000000f80)={0xffffffffffffffff, 0xa06}, 0x3fa, 0x20) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_0={0x1, 0x7, 0x2817, 0x4, 0x200004, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x8, 0x7, 0x5, 0x8}, 0x10) socket(0xa, 0x3, 0xff) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) r6 = getegid() setregid$auto(r6, r6) fchown$auto(r5, 0x0, r6) setgid$auto(r6) writev$auto(r3, &(0x7f0000000140)={0x0, 0x5}, 0x5) 681.234821ms ago: executing program 2 (id=2474): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) socket(0x11, 0x3, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2c, 0x3, 0x0) socket(0x11, 0x2, 0x73) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) fanotify_init$auto(0x5, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x800455ca, 0x0) 577.101751ms ago: executing program 1 (id=2443): ioctl$auto_TUNGETVNETHDRSZ2(0xffffffffffffffff, 0x800454d7, 0x0) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) prctl$auto(0x4e, 0x1, 0x0, 0x0, 0x0) r0 = prctl$auto(0x4e, 0x1, 0x0, 0x0, 0xffffffffffffffff) socket(0x10, 0x2, 0x14) socket(0xa, 0x801, 0x84) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x40000a, 0x80000001, 0x9b72, r0, 0x8000) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, 0x0, 0x10bb41, 0x0) timer_create$auto(0x3, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x8002, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x1, 0xb5, 0x10, 0x7, 0x4, 0xffffffffffffffff, 0xa, "2af051a940806ec05be276cfc83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0xe5, 0x3}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r1, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x21, 0x4}}, 0x92) 0s ago: executing program 1 (id=2476): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x80000000000) socket(0x2, 0x3, 0xa) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e00fbe18d073ba65c6df9cd1c8d10ea3ad6d7ac15"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x1900}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5}, 0xa) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mseal$auto(0x0, 0x7dda, 0x0) bpf$auto(0x2, &(0x7f0000000500)=@bpf_attr_11={0x5, 0x8000000000000001, 0x9, 0x5, 0xf870e9f, 0x7, 0x8}, 0x9) bpf$auto(0x1, 0x0, 0xf) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl80211(0x0, r1) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) kernel console output (not intermixed with test programs): xc2/0x120 [ 701.256082][T15591] __kmalloc_cache_noprof+0x7a/0x6f0 [ 701.256127][T15591] ? watch_queue_init+0x45/0x170 [ 701.256178][T15591] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 701.256234][T15591] watch_queue_init+0x45/0x170 [ 701.256283][T15591] create_pipe_files+0x672/0x970 [ 701.256409][T15591] do_pipe2+0xbd/0x1e0 [ 701.256527][T15591] ? __pfx_do_pipe2+0x10/0x10 [ 701.256629][T15591] ? xfd_validate_state+0x129/0x190 [ 701.256801][T15591] __x64_sys_pipe2+0x54/0x80 [ 701.256918][T15591] do_syscall_64+0x106/0xf80 [ 701.257033][T15591] ? clear_bhb_loop+0x40/0x90 [ 701.257157][T15591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.257260][T15591] RIP: 0033:0x7f5e8f99c799 [ 701.257346][T15591] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 701.257464][T15591] RSP: 002b:00007f5e908ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 701.257553][T15591] RAX: ffffffffffffffda RBX: 00007f5e8fc15fa0 RCX: 00007f5e8f99c799 [ 701.257619][T15591] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 701.257684][T15591] RBP: 00007f5e8fa32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 701.257740][T15591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 701.257805][T15591] R13: 00007f5e8fc16038 R14: 00007f5e8fc15fa0 R15: 00007ffd67a0ae28 [ 701.257952][T15591] [ 701.470984][T15593] FAULT_INJECTION: forcing a failure. [ 701.470984][T15593] name failslab, interval 1, probability 0, space 0, times 0 [ 701.471041][T15593] CPU: 0 UID: 0 PID: 15593 Comm: syz.3.2132 Tainted: G U syzkaller #0 PREEMPT(full) [ 701.471089][T15593] Tainted: [U]=USER [ 701.471101][T15593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 701.471122][T15593] Call Trace: [ 701.471134][T15593] [ 701.471147][T15593] dump_stack_lvl+0x100/0x190 [ 701.471205][T15593] should_fail_ex.cold+0x5/0xa [ 701.471244][T15593] ? __pfx_serial8250_interrupt+0x10/0x10 [ 701.471297][T15593] should_failslab+0xc2/0x120 [ 701.471332][T15593] ? __pfx_serial8250_interrupt+0x10/0x10 [ 701.471385][T15593] __kmalloc_cache_noprof+0x7a/0x6f0 [ 701.471432][T15593] ? request_threaded_irq+0x15a/0x3e0 [ 701.471474][T15593] ? do_raw_spin_lock+0x128/0x260 [ 701.471529][T15593] ? __pfx_serial8250_interrupt+0x10/0x10 [ 701.471581][T15593] request_threaded_irq+0x15a/0x3e0 [ 701.471636][T15593] univ8250_setup_irq+0x5ba/0x750 [ 701.471687][T15593] ? io_serial_out+0x65/0xb0 [ 701.471718][T15593] ? io_serial_in+0x60/0xb0 [ 701.471757][T15593] serial8250_do_startup+0xac8/0x3260 [ 701.471823][T15593] ? mark_held_locks+0x40/0x70 [ 701.471869][T15593] serial8250_startup+0x62/0x80 [ 701.471918][T15593] uart_startup+0x50f/0x1330 [ 701.471971][T15593] uart_port_activate+0xe8/0x190 [ 701.472015][T15593] ? __pfx_uart_port_activate+0x10/0x10 [ 701.472147][T15593] tty_port_open+0x1de/0x270 [ 701.472297][T15593] ? __pfx_uart_open+0x10/0x10 [ 701.472382][T15593] uart_open+0x41/0x60 [ 701.472483][T15593] tty_open+0x3dd/0xfa0 [ 701.472627][T15593] ? __pfx_tty_open+0x10/0x10 [ 701.472744][T15593] ? chrdev_open+0x10b/0x6a0 [ 701.472850][T15593] ? chrdev_open+0x10b/0x6a0 [ 701.472960][T15593] ? __pfx_tty_open+0x10/0x10 [ 701.473082][T15593] chrdev_open+0x234/0x6a0 [ 701.473178][T15593] ? __pfx_apparmor_file_open+0x10/0x10 [ 701.473306][T15593] ? __pfx_chrdev_open+0x10/0x10 [ 701.473406][T15593] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 701.473557][T15593] do_dentry_open+0x6d8/0x1660 [ 701.473666][T15593] ? __pfx_chrdev_open+0x10/0x10 [ 701.473796][T15593] vfs_open+0x82/0x3f0 [ 701.473927][T15593] path_openat+0x208c/0x31a0 [ 701.474057][T15593] ? __pfx_path_openat+0x10/0x10 [ 701.474197][T15593] do_file_open+0x20e/0x430 [ 701.474298][T15593] ? __pfx_do_file_open+0x10/0x10 [ 701.474475][T15593] ? alloc_fd+0x476/0x790 [ 701.474573][T15593] ? do_getname+0x191/0x390 [ 701.474697][T15593] do_sys_openat2+0x10d/0x1e0 [ 701.474827][T15593] ? __pfx_do_sys_openat2+0x10/0x10 [ 701.474991][T15593] ? __fget_files+0x21f/0x3d0 [ 701.475100][T15593] __x64_sys_openat+0x12d/0x210 [ 701.475222][T15593] ? __pfx___x64_sys_openat+0x10/0x10 [ 701.475384][T15593] do_syscall_64+0x106/0xf80 [ 701.475488][T15593] ? clear_bhb_loop+0x40/0x90 [ 701.475610][T15593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 701.475710][T15593] RIP: 0033:0x7f5e8f99c799 [ 701.475800][T15593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 701.475891][T15593] RSP: 002b:00007f5e908ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 701.475980][T15593] RAX: ffffffffffffffda RBX: 00007f5e8fc15fa0 RCX: 00007f5e8f99c799 [ 701.476045][T15593] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 701.476111][T15593] RBP: 00007f5e8fa32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 701.476174][T15593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 701.476231][T15593] R13: 00007f5e8fc16038 R14: 00007f5e8fc15fa0 R15: 00007ffd67a0ae28 [ 701.476368][T15593] [ 704.030402][T15633] netlink: 'syz.3.2142': attribute type 1 has an invalid length. [ 704.055877][T15633] netlink: 33 bytes leftover after parsing attributes in process `syz.3.2142'. [ 706.755251][T15668] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2149'. [ 709.356096][T15719] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2158'. [ 710.254681][T15731] FAULT_INJECTION: forcing a failure. [ 710.254681][T15731] name failslab, interval 1, probability 0, space 0, times 0 [ 710.349317][T15731] CPU: 1 UID: 0 PID: 15731 Comm: syz.0.2161 Tainted: G U syzkaller #0 PREEMPT(full) [ 710.349371][T15731] Tainted: [U]=USER [ 710.349379][T15731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 710.349396][T15731] Call Trace: [ 710.349407][T15731] [ 710.349418][T15731] dump_stack_lvl+0x100/0x190 [ 710.349464][T15731] should_fail_ex.cold+0x5/0xa [ 710.349494][T15731] ? __register_sysctl_table+0xbe4/0x1650 [ 710.349535][T15731] should_failslab+0xc2/0x120 [ 710.349562][T15731] __kmalloc_noprof+0xe0/0x850 [ 710.349607][T15731] __register_sysctl_table+0xbe4/0x1650 [ 710.349664][T15731] ? __pfx___register_sysctl_table+0x10/0x10 [ 710.349706][T15731] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 710.349752][T15731] ? __asan_memcpy+0x3c/0x60 [ 710.349791][T15731] register_pidns_sysctls+0x11d/0x1c0 [ 710.349828][T15731] ? __ns_common_init+0x299/0x4b0 [ 710.349860][T15731] copy_pid_ns+0x680/0x10a0 [ 710.349892][T15731] ? __pfx_copy_pid_ns+0x10/0x10 [ 710.349923][T15731] ? rcu_is_watching+0x12/0xc0 [ 710.349963][T15731] ? copy_mnt_ns+0x106/0xc30 [ 710.349993][T15731] ? create_new_namespaces+0x30/0xac0 [ 710.350045][T15731] create_new_namespaces+0x2aa/0xac0 [ 710.350079][T15731] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 710.350113][T15731] ksys_unshare+0x473/0xad0 [ 710.350160][T15731] ? __pfx_ksys_unshare+0x10/0x10 [ 710.350204][T15731] __x64_sys_unshare+0x31/0x40 [ 710.350272][T15731] do_syscall_64+0x106/0xf80 [ 710.350314][T15731] ? clear_bhb_loop+0x40/0x90 [ 710.350364][T15731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 710.350393][T15731] RIP: 0033:0x7f6b9539c799 [ 710.350415][T15731] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 710.350463][T15731] RSP: 002b:00007f6b961f1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 710.350498][T15731] RAX: ffffffffffffffda RBX: 00007f6b95616090 RCX: 00007f6b9539c799 [ 710.350527][T15731] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 710.350544][T15731] RBP: 00007f6b95432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 710.350560][T15731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 710.350575][T15731] R13: 00007f6b95616128 R14: 00007f6b95616090 R15: 00007fff0d60a668 [ 710.350608][T15731] [ 710.848454][T15731] sysctl could not get directory: /kernel -12 [ 713.991584][T15786] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2174'. [ 714.386037][T15792] FAULT_INJECTION: forcing a failure. [ 714.386037][T15792] name fail_futex, interval 1, probability 0, space 0, times 0 [ 714.400225][T15792] CPU: 1 UID: 0 PID: 15792 Comm: syz.3.2175 Tainted: G U syzkaller #0 PREEMPT(full) [ 714.400284][T15792] Tainted: [U]=USER [ 714.400298][T15792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 714.400319][T15792] Call Trace: [ 714.400331][T15792] [ 714.400343][T15792] dump_stack_lvl+0x100/0x190 [ 714.400404][T15792] should_fail_ex.cold+0x5/0xa [ 714.400445][T15792] get_futex_key+0x1d2/0x1620 [ 714.400491][T15792] ? __pfx_get_futex_key+0x10/0x10 [ 714.400529][T15792] ? __pfx_css_rstat_updated+0x10/0x10 [ 714.400572][T15792] futex_wake+0xea/0x530 [ 714.400624][T15792] ? __pfx_futex_wake+0x10/0x10 [ 714.400679][T15792] ? find_held_lock+0x2b/0x80 [ 714.400711][T15792] ? __schedule+0x2fd3/0x6120 [ 714.400747][T15792] ? __schedule+0x2fd3/0x6120 [ 714.400790][T15792] do_futex+0x32b/0x350 [ 714.400844][T15792] ? __pfx_do_futex+0x10/0x10 [ 714.400887][T15792] ? __pfx_do_sys_openat2+0x10/0x10 [ 714.400943][T15792] __x64_sys_futex+0x34f/0x4d0 [ 714.400992][T15792] ? __pfx___x64_sys_futex+0x10/0x10 [ 714.401036][T15792] ? __pfx___schedule+0x10/0x10 [ 714.401076][T15792] ? trace_irq_enable.constprop.0+0x2f/0x180 [ 714.401124][T15792] do_syscall_64+0x106/0xf80 [ 714.401165][T15792] ? clear_bhb_loop+0x40/0x90 [ 714.401209][T15792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 714.401250][T15792] RIP: 0033:0x7f5e8f99c799 [ 714.401280][T15792] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 714.401315][T15792] RSP: 002b:00007f5e9088a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 714.401350][T15792] RAX: ffffffffffffffda RBX: 00007f5e8fc16098 RCX: 00007f5e8f99c799 [ 714.401375][T15792] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f5e8fc1609c [ 714.401398][T15792] RBP: 00007f5e8fc16090 R08: 0000000000000000 R09: 0000000000000000 [ 714.401421][T15792] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 714.401442][T15792] R13: 00007f5e8fc16128 R14: 00007ffd67a0ad40 R15: 00007ffd67a0ae28 [ 714.401488][T15792] [ 716.759285][T15834] FAULT_INJECTION: forcing a failure. [ 716.759285][T15834] name failslab, interval 1, probability 0, space 0, times 0 [ 716.801183][T15834] CPU: 1 UID: 0 PID: 15834 Comm: syz.1.2186 Tainted: G U syzkaller #0 PREEMPT(full) [ 716.801243][T15834] Tainted: [U]=USER [ 716.801257][T15834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 716.801279][T15834] Call Trace: [ 716.801292][T15834] [ 716.801306][T15834] dump_stack_lvl+0x100/0x190 [ 716.801368][T15834] should_fail_ex.cold+0x5/0xa [ 716.801410][T15834] should_failslab+0xc2/0x120 [ 716.801447][T15834] __kmalloc_cache_noprof+0x7a/0x6f0 [ 716.801491][T15834] ? univ8250_setup_irq+0x33f/0x750 [ 716.801556][T15834] univ8250_setup_irq+0x33f/0x750 [ 716.801607][T15834] ? io_serial_out+0x65/0xb0 [ 716.801642][T15834] ? io_serial_in+0x60/0xb0 [ 716.801681][T15834] serial8250_do_startup+0xac8/0x3260 [ 716.801739][T15834] ? mark_held_locks+0x40/0x70 [ 716.801786][T15834] serial8250_startup+0x62/0x80 [ 716.801835][T15834] uart_startup+0x50f/0x1330 [ 716.801889][T15834] uart_port_activate+0xe8/0x190 [ 716.801932][T15834] ? __pfx_uart_port_activate+0x10/0x10 [ 716.801975][T15834] tty_port_open+0x1de/0x270 [ 716.802022][T15834] ? __pfx_uart_open+0x10/0x10 [ 716.802055][T15834] uart_open+0x41/0x60 [ 716.802086][T15834] tty_open+0x3dd/0xfa0 [ 716.802144][T15834] ? __pfx_tty_open+0x10/0x10 [ 716.802189][T15834] ? chrdev_open+0x10b/0x6a0 [ 716.802222][T15834] ? chrdev_open+0x10b/0x6a0 [ 716.802263][T15834] ? __pfx_tty_open+0x10/0x10 [ 716.802307][T15834] chrdev_open+0x234/0x6a0 [ 716.802340][T15834] ? __pfx_apparmor_file_open+0x10/0x10 [ 716.802390][T15834] ? __pfx_chrdev_open+0x10/0x10 [ 716.802428][T15834] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 716.802473][T15834] do_dentry_open+0x6d8/0x1660 [ 716.802505][T15834] ? __pfx_chrdev_open+0x10/0x10 [ 716.802550][T15834] vfs_open+0x82/0x3f0 [ 716.802596][T15834] path_openat+0x208c/0x31a0 [ 716.802645][T15834] ? __pfx_path_openat+0x10/0x10 [ 716.802696][T15834] do_file_open+0x20e/0x430 [ 716.802734][T15834] ? __pfx_do_file_open+0x10/0x10 [ 716.802800][T15834] ? alloc_fd+0x476/0x790 [ 716.802838][T15834] ? do_getname+0x191/0x390 [ 716.802883][T15834] do_sys_openat2+0x10d/0x1e0 [ 716.802927][T15834] ? __pfx_do_sys_openat2+0x10/0x10 [ 716.802974][T15834] ? __fget_files+0x21f/0x3d0 [ 716.803013][T15834] __x64_sys_openat+0x12d/0x210 [ 716.803058][T15834] ? __pfx___x64_sys_openat+0x10/0x10 [ 716.803118][T15834] do_syscall_64+0x106/0xf80 [ 716.803169][T15834] ? clear_bhb_loop+0x40/0x90 [ 716.803209][T15834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 716.803244][T15834] RIP: 0033:0x7f62e9f9c799 [ 716.803272][T15834] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 716.803306][T15834] RSP: 002b:00007f62ead74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 716.803339][T15834] RAX: ffffffffffffffda RBX: 00007f62ea215fa0 RCX: 00007f62e9f9c799 [ 716.803362][T15834] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 716.803385][T15834] RBP: 00007f62ea032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 716.803406][T15834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 716.803428][T15834] R13: 00007f62ea216038 R14: 00007f62ea215fa0 R15: 00007fffd916d978 [ 716.803471][T15834] [ 717.511640][T15843] FAULT_INJECTION: forcing a failure. [ 717.511640][T15843] name failslab, interval 1, probability 0, space 0, times 0 [ 717.538561][T15843] CPU: 1 UID: 0 PID: 15843 Comm: syz.3.2189 Tainted: G U syzkaller #0 PREEMPT(full) [ 717.538613][T15843] Tainted: [U]=USER [ 717.538624][T15843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 717.538644][T15843] Call Trace: [ 717.538656][T15843] [ 717.538669][T15843] dump_stack_lvl+0x100/0x190 [ 717.538728][T15843] should_fail_ex.cold+0x5/0xa [ 717.538768][T15843] should_failslab+0xc2/0x120 [ 717.538804][T15843] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 717.538857][T15843] ? create_filter_start.constprop.0+0x15b/0x310 [ 717.538922][T15843] kstrdup+0x51/0xe0 [ 717.538978][T15843] create_filter_start.constprop.0+0x15b/0x310 [ 717.539039][T15843] apply_subsystem_event_filter+0x188/0x17d0 [ 717.539109][T15843] ? __might_fault+0xc5/0x140 [ 717.539159][T15843] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 717.539234][T15843] ? _copy_from_user+0x59/0xd0 [ 717.539289][T15843] ? __pfx_subsystem_filter_write+0x10/0x10 [ 717.539337][T15843] subsystem_filter_write+0x95/0x120 [ 717.539390][T15843] vfs_writev+0x5ea/0xe10 [ 717.539438][T15843] ? rcu_is_watching+0x12/0xc0 [ 717.539498][T15843] ? __pfx_vfs_writev+0x10/0x10 [ 717.539541][T15843] ? fdget_pos+0x2aa/0x380 [ 717.539575][T15843] ? find_held_lock+0x2b/0x80 [ 717.539628][T15843] ? __fget_files+0x21f/0x3d0 [ 717.539668][T15843] ? do_writev+0x13e/0x340 [ 717.539711][T15843] do_writev+0x13e/0x340 [ 717.539759][T15843] ? __pfx_do_writev+0x10/0x10 [ 717.539819][T15843] do_syscall_64+0x106/0xf80 [ 717.539859][T15843] ? clear_bhb_loop+0x40/0x90 [ 717.539901][T15843] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.539935][T15843] RIP: 0033:0x7f5e8f99c799 [ 717.539963][T15843] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 717.539995][T15843] RSP: 002b:00007f5e908ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 717.540027][T15843] RAX: ffffffffffffffda RBX: 00007f5e8fc15fa0 RCX: 00007f5e8f99c799 [ 717.540049][T15843] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 717.540078][T15843] RBP: 00007f5e908ab090 R08: 0000000000000000 R09: 0000000000000000 [ 717.540098][T15843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 717.540118][T15843] R13: 00007f5e8fc16038 R14: 00007f5e8fc15fa0 R15: 00007ffd67a0ae28 [ 717.540170][T15843] [ 718.019154][T15856] FAULT_INJECTION: forcing a failure. [ 718.019154][T15856] name failslab, interval 1, probability 0, space 0, times 0 [ 718.064664][T15856] CPU: 0 UID: 0 PID: 15856 Comm: syz.0.2192 Tainted: G U syzkaller #0 PREEMPT(full) [ 718.064707][T15856] Tainted: [U]=USER [ 718.064717][T15856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 718.064733][T15856] Call Trace: [ 718.064742][T15856] [ 718.064752][T15856] dump_stack_lvl+0x100/0x190 [ 718.064798][T15856] should_fail_ex.cold+0x5/0xa [ 718.064828][T15856] ? __register_sysctl_table+0xbe4/0x1650 [ 718.064871][T15856] should_failslab+0xc2/0x120 [ 718.064898][T15856] __kmalloc_noprof+0xe0/0x850 [ 718.064952][T15856] __register_sysctl_table+0xbe4/0x1650 [ 718.065028][T15856] ? __pfx___register_sysctl_table+0x10/0x10 [ 718.065088][T15856] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 718.065156][T15856] ? __asan_memcpy+0x3c/0x60 [ 718.065196][T15856] register_pidns_sysctls+0x11d/0x1c0 [ 718.065233][T15856] ? __ns_common_init+0x299/0x4b0 [ 718.065267][T15856] copy_pid_ns+0x680/0x10a0 [ 718.065299][T15856] ? __pfx_copy_pid_ns+0x10/0x10 [ 718.065330][T15856] ? rcu_is_watching+0x12/0xc0 [ 718.065390][T15856] ? copy_mnt_ns+0x106/0xc30 [ 718.065420][T15856] ? create_new_namespaces+0x30/0xac0 [ 718.065454][T15856] create_new_namespaces+0x2aa/0xac0 [ 718.065488][T15856] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 718.065518][T15856] ksys_unshare+0x473/0xad0 [ 718.065552][T15856] ? __pfx_ksys_unshare+0x10/0x10 [ 718.065595][T15856] __x64_sys_unshare+0x31/0x40 [ 718.065627][T15856] do_syscall_64+0x106/0xf80 [ 718.065657][T15856] ? clear_bhb_loop+0x40/0x90 [ 718.065688][T15856] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 718.065715][T15856] RIP: 0033:0x7f6b9539c799 [ 718.065736][T15856] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 718.065761][T15856] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 718.065786][T15856] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 718.065803][T15856] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 718.065819][T15856] RBP: 00007f6b95432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 718.065835][T15856] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 718.065850][T15856] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 718.065883][T15856] [ 718.067072][T15856] sysctl could not get directory: /kernel -12 [ 719.360991][T15875] FAULT_INJECTION: forcing a failure. [ 719.360991][T15875] name failslab, interval 1, probability 0, space 0, times 0 [ 719.394135][T15875] CPU: 0 UID: 0 PID: 15875 Comm: syz.0.2196 Tainted: G U syzkaller #0 PREEMPT(full) [ 719.394197][T15875] Tainted: [U]=USER [ 719.394211][T15875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 719.394234][T15875] Call Trace: [ 719.394247][T15875] [ 719.394262][T15875] dump_stack_lvl+0x100/0x190 [ 719.394327][T15875] should_fail_ex.cold+0x5/0xa [ 719.394371][T15875] should_failslab+0xc2/0x120 [ 719.394411][T15875] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 719.394465][T15875] ? __proc_create+0x2cb/0x8c0 [ 719.394531][T15875] __proc_create+0x2cb/0x8c0 [ 719.394590][T15875] ? __pfx___proc_create+0x10/0x10 [ 719.394664][T15875] proc_mkdir+0x81/0x170 [ 719.394698][T15875] ? __pfx_proc_mkdir+0x10/0x10 [ 719.394733][T15875] ? mark_held_locks+0x40/0x70 [ 719.394781][T15875] ? _raw_spin_unlock_irq+0x23/0x50 [ 719.394833][T15875] register_handler_proc+0x36c/0x4c0 [ 719.394893][T15875] ? __pfx_register_handler_proc+0x10/0x10 [ 719.394975][T15875] __setup_irq+0x11ee/0x2020 [ 719.395029][T15875] ? kasan_save_track+0x14/0x30 [ 719.395092][T15875] request_threaded_irq+0x261/0x3e0 [ 719.395145][T15875] univ8250_setup_irq+0x5ba/0x750 [ 719.395201][T15875] ? io_serial_out+0x65/0xb0 [ 719.395237][T15875] ? io_serial_in+0x60/0xb0 [ 719.395280][T15875] serial8250_do_startup+0xac8/0x3260 [ 719.395335][T15875] ? _raw_spin_unlock+0x28/0x50 [ 719.395370][T15875] ? __free_frozen_pages+0x884/0x10d0 [ 719.395426][T15875] serial8250_startup+0x62/0x80 [ 719.395479][T15875] uart_startup+0x50f/0x1330 [ 719.395537][T15875] uart_port_activate+0xe8/0x190 [ 719.395584][T15875] ? __pfx_uart_port_activate+0x10/0x10 [ 719.395630][T15875] tty_port_open+0x1de/0x270 [ 719.395681][T15875] ? __pfx_uart_open+0x10/0x10 [ 719.395716][T15875] uart_open+0x41/0x60 [ 719.395749][T15875] tty_open+0x3dd/0xfa0 [ 719.395805][T15875] ? __pfx_tty_open+0x10/0x10 [ 719.395860][T15875] ? chrdev_open+0x10b/0x6a0 [ 719.395896][T15875] ? chrdev_open+0x10b/0x6a0 [ 719.395940][T15875] ? __pfx_tty_open+0x10/0x10 [ 719.395987][T15875] chrdev_open+0x234/0x6a0 [ 719.396021][T15875] ? __pfx_apparmor_file_open+0x10/0x10 [ 719.396075][T15875] ? __pfx_chrdev_open+0x10/0x10 [ 719.396116][T15875] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 719.396165][T15875] do_dentry_open+0x6d8/0x1660 [ 719.396200][T15875] ? __pfx_chrdev_open+0x10/0x10 [ 719.396248][T15875] vfs_open+0x82/0x3f0 [ 719.396301][T15875] path_openat+0x208c/0x31a0 [ 719.396355][T15875] ? __pfx_path_openat+0x10/0x10 [ 719.396409][T15875] do_file_open+0x20e/0x430 [ 719.396451][T15875] ? __pfx_do_file_open+0x10/0x10 [ 719.396521][T15875] ? alloc_fd+0x476/0x790 [ 719.396569][T15875] ? do_getname+0x191/0x390 [ 719.396620][T15875] do_sys_openat2+0x10d/0x1e0 [ 719.396668][T15875] ? __pfx_do_sys_openat2+0x10/0x10 [ 719.396718][T15875] ? __fget_files+0x21f/0x3d0 [ 719.396767][T15875] __x64_sys_openat+0x12d/0x210 [ 719.396823][T15875] ? __pfx___x64_sys_openat+0x10/0x10 [ 719.396891][T15875] do_syscall_64+0x106/0xf80 [ 719.396933][T15875] ? clear_bhb_loop+0x40/0x90 [ 719.396980][T15875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 719.397018][T15875] RIP: 0033:0x7f6b9539c799 [ 719.397049][T15875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 719.397086][T15875] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 719.397121][T15875] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 719.397146][T15875] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 719.397170][T15875] RBP: 00007f6b95432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 719.397193][T15875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 719.397215][T15875] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 719.397263][T15875] [ 719.865155][T15878] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2197'. [ 720.233507][T15888] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2200'. [ 720.947532][T15900] FAULT_INJECTION: forcing a failure. [ 720.947532][T15900] name failslab, interval 1, probability 0, space 0, times 0 [ 720.982628][T15900] CPU: 0 UID: 0 PID: 15900 Comm: syz.2.2204 Tainted: G U syzkaller #0 PREEMPT(full) [ 720.982673][T15900] Tainted: [U]=USER [ 720.982682][T15900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 720.982700][T15900] Call Trace: [ 720.982708][T15900] [ 720.982718][T15900] dump_stack_lvl+0x100/0x190 [ 720.982760][T15900] should_fail_ex.cold+0x5/0xa [ 720.982790][T15900] ? __register_sysctl_table+0xbe4/0x1650 [ 720.982830][T15900] should_failslab+0xc2/0x120 [ 720.982855][T15900] __kmalloc_noprof+0xe0/0x850 [ 720.982899][T15900] __register_sysctl_table+0xbe4/0x1650 [ 720.982945][T15900] ? __pfx___register_sysctl_table+0x10/0x10 [ 720.982984][T15900] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 720.983027][T15900] ? __asan_memcpy+0x3c/0x60 [ 720.983064][T15900] register_pidns_sysctls+0x11d/0x1c0 [ 720.983099][T15900] ? __ns_common_init+0x299/0x4b0 [ 720.983130][T15900] copy_pid_ns+0x680/0x10a0 [ 720.983160][T15900] ? __pfx_copy_pid_ns+0x10/0x10 [ 720.983189][T15900] ? rcu_is_watching+0x12/0xc0 [ 720.983235][T15900] ? copy_mnt_ns+0x106/0xc30 [ 720.983264][T15900] ? create_new_namespaces+0x30/0xac0 [ 720.983295][T15900] create_new_namespaces+0x2aa/0xac0 [ 720.983327][T15900] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 720.983357][T15900] ksys_unshare+0x473/0xad0 [ 720.983390][T15900] ? __pfx_ksys_unshare+0x10/0x10 [ 720.983432][T15900] __x64_sys_unshare+0x31/0x40 [ 720.983462][T15900] do_syscall_64+0x106/0xf80 [ 720.983492][T15900] ? clear_bhb_loop+0x40/0x90 [ 720.983522][T15900] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.983548][T15900] RIP: 0033:0x7f447899c799 [ 720.983569][T15900] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 720.983594][T15900] RSP: 002b:00007f44797c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 720.983617][T15900] RAX: ffffffffffffffda RBX: 00007f4478c15fa0 RCX: 00007f447899c799 [ 720.983634][T15900] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 720.983649][T15900] RBP: 00007f4478a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 720.983663][T15900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.983678][T15900] R13: 00007f4478c16038 R14: 00007f4478c15fa0 R15: 00007ffc04e7bf78 [ 720.983712][T15900] [ 720.983722][T15900] sysctl could not get directory: /kernel -12 [ 721.493333][T15911] FAULT_INJECTION: forcing a failure. [ 721.493333][T15911] name failslab, interval 1, probability 0, space 0, times 0 [ 721.506799][T15911] CPU: 0 UID: 0 PID: 15911 Comm: syz.1.2206 Tainted: G U syzkaller #0 PREEMPT(full) [ 721.506838][T15911] Tainted: [U]=USER [ 721.506846][T15911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 721.506862][T15911] Call Trace: [ 721.506872][T15911] [ 721.506882][T15911] dump_stack_lvl+0x100/0x190 [ 721.506924][T15911] should_fail_ex.cold+0x5/0xa [ 721.506961][T15911] ? drm_atomic_state_init+0xf4/0x490 [ 721.507073][T15911] should_failslab+0xc2/0x120 [ 721.507100][T15911] __kmalloc_noprof+0xe0/0x850 [ 721.507144][T15911] drm_atomic_state_init+0xf4/0x490 [ 721.507168][T15911] ? kasan_save_track+0x14/0x30 [ 721.507216][T15911] drm_atomic_state_alloc+0xd3/0x120 [ 721.507243][T15911] drm_client_modeset_commit_atomic+0xcc/0x7e0 [ 721.507280][T15911] ? trace_contention_end+0x140/0x180 [ 721.507316][T15911] ? __mutex_lock+0x26a/0x1b90 [ 721.507348][T15911] ? __mutex_lock+0x26a/0x1b90 [ 721.507379][T15911] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 721.507411][T15911] ? drm_master_internal_acquire+0x21/0x80 [ 721.507466][T15911] drm_client_modeset_commit_locked+0x14d/0x580 [ 721.507502][T15911] drm_client_modeset_commit+0x4f/0x80 [ 721.507533][T15911] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 721.507598][T15911] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 721.507631][T15911] drm_fbdev_client_restore+0x1b/0x30 [ 721.507687][T15911] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 721.507729][T15911] drm_client_dev_restore+0x205/0x2a0 [ 721.507764][T15911] drm_release+0x2c6/0x360 [ 721.507790][T15911] ? __pfx_drm_release+0x10/0x10 [ 721.507816][T15911] __fput+0x3ff/0xb40 [ 721.507852][T15911] task_work_run+0x150/0x240 [ 721.507889][T15911] ? __pfx_task_work_run+0x10/0x10 [ 721.507934][T15911] exit_to_user_mode_loop+0x100/0x4a0 [ 721.507970][T15911] do_syscall_64+0x668/0xf80 [ 721.507999][T15911] ? clear_bhb_loop+0x40/0x90 [ 721.508030][T15911] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 721.508056][T15911] RIP: 0033:0x7f62e9f9c799 [ 721.508077][T15911] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 721.508102][T15911] RSP: 002b:00007f62ead74028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 721.508125][T15911] RAX: 0000000000000000 RBX: 00007f62ea215fa0 RCX: 00007f62e9f9c799 [ 721.508142][T15911] RDX: 0000000000000000 RSI: fffffffffffff000 RDI: 0000000000000000 [ 721.508158][T15911] RBP: 00007f62ea032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 721.508173][T15911] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 721.508194][T15911] R13: 00007f62ea216038 R14: 00007f62ea215fa0 R15: 00007fffd916d978 [ 721.508227][T15911] [ 722.518546][ T5840] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 722.518581][ T5840] Bluetooth: hci2: unexpected subevent 0x0e length: 725 > 15 [ 722.533521][ T5840] Bluetooth: hci2: Unable to find connection for dst 00:a2:f2:94:be:c8 sid 0x4f [ 728.947447][T16026] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2231'. [ 729.191630][T16030] FAULT_INJECTION: forcing a failure. [ 729.191630][T16030] name failslab, interval 1, probability 0, space 0, times 0 [ 729.204478][T16030] CPU: 1 UID: 0 PID: 16030 Comm: syz.3.2232 Tainted: G U syzkaller #0 PREEMPT(full) [ 729.204531][T16030] Tainted: [U]=USER [ 729.204544][T16030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 729.204565][T16030] Call Trace: [ 729.204577][T16030] [ 729.204591][T16030] dump_stack_lvl+0x100/0x190 [ 729.204651][T16030] should_fail_ex.cold+0x5/0xa [ 729.204694][T16030] should_failslab+0xc2/0x120 [ 729.204734][T16030] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 729.204787][T16030] ? __proc_create+0x2cb/0x8c0 [ 729.204850][T16030] __proc_create+0x2cb/0x8c0 [ 729.204908][T16030] ? __pfx___proc_create+0x10/0x10 [ 729.204979][T16030] proc_mkdir+0x81/0x170 [ 729.205012][T16030] ? __pfx_proc_mkdir+0x10/0x10 [ 729.205046][T16030] ? mark_held_locks+0x40/0x70 [ 729.205090][T16030] ? _raw_spin_unlock_irq+0x23/0x50 [ 729.205146][T16030] register_handler_proc+0x36c/0x4c0 [ 729.205205][T16030] ? __pfx_register_handler_proc+0x10/0x10 [ 729.205276][T16030] ? mark_held_locks+0x40/0x70 [ 729.205320][T16030] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 729.205365][T16030] __setup_irq+0x11ee/0x2020 [ 729.205415][T16030] ? kasan_save_track+0x14/0x30 [ 729.205474][T16030] request_threaded_irq+0x261/0x3e0 [ 729.205524][T16030] univ8250_setup_irq+0x5ba/0x750 [ 729.205582][T16030] ? io_serial_out+0x65/0xb0 [ 729.205616][T16030] ? io_serial_in+0x60/0xb0 [ 729.205656][T16030] serial8250_do_startup+0xac8/0x3260 [ 729.205717][T16030] ? mark_held_locks+0x40/0x70 [ 729.205765][T16030] serial8250_startup+0x62/0x80 [ 729.205816][T16030] uart_startup+0x50f/0x1330 [ 729.205871][T16030] uart_port_activate+0xe8/0x190 [ 729.205917][T16030] ? __pfx_uart_port_activate+0x10/0x10 [ 729.205961][T16030] tty_port_open+0x1de/0x270 [ 729.206013][T16030] ? __pfx_uart_open+0x10/0x10 [ 729.206046][T16030] uart_open+0x41/0x60 [ 729.206079][T16030] tty_open+0x3dd/0xfa0 [ 729.206139][T16030] ? __pfx_tty_open+0x10/0x10 [ 729.206184][T16030] ? chrdev_open+0x10b/0x6a0 [ 729.206219][T16030] ? chrdev_open+0x10b/0x6a0 [ 729.206260][T16030] ? __pfx_tty_open+0x10/0x10 [ 729.206306][T16030] chrdev_open+0x234/0x6a0 [ 729.206340][T16030] ? __pfx_apparmor_file_open+0x10/0x10 [ 729.206393][T16030] ? __pfx_chrdev_open+0x10/0x10 [ 729.206432][T16030] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 729.206481][T16030] do_dentry_open+0x6d8/0x1660 [ 729.206516][T16030] ? __pfx_chrdev_open+0x10/0x10 [ 729.206562][T16030] vfs_open+0x82/0x3f0 [ 729.206611][T16030] path_openat+0x208c/0x31a0 [ 729.206662][T16030] ? __pfx_path_openat+0x10/0x10 [ 729.206714][T16030] do_file_open+0x20e/0x430 [ 729.206754][T16030] ? __pfx_do_file_open+0x10/0x10 [ 729.206822][T16030] ? alloc_fd+0x476/0x790 [ 729.206861][T16030] ? do_getname+0x191/0x390 [ 729.206909][T16030] do_sys_openat2+0x10d/0x1e0 [ 729.206954][T16030] ? __pfx_do_sys_openat2+0x10/0x10 [ 729.207004][T16030] ? __fget_files+0x21f/0x3d0 [ 729.207046][T16030] __x64_sys_openat+0x12d/0x210 [ 729.207093][T16030] ? __pfx___x64_sys_openat+0x10/0x10 [ 729.207165][T16030] do_syscall_64+0x106/0xf80 [ 729.207206][T16030] ? clear_bhb_loop+0x40/0x90 [ 729.207251][T16030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 729.207288][T16030] RIP: 0033:0x7f5e8f99c799 [ 729.207318][T16030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 729.207352][T16030] RSP: 002b:00007f5e908ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 729.207387][T16030] RAX: ffffffffffffffda RBX: 00007f5e8fc15fa0 RCX: 00007f5e8f99c799 [ 729.207411][T16030] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 729.207435][T16030] RBP: 00007f5e8fa32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 729.207458][T16030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 729.207480][T16030] R13: 00007f5e8fc16038 R14: 00007f5e8fc15fa0 R15: 00007ffd67a0ae28 [ 729.207526][T16030] [ 731.085104][T16057] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2237'. [ 732.289991][T16076] FAULT_INJECTION: forcing a failure. [ 732.289991][T16076] name failslab, interval 1, probability 0, space 0, times 0 [ 732.304174][T16076] CPU: 0 UID: 0 PID: 16076 Comm: syz.2.2242 Tainted: G U syzkaller #0 PREEMPT(full) [ 732.304229][T16076] Tainted: [U]=USER [ 732.304242][T16076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 732.304263][T16076] Call Trace: [ 732.304275][T16076] [ 732.304288][T16076] dump_stack_lvl+0x100/0x190 [ 732.304349][T16076] should_fail_ex.cold+0x5/0xa [ 732.304397][T16076] should_failslab+0xc2/0x120 [ 732.304435][T16076] __kmalloc_cache_noprof+0x7a/0x6f0 [ 732.304482][T16076] ? univ8250_setup_irq+0x33f/0x750 [ 732.304548][T16076] univ8250_setup_irq+0x33f/0x750 [ 732.304602][T16076] ? io_serial_out+0x65/0xb0 [ 732.304637][T16076] ? io_serial_in+0x60/0xb0 [ 732.304677][T16076] serial8250_do_startup+0xac8/0x3260 [ 732.304735][T16076] ? mark_held_locks+0x40/0x70 [ 732.304784][T16076] serial8250_startup+0x62/0x80 [ 732.304834][T16076] uart_startup+0x50f/0x1330 [ 732.304889][T16076] uart_port_activate+0xe8/0x190 [ 732.304934][T16076] ? __pfx_uart_port_activate+0x10/0x10 [ 732.304978][T16076] tty_port_open+0x1de/0x270 [ 732.305028][T16076] ? __pfx_uart_open+0x10/0x10 [ 732.305060][T16076] uart_open+0x41/0x60 [ 732.305091][T16076] tty_open+0x3dd/0xfa0 [ 732.305145][T16076] ? __pfx_tty_open+0x10/0x10 [ 732.305187][T16076] ? chrdev_open+0x10b/0x6a0 [ 732.305221][T16076] ? chrdev_open+0x10b/0x6a0 [ 732.305260][T16076] ? __pfx_tty_open+0x10/0x10 [ 732.305305][T16076] chrdev_open+0x234/0x6a0 [ 732.305338][T16076] ? __pfx_apparmor_file_open+0x10/0x10 [ 732.305398][T16076] ? __pfx_chrdev_open+0x10/0x10 [ 732.305437][T16076] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 732.305485][T16076] do_dentry_open+0x6d8/0x1660 [ 732.305517][T16076] ? __pfx_chrdev_open+0x10/0x10 [ 732.305564][T16076] vfs_open+0x82/0x3f0 [ 732.305612][T16076] path_openat+0x208c/0x31a0 [ 732.305662][T16076] ? __pfx_path_openat+0x10/0x10 [ 732.305713][T16076] do_file_open+0x20e/0x430 [ 732.305752][T16076] ? __pfx_do_file_open+0x10/0x10 [ 732.305820][T16076] ? alloc_fd+0x476/0x790 [ 732.305858][T16076] ? do_getname+0x191/0x390 [ 732.305904][T16076] do_sys_openat2+0x10d/0x1e0 [ 732.305947][T16076] ? __pfx_do_sys_openat2+0x10/0x10 [ 732.305998][T16076] ? __fget_files+0x21f/0x3d0 [ 732.306039][T16076] __x64_sys_openat+0x12d/0x210 [ 732.306085][T16076] ? __pfx___x64_sys_openat+0x10/0x10 [ 732.306149][T16076] do_syscall_64+0x106/0xf80 [ 732.306190][T16076] ? clear_bhb_loop+0x40/0x90 [ 732.306233][T16076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 732.306269][T16076] RIP: 0033:0x7f447899c799 [ 732.306299][T16076] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 732.306334][T16076] RSP: 002b:00007f44797c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 732.306370][T16076] RAX: ffffffffffffffda RBX: 00007f4478c15fa0 RCX: 00007f447899c799 [ 732.306401][T16076] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 732.306425][T16076] RBP: 00007f4478a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 732.306448][T16076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 732.306470][T16076] R13: 00007f4478c16038 R14: 00007f4478c15fa0 R15: 00007ffc04e7bf78 [ 732.306517][T16076] [ 735.003362][T16106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2248'. [ 736.388096][T16130] WARNING! power/level is deprecated; use power/control instead [ 739.793297][T16171] FAULT_INJECTION: forcing a failure. [ 739.793297][T16171] name failslab, interval 1, probability 0, space 0, times 0 [ 739.852124][T16171] CPU: 0 UID: 0 PID: 16171 Comm: syz.0.2262 Tainted: G U syzkaller #0 PREEMPT(full) [ 739.852166][T16171] Tainted: [U]=USER [ 739.852175][T16171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 739.852192][T16171] Call Trace: [ 739.852201][T16171] [ 739.852212][T16171] dump_stack_lvl+0x100/0x190 [ 739.852256][T16171] should_fail_ex.cold+0x5/0xa [ 739.852293][T16171] should_failslab+0xc2/0x120 [ 739.852320][T16171] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 739.852361][T16171] ? __d_alloc+0x34/0xa80 [ 739.852394][T16171] __d_alloc+0x34/0xa80 [ 739.852426][T16171] d_alloc_pseudo+0x1c/0xc0 [ 739.852462][T16171] alloc_file_pseudo+0xcf/0x230 [ 739.852496][T16171] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 739.852537][T16171] __shmem_file_setup+0x221/0x490 [ 739.852573][T16171] ? __pfx___shmem_file_setup+0x10/0x10 [ 739.852613][T16171] ? vm_area_alloc+0x1f/0x160 [ 739.852650][T16171] shmem_zero_setup+0x96/0x1b0 [ 739.852692][T16171] __mmap_region+0x2198/0x29e0 [ 739.852731][T16171] ? trace_contention_end+0x140/0x180 [ 739.852768][T16171] ? __pfx___mmap_region+0x10/0x10 [ 739.852802][T16171] ? process_measurement+0x1f4/0x2350 [ 739.852855][T16171] ? __lock_acquire+0x4a5/0x2630 [ 739.852887][T16171] ? update_cfs_rq_load_avg+0x51/0x550 [ 739.852928][T16171] ? find_held_lock+0x2b/0x80 [ 739.852950][T16171] ? finish_task_switch.isra.0+0x200/0xb80 [ 739.852978][T16171] ? finish_task_switch.isra.0+0x200/0xb80 [ 739.853017][T16171] ? trace_sched_exit_tp+0x13a/0x180 [ 739.853047][T16171] ? __schedule+0x1000/0x6120 [ 739.853113][T16171] ? rcu_is_watching+0x12/0xc0 [ 739.853152][T16171] ? cap_capable+0x107/0x460 [ 739.853193][T16171] mmap_region+0x180/0x3e0 [ 739.853237][T16171] do_mmap+0xc63/0x12f0 [ 739.853270][T16171] ? __pfx_do_mmap+0x10/0x10 [ 739.853305][T16171] ? __pfx_down_write_killable+0x10/0x10 [ 739.853347][T16171] vm_mmap_pgoff+0x29e/0x470 [ 739.853381][T16171] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 739.853412][T16171] ? do_futex+0x192/0x350 [ 739.853447][T16171] ? __pfx_do_futex+0x10/0x10 [ 739.853477][T16171] ? __pfx_do_sys_openat2+0x10/0x10 [ 739.853516][T16171] ksys_mmap_pgoff+0xe1/0x650 [ 739.853543][T16171] ? __x64_sys_futex+0x34f/0x4d0 [ 739.853575][T16171] ? __x64_sys_futex+0x358/0x4d0 [ 739.853609][T16171] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 739.853636][T16171] ? xfd_validate_state+0x129/0x190 [ 739.853680][T16171] __x64_sys_mmap+0x125/0x190 [ 739.853722][T16171] do_syscall_64+0x106/0xf80 [ 739.853752][T16171] ? clear_bhb_loop+0x40/0x90 [ 739.853784][T16171] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 739.853811][T16171] RIP: 0033:0x7f6b9539c799 [ 739.853833][T16171] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 739.853859][T16171] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 739.853884][T16171] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 739.853902][T16171] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000000 [ 739.853918][T16171] RBP: 00007f6b95432bd9 R08: fffffffffffffffa R09: 0000000000008000 [ 739.853934][T16171] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 739.853950][T16171] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 739.853982][T16171] [ 740.869554][T16181] binder: 16180:16181 ioctl c018620c 0 returned -1 [ 742.865977][ C1] vcan0: j1939_tp_rxtimer: 0xffff8880605c9c00: rx timeout, send abort [ 742.886212][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff8880605c9c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session. [ 744.696338][T16231] binder: 16230:16231 ioctl c018620c 0 returned -1 [ 745.237920][T16252] FAULT_INJECTION: forcing a failure. [ 745.237920][T16252] name fail_futex, interval 1, probability 0, space 0, times 0 [ 745.258003][T16252] CPU: 0 UID: 0 PID: 16252 Comm: syz.0.2282 Tainted: G U syzkaller #0 PREEMPT(full) [ 745.258064][T16252] Tainted: [U]=USER [ 745.258077][T16252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 745.258101][T16252] Call Trace: [ 745.258113][T16252] [ 745.258128][T16252] dump_stack_lvl+0x100/0x190 [ 745.258191][T16252] should_fail_ex.cold+0x5/0xa [ 745.258235][T16252] get_futex_key+0x1d2/0x1620 [ 745.258287][T16252] ? __pfx_get_futex_key+0x10/0x10 [ 745.258349][T16252] futex_wake+0xea/0x530 [ 745.258409][T16252] ? __pfx_futex_wake+0x10/0x10 [ 745.258464][T16252] ? __call_rcu_common.constprop.0+0x3f0/0x9b0 [ 745.258533][T16252] do_futex+0x32b/0x350 [ 745.258581][T16252] ? __pfx_do_futex+0x10/0x10 [ 745.258630][T16252] ? __pfx___might_resched+0x10/0x10 [ 745.258685][T16252] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 745.258740][T16252] __x64_sys_futex+0x34f/0x4d0 [ 745.258792][T16252] ? __pfx_task_work_run+0x10/0x10 [ 745.258846][T16252] ? __pfx___x64_sys_futex+0x10/0x10 [ 745.258908][T16252] ? exit_to_user_mode_loop+0xdd/0x4a0 [ 745.258969][T16252] do_syscall_64+0x106/0xf80 [ 745.259011][T16252] ? clear_bhb_loop+0x40/0x90 [ 745.259057][T16252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 745.259094][T16252] RIP: 0033:0x7f6b9539c799 [ 745.259143][T16252] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 745.259179][T16252] RSP: 002b:00007f6b962120e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 745.259215][T16252] RAX: ffffffffffffffda RBX: 00007f6b95615fa8 RCX: 00007f6b9539c799 [ 745.259239][T16252] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6b95615fac [ 745.259263][T16252] RBP: 00007f6b95615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 745.259286][T16252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 745.259309][T16252] R13: 00007f6b95616038 R14: 00007fff0d60a580 R15: 00007fff0d60a668 [ 745.259357][T16252] [ 746.003713][T16256] FAULT_INJECTION: forcing a failure. [ 746.003713][T16256] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 746.074898][T16256] CPU: 0 UID: 0 PID: 16256 Comm: syz.0.2283 Tainted: G U syzkaller #0 PREEMPT(full) [ 746.074949][T16256] Tainted: [U]=USER [ 746.074959][T16256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 746.074979][T16256] Call Trace: [ 746.074990][T16256] [ 746.075004][T16256] dump_stack_lvl+0x100/0x190 [ 746.075065][T16256] should_fail_ex.cold+0x5/0xa [ 746.075094][T16256] _copy_to_user+0x32/0xd0 [ 746.075137][T16256] simple_read_from_buffer+0xcb/0x170 [ 746.075176][T16256] proc_fail_nth_read+0x1af/0x230 [ 746.075209][T16256] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 746.075240][T16256] ? rw_verify_area+0xce/0x6d0 [ 746.075274][T16256] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 746.075302][T16256] vfs_read+0x1e4/0xb30 [ 746.075342][T16256] ? __pfx_vfs_read+0x10/0x10 [ 746.075377][T16256] ? __fget_files+0x215/0x3d0 [ 746.075405][T16256] ? __fget_files+0x21f/0x3d0 [ 746.075434][T16256] ksys_read+0x12a/0x250 [ 746.075471][T16256] ? __pfx_ksys_read+0x10/0x10 [ 746.075516][T16256] do_syscall_64+0x106/0xf80 [ 746.075544][T16256] ? clear_bhb_loop+0x40/0x90 [ 746.075573][T16256] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 746.075598][T16256] RIP: 0033:0x7f6b9535cfce [ 746.075617][T16256] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 746.075640][T16256] RSP: 002b:00007f6b96211fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 746.075663][T16256] RAX: ffffffffffffffda RBX: 00007f6b962126c0 RCX: 00007f6b9535cfce [ 746.075679][T16256] RDX: 000000000000000f RSI: 00007f6b962120a0 RDI: 0000000000000004 [ 746.075700][T16256] RBP: 00007f6b96212090 R08: 0000000000000000 R09: 0000000000000000 [ 746.075715][T16256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 746.075730][T16256] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 746.075761][T16256] [ 747.404008][T16274] FAULT_INJECTION: forcing a failure. [ 747.404008][T16274] name failslab, interval 1, probability 0, space 0, times 0 [ 747.523936][T16274] CPU: 1 UID: 0 PID: 16274 Comm: syz.1.2288 Tainted: G U syzkaller #0 PREEMPT(full) [ 747.523981][T16274] Tainted: [U]=USER [ 747.523991][T16274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 747.524009][T16274] Call Trace: [ 747.524019][T16274] [ 747.524031][T16274] dump_stack_lvl+0x100/0x190 [ 747.524079][T16274] should_fail_ex.cold+0x5/0xa [ 747.524111][T16274] ? __seq_open_private+0x22/0xd0 [ 747.524150][T16274] should_failslab+0xc2/0x120 [ 747.524178][T16274] __kmalloc_noprof+0xe0/0x850 [ 747.524226][T16274] ? __pfx_stats_fop_open+0x10/0x10 [ 747.524256][T16274] __seq_open_private+0x22/0xd0 [ 747.524311][T16274] sc_common_open+0x6b/0x200 [ 747.524342][T16274] full_proxy_open_regular+0x1b6/0x370 [ 747.524384][T16274] do_dentry_open+0x6d8/0x1660 [ 747.524410][T16274] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 747.524456][T16274] vfs_open+0x82/0x3f0 [ 747.524494][T16274] path_openat+0x208c/0x31a0 [ 747.524541][T16274] ? __pfx_path_openat+0x10/0x10 [ 747.524582][T16274] do_file_open+0x20e/0x430 [ 747.524612][T16274] ? __pfx_do_file_open+0x10/0x10 [ 747.524664][T16274] ? alloc_fd+0x476/0x790 [ 747.524694][T16274] ? do_getname+0x191/0x390 [ 747.524731][T16274] do_sys_openat2+0x10d/0x1e0 [ 747.524768][T16274] ? __pfx_do_sys_openat2+0x10/0x10 [ 747.524806][T16274] ? __fget_files+0x21f/0x3d0 [ 747.524838][T16274] __x64_sys_openat+0x12d/0x210 [ 747.524875][T16274] ? __pfx___x64_sys_openat+0x10/0x10 [ 747.524924][T16274] do_syscall_64+0x106/0xf80 [ 747.524960][T16274] ? clear_bhb_loop+0x40/0x90 [ 747.524995][T16274] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 747.525027][T16274] RIP: 0033:0x7f62e9f9c799 [ 747.525050][T16274] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 747.525078][T16274] RSP: 002b:00007f62ead74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 747.525106][T16274] RAX: ffffffffffffffda RBX: 00007f62ea215fa0 RCX: 00007f62e9f9c799 [ 747.525125][T16274] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 747.525143][T16274] RBP: 00007f62ea032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 747.525161][T16274] R10: 0000000000000f00 R11: 0000000000000246 R12: 0000000000000000 [ 747.525178][T16274] R13: 00007f62ea216038 R14: 00007f62ea215fa0 R15: 00007fffd916d978 [ 747.525214][T16274] [ 747.786744][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 747.795318][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 748.592949][T16291] FAULT_INJECTION: forcing a failure. [ 748.592949][T16291] name failslab, interval 1, probability 0, space 0, times 0 [ 748.651312][T16291] CPU: 1 UID: 0 PID: 16291 Comm: syz.2.2293 Tainted: G U syzkaller #0 PREEMPT(full) [ 748.651372][T16291] Tainted: [U]=USER [ 748.651385][T16291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 748.651407][T16291] Call Trace: [ 748.651422][T16291] [ 748.651436][T16291] dump_stack_lvl+0x100/0x190 [ 748.651498][T16291] should_fail_ex.cold+0x5/0xa [ 748.651559][T16291] ? __pfx_serial8250_interrupt+0x10/0x10 [ 748.651650][T16291] should_failslab+0xc2/0x120 [ 748.651686][T16291] ? __pfx_serial8250_interrupt+0x10/0x10 [ 748.651741][T16291] __kmalloc_cache_noprof+0x7a/0x6f0 [ 748.651784][T16291] ? request_threaded_irq+0x15a/0x3e0 [ 748.651816][T16291] ? do_raw_spin_lock+0x128/0x260 [ 748.651983][T16291] ? __pfx_serial8250_interrupt+0x10/0x10 [ 748.652026][T16291] request_threaded_irq+0x15a/0x3e0 [ 748.652064][T16291] univ8250_setup_irq+0x5ba/0x750 [ 748.652103][T16291] ? io_serial_out+0x65/0xb0 [ 748.652126][T16291] ? io_serial_in+0x60/0xb0 [ 748.652154][T16291] serial8250_do_startup+0xac8/0x3260 [ 748.652195][T16291] ? mark_held_locks+0x40/0x70 [ 748.652244][T16291] serial8250_startup+0x62/0x80 [ 748.652284][T16291] uart_startup+0x50f/0x1330 [ 748.652324][T16291] uart_port_activate+0xe8/0x190 [ 748.652358][T16291] ? __pfx_uart_port_activate+0x10/0x10 [ 748.652389][T16291] tty_port_open+0x1de/0x270 [ 748.652425][T16291] ? __pfx_uart_open+0x10/0x10 [ 748.652448][T16291] uart_open+0x41/0x60 [ 748.652470][T16291] tty_open+0x3dd/0xfa0 [ 748.652507][T16291] ? __pfx_tty_open+0x10/0x10 [ 748.652538][T16291] ? chrdev_open+0x10b/0x6a0 [ 748.652562][T16291] ? chrdev_open+0x10b/0x6a0 [ 748.652591][T16291] ? __pfx_tty_open+0x10/0x10 [ 748.652623][T16291] chrdev_open+0x234/0x6a0 [ 748.652647][T16291] ? __pfx_apparmor_file_open+0x10/0x10 [ 748.652685][T16291] ? __pfx_chrdev_open+0x10/0x10 [ 748.652711][T16291] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 748.652744][T16291] do_dentry_open+0x6d8/0x1660 [ 748.652769][T16291] ? __pfx_chrdev_open+0x10/0x10 [ 748.652801][T16291] vfs_open+0x82/0x3f0 [ 748.652835][T16291] path_openat+0x208c/0x31a0 [ 748.652871][T16291] ? __pfx_path_openat+0x10/0x10 [ 748.652920][T16291] do_file_open+0x20e/0x430 [ 748.652948][T16291] ? __pfx_do_file_open+0x10/0x10 [ 748.652996][T16291] ? alloc_fd+0x476/0x790 [ 748.653024][T16291] ? do_getname+0x191/0x390 [ 748.653059][T16291] do_sys_openat2+0x10d/0x1e0 [ 748.653092][T16291] ? __pfx_do_sys_openat2+0x10/0x10 [ 748.653126][T16291] ? __fget_files+0x21f/0x3d0 [ 748.653155][T16291] __x64_sys_openat+0x12d/0x210 [ 748.653188][T16291] ? __pfx___x64_sys_openat+0x10/0x10 [ 748.653233][T16291] do_syscall_64+0x106/0xf80 [ 748.653263][T16291] ? clear_bhb_loop+0x40/0x90 [ 748.653295][T16291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.653322][T16291] RIP: 0033:0x7f447899c799 [ 748.653345][T16291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 748.653371][T16291] RSP: 002b:00007f44797c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 748.653396][T16291] RAX: ffffffffffffffda RBX: 00007f4478c15fa0 RCX: 00007f447899c799 [ 748.653422][T16291] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 748.653439][T16291] RBP: 00007f4478a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 748.653455][T16291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.653471][T16291] R13: 00007f4478c16038 R14: 00007f4478c15fa0 R15: 00007ffc04e7bf78 [ 748.653504][T16291] [ 749.426699][T16299] FAULT_INJECTION: forcing a failure. [ 749.426699][T16299] name failslab, interval 1, probability 0, space 0, times 0 [ 749.443414][T16299] CPU: 1 UID: 0 PID: 16299 Comm: syz.0.2294 Tainted: G U syzkaller #0 PREEMPT(full) [ 749.443472][T16299] Tainted: [U]=USER [ 749.443483][T16299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 749.443503][T16299] Call Trace: [ 749.443515][T16299] [ 749.443529][T16299] dump_stack_lvl+0x100/0x190 [ 749.443588][T16299] should_fail_ex.cold+0x5/0xa [ 749.443628][T16299] should_failslab+0xc2/0x120 [ 749.443665][T16299] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 749.443717][T16299] ? security_inode_alloc+0x3b/0x2c0 [ 749.443771][T16299] ? lockdep_init_map_type+0x5c/0x250 [ 749.443824][T16299] security_inode_alloc+0x3b/0x2c0 [ 749.443878][T16299] inode_init_always_gfp+0xced/0x1040 [ 749.443920][T16299] alloc_inode+0x8e/0x250 [ 749.443966][T16299] create_pipe_files+0x4c/0x970 [ 749.444009][T16299] do_pipe2+0xbd/0x1e0 [ 749.444059][T16299] ? __pfx_do_pipe2+0x10/0x10 [ 749.444094][T16299] ? __pfx___x64_sys_futex+0x10/0x10 [ 749.444153][T16299] __x64_sys_pipe2+0x54/0x80 [ 749.444190][T16299] do_syscall_64+0x106/0xf80 [ 749.444231][T16299] ? clear_bhb_loop+0x40/0x90 [ 749.444274][T16299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.444310][T16299] RIP: 0033:0x7f6b9539c799 [ 749.444340][T16299] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 749.444376][T16299] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 749.444411][T16299] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 749.444435][T16299] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 749.444457][T16299] RBP: 00007f6b95432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 749.444479][T16299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.444500][T16299] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 749.444546][T16299] [ 750.667809][T16321] FAULT_INJECTION: forcing a failure. [ 750.667809][T16321] name failslab, interval 1, probability 0, space 0, times 0 [ 750.720162][T16321] CPU: 1 UID: 0 PID: 16321 Comm: syz.3.2302 Tainted: G U syzkaller #0 PREEMPT(full) [ 750.720220][T16321] Tainted: [U]=USER [ 750.720233][T16321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 750.720255][T16321] Call Trace: [ 750.720268][T16321] [ 750.720281][T16321] dump_stack_lvl+0x100/0x190 [ 750.720351][T16321] should_fail_ex.cold+0x5/0xa [ 750.720397][T16321] ? __register_sysctl_table+0xbe4/0x1650 [ 750.720459][T16321] should_failslab+0xc2/0x120 [ 750.720495][T16321] __kmalloc_noprof+0xe0/0x850 [ 750.720555][T16321] __register_sysctl_table+0xbe4/0x1650 [ 750.720619][T16321] ? __pfx___register_sysctl_table+0x10/0x10 [ 750.720675][T16321] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 750.720735][T16321] ? __asan_memcpy+0x3c/0x60 [ 750.720787][T16321] register_pidns_sysctls+0x11d/0x1c0 [ 750.720836][T16321] ? __ns_common_init+0x299/0x4b0 [ 750.720879][T16321] copy_pid_ns+0x680/0x10a0 [ 750.720922][T16321] ? __pfx_copy_pid_ns+0x10/0x10 [ 750.720965][T16321] ? rcu_is_watching+0x12/0xc0 [ 750.721021][T16321] ? copy_mnt_ns+0x106/0xc30 [ 750.721060][T16321] ? create_new_namespaces+0x30/0xac0 [ 750.721106][T16321] create_new_namespaces+0x2aa/0xac0 [ 750.721152][T16321] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 750.721195][T16321] ksys_unshare+0x473/0xad0 [ 750.721242][T16321] ? __pfx_ksys_unshare+0x10/0x10 [ 750.721303][T16321] __x64_sys_unshare+0x31/0x40 [ 750.721345][T16321] do_syscall_64+0x106/0xf80 [ 750.721387][T16321] ? clear_bhb_loop+0x40/0x90 [ 750.721430][T16321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.721478][T16321] RIP: 0033:0x7f5e8f99c799 [ 750.721507][T16321] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 750.721543][T16321] RSP: 002b:00007f5e908ab028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 750.721578][T16321] RAX: ffffffffffffffda RBX: 00007f5e8fc15fa0 RCX: 00007f5e8f99c799 [ 750.721601][T16321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 750.721623][T16321] RBP: 00007f5e8fa32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 750.721644][T16321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 750.721665][T16321] R13: 00007f5e8fc16038 R14: 00007f5e8fc15fa0 R15: 00007ffd67a0ae28 [ 750.721711][T16321] [ 750.994350][T16321] sysctl could not get directory: /kernel -12 [ 752.281094][T16359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2311'. [ 753.463182][T16356] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 753.469360][T16356] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 753.538212][T16356] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 753.571683][T16356] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 754.261215][T16389] FAULT_INJECTION: forcing a failure. [ 754.261215][T16389] name fail_futex, interval 1, probability 0, space 0, times 0 [ 754.298475][T16387] FAULT_INJECTION: forcing a failure. [ 754.298475][T16387] name failslab, interval 1, probability 0, space 0, times 0 [ 754.376522][T16389] CPU: 1 UID: 0 PID: 16389 Comm: syz.0.2317 Tainted: G U syzkaller #0 PREEMPT(full) [ 754.376564][T16389] Tainted: [U]=USER [ 754.376572][T16389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 754.376588][T16389] Call Trace: [ 754.376597][T16389] [ 754.376606][T16389] dump_stack_lvl+0x100/0x190 [ 754.376649][T16389] should_fail_ex.cold+0x5/0xa [ 754.376679][T16389] get_futex_key+0x1d2/0x1620 [ 754.376712][T16389] ? __pfx_get_futex_key+0x10/0x10 [ 754.376752][T16389] futex_wait_setup+0x83/0x510 [ 754.376797][T16389] __futex_wait+0x19f/0x300 [ 754.376838][T16389] ? __pfx___futex_wait+0x10/0x10 [ 754.376881][T16389] ? __pfx_futex_wake_mark+0x10/0x10 [ 754.376925][T16389] ? find_held_lock+0x2b/0x80 [ 754.376956][T16389] ? futex_wake+0x456/0x530 [ 754.377000][T16389] futex_wait+0xed/0x380 [ 754.377037][T16389] ? __pfx_futex_wait+0x10/0x10 [ 754.377090][T16389] do_futex+0x1ef/0x350 [ 754.377122][T16389] ? __pfx_do_futex+0x10/0x10 [ 754.377154][T16389] ? __pfx___might_resched+0x10/0x10 [ 754.377190][T16389] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 754.377226][T16389] __x64_sys_futex+0x34f/0x4d0 [ 754.377262][T16389] ? __pfx___x64_sys_futex+0x10/0x10 [ 754.377305][T16389] do_syscall_64+0x106/0xf80 [ 754.377334][T16389] ? clear_bhb_loop+0x40/0x90 [ 754.377364][T16389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.377390][T16389] RIP: 0033:0x7f6b9539c799 [ 754.377410][T16389] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.377435][T16389] RSP: 002b:00007f6b961f10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 754.377461][T16389] RAX: ffffffffffffffda RBX: 00007f6b95616098 RCX: 00007f6b9539c799 [ 754.377477][T16389] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f6b95616098 [ 754.377493][T16389] RBP: 00007f6b95616090 R08: 0000000000000000 R09: 0000000000000000 [ 754.377509][T16389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.377524][T16389] R13: 00007f6b95616128 R14: 00007fff0d60a580 R15: 00007fff0d60a668 [ 754.377558][T16389] [ 754.377655][T16387] CPU: 1 UID: 0 PID: 16387 Comm: syz.0.2317 Tainted: G U syzkaller #0 PREEMPT(full) [ 754.377691][T16387] Tainted: [U]=USER [ 754.377699][T16387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 754.377713][T16387] Call Trace: [ 754.377722][T16387] [ 754.377731][T16387] dump_stack_lvl+0x100/0x190 [ 754.377768][T16387] should_fail_ex.cold+0x5/0xa [ 754.377796][T16387] ? ima_alloc_init_template+0x19d/0x6d0 [ 754.377833][T16387] should_failslab+0xc2/0x120 [ 754.377858][T16387] __kmalloc_noprof+0xe0/0x850 [ 754.377896][T16387] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 754.377935][T16387] ima_alloc_init_template+0x19d/0x6d0 [ 754.377981][T16387] ? take_dentry_name_snapshot+0x310/0x7c0 [ 754.378019][T16387] ima_store_measurement+0x1e3/0x5b0 [ 754.378060][T16387] ? __pfx_ima_store_measurement+0x10/0x10 [ 754.378111][T16387] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 754.378235][T16387] process_measurement+0x19cc/0x2350 [ 754.378279][T16387] ? stack_trace_save+0x8e/0xc0 [ 754.378304][T16387] ? __pfx_process_measurement+0x10/0x10 [ 754.378338][T16387] ? __lock_acquire+0x4a5/0x2630 [ 754.378369][T16387] ? __kasan_slab_alloc+0x89/0x90 [ 754.378391][T16387] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 754.378429][T16387] ? init_file+0x95/0x480 [ 754.378458][T16387] ? alloc_empty_file+0x73/0x1c0 [ 754.378486][T16387] ? alloc_file_pseudo+0x13a/0x230 [ 754.378516][T16387] ? ksys_mmap_pgoff+0x232/0x650 [ 754.378540][T16387] ? __x64_sys_mmap+0x125/0x190 [ 754.378575][T16387] ? do_syscall_64+0x106/0xf80 [ 754.378631][T16387] ? __pfx_aa_file_perm+0x10/0x10 [ 754.378671][T16387] ima_file_mmap+0x1c4/0x1f0 [ 754.378707][T16387] ? __pfx_ima_file_mmap+0x10/0x10 [ 754.378748][T16387] security_mmap_file+0x278/0x9b0 [ 754.378775][T16387] vm_mmap_pgoff+0xec/0x470 [ 754.378806][T16387] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 754.378832][T16387] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 754.378864][T16387] ? hugetlbfs_get_inode+0x36e/0x750 [ 754.378908][T16387] ksys_mmap_pgoff+0x273/0x650 [ 754.378934][T16387] ? __x64_sys_futex+0x358/0x4d0 [ 754.378973][T16387] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 754.378999][T16387] ? xfd_validate_state+0x129/0x190 [ 754.379040][T16387] __x64_sys_mmap+0x125/0x190 [ 754.379081][T16387] do_syscall_64+0x106/0xf80 [ 754.379109][T16387] ? clear_bhb_loop+0x40/0x90 [ 754.379139][T16387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.379165][T16387] RIP: 0033:0x7f6b9539c799 [ 754.379185][T16387] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.379210][T16387] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 754.379232][T16387] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 754.379249][T16387] RDX: 0000000000009c0f RSI: 000000000000000c RDI: 0000000000000000 [ 754.379264][T16387] RBP: 00007f6b95432bd9 R08: ffffffffffffffff R09: 0000300000000000 [ 754.379280][T16387] R10: 0000000000044eb2 R11: 0000000000000246 R12: 0000000000000000 [ 754.379295][T16387] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 754.379327][T16387] [ 755.084883][ T29] audit: type=1804 audit(1772687372.070:4): pid=16387 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.0.2317" name="anon_hugepage" dev="hugetlbfs" ino=60355 res=0 errno=0 [ 755.323875][T16401] snd_aloop snd_aloop.0: Parsing timer source '"' failed with -22 [ 755.543861][ T5146] Bluetooth: hci3: command 0x0406 tx timeout [ 755.543878][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 755.583060][ T5840] Bluetooth: hci1: command 0x0406 tx timeout [ 755.632988][ T5840] Bluetooth: hci2: command 0x0406 tx timeout [ 757.171658][T16431] random: crng reseeded on system resumption [ 758.408499][T16453] FAULT_INJECTION: forcing a failure. [ 758.408499][T16453] name failslab, interval 1, probability 0, space 0, times 0 [ 758.421306][T16453] CPU: 0 UID: 0 PID: 16453 Comm: syz.0.2334 Tainted: G U syzkaller #0 PREEMPT(full) [ 758.421350][T16453] Tainted: [U]=USER [ 758.421359][T16453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 758.421376][T16453] Call Trace: [ 758.421387][T16453] [ 758.421399][T16453] dump_stack_lvl+0x100/0x190 [ 758.421446][T16453] should_fail_ex.cold+0x5/0xa [ 758.421476][T16453] ? __register_sysctl_table+0xbe4/0x1650 [ 758.421520][T16453] should_failslab+0xc2/0x120 [ 758.421547][T16453] __kmalloc_noprof+0xe0/0x850 [ 758.421594][T16453] __register_sysctl_table+0xbe4/0x1650 [ 758.421644][T16453] ? __pfx___register_sysctl_table+0x10/0x10 [ 758.421686][T16453] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 758.421733][T16453] ? __asan_memcpy+0x3c/0x60 [ 758.421772][T16453] register_pidns_sysctls+0x11d/0x1c0 [ 758.421809][T16453] ? __ns_common_init+0x299/0x4b0 [ 758.421842][T16453] copy_pid_ns+0x680/0x10a0 [ 758.421875][T16453] ? __pfx_copy_pid_ns+0x10/0x10 [ 758.421906][T16453] ? rcu_is_watching+0x12/0xc0 [ 758.421948][T16453] ? copy_mnt_ns+0x106/0xc30 [ 758.421978][T16453] ? create_new_namespaces+0x30/0xac0 [ 758.422012][T16453] create_new_namespaces+0x2aa/0xac0 [ 758.422046][T16453] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 758.422078][T16453] ksys_unshare+0x473/0xad0 [ 758.422113][T16453] ? __pfx_ksys_unshare+0x10/0x10 [ 758.422158][T16453] __x64_sys_unshare+0x31/0x40 [ 758.422201][T16453] do_syscall_64+0x106/0xf80 [ 758.422238][T16453] ? clear_bhb_loop+0x40/0x90 [ 758.422271][T16453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 758.422299][T16453] RIP: 0033:0x7f6b9539c799 [ 758.422324][T16453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 758.422350][T16453] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 758.422376][T16453] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 758.422394][T16453] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 758.422410][T16453] RBP: 00007f6b95432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 758.422427][T16453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 758.422443][T16453] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 758.422478][T16453] [ 758.422490][T16453] sysctl could not get directory: /kernel -12 [ 758.691756][T16456] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2335'. [ 759.471709][T16469] FAULT_INJECTION: forcing a failure. [ 759.471709][T16469] name failslab, interval 1, probability 0, space 0, times 0 [ 759.555184][T16469] CPU: 1 UID: 0 PID: 16469 Comm: syz.3.2337 Tainted: G U syzkaller #0 PREEMPT(full) [ 759.555240][T16469] Tainted: [U]=USER [ 759.555253][T16469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 759.555274][T16469] Call Trace: [ 759.555286][T16469] [ 759.555300][T16469] dump_stack_lvl+0x100/0x190 [ 759.555360][T16469] should_fail_ex.cold+0x5/0xa [ 759.555401][T16469] should_failslab+0xc2/0x120 [ 759.555439][T16469] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 759.555490][T16469] ? skb_clone+0x190/0x400 [ 759.555542][T16469] skb_clone+0x190/0x400 [ 759.555586][T16469] netlink_deliver_tap+0xaed/0xcc0 [ 759.555640][T16469] netlink_unicast+0x650/0x870 [ 759.555693][T16469] ? __pfx_netlink_unicast+0x10/0x10 [ 759.555766][T16469] netlink_sendmsg+0x8b0/0xda0 [ 759.555819][T16469] ? __pfx_netlink_sendmsg+0x10/0x10 [ 759.555862][T16469] ? __import_iovec+0x1d2/0x640 [ 759.555900][T16469] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 759.555957][T16469] ____sys_sendmsg+0xa54/0xc30 [ 759.556016][T16469] ? __pfx_____sys_sendmsg+0x10/0x10 [ 759.556087][T16469] ___sys_sendmsg+0x190/0x1e0 [ 759.556144][T16469] ? __pfx____sys_sendmsg+0x10/0x10 [ 759.556250][T16469] __sys_sendmsg+0x170/0x220 [ 759.556295][T16469] ? __pfx___sys_sendmsg+0x10/0x10 [ 759.556365][T16469] do_syscall_64+0x106/0xf80 [ 759.556408][T16469] ? clear_bhb_loop+0x40/0x90 [ 759.556452][T16469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.556488][T16469] RIP: 0033:0x7f5e8f99c799 [ 759.556517][T16469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 759.556570][T16469] RSP: 002b:00007f5e9088a028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 759.556604][T16469] RAX: ffffffffffffffda RBX: 00007f5e8fc16090 RCX: 00007f5e8f99c799 [ 759.556626][T16469] RDX: 0000000000000080 RSI: 00002000000000c0 RDI: 0000000000000006 [ 759.556647][T16469] RBP: 00007f5e9088a090 R08: 0000000000000000 R09: 0000000000000000 [ 759.556668][T16469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 759.556689][T16469] R13: 00007f5e8fc16128 R14: 00007f5e8fc16090 R15: 00007ffd67a0ae28 [ 759.556746][T16469] [ 759.558071][T16469] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2337'. [ 762.323967][T16516] FAULT_INJECTION: forcing a failure. [ 762.323967][T16516] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 762.359001][ T5146] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 762.378187][ T5146] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 762.411831][T16516] CPU: 0 UID: 0 PID: 16516 Comm: syz.2.2352 Tainted: G U syzkaller #0 PREEMPT(full) [ 762.411882][T16516] Tainted: [U]=USER [ 762.411893][T16516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 762.411913][T16516] Call Trace: [ 762.411925][T16516] [ 762.411938][T16516] dump_stack_lvl+0x100/0x190 [ 762.412009][T16516] should_fail_ex.cold+0x5/0xa [ 762.412041][T16516] ? prepare_alloc_pages+0x16d/0x5f0 [ 762.412084][T16516] should_fail_alloc_page+0xeb/0x140 [ 762.412122][T16516] prepare_alloc_pages+0x1f0/0x5f0 [ 762.412170][T16516] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 762.412227][T16516] ? stack_trace_save+0x8e/0xc0 [ 762.412261][T16516] ? __pfx_stack_trace_save+0x10/0x10 [ 762.412296][T16516] ? stack_depot_save_flags+0x27/0x9d0 [ 762.412341][T16516] ? kasan_save_stack+0x3f/0x50 [ 762.412388][T16516] ? kasan_save_stack+0x30/0x50 [ 762.412440][T16516] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 762.412489][T16516] ? __pmd_alloc+0xbf/0x9c0 [ 762.412524][T16516] ? __handle_mm_fault+0xa99/0x2b60 [ 762.412566][T16516] ? handle_mm_fault+0x36d/0xa20 [ 762.412608][T16516] ? exc_page_fault+0x6f/0xd0 [ 762.412644][T16516] ? rep_movs_alternative+0xf/0x90 [ 762.412691][T16516] ? _copy_from_user+0x98/0xd0 [ 762.412741][T16516] ? memdup_user_nul+0x6c/0x120 [ 762.412793][T16516] ? event_inject_write+0xcb/0x2190 [ 762.412835][T16516] ? vfs_writev+0x5ea/0xe10 [ 762.412882][T16516] ? do_writev+0x13e/0x340 [ 762.412929][T16516] ? do_syscall_64+0x106/0xf80 [ 762.412967][T16516] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 762.413031][T16516] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 762.413091][T16516] ? policy_nodemask+0xed/0x4f0 [ 762.413130][T16516] alloc_pages_mpol+0x1fb/0x550 [ 762.413168][T16516] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 762.413217][T16516] alloc_pages_noprof+0x131/0x390 [ 762.413257][T16516] pte_alloc_one+0x1e/0x3e0 [ 762.413297][T16516] do_fault+0x8cc/0x1950 [ 762.413334][T16516] ? __pmd_alloc+0x6aa/0x9c0 [ 762.413377][T16516] __handle_mm_fault+0x180f/0x2b60 [ 762.413430][T16516] ? mt_find+0x45e/0x8e0 [ 762.413476][T16516] ? __pfx___handle_mm_fault+0x10/0x10 [ 762.413519][T16516] ? __pfx_mt_find+0x10/0x10 [ 762.413587][T16516] ? find_vma+0xbf/0x140 [ 762.413618][T16516] ? __pfx_find_vma+0x10/0x10 [ 762.413655][T16516] handle_mm_fault+0x36d/0xa20 [ 762.413711][T16516] do_user_addr_fault+0x74c/0x12f0 [ 762.413780][T16516] exc_page_fault+0x6f/0xd0 [ 762.413820][T16516] asm_exc_page_fault+0x26/0x30 [ 762.413854][T16516] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 762.413906][T16516] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 762.413941][T16516] RSP: 0018:ffffc9000936fa58 EFLAGS: 00050202 [ 762.413968][T16516] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 762.413996][T16516] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff88802a0c7920 [ 762.414018][T16516] RBP: 0000000000000004 R08: 0000000000000001 R09: ffffed1005418f24 [ 762.414040][T16516] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 762.414061][T16516] R13: ffff88802a0c7920 R14: dffffc0000000000 R15: 0000000000000004 [ 762.414107][T16516] _copy_from_user+0x98/0xd0 [ 762.414163][T16516] memdup_user_nul+0x6c/0x120 [ 762.414219][T16516] event_inject_write+0xcb/0x2190 [ 762.414264][T16516] ? __pfx_aa_file_perm+0x10/0x10 [ 762.414315][T16516] ? __pfx_event_inject_write+0x10/0x10 [ 762.414356][T16516] ? __pfx___might_resched+0x10/0x10 [ 762.414408][T16516] ? iovec_from_user+0xda/0x140 [ 762.414469][T16516] ? __pfx_event_inject_write+0x10/0x10 [ 762.414512][T16516] vfs_writev+0x5ea/0xe10 [ 762.414561][T16516] ? rcu_is_watching+0x12/0xc0 [ 762.414623][T16516] ? __pfx_vfs_writev+0x10/0x10 [ 762.414670][T16516] ? fdget_pos+0x2aa/0x380 [ 762.414707][T16516] ? find_held_lock+0x2b/0x80 [ 762.414765][T16516] ? __fget_files+0x21f/0x3d0 [ 762.414807][T16516] ? do_writev+0x13e/0x340 [ 762.414855][T16516] do_writev+0x13e/0x340 [ 762.414906][T16516] ? __pfx_do_writev+0x10/0x10 [ 762.414968][T16516] do_syscall_64+0x106/0xf80 [ 762.415014][T16516] ? clear_bhb_loop+0x40/0x90 [ 762.415057][T16516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 762.415093][T16516] RIP: 0033:0x7f447899c799 [ 762.415120][T16516] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 762.415153][T16516] RSP: 002b:00007f44797c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 762.415185][T16516] RAX: ffffffffffffffda RBX: 00007f4478c15fa0 RCX: 00007f447899c799 [ 762.415208][T16516] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000004 [ 762.415230][T16516] RBP: 00007f44797c3090 R08: 0000000000000000 R09: 0000000000000000 [ 762.415251][T16516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 762.415272][T16516] R13: 00007f4478c16038 R14: 00007f4478c15fa0 R15: 00007ffc04e7bf78 [ 762.415318][T16516] [ 762.415443][ T5146] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 762.929453][ T5146] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 762.939609][ T5146] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 763.891973][T16517] chnl_net:caif_netlink_parms(): no params data found [ 764.333645][T16517] bridge0: port 1(bridge_slave_0) entered blocking state [ 764.342462][T16517] bridge0: port 1(bridge_slave_0) entered disabled state [ 764.350290][T16517] bridge_slave_0: entered allmulticast mode [ 764.360163][T16517] bridge_slave_0: entered promiscuous mode [ 764.369786][T16517] bridge0: port 2(bridge_slave_1) entered blocking state [ 764.377950][T16517] bridge0: port 2(bridge_slave_1) entered disabled state [ 764.385275][T16517] bridge_slave_1: entered allmulticast mode [ 764.394138][T16517] bridge_slave_1: entered promiscuous mode [ 764.476698][T16517] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 764.502873][T16517] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 764.690032][T16535] binder: 16534:16535 ioctl c018620c 0 returned -1 [ 764.865714][ T2993] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 764.939307][T16551] binder: 16546:16551 ioctl c018620c 0 returned -1 [ 764.952545][T16517] team0: Port device team_slave_0 added [ 764.996410][T16517] team0: Port device team_slave_1 added [ 765.067786][ T5840] Bluetooth: hci4: command tx timeout [ 765.179540][ T2993] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 765.291322][ T2993] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 765.449007][T16517] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 765.456065][T16517] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.482354][T16517] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 765.505908][T16517] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 765.513074][T16517] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 765.542581][T16517] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 765.745165][ T2993] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 765.911286][T16517] hsr_slave_0: entered promiscuous mode [ 765.929468][T16517] hsr_slave_1: entered promiscuous mode [ 765.936703][T16517] debugfs: 'hsr0' already exists in 'hsr' [ 765.958533][T16517] Cannot create hsr debugfs directory [ 766.620992][T16577] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2366'. [ 766.684398][ T2993] bridge_slave_0: left allmulticast mode [ 766.691143][ T2993] bridge_slave_0: left promiscuous mode [ 766.719404][ T2993] bridge0: port 1(bridge_slave_0) entered disabled state [ 767.148974][ T5840] Bluetooth: hci4: command tx timeout [ 767.819688][ T2993] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 767.867408][ T2993] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 767.899907][ T2993] bond0 (unregistering): Released all slaves [ 768.732021][ T2993] hsr_slave_0: left promiscuous mode [ 768.748615][ T2993] hsr_slave_1: left promiscuous mode [ 768.756815][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 768.764817][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 768.791230][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 768.819947][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 768.858822][ T2993] veth1_macvtap: left promiscuous mode [ 768.882237][ T2993] veth0_macvtap: left promiscuous mode [ 769.239900][ T5840] Bluetooth: hci4: command tx timeout [ 770.839464][T16644] FAULT_INJECTION: forcing a failure. [ 770.839464][T16644] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 770.867056][T16517] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 770.899965][T16517] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 770.908222][T16644] CPU: 1 UID: 0 PID: 16644 Comm: syz.0.2374 Tainted: G U syzkaller #0 PREEMPT(full) [ 770.908273][T16644] Tainted: [U]=USER [ 770.908285][T16644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 770.908305][T16644] Call Trace: [ 770.908316][T16644] [ 770.908328][T16644] dump_stack_lvl+0x100/0x190 [ 770.908383][T16644] should_fail_ex.cold+0x5/0xa [ 770.908422][T16644] _copy_from_iter+0x1f4/0x1690 [ 770.908466][T16644] ? __pfx__copy_from_iter+0x10/0x10 [ 770.908518][T16644] ? rcu_is_watching+0x12/0xc0 [ 770.908568][T16644] ? trace_kmalloc+0x101/0x130 [ 770.908602][T16644] ? __kasan_kmalloc+0xaa/0xb0 [ 770.908654][T16644] ? __kmalloc_noprof+0x320/0x850 [ 770.908711][T16644] kernfs_fop_write_iter+0x186/0x5f0 [ 770.908753][T16644] vfs_write+0x6ac/0x1070 [ 770.908804][T16644] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 770.908843][T16644] ? __pfx_vfs_write+0x10/0x10 [ 770.908923][T16644] ksys_write+0x12a/0x250 [ 770.908974][T16644] ? __pfx_ksys_write+0x10/0x10 [ 770.909038][T16644] do_syscall_64+0x106/0xf80 [ 770.909076][T16644] ? clear_bhb_loop+0x40/0x90 [ 770.909117][T16644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 770.909150][T16644] RIP: 0033:0x7f6b9539c799 [ 770.909184][T16644] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 770.909217][T16644] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 770.909249][T16644] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 770.909270][T16644] RDX: 00000000000098c7 RSI: 0000200000000440 RDI: 0000000000000003 [ 770.909291][T16644] RBP: 00007f6b96212090 R08: 0000000000000000 R09: 0000000000000000 [ 770.909324][T16644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 770.909345][T16644] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 770.909393][T16644] [ 771.243495][T16517] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 771.273845][T16517] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 771.321237][ T5840] Bluetooth: hci4: command tx timeout [ 771.792062][T16680] FAULT_INJECTION: forcing a failure. [ 771.792062][T16680] name failslab, interval 1, probability 0, space 0, times 0 [ 771.849724][T16680] CPU: 0 UID: 0 PID: 16680 Comm: syz.0.2380 Tainted: G U syzkaller #0 PREEMPT(full) [ 771.849784][T16680] Tainted: [U]=USER [ 771.849799][T16680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 771.849821][T16680] Call Trace: [ 771.849834][T16680] [ 771.849849][T16680] dump_stack_lvl+0x100/0x190 [ 771.849914][T16680] should_fail_ex.cold+0x5/0xa [ 771.849963][T16680] should_failslab+0xc2/0x120 [ 771.850005][T16680] __kmalloc_cache_noprof+0x7a/0x6f0 [ 771.850056][T16680] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 771.850292][T16680] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 771.850359][T16680] ? lockdep_hardirqs_on+0x78/0x100 [ 771.850408][T16680] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 771.850473][T16680] ? snd_pcm_oss_change_params_locked+0xa6d/0x39f0 [ 771.850535][T16680] ? kfree+0x1f6/0x6b0 [ 771.850601][T16680] snd_pcm_oss_change_params_locked+0xae1/0x39f0 [ 771.850687][T16680] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 771.850749][T16680] ? __pfx___mutex_lock+0x10/0x10 [ 771.850833][T16680] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 771.850905][T16680] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 771.850989][T16680] ? __fget_files+0x215/0x3d0 [ 771.851020][T16680] ? hook_file_ioctl_common+0x146/0x410 [ 771.851081][T16680] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 771.851147][T16680] ? __fget_files+0x21f/0x3d0 [ 771.851187][T16680] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 771.851251][T16680] __x64_sys_ioctl+0x18e/0x210 [ 771.851306][T16680] do_syscall_64+0x106/0xf80 [ 771.851348][T16680] ? clear_bhb_loop+0x40/0x90 [ 771.851394][T16680] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.851434][T16680] RIP: 0033:0x7f6b9539c799 [ 771.851466][T16680] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 771.851503][T16680] RSP: 002b:00007f6b96212028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 771.851548][T16680] RAX: ffffffffffffffda RBX: 00007f6b95615fa0 RCX: 00007f6b9539c799 [ 771.851575][T16680] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000003 [ 771.851598][T16680] RBP: 00007f6b96212090 R08: 0000000000000000 R09: 0000000000000000 [ 771.851623][T16680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 771.851646][T16680] R13: 00007f6b95616038 R14: 00007f6b95615fa0 R15: 00007fff0d60a668 [ 771.851696][T16680] [ 772.125900][T16517] 8021q: adding VLAN 0 to HW filter on device bond0 [ 772.142636][T16517] 8021q: adding VLAN 0 to HW filter on device team0 [ 772.174812][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state [ 772.182106][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 772.209261][T16684] netlink: 'syz.1.2381': attribute type 1 has an invalid length. [ 772.245992][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state [ 772.253314][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 773.497410][T16517] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 773.628986][T16517] veth0_vlan: entered promiscuous mode [ 773.678955][T16517] veth1_vlan: entered promiscuous mode [ 773.765192][T16517] veth0_macvtap: entered promiscuous mode [ 773.787472][T16517] veth1_macvtap: entered promiscuous mode [ 773.860690][T16517] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 773.902257][T16517] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 773.980472][ T2968] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 773.995941][ T2968] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 774.013903][ T2968] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 774.077902][ T2968] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 774.331659][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 774.365798][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 774.477877][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 774.496710][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 774.858753][T16755] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 774.905608][T16742] binder: 16740:16742 ioctl c018620c 0 returned -1 [ 776.476209][T16787] FAULT_INJECTION: forcing a failure. [ 776.476209][T16787] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 776.535120][T16787] CPU: 0 UID: 0 PID: 16787 Comm: syz.3.2397 Tainted: G U syzkaller #0 PREEMPT(full) [ 776.535169][T16787] Tainted: [U]=USER [ 776.535180][T16787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 776.535200][T16787] Call Trace: [ 776.535229][T16787] [ 776.535242][T16787] dump_stack_lvl+0x100/0x190 [ 776.535297][T16787] should_fail_ex.cold+0x5/0xa [ 776.535338][T16787] _copy_from_user+0x2e/0xd0 [ 776.535394][T16787] do_fb_ioctl+0x1a9/0x7e0 [ 776.535560][T16787] ? __pfx_do_fb_ioctl+0x10/0x10 [ 776.535614][T16787] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 776.535708][T16787] ? __fget_files+0x21f/0x3d0 [ 776.535747][T16787] fb_ioctl+0xe5/0x150 [ 776.535780][T16787] ? __pfx_fb_ioctl+0x10/0x10 [ 776.535816][T16787] __x64_sys_ioctl+0x18e/0x210 [ 776.535894][T16787] do_syscall_64+0x106/0xf80 [ 776.535934][T16787] ? clear_bhb_loop+0x40/0x90 [ 776.535974][T16787] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 776.536009][T16787] RIP: 0033:0x7fbf9639c799 [ 776.536037][T16787] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 776.536070][T16787] RSP: 002b:00007fbf972ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 776.536102][T16787] RAX: ffffffffffffffda RBX: 00007fbf96615fa0 RCX: 00007fbf9639c799 [ 776.536124][T16787] RDX: 0000200000000140 RSI: 0000000000004601 RDI: 0000000000000003 [ 776.536151][T16787] RBP: 00007fbf972ad090 R08: 0000000000000000 R09: 0000000000000000 [ 776.536172][T16787] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 776.536192][T16787] R13: 00007fbf96616038 R14: 00007fbf96615fa0 R15: 00007ffe17895788 [ 776.536236][T16787] [ 778.042430][ T5146] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 778.056930][ T5146] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 778.065879][ T5146] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 778.075695][ T5146] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 778.083525][ T5146] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 778.342055][T16818] FAULT_INJECTION: forcing a failure. [ 778.342055][T16818] name failslab, interval 1, probability 0, space 0, times 0 [ 778.365351][T16818] CPU: 1 UID: 0 PID: 16818 Comm: syz.3.2408 Tainted: G U syzkaller #0 PREEMPT(full) [ 778.365405][T16818] Tainted: [U]=USER [ 778.365414][T16818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 778.365430][T16818] Call Trace: [ 778.365441][T16818] [ 778.365452][T16818] dump_stack_lvl+0x100/0x190 [ 778.365506][T16818] should_fail_ex.cold+0x5/0xa [ 778.365536][T16818] ? __register_sysctl_table+0xbe4/0x1650 [ 778.365577][T16818] should_failslab+0xc2/0x120 [ 778.365604][T16818] __kmalloc_noprof+0xe0/0x850 [ 778.365649][T16818] __register_sysctl_table+0xbe4/0x1650 [ 778.365697][T16818] ? __pfx___register_sysctl_table+0x10/0x10 [ 778.365740][T16818] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 778.365786][T16818] ? __asan_memcpy+0x3c/0x60 [ 778.365825][T16818] register_pidns_sysctls+0x11d/0x1c0 [ 778.365861][T16818] ? __ns_common_init+0x299/0x4b0 [ 778.365893][T16818] copy_pid_ns+0x680/0x10a0 [ 778.365925][T16818] ? __pfx_copy_pid_ns+0x10/0x10 [ 778.365968][T16818] ? rcu_is_watching+0x12/0xc0 [ 778.366011][T16818] ? copy_mnt_ns+0x106/0xc30 [ 778.366042][T16818] ? create_new_namespaces+0x30/0xac0 [ 778.366076][T16818] create_new_namespaces+0x2aa/0xac0 [ 778.366111][T16818] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 778.366147][T16818] ksys_unshare+0x473/0xad0 [ 778.366184][T16818] ? __pfx_ksys_unshare+0x10/0x10 [ 778.366252][T16818] __x64_sys_unshare+0x31/0x40 [ 778.366291][T16818] do_syscall_64+0x106/0xf80 [ 778.366322][T16818] ? clear_bhb_loop+0x40/0x90 [ 778.366392][T16818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 778.366429][T16818] RIP: 0033:0x7fbf9639c799 [ 778.366459][T16818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 778.366497][T16818] RSP: 002b:00007fbf972ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 778.366532][T16818] RAX: ffffffffffffffda RBX: 00007fbf96615fa0 RCX: 00007fbf9639c799 [ 778.366558][T16818] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 778.366582][T16818] RBP: 00007fbf96432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 778.366606][T16818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 778.366629][T16818] R13: 00007fbf96616038 R14: 00007fbf96615fa0 R15: 00007ffe17895788 [ 778.366679][T16818] [ 778.370115][T16818] sysctl could not get directory: /kernel -12 [ 779.007093][T16829] FAULT_INJECTION: forcing a failure. [ 779.007093][T16829] name failslab, interval 1, probability 0, space 0, times 0 [ 779.026914][T16814] chnl_net:caif_netlink_parms(): no params data found [ 779.058249][T16829] CPU: 0 UID: 0 PID: 16829 Comm: syz.2.2410 Tainted: G U syzkaller #0 PREEMPT(full) [ 779.058305][T16829] Tainted: [U]=USER [ 779.058317][T16829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 779.058339][T16829] Call Trace: [ 779.058351][T16829] [ 779.058365][T16829] dump_stack_lvl+0x100/0x190 [ 779.058424][T16829] should_fail_ex.cold+0x5/0xa [ 779.058467][T16829] ? __register_sysctl_table+0xbe4/0x1650 [ 779.058537][T16829] should_failslab+0xc2/0x120 [ 779.058579][T16829] __kmalloc_noprof+0xe0/0x850 [ 779.058644][T16829] __register_sysctl_table+0xbe4/0x1650 [ 779.058716][T16829] ? __pfx___register_sysctl_table+0x10/0x10 [ 779.058777][T16829] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 779.058843][T16829] ? __asan_memcpy+0x3c/0x60 [ 779.058899][T16829] register_pidns_sysctls+0x11d/0x1c0 [ 779.058950][T16829] ? __ns_common_init+0x299/0x4b0 [ 779.058998][T16829] copy_pid_ns+0x680/0x10a0 [ 779.059044][T16829] ? __pfx_copy_pid_ns+0x10/0x10 [ 779.059102][T16829] ? rcu_is_watching+0x12/0xc0 [ 779.059163][T16829] ? copy_mnt_ns+0x106/0xc30 [ 779.059206][T16829] ? create_new_namespaces+0x30/0xac0 [ 779.059271][T16829] create_new_namespaces+0x2aa/0xac0 [ 779.059320][T16829] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 779.059364][T16829] ksys_unshare+0x473/0xad0 [ 779.059414][T16829] ? __pfx_ksys_unshare+0x10/0x10 [ 779.059501][T16829] __x64_sys_unshare+0x31/0x40 [ 779.059557][T16829] do_syscall_64+0x106/0xf80 [ 779.059600][T16829] ? clear_bhb_loop+0x40/0x90 [ 779.059647][T16829] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.059686][T16829] RIP: 0033:0x7f447899c799 [ 779.059717][T16829] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 779.059753][T16829] RSP: 002b:00007f44797a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 779.059787][T16829] RAX: ffffffffffffffda RBX: 00007f4478c16090 RCX: 00007f447899c799 [ 779.059811][T16829] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 779.059833][T16829] RBP: 00007f4478a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 779.059856][T16829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 779.059879][T16829] R13: 00007f4478c16128 R14: 00007f4478c16090 R15: 00007ffc04e7bf78 [ 779.059926][T16829] [ 779.323819][T16829] sysctl could not get directory: /kernel -12 [ 779.645240][T16814] bridge0: port 1(bridge_slave_0) entered blocking state [ 779.675099][T16814] bridge0: port 1(bridge_slave_0) entered disabled state [ 779.712226][T16814] bridge_slave_0: entered allmulticast mode [ 779.735262][T16814] bridge_slave_0: entered promiscuous mode [ 779.771730][T16814] bridge0: port 2(bridge_slave_1) entered blocking state [ 779.785114][T16814] bridge0: port 2(bridge_slave_1) entered disabled state [ 779.855238][T16814] bridge_slave_1: entered allmulticast mode [ 779.876621][T16814] bridge_slave_1: entered promiscuous mode [ 780.046181][T16837] FAULT_INJECTION: forcing a failure. [ 780.046181][T16837] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 780.075255][T16837] CPU: 0 UID: 0 PID: 16837 Comm: syz.1.2411 Tainted: G U syzkaller #0 PREEMPT(full) [ 780.075307][T16837] Tainted: [U]=USER [ 780.075320][T16837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 780.075342][T16837] Call Trace: [ 780.075354][T16837] [ 780.075367][T16837] dump_stack_lvl+0x100/0x190 [ 780.075423][T16837] should_fail_ex.cold+0x5/0xa [ 780.075451][T16837] ? prepare_alloc_pages+0x16d/0x5f0 [ 780.075497][T16837] should_fail_alloc_page+0xeb/0x140 [ 780.075530][T16837] prepare_alloc_pages+0x1f0/0x5f0 [ 780.075563][T16837] ? kernel_text_address+0x8d/0x100 [ 780.075609][T16837] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 780.075671][T16837] ? copy_splice_read+0x1a3/0xb90 [ 780.075723][T16837] ? stack_trace_save+0x8e/0xc0 [ 780.075756][T16837] ? __pfx_stack_trace_save+0x10/0x10 [ 780.075786][T16837] ? do_splice_direct+0x174/0x240 [ 780.075819][T16837] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 780.075876][T16837] ? copy_splice_read+0x1a3/0xb90 [ 780.075921][T16837] ? kasan_save_stack+0x3f/0x50 [ 780.075964][T16837] ? kasan_save_stack+0x30/0x50 [ 780.076008][T16837] ? kasan_save_track+0x14/0x30 [ 780.076050][T16837] ? __kasan_kmalloc+0xaa/0xb0 [ 780.076092][T16837] ? __kmalloc_noprof+0x301/0x850 [ 780.076134][T16837] ? copy_splice_read+0x1a3/0xb90 [ 780.076178][T16837] ? do_splice_read+0x285/0x370 [ 780.076226][T16837] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.076276][T16837] alloc_pages_bulk_noprof+0x782/0x1490 [ 780.076333][T16837] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 780.076388][T16837] ? __kmalloc_noprof+0x320/0x850 [ 780.076437][T16837] copy_splice_read+0x1e1/0xb90 [ 780.076500][T16837] ? __pfx_copy_splice_read+0x10/0x10 [ 780.076558][T16837] ? find_held_lock+0x2b/0x80 [ 780.076591][T16837] ? __pfx_copy_splice_read+0x10/0x10 [ 780.076637][T16837] do_splice_read+0x285/0x370 [ 780.076689][T16837] splice_direct_to_actor+0x2a1/0xa30 [ 780.076740][T16837] ? __pfx_direct_splice_actor+0x10/0x10 [ 780.076794][T16837] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 780.076852][T16837] do_splice_direct+0x174/0x240 [ 780.076881][T16837] ? __pfx_do_splice_direct+0x10/0x10 [ 780.076931][T16837] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 780.076985][T16837] ? rw_verify_area+0xce/0x6d0 [ 780.077030][T16837] do_sendfile+0xadc/0xe20 [ 780.077080][T16837] ? __pfx_do_sendfile+0x10/0x10 [ 780.077126][T16837] ? __fget_files+0x21f/0x3d0 [ 780.077161][T16837] __x64_sys_sendfile64+0x1d8/0x220 [ 780.077193][T16837] ? ksys_write+0x1ac/0x250 [ 780.077238][T16837] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 780.077281][T16837] do_syscall_64+0x106/0xf80 [ 780.077315][T16837] ? clear_bhb_loop+0x40/0x90 [ 780.077351][T16837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 780.077381][T16837] RIP: 0033:0x7f62e9f9c799 [ 780.077405][T16837] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 780.077433][T16837] RSP: 002b:00007f62ead74028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 780.077460][T16837] RAX: ffffffffffffffda RBX: 00007f62ea215fa0 RCX: 00007f62e9f9c799 [ 780.077486][T16837] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 780.077503][T16837] RBP: 00007f62ead74090 R08: 0000000000000000 R09: 0000000000000000 [ 780.077522][T16837] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000001 [ 780.077539][T16837] R13: 00007f62ea216038 R14: 00007f62ea215fa0 R15: 00007fffd916d978 [ 780.077577][T16837] [ 780.147527][ T5840] Bluetooth: hci2: command tx timeout [ 780.568655][T16814] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 780.643986][T16839] can: request_module (can-proto-0) failed. [ 780.697695][ T2993] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 780.753085][T16847] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2413'. [ 780.808893][T16814] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 780.932189][ T2993] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 780.937022][T16853] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2415'. [ 781.019092][T16814] team0: Port device team_slave_0 added [ 781.026123][T16850] ima: policy update failed [ 781.032463][ T29] audit: type=1802 audit(1772687398.027:5): pid=16850 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2415" res=0 errno=0 [ 781.090951][ T2993] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 781.138792][T16814] team0: Port device team_slave_1 added [ 781.205376][T16814] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 781.236588][T16814] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.289844][T16814] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 781.358272][T16814] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 781.385827][T16814] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.467902][T16814] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 781.577137][T16859] binder: 16858:16859 ioctl c018620c 0 returned -1 [ 781.663588][T16814] hsr_slave_0: entered promiscuous mode [ 781.674141][T16814] hsr_slave_1: entered promiscuous mode [ 781.691960][T16814] debugfs: 'hsr0' already exists in 'hsr' [ 781.705787][T16814] Cannot create hsr debugfs directory [ 782.283414][ T2993] bridge_slave_1: left allmulticast mode [ 782.296292][ T2993] bridge_slave_1: left promiscuous mode [ 782.302200][ T2993] bridge0: port 2(bridge_slave_1) entered disabled state [ 782.322405][ T2993] bridge_slave_0: left allmulticast mode [ 782.334182][ T2993] bridge_slave_0: left promiscuous mode [ 782.337343][T16881] vivid-009: kernel_thread() failed [ 782.356745][ T2993] bridge0: port 1(bridge_slave_0) entered disabled state [ 782.516539][ T5840] Bluetooth: hci2: command tx timeout [ 782.698749][ T2993] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 782.710637][ T2993] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 782.725336][ T2993] bond0 (unregistering): Released all slaves [ 783.680416][ T2993] hsr_slave_0: left promiscuous mode [ 783.700593][ T2993] hsr_slave_1: left promiscuous mode [ 783.719676][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 783.751583][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 783.839104][ T2993] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 783.867162][ T2993] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 783.899283][ T2993] veth0_macvtap: left promiscuous mode [ 784.423319][T16920] binder: 16913:16920 ioctl c018620c 0 returned -1 [ 784.599686][ T5840] Bluetooth: hci2: command tx timeout [ 784.731421][ T2993] team0 (unregistering): Port device team_slave_1 removed [ 784.795376][ T2993] team0 (unregistering): Port device team_slave_0 removed [ 785.754431][T16814] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 785.916706][T16814] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 786.010617][T16814] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 786.053595][T16814] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 786.516677][T16814] 8021q: adding VLAN 0 to HW filter on device bond0 [ 786.683434][ T5840] Bluetooth: hci2: command tx timeout [ 786.775848][T16814] 8021q: adding VLAN 0 to HW filter on device team0 [ 786.790399][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state [ 786.797598][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 786.865009][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state [ 786.872304][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state [ 787.124954][T16970] Setting dangerous option i915.mitigations - tainting kernel [ 788.148834][T16814] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 788.340969][T16814] veth0_vlan: entered promiscuous mode [ 788.397792][T16814] veth1_vlan: entered promiscuous mode [ 788.443645][T16992] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2438'. [ 788.548075][T16814] veth0_macvtap: entered promiscuous mode [ 788.565878][T16814] veth1_macvtap: entered promiscuous mode [ 788.873051][T16814] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 788.918712][T16814] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 788.964522][T16999] FAULT_INJECTION: forcing a failure. [ 788.964522][T16999] name failslab, interval 1, probability 0, space 0, times 0 [ 788.981955][ T2993] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.004917][ T2993] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.014889][T16999] CPU: 1 UID: 0 PID: 16999 Comm: syz.2.2440 Tainted: G U syzkaller #0 PREEMPT(full) [ 789.014929][T16999] Tainted: [U]=USER [ 789.014938][T16999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 789.014954][T16999] Call Trace: [ 789.014962][T16999] [ 789.014972][T16999] dump_stack_lvl+0x100/0x190 [ 789.015015][T16999] should_fail_ex.cold+0x5/0xa [ 789.015044][T16999] should_failslab+0xc2/0x120 [ 789.015070][T16999] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 789.015108][T16999] ? __d_alloc+0x34/0xa80 [ 789.015141][T16999] __d_alloc+0x34/0xa80 [ 789.015171][T16999] d_alloc_pseudo+0x1c/0xc0 [ 789.015206][T16999] alloc_file_pseudo+0xcf/0x230 [ 789.015239][T16999] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 789.015278][T16999] __shmem_file_setup+0x221/0x490 [ 789.015312][T16999] ? __pfx___shmem_file_setup+0x10/0x10 [ 789.015354][T16999] ? vm_area_alloc+0x1f/0x160 [ 789.015390][T16999] shmem_zero_setup+0x96/0x1b0 [ 789.015430][T16999] __mmap_region+0x2198/0x29e0 [ 789.015470][T16999] ? __pfx___mmap_region+0x10/0x10 [ 789.015503][T16999] ? process_measurement+0x1f4/0x2350 [ 789.015539][T16999] ? css_rstat_updated+0x1ce/0x5a0 [ 789.015567][T16999] ? __pfx_css_rstat_updated+0x10/0x10 [ 789.015604][T16999] ? __lock_acquire+0x4a5/0x2630 [ 789.015635][T16999] ? trace_pelt_se_tp+0x159/0x1b0 [ 789.015678][T16999] ? find_held_lock+0x2b/0x80 [ 789.015700][T16999] ? finish_task_switch.isra.0+0x200/0xb80 [ 789.015726][T16999] ? finish_task_switch.isra.0+0x200/0xb80 [ 789.015763][T16999] ? trace_sched_exit_tp+0x13a/0x180 [ 789.015792][T16999] ? __schedule+0x1000/0x6120 [ 789.015863][T16999] ? rcu_is_watching+0x12/0xc0 [ 789.015901][T16999] ? cap_capable+0x107/0x460 [ 789.015940][T16999] mmap_region+0x180/0x3e0 [ 789.015982][T16999] do_mmap+0xc63/0x12f0 [ 789.016014][T16999] ? __pfx_do_mmap+0x10/0x10 [ 789.016040][T16999] ? __pfx_down_write_killable+0x10/0x10 [ 789.016081][T16999] vm_mmap_pgoff+0x29e/0x470 [ 789.016113][T16999] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 789.016142][T16999] ? do_futex+0x192/0x350 [ 789.016176][T16999] ? __pfx_do_futex+0x10/0x10 [ 789.016213][T16999] ksys_mmap_pgoff+0xe1/0x650 [ 789.016238][T16999] ? __x64_sys_futex+0x34f/0x4d0 [ 789.016268][T16999] ? __x64_sys_futex+0x358/0x4d0 [ 789.016301][T16999] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 789.016329][T16999] ? xfd_validate_state+0x129/0x190 [ 789.016371][T16999] __x64_sys_mmap+0x125/0x190 [ 789.016410][T16999] do_syscall_64+0x106/0xf80 [ 789.016439][T16999] ? clear_bhb_loop+0x40/0x90 [ 789.016470][T16999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 789.016495][T16999] RIP: 0033:0x7f447899c799 [ 789.016516][T16999] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 789.016541][T16999] RSP: 002b:00007f44797c3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 789.016565][T16999] RAX: ffffffffffffffda RBX: 00007f4478c15fa0 RCX: 00007f447899c799 [ 789.016582][T16999] RDX: 00004000000000df RSI: 0000000000000101 RDI: 0000000000000000 [ 789.016598][T16999] RBP: 00007f4478a32bd9 R08: 0000000200000401 R09: 0000000000008000 [ 789.016614][T16999] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 789.016629][T16999] R13: 00007f4478c16038 R14: 00007f4478c15fa0 R15: 00007ffc04e7bf78 [ 789.016661][T16999] [ 789.721372][ T2993] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 789.916853][ T2993] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.162707][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 790.202817][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 790.295144][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 790.318391][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 790.569247][T17011] ubi0: attaching mtd1 [ 790.673106][T17011] ubi0: scanning is finished [ 790.677877][T17011] ubi0: empty MTD device detected [ 790.700756][T17011] ubi0 error: ubi_read_volume_table: LEB size too small for a volume record [ 791.163191][ T5146] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 791.172895][ T5146] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 791.182304][ T5146] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 791.190685][ T5146] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 791.214344][ T5146] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 791.728950][T17011] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd1, error -22 [ 791.978854][T17019] chnl_net:caif_netlink_parms(): no params data found [ 792.012916][T17024] can: request_module (can-proto-0) failed. [ 792.408837][ T9098] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 792.448705][T17036] FAULT_INJECTION: forcing a failure. [ 792.448705][T17036] name failslab, interval 1, probability 0, space 0, times 0 [ 792.542955][T17036] CPU: 0 UID: 0 PID: 17036 Comm: syz.0.2446 Tainted: G U syzkaller #0 PREEMPT(full) [ 792.543015][T17036] Tainted: [U]=USER [ 792.543028][T17036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 792.543049][T17036] Call Trace: [ 792.543078][T17036] [ 792.543091][T17036] dump_stack_lvl+0x100/0x190 [ 792.543148][T17036] should_fail_ex.cold+0x5/0xa [ 792.543190][T17036] should_failslab+0xc2/0x120 [ 792.543226][T17036] __kmalloc_cache_noprof+0x7a/0x6f0 [ 792.543271][T17036] ? copy_time_ns+0xf6/0x800 [ 792.543315][T17036] copy_time_ns+0xf6/0x800 [ 792.543347][T17036] ? copy_cgroup_ns+0x71/0x970 [ 792.543391][T17036] create_new_namespaces+0x48a/0xac0 [ 792.543443][T17036] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 792.543485][T17036] ksys_unshare+0x473/0xad0 [ 792.543529][T17036] ? __pfx_ksys_unshare+0x10/0x10 [ 792.543587][T17036] __x64_sys_unshare+0x31/0x40 [ 792.543629][T17036] do_syscall_64+0x106/0xf80 [ 792.543669][T17036] ? clear_bhb_loop+0x40/0x90 [ 792.543713][T17036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.543748][T17036] RIP: 0033:0x7f3e39f9c799 [ 792.543775][T17036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 792.543807][T17036] RSP: 002b:00007f3e3ae75028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 792.543839][T17036] RAX: ffffffffffffffda RBX: 00007f3e3a216090 RCX: 00007f3e39f9c799 [ 792.543861][T17036] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 792.543881][T17036] RBP: 00007f3e3a032bd9 R08: 0000000000000000 R09: 0000000000000000 [ 792.543902][T17036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.543923][T17036] R13: 00007f3e3a216128 R14: 00007f3e3a216090 R15: 00007ffedf215738 [ 792.543968][T17036] [ 792.545076][ T9098] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 793.244955][ T5840] Bluetooth: hci1: command tx timeout [ 793.374330][ T9098] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 793.686180][T17019] bridge0: port 1(bridge_slave_0) entered blocking state [ 793.704045][T17019] bridge0: port 1(bridge_slave_0) entered disabled state [ 793.741303][T17019] bridge_slave_0: entered allmulticast mode [ 793.757741][T17019] bridge_slave_0: entered promiscuous mode [ 793.944450][ T9098] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 794.090738][T17019] bridge0: port 2(bridge_slave_1) entered blocking state [ 794.126705][T17053] snd_aloop snd_aloop.0: Parsing timer source '"' failed with -22 [ 794.135053][T17019] bridge0: port 2(bridge_slave_1) entered disabled state [ 794.153405][T17019] bridge_slave_1: entered allmulticast mode [ 794.267616][T17019] bridge_slave_1: entered promiscuous mode [ 795.333547][ T5840] Bluetooth: hci1: command tx timeout [ 795.460471][T17019] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 795.554976][T17019] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 796.156695][T17019] team0: Port device team_slave_0 added [ 796.176890][T17019] team0: Port device team_slave_1 added [ 796.397086][T17019] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 796.413468][T17019] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 796.481114][T17019] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 796.515961][T17019] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 796.523056][T17019] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 796.591458][T17019] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 796.794497][ T9098] bridge_slave_0: left allmulticast mode [ 796.803285][ T9098] bridge_slave_0: left promiscuous mode [ 796.824654][ T9098] bridge0: port 1(bridge_slave_0) entered disabled state [ 796.907456][T17066] FAULT_INJECTION: forcing a failure. [ 796.907456][T17066] name failslab, interval 1, probability 0, space 0, times 0 [ 796.924603][T17066] CPU: 0 UID: 0 PID: 17066 Comm: syz.2.2453 Tainted: G U L syzkaller #0 PREEMPT(full) [ 796.924661][T17066] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 796.924671][T17066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 796.924687][T17066] Call Trace: [ 796.924697][T17066] [ 796.924707][T17066] dump_stack_lvl+0x100/0x190 [ 796.924751][T17066] should_fail_ex.cold+0x5/0xa [ 796.924782][T17066] should_failslab+0xc2/0x120 [ 796.924808][T17066] __kmalloc_cache_noprof+0x7a/0x6f0 [ 796.924842][T17066] ? copy_time_ns+0xf6/0x800 [ 796.924873][T17066] copy_time_ns+0xf6/0x800 [ 796.924897][T17066] ? copy_cgroup_ns+0x71/0x970 [ 796.924929][T17066] create_new_namespaces+0x48a/0xac0 [ 796.924963][T17066] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 796.924993][T17066] ksys_unshare+0x473/0xad0 [ 796.925028][T17066] ? __pfx_ksys_unshare+0x10/0x10 [ 796.925079][T17066] __x64_sys_unshare+0x31/0x40 [ 796.925111][T17066] do_syscall_64+0x106/0xf80 [ 796.925142][T17066] ? clear_bhb_loop+0x40/0x90 [ 796.925174][T17066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 796.925201][T17066] RIP: 0033:0x7f447899c799 [ 796.925222][T17066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 796.925247][T17066] RSP: 002b:00007f44797a2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 796.925285][T17066] RAX: ffffffffffffffda RBX: 00007f4478c16090 RCX: 00007f447899c799 [ 796.925302][T17066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 796.925317][T17066] RBP: 00007f4478a32bd9 R08: 0000000000000000 R09: 0000000000000000 [ 796.925333][T17066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 796.925348][T17066] R13: 00007f4478c16128 R14: 00007f4478c16090 R15: 00007ffc04e7bf78 [ 796.925379][T17066] [ 797.413988][ T5840] Bluetooth: hci1: command tx timeout [ 798.115484][ T9098] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 798.141868][ T9098] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 798.162769][ T9098] bond0 (unregistering): Released all slaves [ 798.193294][T17019] hsr_slave_0: entered promiscuous mode [ 798.214080][T17019] hsr_slave_1: entered promiscuous mode [ 798.249718][T17019] debugfs: 'hsr0' already exists in 'hsr' [ 798.283056][T17019] Cannot create hsr debugfs directory [ 798.614592][T17082] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2457'. [ 799.499857][ T5840] Bluetooth: hci1: command tx timeout [ 799.835609][ T9098] hsr_slave_0: left promiscuous mode [ 799.860831][ T9098] hsr_slave_1: left promiscuous mode [ 799.889008][ T9098] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 799.927030][ T9098] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 799.991748][ T9098] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 800.012399][ T9098] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 800.082222][ T9098] veth0_macvtap: left promiscuous mode [ 800.082337][ T9098] veth1_vlan: left promiscuous mode [ 800.082429][ T9098] veth0_vlan: left promiscuous mode [ 800.515864][ T9098] team0 (unregistering): Port device team_slave_1 removed [ 800.566230][ T9098] team0 (unregistering): Port device team_slave_0 removed [ 801.991544][T17131] FAULT_INJECTION: forcing a failure. [ 801.991544][T17131] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 802.074118][T17131] CPU: 1 UID: 0 PID: 17131 Comm: syz.3.2462 Tainted: G U L syzkaller #0 PREEMPT(full) [ 802.074171][T17131] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 802.074185][T17131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 802.074213][T17131] Call Trace: [ 802.074224][T17131] [ 802.074236][T17131] dump_stack_lvl+0x100/0x190 [ 802.074289][T17131] should_fail_ex.cold+0x5/0xa [ 802.074327][T17131] _copy_from_user+0x2e/0xd0 [ 802.074379][T17131] generic_map_update_batch+0x452/0x800 [ 802.074425][T17131] ? __pfx_generic_map_update_batch+0x10/0x10 [ 802.074459][T17131] ? find_held_lock+0x2b/0x80 [ 802.074487][T17131] ? __might_fault+0xc5/0x140 [ 802.074530][T17131] ? __might_fault+0xc5/0x140 [ 802.074579][T17131] ? __pfx_generic_map_update_batch+0x10/0x10 [ 802.074615][T17131] bpf_map_do_batch+0x66f/0x6d0 [ 802.074668][T17131] __sys_bpf+0x302/0x4b90 [ 802.074710][T17131] ? __pfx___sys_bpf+0x10/0x10 [ 802.074745][T17131] ? proc_fail_nth_write+0x9f/0x220 [ 802.074784][T17131] ? find_held_lock+0x2b/0x80 [ 802.074825][T17131] ? rcu_read_lock_any_held+0x6a/0xa0 [ 802.074878][T17131] ? vfs_write+0x15d/0x1070 [ 802.074932][T17131] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 802.074976][T17131] ? __pfx_vfs_write+0x10/0x10 [ 802.075028][T17131] ? do_sys_openat2+0x157/0x1e0 [ 802.075093][T17131] ? ksys_write+0x1ac/0x250 [ 802.075144][T17131] ? __pfx_ksys_write+0x10/0x10 [ 802.075210][T17131] __x64_sys_bpf+0x7b/0xc0 [ 802.075247][T17131] ? lockdep_hardirqs_on+0x78/0x100 [ 802.075287][T17131] do_syscall_64+0x106/0xf80 [ 802.075325][T17131] ? clear_bhb_loop+0x40/0x90 [ 802.075366][T17131] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.075401][T17131] RIP: 0033:0x7fbf9639c799 [ 802.075429][T17131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 802.075461][T17131] RSP: 002b:00007fbf972ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 802.075494][T17131] RAX: ffffffffffffffda RBX: 00007fbf96615fa0 RCX: 00007fbf9639c799 [ 802.075519][T17131] RDX: 0000000000000092 RSI: 0000200000000380 RDI: 000000000000001a [ 802.075539][T17131] RBP: 00007fbf972ad090 R08: 0000000000000000 R09: 0000000000000000 [ 802.075561][T17131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 802.075582][T17131] R13: 00007fbf96616038 R14: 00007fbf96615fa0 R15: 00007ffe17895788 [ 802.075626][T17131] [ 802.434057][T17019] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 802.514820][T17019] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 802.616922][T17019] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 802.627997][T17139] FAULT_INJECTION: forcing a failure. [ 802.627997][T17139] name failslab, interval 1, probability 0, space 0, times 0 [ 802.659781][T17019] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 802.711174][T17139] CPU: 1 UID: 0 PID: 17139 Comm: syz.3.2464 Tainted: G U L syzkaller #0 PREEMPT(full) [ 802.711229][T17139] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 802.711239][T17139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 802.711255][T17139] Call Trace: [ 802.711265][T17139] [ 802.711276][T17139] dump_stack_lvl+0x100/0x190 [ 802.711361][T17139] should_fail_ex.cold+0x5/0xa [ 802.711401][T17139] ? __register_sysctl_table+0xbe4/0x1650 [ 802.711457][T17139] should_failslab+0xc2/0x120 [ 802.711496][T17139] __kmalloc_noprof+0xe0/0x850 [ 802.711558][T17139] __register_sysctl_table+0xbe4/0x1650 [ 802.711624][T17139] ? __pfx___register_sysctl_table+0x10/0x10 [ 802.711692][T17139] ? rcu_is_cpu_rrupt_from_idle+0x1f1/0x270 [ 802.711754][T17139] ? __asan_memcpy+0x3c/0x60 [ 802.711808][T17139] register_pidns_sysctls+0x11d/0x1c0 [ 802.711859][T17139] ? __ns_common_init+0x299/0x4b0 [ 802.711905][T17139] copy_pid_ns+0x680/0x10a0 [ 802.711948][T17139] ? __pfx_copy_pid_ns+0x10/0x10 [ 802.711992][T17139] ? rcu_is_watching+0x12/0xc0 [ 802.712047][T17139] ? copy_mnt_ns+0x106/0xc30 [ 802.712088][T17139] ? create_new_namespaces+0x30/0xac0 [ 802.712133][T17139] create_new_namespaces+0x2aa/0xac0 [ 802.712180][T17139] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 802.712222][T17139] ksys_unshare+0x473/0xad0 [ 802.712257][T17139] ? __pfx_ksys_unshare+0x10/0x10 [ 802.712300][T17139] __x64_sys_unshare+0x31/0x40 [ 802.712332][T17139] do_syscall_64+0x106/0xf80 [ 802.712362][T17139] ? clear_bhb_loop+0x40/0x90 [ 802.712394][T17139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 802.712420][T17139] RIP: 0033:0x7fbf9639c799 [ 802.712441][T17139] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 802.712466][T17139] RSP: 002b:00007fbf972ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 802.712491][T17139] RAX: ffffffffffffffda RBX: 00007fbf96615fa0 RCX: 00007fbf9639c799 [ 802.712508][T17139] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 802.712524][T17139] RBP: 00007fbf96432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 802.712541][T17139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 802.712557][T17139] R13: 00007fbf96616038 R14: 00007fbf96615fa0 R15: 00007ffe17895788 [ 802.712590][T17139] [ 802.712611][T17139] sysctl could not get directory: /kernel -12 [ 803.419645][T17019] 8021q: adding VLAN 0 to HW filter on device bond0 [ 803.541867][T17019] 8021q: adding VLAN 0 to HW filter on device team0 [ 803.610748][ T9098] bridge0: port 1(bridge_slave_0) entered blocking state [ 803.618055][ T9098] bridge0: port 1(bridge_slave_0) entered forwarding state [ 803.711323][ T9098] bridge0: port 2(bridge_slave_1) entered blocking state [ 803.718630][ T9098] bridge0: port 2(bridge_slave_1) entered forwarding state [ 803.934028][T17019] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 804.731394][T17019] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 804.885317][T17019] veth0_vlan: entered promiscuous mode [ 804.978984][T17019] veth1_vlan: entered promiscuous mode [ 805.115436][T17019] veth0_macvtap: entered promiscuous mode [ 805.361835][T17019] veth1_macvtap: entered promiscuous mode [ 805.522499][T17019] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 805.596223][T17019] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 805.670862][ T3038] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.690926][ T3038] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.926545][T17194] FAULT_INJECTION: forcing a failure. [ 805.926545][T17194] name failslab, interval 1, probability 0, space 0, times 0 [ 805.951727][ T3038] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.974251][ T3038] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 805.991919][T17194] CPU: 1 UID: 0 PID: 17194 Comm: syz.3.2470 Tainted: G U L syzkaller #0 PREEMPT(full) [ 805.991962][T17194] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 805.991972][T17194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 805.991987][T17194] Call Trace: [ 805.991995][T17194] [ 805.992005][T17194] dump_stack_lvl+0x100/0x190 [ 805.992047][T17194] should_fail_ex.cold+0x5/0xa [ 805.992075][T17194] should_failslab+0xc2/0x120 [ 805.992100][T17194] __kmalloc_cache_noprof+0x7a/0x6f0 [ 805.992130][T17194] ? create_filter_start.constprop.0+0x1c4/0x310 [ 805.992168][T17194] ? __asan_memcpy+0x3c/0x60 [ 805.992205][T17194] create_filter_start.constprop.0+0x1c4/0x310 [ 805.992246][T17194] apply_subsystem_event_filter+0x188/0x17d0 [ 805.992289][T17194] ? __might_fault+0xc5/0x140 [ 805.992324][T17194] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 805.992368][T17194] ? _copy_from_user+0x59/0xd0 [ 805.992411][T17194] ? __pfx_subsystem_filter_write+0x10/0x10 [ 805.992446][T17194] subsystem_filter_write+0x95/0x120 [ 805.992490][T17194] vfs_writev+0x5ea/0xe10 [ 805.992526][T17194] ? rcu_is_watching+0x12/0xc0 [ 805.992570][T17194] ? __pfx_vfs_writev+0x10/0x10 [ 805.992603][T17194] ? fdget_pos+0x2aa/0x380 [ 805.992628][T17194] ? find_held_lock+0x2b/0x80 [ 805.992668][T17194] ? __fget_files+0x21f/0x3d0 [ 805.992696][T17194] ? do_writev+0x13e/0x340 [ 805.992729][T17194] do_writev+0x13e/0x340 [ 805.992765][T17194] ? __pfx_do_writev+0x10/0x10 [ 805.992809][T17194] do_syscall_64+0x106/0xf80 [ 805.992838][T17194] ? clear_bhb_loop+0x40/0x90 [ 805.992867][T17194] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 805.992891][T17194] RIP: 0033:0x7fbf9639c799 [ 805.992911][T17194] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 805.992934][T17194] RSP: 002b:00007fbf972ad028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 805.992962][T17194] RAX: ffffffffffffffda RBX: 00007fbf96615fa0 RCX: 00007fbf9639c799 [ 805.992978][T17194] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000003 [ 805.992993][T17194] RBP: 00007fbf972ad090 R08: 0000000000000000 R09: 0000000000000000 [ 805.993042][T17194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 805.993056][T17194] R13: 00007fbf96616038 R14: 00007fbf96615fa0 R15: 00007ffe17895788 [ 805.993088][T17194] [ 806.318997][T17188] ERROR: Out of memory at tomoyo_memory_ok. [ 806.426191][ T3038] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.493768][ T3038] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 806.633215][ T5840] Bluetooth: hci4: ACL packet for unknown connection handle 0 [ 806.680381][ T3038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 806.737605][ T3038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 807.796694][T17205] ------------[ cut here ]------------ [ 807.802843][T17205] !reader [ 807.802899][T17205] WARNING: kernel/trace/ring_buffer.c:7386 at ring_buffer_map_get_reader+0x659/0x880, CPU#1: syz.3.2472/17205 [ 807.817584][T17205] Modules linked in: [ 807.822124][T17205] CPU: 1 UID: 0 PID: 17205 Comm: syz.3.2472 Tainted: G U L syzkaller #0 PREEMPT(full) [ 807.833122][T17205] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 807.838366][T17205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 807.848458][T17205] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 807.855184][T17205] Code: ff e8 eb d6 fb ff 48 8d 3d d4 55 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 c8 d6 fb ff 90 <0f> 0b 90 e8 bf d6 fb ff 48 89 df 31 db e8 b5 11 fe ff 48 8b 74 24 [ 807.874835][T17205] RSP: 0018:ffffc9000539fd90 EFLAGS: 00010083 [ 807.881076][T17205] RAX: 000000000000079b RBX: ffff88813fea5000 RCX: ffffc9001af92000 [ 807.889111][T17205] RDX: 0000000000080000 RSI: ffffffff820c3a78 RDI: ffff88803623db80 [ 807.897146][T17205] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 807.905223][T17205] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 807.913779][T17205] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 807.921818][T17205] FS: 00007fbf9726b6c0(0000) GS:ffff88812444e000(0000) knlGS:0000000000000000 [ 807.930820][T17205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 807.937471][T17205] CR2: 0000001b34da9ff8 CR3: 0000000077ebc000 CR4: 00000000003526f0 [ 807.945602][T17205] Call Trace: [ 807.948953][T17205] [ 807.951961][T17205] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 807.958657][T17205] ? __fget_files+0x21f/0x3d0 [ 807.963414][T17205] tracing_buffers_ioctl+0x30d/0x400 [ 807.968775][T17205] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 807.974659][T17205] __x64_sys_ioctl+0x18e/0x210 [ 807.979511][T17205] do_syscall_64+0x106/0xf80 [ 807.984172][T17205] ? clear_bhb_loop+0x40/0x90 [ 807.988933][T17205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.994980][T17205] RIP: 0033:0x7fbf9639c799 [ 807.999448][T17205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 808.019820][T17205] RSP: 002b:00007fbf9726b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 808.028306][T17205] RAX: ffffffffffffffda RBX: 00007fbf96616180 RCX: 00007fbf9639c799 [ 808.036344][T17205] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 808.044550][T17205] RBP: 00007fbf96432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 808.052551][T17205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 808.060547][T17205] R13: 00007fbf96616218 R14: 00007fbf96616180 R15: 00007ffe17895788 [ 808.068817][T17205] [ 808.071902][T17205] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 808.079232][T17205] CPU: 1 UID: 0 PID: 17205 Comm: syz.3.2472 Tainted: G U L syzkaller #0 PREEMPT(full) [ 808.090222][T17205] Tainted: [U]=USER, [L]=SOFTLOCKUP [ 808.095425][T17205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 808.105494][T17205] Call Trace: [ 808.108784][T17205] [ 808.111725][T17205] dump_stack_lvl+0x100/0x190 [ 808.116436][T17205] vpanic+0x552/0x970 [ 808.120436][T17205] ? __pfx_vpanic+0x10/0x10 [ 808.124971][T17205] panic+0xd1/0xe0 [ 808.128716][T17205] ? __pfx_panic+0x10/0x10 [ 808.133188][T17205] check_panic_on_warn.cold+0x19/0x34 [ 808.138605][T17205] ? ring_buffer_map_get_reader+0x659/0x880 [ 808.144579][T17205] __warn.cold+0x191/0x348 [ 808.149033][T17205] __report_bug+0x296/0x3d0 [ 808.153671][T17205] ? ring_buffer_map_get_reader+0x659/0x880 [ 808.159643][T17205] ? __pfx___report_bug+0x10/0x10 [ 808.164712][T17205] ? add_lock_to_list+0x99/0x110 [ 808.169712][T17205] ? lockdep_unlock+0x5a/0xc0 [ 808.174415][T17205] ? rb_set_head_page+0x1e6/0x2f0 [ 808.179486][T17205] ? ring_buffer_map_get_reader+0x659/0x880 [ 808.185588][T17205] report_bug+0xb2/0x220 [ 808.189851][T17205] ? ring_buffer_map_get_reader+0x659/0x880 [ 808.195779][T17205] handle_bug+0x16a/0x2a0 [ 808.200133][T17205] exc_invalid_op+0x17/0x50 [ 808.204682][T17205] asm_exc_invalid_op+0x1a/0x20 [ 808.209559][T17205] RIP: 0010:ring_buffer_map_get_reader+0x659/0x880 [ 808.216129][T17205] Code: ff e8 eb d6 fb ff 48 8d 3d d4 55 d1 0e 4c 89 fe 67 48 0f b9 3a e9 e0 fc ff ff 4c 8b 7c 24 58 4c 8b 74 24 60 e8 c8 d6 fb ff 90 <0f> 0b 90 e8 bf d6 fb ff 48 89 df 31 db e8 b5 11 fe ff 48 8b 74 24 [ 808.235792][T17205] RSP: 0018:ffffc9000539fd90 EFLAGS: 00010083 [ 808.241893][T17205] RAX: 000000000000079b RBX: ffff88813fea5000 RCX: ffffc9001af92000 [ 808.249905][T17205] RDX: 0000000000080000 RSI: ffffffff820c3a78 RDI: ffff88803623db80 [ 808.257929][T17205] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 808.266097][T17205] R10: 0000000000000000 R11: ffff88813fea50b0 R12: ffff88813fea50b0 [ 808.274115][T17205] R13: dffffc0000000000 R14: ffff88813fea5190 R15: ffff88813fea5018 [ 808.282116][T17205] ? ring_buffer_map_get_reader+0x658/0x880 [ 808.288090][T17205] ? __pfx_ring_buffer_map_get_reader+0x10/0x10 [ 808.294373][T17205] ? __fget_files+0x21f/0x3d0 [ 808.299223][T17205] tracing_buffers_ioctl+0x30d/0x400 [ 808.304596][T17205] ? __pfx_tracing_buffers_ioctl+0x10/0x10 [ 808.310451][T17205] __x64_sys_ioctl+0x18e/0x210 [ 808.315284][T17205] do_syscall_64+0x106/0xf80 [ 808.319913][T17205] ? clear_bhb_loop+0x40/0x90 [ 808.324617][T17205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 808.330533][T17205] RIP: 0033:0x7fbf9639c799 [ 808.334985][T17205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 808.355492][T17205] RSP: 002b:00007fbf9726b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 808.363934][T17205] RAX: ffffffffffffffda RBX: 00007fbf96616180 RCX: 00007fbf9639c799 [ 808.371922][T17205] RDX: 0000000000000000 RSI: 0000000000005220 RDI: 000000000000000a [ 808.379914][T17205] RBP: 00007fbf96432bd9 R08: 0000000000000000 R09: 0000000000000000 [ 808.387909][T17205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 808.395908][T17205] R13: 00007fbf96616218 R14: 00007fbf96616180 R15: 00007ffe17895788 [ 808.403916][T17205] [ 808.407630][T17205] Kernel Offset: disabled [ 808.412006][T17205] Rebooting in 86400 seconds..