last executing test programs: 8.36430851s ago: executing program 0 (id=1777): close_range$auto(0x2, 0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x9c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_FRAME_MATCH={0x80, 0x5b, "f78de77baf51f33c831d7813fb5b080d0ef0125d1e0e38108a3a8ded0315a16f758dbc13040e4de6b9726e259ab01664c6b68d8fc3f8bb4c224bd30b22aa249c2e77229064d0a4ce336bb34063b7ca438a06ae7d26e6a8c31270e2b05e1ebd4dd22efc443ddf1230f36d0c5c3e59802b305beea33f792eabf4d50076"}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}]}, 0x9c}, 0x1, 0x0, 0x0, 0x8000}, 0x1) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media1\x00', 0x22001, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x12, 0x7, 0x28000) io_uring_setup$auto(0x86, 0x0) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x4004820) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0xc208ae62, 0x38) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x900, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/bond_slave_0/unres_qlen\x00', 0x189302, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x11, 0xa, 0x9) close_range$auto(0x2, 0xa, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x202002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x101000, 0x0) ioctl$auto(0x3, 0x400c4d09, r3) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, &(0x7f00000001c0)="cc", 0x1) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@l2={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8a0}, 0x3) ioctl$auto(0x3, 0x8010aebc, r1) read$auto_cgwb_debug_stats_fops_(0xffffffffffffffff, 0x0, 0x0) 8.205749943s ago: executing program 0 (id=1778): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 7.588316049s ago: executing program 1 (id=1780): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1e, 0x805, 0x0) r2 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$auto_NFC_CMD_DISABLE_SE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="37bf3a07b3ccc7a68818ac00dfb188e1367113a8f857d477218f2c997dd5e05154fd4d96cf91ad8096cf4b25e798e9e62423e60a1c4d6e9be3be76468960f9ff6b21ce191886ad2fcceadbd41313e6d1ef7d7b7feb0dd1304d171bd739577f14e6cd3c17", @ANYRES16=r2, @ANYRESHEX=0x0, @ANYRESOCT=r1], 0x2c}, 0x1, 0x0, 0x0, 0x20008094}, 0x0) sendmsg$auto_NFC_CMD_DEP_LINK_UP(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r2, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NFC_ATTR_RF_MODE={0x5, 0xb, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x4000000) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) 7.45777381s ago: executing program 3 (id=1781): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 6.874639074s ago: executing program 0 (id=1790): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 6.870085275s ago: executing program 1 (id=1791): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 5.355089167s ago: executing program 3 (id=1783): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 5.352829722s ago: executing program 0 (id=1793): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r3 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(r3, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 5.352170014s ago: executing program 1 (id=1784): waitid$auto(0x8, 0xffffffffffffffff, 0x0, 0x3, &(0x7f0000000180)={{0xfffffffffffffff9, 0x80}, {0x2, 0x6}, 0x237, 0x5, 0x4, 0x3, 0x0, 0x8000, 0x80000000, 0x7, 0x1, 0x5d9, 0x5, 0x7ff, 0x2055}) mmap$auto(0x2, 0x400008, 0xdf, 0x9b72, 0x2, 0x10000000008000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x5, 0x0) accept$auto(r0, 0xffffffffffffffff, 0xfffffffffffffffd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) pread64$auto(0xffffffffffffffff, 0x0, 0x200000000003, 0x2f4a3a23) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/conf/ip6_vti0/stable_secret\x00', 0x2, 0x0) writev$auto(r1, &(0x7f0000000300)={0x0, 0x200}, 0x3) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) sendfile$auto(0xffffffffffffffff, r2, 0x0, 0x10000) close_range$auto(0x2, 0x8, 0x0) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) bpf$auto(0x12, 0x0, 0x26) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x60742, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x89e0, 0x38) 4.610094126s ago: executing program 1 (id=1786): r0 = ioctl$auto_NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) r1 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f00000000c0), r0) swapoff$auto(&(0x7f0000000000)='/sys/kernel/debug/tracing/prin|k_formats\x00') r2 = syz_clone(0x5000400, 0x0, 0x0, 0x0, 0x0, 0x0) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000080)={0x4, 0x2, 0x9b, 0x6, 0x1, 0xa, "7c9a"}, 0xfffffffb, 0x72a4, 0xd) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000001c80)='/dev/fb0\x00', 0x20401, 0x0) r3 = ioctl$auto_TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000080)=0x21) setpgid$auto(r2, r2) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/pci0000:00/0000:00:01.3/d3cold_allowed\x00', 0xb02, 0x0) sendfile$auto(r4, r4, 0x0, 0x8) wait4$auto(0x0, 0x0, 0x80000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x0, 0x0) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video22\x00', 0xc0c02, 0x0) ioctl$auto(r5, 0xc0045543, r6) symlink$auto(&(0x7f00000020c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000000)='./file0\x00') ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) utime$auto(&(0x7f0000000000)='./file0\x00', 0x0) clone3$auto(&(0x7f0000000140)={0x8, 0x86a7, 0xffffffff, 0xffffffff, 0x11, 0x6, 0x2, 0x40ac, 0x0, 0x2, 0xe}, 0x0) r7 = socket(0x11, 0x3, 0x9) sendmsg$auto_OVS_FLOW_CMD_GET(r7, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000001c0)={&(0x7f00000002c0)={0x1c4, r1, 0x600, 0x70bd29, 0x25dfdbfe, {}, [@OVS_FLOW_ATTR_UFID_FLAGS={0x8, 0xa, 0x5}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0x1c}, @OVS_FLOW_ATTR_MASK={0x198, 0x7, 0x0, 0x1, [@nested={0x194, 0x77, 0x0, 0x1, [@generic="2ab6270064de3c7c81c2ce2343181e39d2b54e9b129cac5f45897701f0f88085b5e0e5e19ffa3b3c6b0caeb903ec3f9362401b120263e4770fd4fe2c31f2dd8e437f8b6d0634dd9bd6a8a0d8", @typed={0x8, 0xfe, 0x0, 0x0, @uid}, @typed={0x4e, 0xee, 0x0, 0x0, @binary="a6ad7a7cddcafbd68b59b00cab1200a4ab0458edfa5075d51e57aab310308b2b801ad1ae15b87dcf2bd5c9f5548c7d102345a7c13c7239e358024e42f1d22dee72e798435e70ef53bd4d"}, @nested={0x4, 0x87}, @nested={0xe8, 0x15, 0x0, 0x1, [@nested={0x4, 0x12}, @nested={0x4, 0xbf}, @nested={0x4, 0x13a}, @typed={0x4, 0xe5}, @typed={0xc8, 0x156, 0x0, 0x0, @binary="7756a61d61c4e712fb9bff6afb828e4f26aff3aa2eef3ab5d53ec284bbf42dc0c5e43e25807db769c3321fd71180ae2cf015bcf455cad04bdd518372fe7aa3d8f7dd862115c83eeb1fee35b25024b6938a0fa0f516e83ea98bc004e29190d57d21c74a40baa0196f27be0a1bb560f8ed6739f02ace52bb5351248c30be7c43a2e1a1f0417f8d64a0e74acec8b55f07130fab3ac87733281c14408335ce6d20135f1dc3cf559a7b5356e121b9c3e8a2cff67efaa38bb324bf0000d54ffd13c1088203421f"}, @nested={0x4, 0x80}, @nested={0x4, 0x3e}, @nested={0x4, 0xe5}]}]}]}, @OVS_FLOW_ATTR_UFID={0x5, 0x9, 0xf8}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x8005}, 0x8000) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) r8 = open(&(0x7f0000000100)='.\x00', 0x595082, 0x0) write$auto(r8, 0x0, 0xfffffdf1) fcntl$auto_F_ADD_SEALS(r8, 0x409, 0x9) linkat$auto(r8, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) mprotect$auto(0x0, 0x8000000000000001, 0x8) mmap$auto(0x0, 0x3fffff, 0x7, 0x11, 0xdd, 0x0) 3.003844269s ago: executing program 3 (id=1789): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 3.001491161s ago: executing program 2 (id=1792): r0 = socket(0x10, 0x2, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffff6, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x163340, 0x2a) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f0000000140)=@qipcrtr={0x2a, 0x1}, 0x57) sendmsg$auto_NL80211_CMD_SET_COALESCE(r0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/advisor_target_scan_time\x00', 0x201, 0x0) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/oom_adj\x00', 0x300, 0x0) read$auto(r5, 0x0, 0x1f40) write$auto(r4, 0x0, 0xfdef) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r2, &(0x7f0000002740)={0x0, 0x0, &(0x7f0000002700)={&(0x7f0000003a80)={0x40, r3, 0x401, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x2c, 0x1, 0x0, 0x1, [@nested={0x28, 0x1, 0x0, 0x1, [@typed={0xc, 0x6, 0x0, 0x0, @u64=0xffffffffffffffff}, @nested={0x4, 0x111}, @nested={0x4, 0x124, 0x0, 0x1, [@generic]}, @typed={0x8, 0x4e, 0x0, 0x0, @uid}, @typed={0x8, 0x134, 0x0, 0x0, @pid}]}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x2400c001}, 0x8000) 2.890049924s ago: executing program 2 (id=1794): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1ed", 0x24) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) waitid$auto_P_ALL(0x0, 0xe, &(0x7f0000000340)={@siginfo_0_0={0xe, 0x2, 0x1, @_sigsys={&(0x7f0000000240)="42b0c89670754d7c136b96b4a66c46a06b2ae30d2dc311827926354870ae18e520c9942cbb727ad9d1004e7ceee0f6528c08e4a11a907dedfe0538dbebd0a46638745a821ec33e749a9a2aefe289a8627446ad2bec1f96856715ac9d7759f01cb6f2daa5a180150a28620b407b9969", 0x2, 0x3}}}, 0x3e, &(0x7f00000003c0)={{0x9, 0xefd}, {0x4, 0x7}, 0x0, 0xfffffffffffffffb, 0x3ff, 0x8101, 0xc, 0xf3, 0x1, 0xd, 0x4, 0x5, 0xfffc, 0x8001, 0xc}) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) dup2$auto(0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x0, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) 2.750715992s ago: executing program 1 (id=1795): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 1.905868359s ago: executing program 2 (id=1796): close_range$auto(0x2, 0xffffffffffffffff, 0x0) sendmsg$auto_NL80211_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x9c, 0x0, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_FRAME_MATCH={0x80, 0x5b, "f78de77baf51f33c831d7813fb5b080d0ef0125d1e0e38108a3a8ded0315a16f758dbc13040e4de6b9726e259ab01664c6b68d8fc3f8bb4c224bd30b22aa249c2e77229064d0a4ce336bb34063b7ca438a06ae7d26e6a8c31270e2b05e1ebd4dd22efc443ddf1230f36d0c5c3e59802b305beea33f792eabf4d50076"}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x9}]}, 0x9c}, 0x1, 0x0, 0x0, 0x8000}, 0x1) openat$auto_media_devnode_fops_mc_devnode(0xffffffffffffff9c, &(0x7f0000000040)='/dev/media1\x00', 0x22001, 0x0) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0xc0b, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xb, 0x1, 0xced80000000000, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x12, 0x7, 0x28000) io_uring_setup$auto(0x86, 0x0) sendmsg$auto_IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x4004820) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0xffffffffffffffff) ioctl$auto(0x3, 0xc208ae62, 0x38) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x202, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/fail-nth\x00', 0x900, 0x0) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/bond_slave_0/unres_qlen\x00', 0x189302, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = socket(0x11, 0xa, 0x9) close_range$auto(0x2, 0xa, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x202002, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x101000, 0x0) ioctl$auto(0x3, 0x400c4d09, r3) write$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffffff, &(0x7f00000001c0)="cc", 0x1) bind$auto(0xffffffffffffffff, &(0x7f0000000100)=@l2={0x1f, 0x7, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8a0}, 0x3) ioctl$auto(0x3, 0x8010aebc, r1) read$auto_cgwb_debug_stats_fops_(0xffffffffffffffff, 0x0, 0x0) 1.905083092s ago: executing program 0 (id=1804): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto_sg_fops_sg(0xffffffffffffffff, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1ed", 0x24) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) waitid$auto_P_ALL(0x0, 0xe, &(0x7f0000000340)={@siginfo_0_0={0xe, 0x2, 0x1, @_sigsys={&(0x7f0000000240)="42b0c89670754d7c136b96b4a66c46a06b2ae30d2dc311827926354870ae18e520c9942cbb727ad9d1004e7ceee0f6528c08e4a11a907dedfe0538dbebd0a46638745a821ec33e749a9a2aefe289a8627446ad2bec1f96856715ac9d7759f01cb6f2daa5a180150a28620b407b9969", 0x2, 0x3}}}, 0x3e, &(0x7f00000003c0)={{0x9, 0xefd}, {0x4, 0x7}, 0x0, 0xfffffffffffffffb, 0x3ff, 0x8101, 0xc, 0xf3, 0x1, 0xd, 0x4, 0x5, 0xfffc, 0x8001, 0xc}) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) dup2$auto(0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x0, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) fsmount$auto(0x4, 0x0, 0x200003) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) 1.453870718s ago: executing program 2 (id=1797): socket(0x2a, 0x2, 0x800009) r0 = getpid() r1 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) sendmsg$auto_BATADV_CMD_SET_MESH(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002e9c24bb9745a29f0000380652f1640be4861e9e637be9cfbd3fde56687ec67e0e79e51fbdfb7e636c571277", @ANYRES32=r3, @ANYBLOB="05003800000000000500330009000000140007006e65747063693000000000000000000005002f0000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/bus/usb-serial/drivers/xsens_mt/new_id\x00', 0x800, 0x0) read$auto(r4, 0x0, 0x20) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_entries_fops_trace(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/per_cpu/cpu1/buffer_size_kb\x00', 0x10bb01, 0x0) mmap$auto(0x0, 0x2020005, 0x2, 0x13, 0xfffffffffffffffa, 0x8000) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) execve$auto(&(0x7f0000000000)=':,\x00', 0x0, 0x0) r5 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_CT_LIMIT_CMD_DEL(r5, 0x0, 0x4000048) pipe2$auto(0x0, 0x80) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/fail-nth\x00', 0x129842, 0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r7, 0x0, 0x20) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x5) mknod$auto(0x0, 0x2, 0x6) r8 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r8, 0x40085112, &(0x7f0000000240)="081c55f6") process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f0000000040), 0xffffffff}, 0xa, 0x7f92) setresuid$auto(0x0, 0x8, 0x8000) ioprio_set$auto(0x3, 0x0, 0x4b34) ioctl$auto_SNDCTL_SYNTH_INFO(r8, 0xc08c5102, &(0x7f0000000040)="ed4cc16a9b9f87dfa6a275631fa124ea7df0a5de670be3de475d990533b154fa71c670da1add7b7d1af73e733da45e4958c1b6d3d52dc39684e8b60a95b63e2706") 1.382429973s ago: executing program 3 (id=1798): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x50) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x700, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x2, 0x0) write$auto_sg_fops_sg(r0, &(0x7f0000001380)="4a0200000000040000899edb615550fd8c44924d87f0010047eb02eff5d2adc245a4e1ed", 0x24) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x801, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0xe8, 0x9, 0x2, 0x1, 0x5, 0x4, 0x15f4da0e, 0x8, 0x9, 0x100000000000000c, 0x8, 0x1, 0xfca, 0x9, 0x2, 0x4000000000000d]}, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) waitid$auto_P_ALL(0x0, 0xe, &(0x7f0000000340)={@siginfo_0_0={0xe, 0x2, 0x1, @_sigsys={&(0x7f0000000240)="42b0c89670754d7c136b96b4a66c46a06b2ae30d2dc311827926354870ae18e520c9942cbb727ad9d1004e7ceee0f6528c08e4a11a907dedfe0538dbebd0a46638745a821ec33e749a9a2aefe289a8627446ad2bec1f96856715ac9d7759f01cb6f2daa5a180150a28620b407b9969", 0x2, 0x3}}}, 0x3e, &(0x7f00000003c0)={{0x9, 0xefd}, {0x4, 0x7}, 0x0, 0xfffffffffffffffb, 0x3ff, 0x8101, 0xc, 0xf3, 0x1, 0xd, 0x4, 0x5, 0xfffc, 0x8001, 0xc}) io_uring_setup$auto(0x6, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) mmap$auto(0x0, 0x5, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x2, 0x9, 0x43, 0x0) dup2$auto(0x0, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0xffffffffffffffff, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) socket$nl_generic(0x10, 0x3, 0x10) sysfs$auto(0x2, 0x0, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xae00, 0x0) 993.785886ms ago: executing program 0 (id=1799): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/net/rxrpc/stats\x00', 0x401, 0x0) lseek$auto(0x3, 0x20000, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001d80)='/sys/devices/virtual/sound/ctl-led/speaker/card0/attach\x00', 0x1, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000003c0)='4', 0x1) getsockopt$auto_SO_RCVMARK(0xffffffffffffffff, 0x0, 0x4b, 0x0, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/veth0_virt_wifi/router_solicitation_interval\x00', 0x804000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, 0x0, 0x103003, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xe, 0x9, 0x5, 0x14, 0x944, 0x1ffe4, 0x3, 0x6, 0x4, 0x9, 0x400005, 0x4000fff, 0x8000007, 0x8001, 0xd, 0x5, 0x3, 0x4, 0x7, 0x20, 0x309, 0x8, 0x0, 0x7fffffff, 0x3, 0x0, 0x0, 0x78, 0x0, 0x0, [0x0, 0x0, 0x0, 0x200, 0x9, 0x0, 0x0, 0x4, 0xffffffffffffffff, 0x0, 0x0, 0x4000000000000, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x82, 0x800000000002, 0x9, 0x0, 0xbec, 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x10, 0xfffffffffffffffe, 0xffffffffffffd059, 0x0, 0x0, 0x0, 0x2961, 0x0, 0x2]}, 0x2001fb, 0x7f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r3 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1f00, &(0x7f0000000100)={0x0, 0xfdef}, 0x2, 0x0, 0x7, 0xa505}, 0x700}, 0x7, 0x4008) write$auto_proc_sys_file_operations_proc_sysctl(r1, 0x0, 0x0) 413.473461ms ago: executing program 2 (id=1800): socket(0x1e, 0x1, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) ioctl$auto_BTRFS_IOC_DEFAULT_SUBVOL(0xffffffffffffffff, 0x40089413, &(0x7f0000000100)=0x1) syz_clone3(&(0x7f0000000180)={0xa7102000, 0x0, 0x0, 0x0, {0x2a}, 0x0, 0x0, 0x0, &(0x7f0000000100), 0x2}, 0x58) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="5e00fbe18d073ba65c6df9cd1c8d10ea3ad6d7ac15"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x10001, &(0x7f0000000080)={&(0x7f0000000040), 0x1900}, 0x4, 0x0, 0x8, 0x7}, 0x7}, 0x5, 0x66a6, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x0) r1 = socket(0x2, 0x801, 0x106) r2 = getsockopt$auto(r1, 0x11c, 0x3, 0x0, 0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x101840, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r2, 0x541c, r2) 316.961472ms ago: executing program 3 (id=1801): mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000040)=0x8) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8000, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r2, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa00ffff8eac2cdafc1f64010043eeb0b053030001ffff000e00", @raw=0x5}, 0x4, 0x966, 0x3, @raw=0x404, @integer64={0x9, 0xeb1e, 0x34}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, 0x0) 102.175945ms ago: executing program 1 (id=1802): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) socket(0x2b, 0x1, 0x0) select$auto(0x804, 0x0, &(0x7f0000000100)={[0x9, 0x0, 0x0, 0x80000300, 0x1, 0x10000000, 0x2, 0x3, 0x81, 0x10000005e58296b, 0x1e, 0x9, 0x7ff, 0x200, 0x20000000008, 0x4000000000006]}, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/dummy_hcd.4/usb5/interface_authorized_default\x00', 0x10b002, 0x0) mmap$auto(0x0, 0x400005, 0xe1, 0x9a72, 0xffffffffffffffff, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/est_nice\x00', 0x80000, 0x0) umount2$auto(0x0, 0x3) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2020009, 0x3, 0x4000000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/mpls/platform_labels\x00', 0x101202, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@info={0xffffffffffffffff, 0x4, 0x1}, 0x171) madvise$auto(0x0, 0xffffffffffff0005, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x100008000, 0x1, 0x19) removexattrat$auto(r0, 0x0, 0x7, 0x0) 79.498813ms ago: executing program 2 (id=1803): socket(0xf, 0x3, 0x2) close_range$auto(0x0, 0x5, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b4d", 0xfdef) 0s ago: executing program 3 (id=1805): r0 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000140)='/dev/binderfs/binder1\x00', 0x0, 0x0) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) ioctl$auto_BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000000)="fc06c1f730b9d2867a8ba29f242cf38f59f712fcd917fee796") r1 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$auto_SO_PEEK_OFF(r1, 0x0, 0x2a, 0x0, 0x6) close_range$auto(0x0, 0xfffffffffffff000, 0x2) kernel console output (not intermixed with test programs): Compute Engine, BIOS Google 02/12/2026 [ 199.269112][ T7723] Call Trace: [ 199.269121][ T7723] [ 199.269132][ T7723] dump_stack_lvl+0x100/0x190 [ 199.269179][ T7723] should_fail_ex.cold+0x5/0xa [ 199.269212][ T7723] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 199.269242][ T7723] should_failslab+0xc2/0x120 [ 199.269273][ T7723] __kmalloc_noprof+0xe0/0x850 [ 199.269315][ T7723] ? trace_kmalloc+0x101/0x130 [ 199.269351][ T7723] kernfs_fop_write_iter+0x26a/0x5f0 [ 199.269389][ T7723] iter_file_splice_write+0x830/0x10a0 [ 199.269442][ T7723] ? __pfx_iter_file_splice_write+0x10/0x10 [ 199.269480][ T7723] ? __pfx_copy_splice_read+0x10/0x10 [ 199.269530][ T7723] ? __pfx_iter_file_splice_write+0x10/0x10 [ 199.269563][ T7723] direct_splice_actor+0x192/0x6c0 [ 199.269597][ T7723] splice_direct_to_actor+0x345/0xa30 [ 199.269630][ T7723] ? __pfx_direct_splice_actor+0x10/0x10 [ 199.269667][ T7723] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 199.269710][ T7723] do_splice_direct+0x174/0x240 [ 199.269749][ T7723] ? __pfx_do_splice_direct+0x10/0x10 [ 199.269780][ T7723] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 199.269834][ T7723] ? rw_verify_area+0xce/0x6d0 [ 199.269880][ T7723] do_sendfile+0xadc/0xe20 [ 199.269933][ T7723] ? __pfx_do_sendfile+0x10/0x10 [ 199.269978][ T7723] ? __fget_files+0x21f/0x3d0 [ 199.270018][ T7723] __x64_sys_sendfile64+0x1d8/0x220 [ 199.270049][ T7723] ? ksys_write+0x1ac/0x250 [ 199.270076][ T7723] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 199.270122][ T7723] do_syscall_64+0x106/0xf80 [ 199.270163][ T7723] ? clear_bhb_loop+0x40/0x90 [ 199.270199][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.270228][ T7723] RIP: 0033:0x7f530419c799 [ 199.270251][ T7723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 199.270277][ T7723] RSP: 002b:00007f5305115028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 199.270304][ T7723] RAX: ffffffffffffffda RBX: 00007f5304416090 RCX: 00007f530419c799 [ 199.270322][ T7723] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 199.270338][ T7723] RBP: 00007f5305115090 R08: 0000000000000000 R09: 0000000000000000 [ 199.270354][ T7723] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001 [ 199.270371][ T7723] R13: 00007f5304416128 R14: 00007f5304416090 R15: 00007ffe445a1ba8 [ 199.270412][ T7723] [ 199.493603][ T7658] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 199.542438][ T7658] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 199.610633][ T7658] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 200.144772][ T7658] hsr_slave_0: entered promiscuous mode [ 200.169493][ T7658] hsr_slave_1: entered promiscuous mode [ 200.198705][ T7658] debugfs: 'hsr0' already exists in 'hsr' [ 200.215786][ T7658] Cannot create hsr debugfs directory [ 200.913002][ T5144] Bluetooth: hci2: command tx timeout [ 201.061486][ T7761] netlink: 24 bytes leftover after parsing attributes in process `syz.1.460'. [ 201.614778][ T7658] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 201.638655][ T7658] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 201.669637][ T7658] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 201.702166][ T7658] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 202.217357][ T7658] 8021q: adding VLAN 0 to HW filter on device bond0 [ 202.321923][ T7658] 8021q: adding VLAN 0 to HW filter on device team0 [ 202.348407][ T149] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.355620][ T149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 202.422599][ T84] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.429812][ T84] bridge0: port 2(bridge_slave_1) entered forwarding state [ 202.993583][ T5144] Bluetooth: hci2: command tx timeout [ 203.129187][ T7658] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.315961][ T7658] veth0_vlan: entered promiscuous mode [ 203.365148][ T7658] veth1_vlan: entered promiscuous mode [ 203.518140][ T7658] veth0_macvtap: entered promiscuous mode [ 203.563543][ T7658] veth1_macvtap: entered promiscuous mode [ 203.644132][ T7658] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 203.718260][ T7658] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.777372][ T35] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.822890][ T35] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.863009][ T35] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.871785][ T35] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.985475][ T7825] FAULT_INJECTION: forcing a failure. [ 203.985475][ T7825] name failslab, interval 1, probability 0, space 0, times 0 [ 204.035821][ T7825] CPU: 1 UID: 0 PID: 7825 Comm: syz.3.469 Not tainted syzkaller #0 PREEMPT(full) [ 204.035861][ T7825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 204.035878][ T7825] Call Trace: [ 204.035888][ T7825] [ 204.035900][ T7825] dump_stack_lvl+0x100/0x190 [ 204.035948][ T7825] should_fail_ex.cold+0x5/0xa [ 204.035983][ T7825] should_failslab+0xc2/0x120 [ 204.036016][ T7825] __kmalloc_cache_noprof+0x7a/0x6f0 [ 204.036054][ T7825] ? alloc_ucounts+0x13d/0x5c0 [ 204.036098][ T7825] alloc_ucounts+0x13d/0x5c0 [ 204.036138][ T7825] ? __pfx_alloc_ucounts+0x10/0x10 [ 204.036189][ T7825] set_cred_ucounts+0xcd/0x200 [ 204.036240][ T7825] __sys_setresuid+0x666/0x1280 [ 204.036280][ T7825] do_syscall_64+0x106/0xf80 [ 204.036322][ T7825] ? clear_bhb_loop+0x40/0x90 [ 204.036361][ T7825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.036393][ T7825] RIP: 0033:0x7f27c0f9c799 [ 204.036419][ T7825] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 204.036447][ T7825] RSP: 002b:00007f27c1eef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000075 [ 204.036475][ T7825] RAX: ffffffffffffffda RBX: 00007f27c1216090 RCX: 00007f27c0f9c799 [ 204.036496][ T7825] RDX: 0000000000008080 RSI: 0000000000000007 RDI: 0000000000000002 [ 204.036514][ T7825] RBP: 00007f27c1032c99 R08: 0000000000000000 R09: 0000000000000000 [ 204.036532][ T7825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 204.036551][ T7825] R13: 00007f27c1216128 R14: 00007f27c1216090 R15: 00007fff00813198 [ 204.036592][ T7825] [ 204.287479][ T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.295374][ T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.413826][ T149] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 204.440417][ T149] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 205.064589][ T7854] FAULT_INJECTION: forcing a failure. [ 205.064589][ T7854] name failslab, interval 1, probability 0, space 0, times 0 [ 205.093506][ T7854] CPU: 0 UID: 0 PID: 7854 Comm: syz.1.473 Not tainted syzkaller #0 PREEMPT(full) [ 205.093546][ T7854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.093563][ T7854] Call Trace: [ 205.093574][ T7854] [ 205.093586][ T7854] dump_stack_lvl+0x100/0x190 [ 205.093637][ T7854] should_fail_ex.cold+0x5/0xa [ 205.093674][ T7854] should_failslab+0xc2/0x120 [ 205.093709][ T7854] __kmalloc_cache_noprof+0x7a/0x6f0 [ 205.093760][ T7854] ? wakeup_source_device_create+0x46/0x2e0 [ 205.093807][ T7854] wakeup_source_device_create+0x46/0x2e0 [ 205.093848][ T7854] wakeup_source_sysfs_add+0x1c/0x90 [ 205.093885][ T7854] wakeup_source_register+0x154/0x3e0 [ 205.093939][ T7854] ep_create_wakeup_source+0x1df/0x2e0 [ 205.093992][ T7854] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 205.094050][ T7854] ? do_epoll_ctl+0x1012/0x36a0 [ 205.094082][ T7854] ? do_epoll_ctl+0x1012/0x36a0 [ 205.094124][ T7854] do_epoll_ctl+0x1eee/0x36a0 [ 205.094174][ T7854] ? __pfx_do_epoll_ctl+0x10/0x10 [ 205.094205][ T7854] ? find_held_lock+0x2b/0x80 [ 205.094233][ T7854] ? __might_fault+0xc5/0x140 [ 205.094276][ T7854] ? __might_fault+0xc5/0x140 [ 205.094335][ T7854] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 205.094367][ T7854] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 205.094401][ T7854] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 205.094448][ T7854] do_syscall_64+0x106/0xf80 [ 205.094491][ T7854] ? clear_bhb_loop+0x40/0x90 [ 205.094530][ T7854] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.094561][ T7854] RIP: 0033:0x7f530419c799 [ 205.094587][ T7854] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 205.094615][ T7854] RSP: 002b:00007f5305136028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 205.094644][ T7854] RAX: ffffffffffffffda RBX: 00007f5304415fa0 RCX: 00007f530419c799 [ 205.094663][ T7854] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000002 [ 205.094680][ T7854] RBP: 00007f5304232c99 R08: 0000000000000000 R09: 0000000000000000 [ 205.094697][ T7854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.094715][ T7854] R13: 00007f5304416038 R14: 00007f5304415fa0 R15: 00007ffe445a1ba8 [ 205.094766][ T7854] [ 205.428341][ T7857] zswap: compressor not available [ 205.710339][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.3.478'. [ 205.771821][ T7872] netlink: 342 bytes leftover after parsing attributes in process `syz.3.478'. [ 206.223569][ T7883] random: crng reseeded on system resumption [ 206.604019][ T7892] random: crng reseeded on system resumption [ 210.997469][ T7970] snd_virmidi snd_virmidi.0: control 1:-5:4194312:1Յ:0 is already present [ 211.771896][ T7980] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input26 [ 211.963646][ T5829] Bluetooth: hci0: command 0x0406 tx timeout [ 211.970691][ T5829] Bluetooth: hci3: command 0x0406 tx timeout [ 211.978336][ T5829] Bluetooth: hci1: command 0x0406 tx timeout [ 212.417942][ T7998] FAULT_INJECTION: forcing a failure. [ 212.417942][ T7998] name failslab, interval 1, probability 0, space 0, times 0 [ 212.455102][ T7998] CPU: 0 UID: 0 PID: 7998 Comm: syz.3.507 Not tainted syzkaller #0 PREEMPT(full) [ 212.455139][ T7998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 212.455155][ T7998] Call Trace: [ 212.455172][ T7998] [ 212.455184][ T7998] dump_stack_lvl+0x100/0x190 [ 212.455232][ T7998] should_fail_ex.cold+0x5/0xa [ 212.455267][ T7998] ? tomoyo_encode2+0xfb/0x3c0 [ 212.455302][ T7998] should_failslab+0xc2/0x120 [ 212.455334][ T7998] __kmalloc_noprof+0xe0/0x850 [ 212.455375][ T7998] ? d_absolute_path+0x136/0x1b0 [ 212.455423][ T7998] tomoyo_encode2+0xfb/0x3c0 [ 212.455467][ T7998] tomoyo_encode+0x29/0x50 [ 212.455503][ T7998] tomoyo_realpath_from_path+0x18c/0x690 [ 212.455553][ T7998] tomoyo_get_exe+0x63/0xa0 [ 212.455581][ T7998] tomoyo_write_control+0x69e/0x13a0 [ 212.455645][ T7998] ? __pfx_tomoyo_write_control+0x10/0x10 [ 212.455703][ T7998] vfs_write+0x2aa/0x1070 [ 212.455732][ T7998] ? __pfx_tomoyo_write+0x10/0x10 [ 212.455776][ T7998] ? __pfx_vfs_write+0x10/0x10 [ 212.455803][ T7998] ? __fget_files+0x215/0x3d0 [ 212.455842][ T7998] ? __fget_files+0x21f/0x3d0 [ 212.455883][ T7998] ksys_write+0x12a/0x250 [ 212.455910][ T7998] ? __pfx_ksys_write+0x10/0x10 [ 212.455951][ T7998] do_syscall_64+0x106/0xf80 [ 212.455992][ T7998] ? clear_bhb_loop+0x40/0x90 [ 212.456029][ T7998] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.456059][ T7998] RIP: 0033:0x7f27c0f9c799 [ 212.456083][ T7998] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 212.456109][ T7998] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 212.456137][ T7998] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 212.456155][ T7998] RDX: 0000000000000038 RSI: 0000200000000180 RDI: 0000000000000003 [ 212.456179][ T7998] RBP: 00007f27c1f10090 R08: 0000000000000000 R09: 0000000000000000 [ 212.456196][ T7998] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.456212][ T7998] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 212.456254][ T7998] [ 212.456357][ T7998] ERROR: Out of memory at tomoyo_realpath_from_path. [ 212.948560][ T8012] netlink: 'syz.3.508': attribute type 1 has an invalid length. [ 213.302693][ T8022] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 213.516409][ T8030] FAULT_INJECTION: forcing a failure. [ 213.516409][ T8030] name failslab, interval 1, probability 0, space 0, times 0 [ 213.517063][ T8029] snd_virmidi snd_virmidi.0: control 1:-5:4194312:1Յ:0 is already present [ 213.563269][ T8030] CPU: 0 UID: 0 PID: 8030 Comm: syz.1.514 Not tainted syzkaller #0 PREEMPT(full) [ 213.563307][ T8030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 213.563323][ T8030] Call Trace: [ 213.563332][ T8030] [ 213.563343][ T8030] dump_stack_lvl+0x100/0x190 [ 213.563388][ T8030] should_fail_ex.cold+0x5/0xa [ 213.563421][ T8030] ? tomoyo_realpath_from_path+0xb6/0x690 [ 213.563460][ T8030] should_failslab+0xc2/0x120 [ 213.563490][ T8030] __kmalloc_noprof+0xe0/0x850 [ 213.563542][ T8030] tomoyo_realpath_from_path+0xb6/0x690 [ 213.563590][ T8030] tomoyo_check_open_permission+0x2af/0x3c0 [ 213.563625][ T8030] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 213.563717][ T8030] ? do_raw_spin_lock+0x128/0x260 [ 213.563762][ T8030] ? path_get+0x61/0x80 [ 213.563799][ T8030] tomoyo_file_open+0x6b/0x90 [ 213.563844][ T8030] security_file_open+0xb5/0x1e0 [ 213.563881][ T8030] do_dentry_open+0x5aa/0x1660 [ 213.563914][ T8030] ? security_inode_permission+0xbf/0x250 [ 213.563952][ T8030] vfs_open+0x82/0x3f0 [ 213.563993][ T8030] path_openat+0x208c/0x31a0 [ 213.564037][ T8030] ? __pfx_path_openat+0x10/0x10 [ 213.564084][ T8030] do_file_open+0x20e/0x430 [ 213.564117][ T8030] ? __pfx_do_file_open+0x10/0x10 [ 213.564176][ T8030] ? alloc_fd+0x476/0x790 [ 213.564211][ T8030] ? do_getname+0x191/0x390 [ 213.564250][ T8030] do_sys_openat2+0x10d/0x1e0 [ 213.564289][ T8030] ? __pfx_do_sys_openat2+0x10/0x10 [ 213.564324][ T8030] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 213.564369][ T8030] ? __fget_files+0x21f/0x3d0 [ 213.564401][ T8030] __x64_sys_openat+0x12d/0x210 [ 213.564439][ T8030] ? __pfx___x64_sys_openat+0x10/0x10 [ 213.564474][ T8030] ? ksys_write+0x1ac/0x250 [ 213.564513][ T8030] do_syscall_64+0x106/0xf80 [ 213.564549][ T8030] ? clear_bhb_loop+0x40/0x90 [ 213.564582][ T8030] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.564609][ T8030] RIP: 0033:0x7f530419c799 [ 213.564633][ T8030] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 213.564657][ T8030] RSP: 002b:00007f5305136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 213.564692][ T8030] RAX: ffffffffffffffda RBX: 00007f5304415fa0 RCX: 00007f530419c799 [ 213.564710][ T8030] RDX: 0000000000020342 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 213.564726][ T8030] RBP: 00007f5305136090 R08: 0000000000000000 R09: 0000000000000000 [ 213.564741][ T8030] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 213.564756][ T8030] R13: 00007f5304416038 R14: 00007f5304415fa0 R15: 00007ffe445a1ba8 [ 213.564794][ T8030] [ 213.828081][ T8030] ERROR: Out of memory at tomoyo_realpath_from_path. [ 214.205744][ T8011] Process accounting paused [ 214.398927][ T8039] mkiss: ax0: crc mode is auto. [ 214.734975][ T29] audit: type=1800 audit(4294968333.264:5): pid=8052 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.520" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 214.771041][ T8036] futex_wake_op: syz.2.515 tries to shift op by -1; fix this program [ 214.908642][ T8036] hub 1-0:1.0: USB hub found [ 214.936575][ T8036] hub 1-0:1.0: 1 port detected [ 215.018464][ T8033] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 215.087811][ T8033] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 215.187367][ T8033] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 215.196093][ T8033] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 215.217470][ T8033] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 215.262787][ T8033] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 215.286250][ T8033] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 215.306472][ T8033] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 215.338241][ T8033] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 215.566633][ T8069] snd_virmidi snd_virmidi.0: control 1:-5:4194312:1Յ:0 is already present [ 215.757266][ T8069] FAULT_INJECTION: forcing a failure. [ 215.757266][ T8069] name failslab, interval 1, probability 0, space 0, times 0 [ 215.793937][ T8069] CPU: 0 UID: 0 PID: 8069 Comm: syz.3.524 Not tainted syzkaller #0 PREEMPT(full) [ 215.793979][ T8069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 215.793996][ T8069] Call Trace: [ 215.794006][ T8069] [ 215.794017][ T8069] dump_stack_lvl+0x100/0x190 [ 215.794069][ T8069] should_fail_ex.cold+0x5/0xa [ 215.794105][ T8069] should_failslab+0xc2/0x120 [ 215.794139][ T8069] __kmalloc_cache_noprof+0x7a/0x6f0 [ 215.794178][ T8069] ? wakeup_source_register+0x4c/0x3e0 [ 215.794237][ T8069] wakeup_source_register+0x4c/0x3e0 [ 215.794289][ T8069] ep_create_wakeup_source+0x1df/0x2e0 [ 215.794341][ T8069] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 215.794400][ T8069] ? do_epoll_ctl+0x1012/0x36a0 [ 215.794431][ T8069] ? do_epoll_ctl+0x1012/0x36a0 [ 215.794472][ T8069] do_epoll_ctl+0x1eee/0x36a0 [ 215.794522][ T8069] ? __pfx_do_epoll_ctl+0x10/0x10 [ 215.794552][ T8069] ? find_held_lock+0x2b/0x80 [ 215.794581][ T8069] ? __might_fault+0xc5/0x140 [ 215.794622][ T8069] ? __might_fault+0xc5/0x140 [ 215.794692][ T8069] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 215.794724][ T8069] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 215.794758][ T8069] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 215.794806][ T8069] do_syscall_64+0x106/0xf80 [ 215.794851][ T8069] ? clear_bhb_loop+0x40/0x90 [ 215.794889][ T8069] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.794921][ T8069] RIP: 0033:0x7f27c0f9c799 [ 215.794947][ T8069] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.794976][ T8069] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 215.795005][ T8069] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 215.795024][ T8069] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 0000000000000002 [ 215.795039][ T8069] RBP: 00007f27c1032c99 R08: 0000000000000000 R09: 0000000000000000 [ 215.795056][ T8069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.795072][ T8069] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 215.795113][ T8069] [ 216.842349][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 217.189306][ T8101] FAULT_INJECTION: forcing a failure. [ 217.189306][ T8101] name failslab, interval 1, probability 0, space 0, times 0 [ 217.204213][ T8101] CPU: 0 UID: 0 PID: 8101 Comm: syz.2.531 Not tainted syzkaller #0 PREEMPT(full) [ 217.204250][ T8101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 217.204266][ T8101] Call Trace: [ 217.204275][ T8101] [ 217.204286][ T8101] dump_stack_lvl+0x100/0x190 [ 217.204339][ T8101] should_fail_ex.cold+0x5/0xa [ 217.204373][ T8101] ? tomoyo_encode2+0xfb/0x3c0 [ 217.204408][ T8101] should_failslab+0xc2/0x120 [ 217.204437][ T8101] __kmalloc_noprof+0xe0/0x850 [ 217.204477][ T8101] ? rcu_is_watching+0x12/0xc0 [ 217.204527][ T8101] tomoyo_encode2+0xfb/0x3c0 [ 217.204570][ T8101] tomoyo_encode+0x29/0x50 [ 217.204604][ T8101] tomoyo_realpath_from_path+0x18c/0x690 [ 217.204662][ T8101] tomoyo_path_number_perm+0x23c/0x580 [ 217.204694][ T8101] ? tomoyo_path_number_perm+0x22e/0x580 [ 217.204729][ T8101] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 217.204803][ T8101] ? find_held_lock+0x2b/0x80 [ 217.204830][ T8101] ? __fget_files+0x215/0x3d0 [ 217.204856][ T8101] ? hook_file_ioctl_common+0x146/0x410 [ 217.204898][ T8101] ? __fget_files+0x21f/0x3d0 [ 217.204933][ T8101] security_file_ioctl+0xd3/0x230 [ 217.204969][ T8101] __x64_sys_ioctl+0xb7/0x210 [ 217.205014][ T8101] do_syscall_64+0x106/0xf80 [ 217.205055][ T8101] ? clear_bhb_loop+0x40/0x90 [ 217.205093][ T8101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.205122][ T8101] RIP: 0033:0x7f47d659c799 [ 217.205147][ T8101] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 217.205173][ T8101] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.205202][ T8101] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 217.205220][ T8101] RDX: 0000000000000000 RSI: 0000000000005441 RDI: 0000000000000003 [ 217.205236][ T8101] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 217.205253][ T8101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.205269][ T8101] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 217.205308][ T8101] [ 217.247540][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 217.253954][ T5144] Bluetooth: hci1: command 0x0406 tx timeout [ 217.316845][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 217.320541][ T8101] ERROR: Out of memory at tomoyo_realpath_from_path. [ 217.905317][ T8116] random: crng reseeded on system resumption [ 217.950643][ T8116] bridge_slave_1: left allmulticast mode [ 217.956674][ T8116] bridge_slave_1: left promiscuous mode [ 217.962686][ T8116] bridge0: port 2(bridge_slave_1) entered disabled state [ 218.097498][ T8127] netlink: 20 bytes leftover after parsing attributes in process `syz.1.539'. [ 218.915386][ T5144] Bluetooth: hci0: command 0x0406 tx timeout [ 219.318527][ T5144] Bluetooth: hci3: command 0x0406 tx timeout [ 219.395645][ T5144] Bluetooth: hci1: command 0x0406 tx timeout [ 219.395664][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 219.536316][ T8157] FAULT_INJECTION: forcing a failure. [ 219.536316][ T8157] name fail_futex, interval 1, probability 0, space 0, times 0 [ 219.595762][ T8157] CPU: 0 UID: 0 PID: 8157 Comm: syz.0.549 Not tainted syzkaller #0 PREEMPT(full) [ 219.595800][ T8157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 219.595815][ T8157] Call Trace: [ 219.595825][ T8157] [ 219.595835][ T8157] dump_stack_lvl+0x100/0x190 [ 219.595884][ T8157] should_fail_ex.cold+0x5/0xa [ 219.595916][ T8157] get_futex_key+0x107c/0x1620 [ 219.595955][ T8157] ? __pfx_get_futex_key+0x10/0x10 [ 219.595985][ T8157] ? lock_acquire+0x1cf/0x380 [ 219.596032][ T8157] futex_wake+0xea/0x530 [ 219.596076][ T8157] ? __pfx_futex_wake+0x10/0x10 [ 219.596123][ T8157] ? exit_mm_release+0x19/0x30 [ 219.596179][ T8157] do_futex+0x32b/0x350 [ 219.596216][ T8157] ? __pfx_do_futex+0x10/0x10 [ 219.596250][ T8157] ? __might_fault+0xc5/0x140 [ 219.596299][ T8157] mm_release+0x24a/0x2f0 [ 219.596329][ T8157] do_exit+0x704/0x2b60 [ 219.596371][ T8157] ? __pfx_do_exit+0x10/0x10 [ 219.596408][ T8157] ? do_raw_spin_lock+0x128/0x260 [ 219.596447][ T8157] ? find_held_lock+0x2b/0x80 [ 219.596473][ T8157] ? get_signal+0x7e0/0x21e0 [ 219.596506][ T8157] do_group_exit+0xd5/0x2a0 [ 219.596545][ T8157] get_signal+0x1ec7/0x21e0 [ 219.596589][ T8157] ? __pfx_get_signal+0x10/0x10 [ 219.596620][ T8157] ? do_futex+0x192/0x350 [ 219.596660][ T8157] arch_do_signal_or_restart+0x91/0x770 [ 219.596694][ T8157] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 219.596732][ T8157] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 219.596776][ T8157] ? __pfx___x64_sys_futex+0x10/0x10 [ 219.596819][ T8157] exit_to_user_mode_loop+0x86/0x4a0 [ 219.596860][ T8157] do_syscall_64+0x668/0xf80 [ 219.596898][ T8157] ? clear_bhb_loop+0x40/0x90 [ 219.596933][ T8157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.596961][ T8157] RIP: 0033:0x7f1a5df9c799 [ 219.596986][ T8157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 219.597012][ T8157] RSP: 002b:00007f1a5ed820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 219.597039][ T8157] RAX: fffffffffffffe00 RBX: 00007f1a5e216098 RCX: 00007f1a5df9c799 [ 219.597056][ T8157] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1a5e216098 [ 219.597072][ T8157] RBP: 00007f1a5e216090 R08: 0000000000000000 R09: 0000000000000000 [ 219.597088][ T8157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.597104][ T8157] R13: 00007f1a5e216128 R14: 00007fff8f5d1a60 R15: 00007fff8f5d1b48 [ 219.597149][ T8157] [ 220.503722][ T8186] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 220.551317][ T8186] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 220.564683][ T8186] memcg:ffff88801fadeb01 [ 220.602825][ T8186] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 220.627981][ T8186] page_type: f5(slab) [ 220.632028][ T8186] raw: 00fff00000000040 ffff88801ce8e780 dead000000000100 dead000000000122 [ 220.666570][ T8186] raw: 0000000000000000 0000000800150015 00000000f5000000 ffff88801fadeb01 [ 220.676202][ T8186] head: 00fff00000000040 ffff88801ce8e780 dead000000000100 dead000000000122 [ 220.699799][ T8186] head: 0000000000000000 0000000800150015 00000000f5000000 ffff88801fadeb01 [ 220.739305][ T8186] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 220.787556][ T8186] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 220.815673][ T8186] page dumped because: unmovable page [ 220.857375][ T8186] page_owner tracks the page as allocated [ 220.863334][ T8186] page last allocated via order 1, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5198, tgid 5198 (udevd), ts 51082961831, free_ts 27161657018 [ 220.911260][ T8186] post_alloc_hook+0x153/0x170 [ 220.928798][ T8186] get_page_from_freelist+0x111d/0x3140 [ 220.955976][ T8186] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 220.965884][ T8197] netlink: 'syz.2.561': attribute type 2 has an invalid length. [ 220.993109][ T8186] new_slab+0xa6/0x6b0 [ 220.998883][ T8186] refill_objects+0x26b/0x400 [ 221.015564][ T8186] __pcs_replace_empty_main+0x1ab/0x660 [ 221.025695][ T8186] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 221.035810][ T8186] __d_alloc+0x34/0xa80 [ 221.046239][ T8186] d_alloc_parallel+0x111/0x14e0 [ 221.053165][ T8186] lookup_open.isra.0+0x57c/0x11b0 [ 221.059110][ T8186] path_openat+0xa98/0x31a0 [ 221.063839][ T8186] do_file_open+0x20e/0x430 [ 221.068915][ T8186] do_sys_openat2+0x10d/0x1e0 [ 221.074136][ T8186] __x64_sys_openat+0x12d/0x210 [ 221.081047][ T8186] do_syscall_64+0x106/0xf80 [ 221.085979][ T8186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.093896][ T8186] page last free pid 1 tgid 1 stack trace: [ 221.100282][ T8186] __free_frozen_pages+0x7e1/0x10d0 [ 221.105676][ T8186] free_contig_range+0xde/0x1d0 [ 221.111374][ T8186] destroy_args+0xa8/0x7a0 [ 221.115957][ T8186] debug_vm_pgtable+0x1b66/0x34c0 [ 221.121828][ T8186] do_one_initcall+0x11d/0x760 [ 221.127050][ T8186] kernel_init_freeable+0x6e5/0x7a0 [ 221.132531][ T8186] kernel_init+0x1f/0x1e0 [ 221.137357][ T8186] ret_from_fork+0x754/0xd80 [ 221.144406][ T8186] ret_from_fork_asm+0x1a/0x30 [ 221.404595][ T29] audit: type=1800 audit(4294968339.930:6): pid=8209 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.563" name="discovery_nqn" dev="configfs" ino=19988 res=0 errno=0 [ 221.480653][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 221.953687][ T8224] FAULT_INJECTION: forcing a failure. [ 221.953687][ T8224] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 221.977037][ T8224] CPU: 0 UID: 0 PID: 8224 Comm: syz.3.566 Not tainted syzkaller #0 PREEMPT(full) [ 221.977075][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 221.977091][ T8224] Call Trace: [ 221.977100][ T8224] [ 221.977111][ T8224] dump_stack_lvl+0x100/0x190 [ 221.977167][ T8224] should_fail_ex.cold+0x5/0xa [ 221.977194][ T8224] ? prepare_alloc_pages+0x16d/0x5f0 [ 221.977231][ T8224] should_fail_alloc_page+0xeb/0x140 [ 221.977262][ T8224] prepare_alloc_pages+0x1f0/0x5f0 [ 221.977300][ T8224] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 221.977351][ T8224] ? __lock_acquire+0x4a5/0x2630 [ 221.977391][ T8224] ? __lock_acquire+0x4a5/0x2630 [ 221.977430][ T8224] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 221.977475][ T8224] ? __lock_acquire+0x4a5/0x2630 [ 221.977529][ T8224] ? find_held_lock+0x2b/0x80 [ 221.977555][ T8224] ? is_bpf_text_address+0x8a/0x1a0 [ 221.977597][ T8224] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 221.977644][ T8224] ? policy_nodemask+0xed/0x4f0 [ 221.977678][ T8224] alloc_pages_mpol+0x1fb/0x550 [ 221.977709][ T8224] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 221.977740][ T8224] ? arch_stack_walk+0xa6/0xf0 [ 221.977779][ T8224] folio_alloc_mpol_noprof+0x36/0x340 [ 221.977818][ T8224] shmem_alloc_folio+0x135/0x160 [ 221.977857][ T8224] shmem_alloc_and_add_folio+0x371/0xd40 [ 221.977912][ T8224] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 221.977959][ T8224] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 221.978014][ T8224] shmem_get_folio_gfp+0x6ab/0x1900 [ 221.978072][ T8224] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 221.978118][ T8224] ? filemap_map_pages+0xe69/0x2020 [ 221.978177][ T8224] shmem_fault+0x1f9/0xa20 [ 221.978218][ T8224] ? __lock_acquire+0x4a5/0x2630 [ 221.978255][ T8224] ? __pfx_shmem_fault+0x10/0x10 [ 221.978301][ T8224] ? rcu_is_watching+0x12/0xc0 [ 221.978346][ T8224] ? __pfx_filemap_map_pages+0x10/0x10 [ 221.978401][ T8224] __do_fault+0x10d/0x550 [ 221.978434][ T8224] do_fault+0xabb/0x1990 [ 221.978466][ T8224] ? __pmd_alloc+0x3fb/0x950 [ 221.978503][ T8224] __handle_mm_fault+0x180f/0x2b60 [ 221.978548][ T8224] ? mt_find+0x45e/0x8e0 [ 221.978593][ T8224] ? __pfx___handle_mm_fault+0x10/0x10 [ 221.978630][ T8224] ? __pfx_mt_find+0x10/0x10 [ 221.978694][ T8224] ? find_vma+0xbf/0x140 [ 221.978721][ T8224] ? __pfx_find_vma+0x10/0x10 [ 221.978753][ T8224] handle_mm_fault+0x36d/0xa20 [ 221.978801][ T8224] do_user_addr_fault+0x74c/0x12f0 [ 221.978859][ T8224] exc_page_fault+0x6f/0xd0 [ 221.978899][ T8224] asm_exc_page_fault+0x26/0x30 [ 221.978927][ T8224] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 221.978959][ T8224] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 93 04 00 66 66 [ 221.978985][ T8224] RSP: 0018:ffffc900039e79b0 EFLAGS: 00050202 [ 221.979008][ T8224] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 221.979025][ T8224] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc900039e7a38 [ 221.979041][ T8224] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff5200073cf47 [ 221.979058][ T8224] R10: ffffc900039e7a3e R11: 0000000000000000 R12: 0000000000000000 [ 221.979074][ T8224] R13: ffffc900039e7a38 R14: 1ffff9200073cf41 R15: ffffc900039e7d6c [ 221.979113][ T8224] _copy_from_user+0x98/0xd0 [ 221.979163][ T8224] ____sys_sendmsg+0x1d1/0xb70 [ 221.979199][ T8224] ? __pfx_____sys_sendmsg+0x10/0x10 [ 221.979237][ T8224] ? __pfx__kstrtoull+0x10/0x10 [ 221.979287][ T8224] ___sys_sendmsg+0x190/0x1e0 [ 221.979322][ T8224] ? __pfx____sys_sendmsg+0x10/0x10 [ 221.979375][ T8224] ? find_held_lock+0x2b/0x80 [ 221.979430][ T8224] __sys_sendmmsg+0x205/0x430 [ 221.979477][ T8224] ? __pfx___sys_sendmmsg+0x10/0x10 [ 221.979532][ T8224] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 221.979592][ T8224] ? fput+0x79/0x100 [ 221.979626][ T8224] ? ksys_write+0x1ac/0x250 [ 221.979708][ T8224] ? __pfx_ksys_write+0x10/0x10 [ 221.979748][ T8224] __x64_sys_sendmmsg+0x9c/0x100 [ 221.979791][ T8224] ? lockdep_hardirqs_on+0x78/0x100 [ 221.979830][ T8224] do_syscall_64+0x106/0xf80 [ 221.979870][ T8224] ? clear_bhb_loop+0x40/0x90 [ 221.979907][ T8224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.979936][ T8224] RIP: 0033:0x7f27c0f9c799 [ 221.979961][ T8224] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.979985][ T8224] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 221.980012][ T8224] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 221.980031][ T8224] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 221.980047][ T8224] RBP: 00007f27c1f10090 R08: 0000000000000000 R09: 0000000000000000 [ 221.980064][ T8224] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 221.980080][ T8224] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 221.980120][ T8224] [ 222.998921][ T8229] zswap: compressor not available [ 223.614363][ T8251] FAULT_INJECTION: forcing a failure. [ 223.614363][ T8251] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 223.657737][ T8251] CPU: 1 UID: 0 PID: 8251 Comm: syz.2.571 Not tainted syzkaller #0 PREEMPT(full) [ 223.657778][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 223.657796][ T8251] Call Trace: [ 223.657805][ T8251] [ 223.657817][ T8251] dump_stack_lvl+0x100/0x190 [ 223.657867][ T8251] should_fail_ex.cold+0x5/0xa [ 223.657895][ T8251] ? prepare_alloc_pages+0x16d/0x5f0 [ 223.657933][ T8251] should_fail_alloc_page+0xeb/0x140 [ 223.657967][ T8251] prepare_alloc_pages+0x1f0/0x5f0 [ 223.658008][ T8251] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 223.658060][ T8251] ? __pfx_css_rstat_updated+0x10/0x10 [ 223.658098][ T8251] ? __lock_acquire+0x4a5/0x2630 [ 223.658144][ T8251] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 223.658213][ T8251] ? lock_acquire+0x1cf/0x380 [ 223.658250][ T8251] ? find_held_lock+0x2b/0x80 [ 223.658276][ T8251] ? page_table_check_set+0x49a/0xa10 [ 223.658303][ T8251] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 223.658356][ T8251] ? policy_nodemask+0xed/0x4f0 [ 223.658392][ T8251] alloc_pages_mpol+0x1fb/0x550 [ 223.658427][ T8251] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 223.658470][ T8251] folio_alloc_mpol_noprof+0x36/0x340 [ 223.658508][ T8251] vma_alloc_folio_noprof+0xed/0x1d0 [ 223.658545][ T8251] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 223.658595][ T8251] do_anonymous_page+0xb3a/0x1fb0 [ 223.658661][ T8251] __handle_mm_fault+0x1d42/0x2b60 [ 223.658716][ T8251] ? __pfx___handle_mm_fault+0x10/0x10 [ 223.658759][ T8251] ? pte_offset_map_lock+0x174/0x320 [ 223.658790][ T8251] ? find_held_lock+0x2b/0x80 [ 223.658841][ T8251] ? follow_page_pte+0x5b3/0x1400 [ 223.658883][ T8251] handle_mm_fault+0x36d/0xa20 [ 223.658933][ T8251] __get_user_pages+0xf9c/0x34d0 [ 223.658983][ T8251] ? __pfx___get_user_pages+0x10/0x10 [ 223.659028][ T8251] populate_vma_page_range+0x267/0x3f0 [ 223.659066][ T8251] ? __pfx_populate_vma_page_range+0x10/0x10 [ 223.659099][ T8251] ? __pfx_find_vma_intersection+0x10/0x10 [ 223.659133][ T8251] ? do_mmap+0x93f/0x12f0 [ 223.659171][ T8251] __mm_populate+0x107/0x3a0 [ 223.659209][ T8251] ? __pfx___mm_populate+0x10/0x10 [ 223.659256][ T8251] ? up_write+0x290/0x4f0 [ 223.659304][ T8251] vm_mmap_pgoff+0x37f/0x470 [ 223.659340][ T8251] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 223.659375][ T8251] ? do_futex+0x192/0x350 [ 223.659412][ T8251] ? __pfx_do_futex+0x10/0x10 [ 223.659448][ T8251] ? __pfx_do_sys_openat2+0x10/0x10 [ 223.659495][ T8251] ksys_mmap_pgoff+0xe1/0x650 [ 223.659528][ T8251] ? __x64_sys_futex+0x34f/0x4d0 [ 223.659562][ T8251] ? __x64_sys_futex+0x358/0x4d0 [ 223.659600][ T8251] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 223.659642][ T8251] ? __pfx___x64_sys_futex+0x10/0x10 [ 223.659692][ T8251] __x64_sys_mmap+0x125/0x190 [ 223.659742][ T8251] do_syscall_64+0x106/0xf80 [ 223.659782][ T8251] ? clear_bhb_loop+0x40/0x90 [ 223.659822][ T8251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 223.659854][ T8251] RIP: 0033:0x7f47d659c799 [ 223.659880][ T8251] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 223.659908][ T8251] RSP: 002b:00007f47d742b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 223.659938][ T8251] RAX: ffffffffffffffda RBX: 00007f47d6816090 RCX: 00007f47d659c799 [ 223.659958][ T8251] RDX: 00000000000000df RSI: 0000000000040009 RDI: 0000000000000000 [ 223.659975][ T8251] RBP: 00007f47d6632c99 R08: 0000000000000007 R09: 0000000000028000 [ 223.659993][ T8251] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 223.660010][ T8251] R13: 00007f47d6816128 R14: 00007f47d6816090 R15: 00007ffca533bb98 [ 223.660052][ T8251] [ 225.615668][ T8284] netlink: 'syz.2.577': attribute type 2 has an invalid length. [ 226.092105][ T8295] FAULT_INJECTION: forcing a failure. [ 226.092105][ T8295] name failslab, interval 1, probability 0, space 0, times 0 [ 226.105185][ T8286] FAULT_INJECTION: forcing a failure. [ 226.105185][ T8286] name failslab, interval 1, probability 0, space 0, times 0 [ 226.126433][ T8286] CPU: 1 UID: 0 PID: 8286 Comm: syz.3.576 Not tainted syzkaller #0 PREEMPT(full) [ 226.126475][ T8286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.126493][ T8286] Call Trace: [ 226.126503][ T8286] [ 226.126515][ T8286] dump_stack_lvl+0x100/0x190 [ 226.126566][ T8286] should_fail_ex.cold+0x5/0xa [ 226.126602][ T8286] should_failslab+0xc2/0x120 [ 226.126633][ T8286] __kmalloc_cache_noprof+0x7a/0x6f0 [ 226.126672][ T8286] ? xprt_switch_alloc+0x91/0x3c0 [ 226.126713][ T8286] xprt_switch_alloc+0x91/0x3c0 [ 226.126746][ T8286] rpc_create_xprt+0x2dc/0x440 [ 226.126782][ T8286] rpc_create+0x46e/0x7f0 [ 226.126820][ T8286] ? __pfx_rpc_create+0x10/0x10 [ 226.126866][ T8286] ? __lock_acquire+0x4a5/0x2630 [ 226.126933][ T8286] ? trace_contention_end+0x140/0x180 [ 226.126985][ T8286] rpcb_create_local_net+0x11b/0x310 [ 226.127034][ T8286] ? __pfx_rpcb_create_local_net+0x10/0x10 [ 226.127099][ T8286] ? rpcb_create_local+0x1da/0x270 [ 226.127156][ T8286] ? rpcb_create_local+0x1da/0x270 [ 226.127212][ T8286] rpcb_create_local+0x22d/0x270 [ 226.127258][ T8286] svc_bind+0x1e8/0x260 [ 226.127291][ T8286] nfsd_create_serv+0x2da/0x4a0 [ 226.127341][ T8286] ? __pfx_nfsd_create_serv+0x10/0x10 [ 226.127390][ T8286] ? __nla_validate_parse+0x1e7/0x28b0 [ 226.127448][ T8286] nfsd_nl_listener_set_doit+0xdd/0x1a80 [ 226.127494][ T8286] ? rcu_is_watching+0x12/0xc0 [ 226.127537][ T8286] ? trace_kmalloc+0x101/0x130 [ 226.127570][ T8286] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 226.127608][ T8286] ? __nla_parse+0x40/0x60 [ 226.127654][ T8286] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1a0/0x280 [ 226.127688][ T8286] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x280 [ 226.127730][ T8286] genl_family_rcv_msg_doit+0x214/0x300 [ 226.127767][ T8286] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 226.127799][ T8286] ? genl_get_cmd+0x3ef/0x720 [ 226.127840][ T8286] ? bpf_lsm_capable+0x9/0x10 [ 226.127871][ T8286] ? security_capable+0x80/0x260 [ 226.127928][ T8286] genl_rcv_msg+0x560/0x800 [ 226.127966][ T8286] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.128000][ T8286] ? __pfx_nfsd_nl_listener_set_doit+0x10/0x10 [ 226.128056][ T8286] netlink_rcv_skb+0x159/0x420 [ 226.128104][ T8286] ? __pfx_genl_rcv_msg+0x10/0x10 [ 226.128148][ T8286] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 226.128215][ T8286] ? netlink_deliver_tap+0x1ae/0xcc0 [ 226.128269][ T8286] genl_rcv+0x28/0x40 [ 226.128297][ T8286] netlink_unicast+0x5aa/0x870 [ 226.128352][ T8286] ? __pfx_netlink_unicast+0x10/0x10 [ 226.128418][ T8286] netlink_sendmsg+0x8b0/0xda0 [ 226.128476][ T8286] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.128520][ T8286] ? __import_iovec+0x1d2/0x640 [ 226.128562][ T8286] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 226.128618][ T8286] ____sys_sendmsg+0x9e1/0xb70 [ 226.128648][ T8286] ? __pfx_netlink_sendmsg+0x10/0x10 [ 226.128700][ T8286] ? __pfx_____sys_sendmsg+0x10/0x10 [ 226.128740][ T8286] ? try_to_wake_up+0x644/0x1a80 [ 226.128780][ T8286] ___sys_sendmsg+0x190/0x1e0 [ 226.128816][ T8286] ? __pfx____sys_sendmsg+0x10/0x10 [ 226.128848][ T8286] ? futex_private_hash_put+0x107/0x1c0 [ 226.128931][ T8286] __sys_sendmsg+0x170/0x220 [ 226.128977][ T8286] ? __pfx___sys_sendmsg+0x10/0x10 [ 226.129021][ T8286] ? __x64_sys_futex+0x34f/0x4d0 [ 226.129087][ T8286] do_syscall_64+0x106/0xf80 [ 226.129129][ T8286] ? clear_bhb_loop+0x40/0x90 [ 226.129178][ T8286] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.129211][ T8286] RIP: 0033:0x7f27c0f9c799 [ 226.129237][ T8286] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.129267][ T8286] RSP: 002b:00007f27c1ece028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 226.129298][ T8286] RAX: ffffffffffffffda RBX: 00007f27c1216180 RCX: 00007f27c0f9c799 [ 226.129318][ T8286] RDX: 0000000020000000 RSI: 0000200000005380 RDI: 0000000000000011 [ 226.129338][ T8286] RBP: 00007f27c1032c99 R08: 0000000000000000 R09: 0000000000000000 [ 226.129356][ T8286] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.129374][ T8286] R13: 00007f27c1216218 R14: 00007f27c1216180 R15: 00007fff00813198 [ 226.129417][ T8286] [ 226.534660][ T8295] CPU: 0 UID: 0 PID: 8295 Comm: syz.0.581 Not tainted syzkaller #0 PREEMPT(full) [ 226.534701][ T8295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.534718][ T8295] Call Trace: [ 226.534729][ T8295] [ 226.534741][ T8295] dump_stack_lvl+0x100/0x190 [ 226.534791][ T8295] should_fail_ex.cold+0x5/0xa [ 226.534826][ T8295] ? tomoyo_encode2+0xfb/0x3c0 [ 226.534863][ T8295] should_failslab+0xc2/0x120 [ 226.534897][ T8295] __kmalloc_noprof+0xe0/0x850 [ 226.534943][ T8295] ? d_absolute_path+0x136/0x1b0 [ 226.534992][ T8295] tomoyo_encode2+0xfb/0x3c0 [ 226.535033][ T8295] tomoyo_encode+0x29/0x50 [ 226.535071][ T8295] tomoyo_realpath_from_path+0x18c/0x690 [ 226.535117][ T8295] tomoyo_check_open_permission+0x2af/0x3c0 [ 226.535153][ T8295] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 226.535228][ T8295] ? do_raw_spin_lock+0x128/0x260 [ 226.535273][ T8295] ? path_get+0x61/0x80 [ 226.535311][ T8295] tomoyo_file_open+0x6b/0x90 [ 226.535355][ T8295] security_file_open+0xb5/0x1e0 [ 226.535389][ T8295] do_dentry_open+0x5aa/0x1660 [ 226.535423][ T8295] ? security_inode_permission+0xbf/0x250 [ 226.535464][ T8295] vfs_open+0x82/0x3f0 [ 226.535508][ T8295] path_openat+0x208c/0x31a0 [ 226.535550][ T8295] ? __pfx_path_openat+0x10/0x10 [ 226.535597][ T8295] do_file_open+0x20e/0x430 [ 226.535640][ T8295] ? __pfx_do_file_open+0x10/0x10 [ 226.535699][ T8295] ? alloc_fd+0x476/0x790 [ 226.535732][ T8295] ? do_getname+0x191/0x390 [ 226.535773][ T8295] do_sys_openat2+0x10d/0x1e0 [ 226.535811][ T8295] ? __pfx_do_sys_openat2+0x10/0x10 [ 226.535865][ T8295] __x64_sys_openat+0x12d/0x210 [ 226.535904][ T8295] ? __pfx___x64_sys_openat+0x10/0x10 [ 226.535961][ T8295] do_syscall_64+0x106/0xf80 [ 226.535999][ T8295] ? clear_bhb_loop+0x40/0x90 [ 226.536035][ T8295] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.536066][ T8295] RIP: 0033:0x7f1a5df9c799 [ 226.536092][ T8295] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.536119][ T8295] RSP: 002b:00007f1a5eda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 226.536150][ T8295] RAX: ffffffffffffffda RBX: 00007f1a5e215fa0 RCX: 00007f1a5df9c799 [ 226.536171][ T8295] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 226.536191][ T8295] RBP: 00007f1a5e032c99 R08: 0000000000000000 R09: 0000000000000000 [ 226.536210][ T8295] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 226.536229][ T8295] R13: 00007f1a5e216038 R14: 00007f1a5e215fa0 R15: 00007fff8f5d1b48 [ 226.536273][ T8295] [ 226.536306][ T8295] ERROR: Out of memory at tomoyo_realpath_from_path. [ 227.593897][ T8319] tc_dump_action: action bad kind [ 227.892619][ T8330] FAULT_INJECTION: forcing a failure. [ 227.892619][ T8330] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 227.917740][ T8330] CPU: 0 UID: 0 PID: 8330 Comm: syz.1.590 Not tainted syzkaller #0 PREEMPT(full) [ 227.917775][ T8330] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 227.917791][ T8330] Call Trace: [ 227.917800][ T8330] [ 227.917810][ T8330] dump_stack_lvl+0x100/0x190 [ 227.917858][ T8330] should_fail_ex.cold+0x5/0xa [ 227.917892][ T8330] _copy_from_user+0x2e/0xd0 [ 227.917928][ T8330] copy_msghdr_from_user+0x9f/0x4f0 [ 227.917963][ T8330] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 227.918020][ T8330] ___sys_sendmsg+0x106/0x1e0 [ 227.918055][ T8330] ? __pfx____sys_sendmsg+0x10/0x10 [ 227.918133][ T8330] __sys_sendmsg+0x170/0x220 [ 227.918177][ T8330] ? __pfx___sys_sendmsg+0x10/0x10 [ 227.918244][ T8330] do_syscall_64+0x106/0xf80 [ 227.918284][ T8330] ? clear_bhb_loop+0x40/0x90 [ 227.918320][ T8330] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.918350][ T8330] RIP: 0033:0x7f530419c799 [ 227.918374][ T8330] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.918400][ T8330] RSP: 002b:00007f5305115028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 227.918428][ T8330] RAX: ffffffffffffffda RBX: 00007f5304416090 RCX: 00007f530419c799 [ 227.918447][ T8330] RDX: 0000000000000014 RSI: 0000200000000000 RDI: 0000000000000009 [ 227.918464][ T8330] RBP: 00007f5305115090 R08: 0000000000000000 R09: 0000000000000000 [ 227.918480][ T8330] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 227.918496][ T8330] R13: 00007f5304416128 R14: 00007f5304416090 R15: 00007ffe445a1ba8 [ 227.918536][ T8330] [ 228.313197][ T8334] random: crng reseeded on system resumption [ 228.637658][ T8344] tc_dump_action: action bad kind [ 229.250308][ T8366] netlink: 20 bytes leftover after parsing attributes in process `syz.2.597'. [ 230.897917][ T8375] futex_wake_op: syz.3.599 tries to shift op by -1; fix this program [ 231.108247][ T8375] hub 1-0:1.0: USB hub found [ 231.118994][ T8375] hub 1-0:1.0: 1 port detected [ 231.206701][ T8373] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 231.222154][ T8373] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 231.234391][ T8373] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 231.259355][ T8373] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 231.517328][ T8402] netlink: 504 bytes leftover after parsing attributes in process `syz.2.605'. [ 231.533714][ T8402] netlink: 350 bytes leftover after parsing attributes in process `syz.2.605'. [ 231.566189][ T8404] netlink: 'syz.0.604': attribute type 2 has an invalid length. [ 232.534264][ T8422] FAULT_INJECTION: forcing a failure. [ 232.534264][ T8422] name failslab, interval 1, probability 0, space 0, times 0 [ 232.637747][ T8422] CPU: 1 UID: 0 PID: 8422 Comm: syz.1.611 Not tainted syzkaller #0 PREEMPT(full) [ 232.637785][ T8422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 232.637810][ T8422] Call Trace: [ 232.637820][ T8422] [ 232.637831][ T8422] dump_stack_lvl+0x100/0x190 [ 232.637880][ T8422] should_fail_ex.cold+0x5/0xa [ 232.637913][ T8422] ? tomoyo_realpath_from_path+0xb6/0x690 [ 232.637953][ T8422] should_failslab+0xc2/0x120 [ 232.637984][ T8422] __kmalloc_noprof+0xe0/0x850 [ 232.638037][ T8422] tomoyo_realpath_from_path+0xb6/0x690 [ 232.638086][ T8422] tomoyo_path_number_perm+0x23c/0x580 [ 232.638127][ T8422] ? tomoyo_path_number_perm+0x22e/0x580 [ 232.638163][ T8422] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 232.638237][ T8422] ? find_held_lock+0x2b/0x80 [ 232.638266][ T8422] ? __fget_files+0x215/0x3d0 [ 232.638291][ T8422] ? hook_file_ioctl_common+0x146/0x410 [ 232.638334][ T8422] ? __fget_files+0x21f/0x3d0 [ 232.638370][ T8422] security_file_ioctl+0xd3/0x230 [ 232.638407][ T8422] __x64_sys_ioctl+0xb7/0x210 [ 232.638453][ T8422] do_syscall_64+0x106/0xf80 [ 232.638495][ T8422] ? clear_bhb_loop+0x40/0x90 [ 232.638532][ T8422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.638562][ T8422] RIP: 0033:0x7f530419c799 [ 232.638586][ T8422] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.638613][ T8422] RSP: 002b:00007f5305136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 232.638648][ T8422] RAX: ffffffffffffffda RBX: 00007f5304415fa0 RCX: 00007f530419c799 [ 232.638667][ T8422] RDX: 0000200000000240 RSI: 00000000c0185500 RDI: 0000000000000003 [ 232.638684][ T8422] RBP: 00007f5305136090 R08: 0000000000000000 R09: 0000000000000000 [ 232.638702][ T8422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 232.638723][ T8422] R13: 00007f5304416038 R14: 00007f5304415fa0 R15: 00007ffe445a1ba8 [ 232.638763][ T8422] [ 232.638849][ T8422] ERROR: Out of memory at tomoyo_realpath_from_path. [ 233.082599][ T5144] Bluetooth: hci0: command 0x0406 tx timeout [ 233.245335][ T5144] Bluetooth: hci3: command 0x0406 tx timeout [ 233.245507][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 233.322909][ T51] Bluetooth: hci2: command 0x0c1a tx timeout [ 233.521871][ T8431] hub 1-0:1.0: USB hub found [ 233.540195][ T8431] hub 1-0:1.0: 1 port detected [ 233.976855][ T8444] nvme_fabrics: missing parameter 'transport=%s' [ 233.983822][ T8444] nvme_fabrics: missing parameter 'nqn=%s' [ 234.264196][ T8457] FAULT_INJECTION: forcing a failure. [ 234.264196][ T8457] name fail_futex, interval 1, probability 0, space 0, times 0 [ 234.282814][ T8457] CPU: 0 UID: 0 PID: 8457 Comm: syz.0.619 Not tainted syzkaller #0 PREEMPT(full) [ 234.282861][ T8457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 234.282879][ T8457] Call Trace: [ 234.282889][ T8457] [ 234.282900][ T8457] dump_stack_lvl+0x100/0x190 [ 234.282951][ T8457] should_fail_ex.cold+0x5/0xa [ 234.282986][ T8457] get_futex_key+0x1d2/0x1620 [ 234.283029][ T8457] ? __pfx_get_futex_key+0x10/0x10 [ 234.283062][ T8457] ? trace_parse_run_command+0x2f7/0x3b0 [ 234.283110][ T8457] ? kasan_quarantine_put+0x104/0x240 [ 234.283157][ T8457] ? lockdep_hardirqs_on+0x78/0x100 [ 234.283209][ T8457] futex_wake+0xea/0x530 [ 234.283256][ T8457] ? find_held_lock+0x2b/0x80 [ 234.283287][ T8457] ? __pfx_futex_wake+0x10/0x10 [ 234.283338][ T8457] ? ksys_write+0x190/0x250 [ 234.283366][ T8457] ? ksys_write+0x190/0x250 [ 234.283402][ T8457] do_futex+0x32b/0x350 [ 234.283443][ T8457] ? __pfx_do_futex+0x10/0x10 [ 234.283495][ T8457] __x64_sys_futex+0x34f/0x4d0 [ 234.283538][ T8457] ? fput+0x79/0x100 [ 234.283572][ T8457] ? __pfx___x64_sys_futex+0x10/0x10 [ 234.283620][ T8457] ? ksys_write+0x1ac/0x250 [ 234.283649][ T8457] ? __pfx_ksys_write+0x10/0x10 [ 234.283690][ T8457] do_syscall_64+0x106/0xf80 [ 234.283734][ T8457] ? clear_bhb_loop+0x40/0x90 [ 234.283774][ T8457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.283806][ T8457] RIP: 0033:0x7f1a5df9c799 [ 234.283831][ T8457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 234.283861][ T8457] RSP: 002b:00007f1a5eda30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 234.283892][ T8457] RAX: ffffffffffffffda RBX: 00007f1a5e215fa8 RCX: 00007f1a5df9c799 [ 234.283912][ T8457] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1a5e215fac [ 234.283931][ T8457] RBP: 00007f1a5e215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 234.283949][ T8457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 234.283967][ T8457] R13: 00007f1a5e216038 R14: 00007fff8f5d1a60 R15: 00007fff8f5d1b48 [ 234.284009][ T8457] [ 235.537215][ T8467] Invalid ELF header magic: != ELF [ 235.828701][ T8476] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 236.253793][ T8477] FAULT_INJECTION: forcing a failure. [ 236.253793][ T8477] name failslab, interval 1, probability 0, space 0, times 0 [ 236.327914][ T8485] FAULT_INJECTION: forcing a failure. [ 236.327914][ T8485] name fail_futex, interval 1, probability 0, space 0, times 0 [ 236.390230][ T8482] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 236.446122][ T8477] CPU: 1 UID: 0 PID: 8477 Comm: syz.0.624 Not tainted syzkaller #0 PREEMPT(full) [ 236.446165][ T8477] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 236.446185][ T8477] Call Trace: [ 236.446196][ T8477] [ 236.446208][ T8477] dump_stack_lvl+0x100/0x190 [ 236.446259][ T8477] should_fail_ex.cold+0x5/0xa [ 236.446298][ T8477] should_failslab+0xc2/0x120 [ 236.446332][ T8477] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 236.446380][ T8477] ? __kernfs_new_node+0xd2/0x960 [ 236.446433][ T8477] __kernfs_new_node+0xd2/0x960 [ 236.446485][ T8477] ? __pfx___kernfs_new_node+0x10/0x10 [ 236.446542][ T8477] ? find_held_lock+0x2b/0x80 [ 236.446572][ T8477] ? kernfs_root+0xee/0x2a0 [ 236.446624][ T8477] ? kernfs_root+0xee/0x2a0 [ 236.446679][ T8477] kernfs_new_node+0x11b/0x1a0 [ 236.446734][ T8477] __kernfs_create_file+0x53/0x350 [ 236.446773][ T8477] sysfs_add_file_mode_ns+0x207/0x3c0 [ 236.446826][ T8477] sysfs_merge_group+0x194/0x340 [ 236.446874][ T8477] ? __pfx_sysfs_merge_group+0x10/0x10 [ 236.446927][ T8477] ? __pfx_dev_add_physical_location+0x10/0x10 [ 236.446965][ T8477] ? bus_to_subsys+0x114/0x150 [ 236.447012][ T8477] dpm_sysfs_add+0x237/0x280 [ 236.447050][ T8477] device_add+0x9ef/0x1950 [ 236.447090][ T8477] ? __pfx_device_add+0x10/0x10 [ 236.447127][ T8477] ? lockdep_init_map_type+0x5c/0x250 [ 236.447171][ T8477] ? __init_waitqueue_head+0xca/0x150 [ 236.447228][ T8477] rfkill_register+0x1ad/0xb30 [ 236.447269][ T8477] nfc_register_device+0x11f/0x3e0 [ 236.447317][ T8477] nci_register_device+0x7f1/0xb80 [ 236.447355][ T8477] ? __pfx_nci_register_device+0x10/0x10 [ 236.447397][ T8477] ? lockdep_init_map_type+0x5c/0x250 [ 236.447446][ T8477] virtual_ncidev_open+0x141/0x220 [ 236.447492][ T8477] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 236.447535][ T8477] misc_open+0x26d/0x450 [ 236.447573][ T8477] ? __pfx_misc_open+0x10/0x10 [ 236.447618][ T8477] chrdev_open+0x234/0x6a0 [ 236.447650][ T8477] ? __pfx_apparmor_file_open+0x10/0x10 [ 236.447682][ T8477] ? __pfx_chrdev_open+0x10/0x10 [ 236.447719][ T8477] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 236.447763][ T8477] do_dentry_open+0x6d8/0x1660 [ 236.447796][ T8477] ? __pfx_chrdev_open+0x10/0x10 [ 236.447836][ T8477] vfs_open+0x82/0x3f0 [ 236.447878][ T8477] path_openat+0x208c/0x31a0 [ 236.447926][ T8477] ? __pfx_path_openat+0x10/0x10 [ 236.447976][ T8477] do_file_open+0x20e/0x430 [ 236.448014][ T8477] ? __pfx_do_file_open+0x10/0x10 [ 236.448079][ T8477] ? alloc_fd+0x476/0x790 [ 236.448115][ T8477] ? do_getname+0x191/0x390 [ 236.448159][ T8477] do_sys_openat2+0x10d/0x1e0 [ 236.448203][ T8477] ? __pfx_do_sys_openat2+0x10/0x10 [ 236.448262][ T8477] __x64_sys_openat+0x12d/0x210 [ 236.448307][ T8477] ? __pfx___x64_sys_openat+0x10/0x10 [ 236.448366][ T8477] do_syscall_64+0x106/0xf80 [ 236.448407][ T8477] ? clear_bhb_loop+0x40/0x90 [ 236.448447][ T8477] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.448480][ T8477] RIP: 0033:0x7f1a5df9c799 [ 236.448508][ T8477] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 236.448539][ T8477] RSP: 002b:00007f1a5c1f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 236.448571][ T8477] RAX: ffffffffffffffda RBX: 00007f1a5e216180 RCX: 00007f1a5df9c799 [ 236.448608][ T8477] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 236.448628][ T8477] RBP: 00007f1a5e032c99 R08: 0000000000000000 R09: 0000000000000000 [ 236.448647][ T8477] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.448665][ T8477] R13: 00007f1a5e216218 R14: 00007f1a5e216180 R15: 00007fff8f5d1b48 [ 236.448710][ T8477] [ 236.587780][ T8485] CPU: 0 UID: 0 PID: 8485 Comm: syz.1.625 Not tainted syzkaller #0 PREEMPT(full) [ 236.587821][ T8485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 236.587837][ T8485] Call Trace: [ 236.587847][ T8485] [ 236.587858][ T8485] dump_stack_lvl+0x100/0x190 [ 236.587904][ T8485] should_fail_ex.cold+0x5/0xa [ 236.587936][ T8485] get_futex_key+0x1d2/0x1620 [ 236.587973][ T8485] ? __pfx_get_futex_key+0x10/0x10 [ 236.588010][ T8485] ? update_se+0x94/0x760 [ 236.588049][ T8485] futex_wait_setup+0x83/0x510 [ 236.588098][ T8485] __futex_wait+0x19f/0x300 [ 236.588140][ T8485] ? __pfx___futex_wait+0x10/0x10 [ 236.588177][ T8485] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 236.588212][ T8485] ? lockdep_hardirqs_on+0x78/0x100 [ 236.588253][ T8485] ? __pfx_futex_wake_mark+0x10/0x10 [ 236.588298][ T8485] ? find_held_lock+0x2b/0x80 [ 236.588322][ T8485] ? futex_wake+0x456/0x530 [ 236.588369][ T8485] futex_wait+0xed/0x380 [ 236.588407][ T8485] ? __pfx_futex_wait+0x10/0x10 [ 236.588456][ T8485] ? __local_bh_enable_ip+0x9e/0x120 [ 236.588484][ T8485] ? lockdep_hardirqs_on+0x78/0x100 [ 236.588520][ T8485] ? raw_bind+0x3bd/0x770 [ 236.588552][ T8485] do_futex+0x1ef/0x350 [ 236.588594][ T8485] ? __pfx_do_futex+0x10/0x10 [ 236.588628][ T8485] ? __sys_bind+0x1c7/0x260 [ 236.588667][ T8485] __x64_sys_futex+0x34f/0x4d0 [ 236.588706][ T8485] ? __pfx___x64_sys_futex+0x10/0x10 [ 236.588755][ T8485] do_syscall_64+0x106/0xf80 [ 236.588790][ T8485] ? clear_bhb_loop+0x40/0x90 [ 236.588825][ T8485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.588854][ T8485] RIP: 0033:0x7f530419c799 [ 236.588876][ T8485] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 236.588902][ T8485] RSP: 002b:00007f53051360e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 236.588928][ T8485] RAX: ffffffffffffffda RBX: 00007f5304415fa8 RCX: 00007f530419c799 [ 236.588946][ T8485] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f5304415fa8 [ 236.588963][ T8485] RBP: 00007f5304415fa0 R08: 0000000000000000 R09: 0000000000000000 [ 236.588979][ T8485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 236.588994][ T8485] R13: 00007f5304416038 R14: 00007ffe445a1ac0 R15: 00007ffe445a1ba8 [ 236.589030][ T8485] [ 239.720943][ T8518] netlink: 'syz.3.631': attribute type 2 has an invalid length. [ 240.385199][ T8529] netlink: 28 bytes leftover after parsing attributes in process `syz.2.634'. [ 241.388423][ T8546] FAULT_INJECTION: forcing a failure. [ 241.388423][ T8546] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 241.478358][ T8546] CPU: 1 UID: 0 PID: 8546 Comm: syz.2.638 Not tainted syzkaller #0 PREEMPT(full) [ 241.478395][ T8546] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 241.478412][ T8546] Call Trace: [ 241.478423][ T8546] [ 241.478434][ T8546] dump_stack_lvl+0x100/0x190 [ 241.478483][ T8546] should_fail_ex.cold+0x5/0xa [ 241.478520][ T8546] _copy_from_iter+0x1f4/0x1690 [ 241.478566][ T8546] ? __pfx__copy_from_iter+0x10/0x10 [ 241.478608][ T8546] ? rcu_is_watching+0x12/0xc0 [ 241.478653][ T8546] ? trace_kmalloc+0x101/0x130 [ 241.478682][ T8546] ? __kasan_kmalloc+0xaa/0xb0 [ 241.478729][ T8546] ? __kmalloc_noprof+0x320/0x850 [ 241.478781][ T8546] kernfs_fop_write_iter+0x186/0x5f0 [ 241.478820][ T8546] vfs_write+0x6ac/0x1070 [ 241.478849][ T8546] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 241.478886][ T8546] ? __pfx_vfs_write+0x10/0x10 [ 241.478940][ T8546] ksys_write+0x12a/0x250 [ 241.478967][ T8546] ? __pfx_ksys_write+0x10/0x10 [ 241.479007][ T8546] do_syscall_64+0x106/0xf80 [ 241.479047][ T8546] ? clear_bhb_loop+0x40/0x90 [ 241.479083][ T8546] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.479112][ T8546] RIP: 0033:0x7f47d659c799 [ 241.479138][ T8546] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.479165][ T8546] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 241.479193][ T8546] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 241.479211][ T8546] RDX: 0000000000000081 RSI: 00002000000001c0 RDI: 0000000000000003 [ 241.479229][ T8546] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 241.479246][ T8546] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 241.479263][ T8546] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 241.479305][ T8546] [ 243.008219][ T8566] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 244.461489][ T8584] Process accounting resumed [ 245.022533][ T8601] hub 1-0:1.0: USB hub found [ 245.028848][ T8601] hub 1-0:1.0: 1 port detected [ 245.256364][ T8598] zswap: compressor not available [ 245.957784][ T8613] FAULT_INJECTION: forcing a failure. [ 245.957784][ T8613] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 246.000554][ T8613] CPU: 1 UID: 0 PID: 8613 Comm: syz.3.653 Not tainted syzkaller #0 PREEMPT(full) [ 246.000594][ T8613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 246.000610][ T8613] Call Trace: [ 246.000620][ T8613] [ 246.000632][ T8613] dump_stack_lvl+0x100/0x190 [ 246.000682][ T8613] should_fail_ex.cold+0x5/0xa [ 246.000718][ T8613] _copy_from_iter+0x1f4/0x1690 [ 246.000762][ T8613] ? __pfx__copy_from_iter+0x10/0x10 [ 246.000806][ T8613] ? __pfx___might_resched+0x10/0x10 [ 246.000858][ T8613] file_tty_write.isra.0+0x45b/0x890 [ 246.000914][ T8613] redirected_tty_write+0xd4/0x120 [ 246.000958][ T8613] vfs_write+0x6ac/0x1070 [ 246.000987][ T8613] ? __pfx_redirected_tty_write+0x10/0x10 [ 246.001051][ T8613] ? __pfx_vfs_write+0x10/0x10 [ 246.001076][ T8613] ? find_held_lock+0x2b/0x80 [ 246.001132][ T8613] ksys_write+0x12a/0x250 [ 246.001159][ T8613] ? __pfx_ksys_write+0x10/0x10 [ 246.001197][ T8613] do_syscall_64+0x106/0xf80 [ 246.001235][ T8613] ? clear_bhb_loop+0x40/0x90 [ 246.001271][ T8613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 246.001302][ T8613] RIP: 0033:0x7f27c0f9c799 [ 246.001328][ T8613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 246.001357][ T8613] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 246.001386][ T8613] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 246.001406][ T8613] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 246.001423][ T8613] RBP: 00007f27c1f10090 R08: 0000000000000000 R09: 0000000000000000 [ 246.001441][ T8613] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 246.001458][ T8613] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 246.001499][ T8613] [ 246.104888][ T8616] random: crng reseeded on system resumption [ 246.694086][ T8628] netlink: 28 bytes leftover after parsing attributes in process `syz.3.658'. [ 247.097065][ T51] Bluetooth: hci1: unexpected event 0x36 length: 123 > 7 [ 247.384474][ T51] Bluetooth: hci1: unexpected subevent 0x01 length: 123 > 18 [ 247.738402][ T8651] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 247.883238][ T8643] FAULT_INJECTION: forcing a failure. [ 247.883238][ T8643] name failslab, interval 1, probability 0, space 0, times 0 [ 247.929876][ T8643] CPU: 0 UID: 0 PID: 8643 Comm: syz.1.660 Not tainted syzkaller #0 PREEMPT(full) [ 247.929919][ T8643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 247.929937][ T8643] Call Trace: [ 247.929946][ T8643] [ 247.929960][ T8643] dump_stack_lvl+0x100/0x190 [ 247.930013][ T8643] should_fail_ex.cold+0x5/0xa [ 247.930051][ T8643] should_failslab+0xc2/0x120 [ 247.930085][ T8643] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 247.930142][ T8643] ? __d_alloc+0x34/0xa80 [ 247.930175][ T8643] ? l2tp_ip6_hash+0x1a3/0x220 [ 247.930219][ T8643] ? l2tp_ip6_hash+0x1a3/0x220 [ 247.930268][ T8643] __d_alloc+0x34/0xa80 [ 247.930307][ T8643] d_alloc_pseudo+0x1c/0xc0 [ 247.930351][ T8643] alloc_file_pseudo+0xcf/0x230 [ 247.930393][ T8643] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 247.930434][ T8643] ? alloc_fd+0x476/0x790 [ 247.930471][ T8643] sock_alloc_file+0x50/0x210 [ 247.930520][ T8643] __sys_socket+0x1c0/0x260 [ 247.930556][ T8643] ? __pfx___sys_socket+0x10/0x10 [ 247.930602][ T8643] __x64_sys_socket+0x72/0xb0 [ 247.930637][ T8643] ? lockdep_hardirqs_on+0x78/0x100 [ 247.930681][ T8643] do_syscall_64+0x106/0xf80 [ 247.930724][ T8643] ? clear_bhb_loop+0x40/0x90 [ 247.930763][ T8643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 247.930796][ T8643] RIP: 0033:0x7f530419c799 [ 247.930822][ T8643] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 247.930852][ T8643] RSP: 002b:00007f5305115028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 247.930882][ T8643] RAX: ffffffffffffffda RBX: 00007f5304416090 RCX: 00007f530419c799 [ 247.930902][ T8643] RDX: 0000000000000073 RSI: 0000000000000002 RDI: 000000000000000a [ 247.930920][ T8643] RBP: 00007f5304232c99 R08: 0000000000000000 R09: 0000000000000000 [ 247.930938][ T8643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 247.930956][ T8643] R13: 00007f5304416128 R14: 00007f5304416090 R15: 00007ffe445a1ba8 [ 247.930998][ T8643] [ 248.729562][ T8653] hub 1-0:1.0: USB hub found [ 248.736984][ T8653] hub 1-0:1.0: 1 port detected [ 249.425804][ T8679] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 249.740979][ T8690] netlink: 28 bytes leftover after parsing attributes in process `syz.0.670'. [ 251.137390][ T8706] FAULT_INJECTION: forcing a failure. [ 251.137390][ T8706] name fail_futex, interval 1, probability 0, space 0, times 0 [ 251.268671][ T8706] CPU: 0 UID: 0 PID: 8706 Comm: syz.3.671 Not tainted syzkaller #0 PREEMPT(full) [ 251.268699][ T8706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 251.268710][ T8706] Call Trace: [ 251.268716][ T8706] [ 251.268724][ T8706] dump_stack_lvl+0x100/0x190 [ 251.268756][ T8706] should_fail_ex.cold+0x5/0xa [ 251.268777][ T8706] get_futex_key+0x1d2/0x1620 [ 251.268802][ T8706] ? __pfx_get_futex_key+0x10/0x10 [ 251.268825][ T8706] ? __lock_acquire+0x4a5/0x2630 [ 251.268853][ T8706] futex_wake+0xea/0x530 [ 251.268881][ T8706] ? __pfx_futex_wake+0x10/0x10 [ 251.268910][ T8706] ? find_held_lock+0x2b/0x80 [ 251.268926][ T8706] ? do_sys_openat2+0x1b4/0x1e0 [ 251.268950][ T8706] ? do_sys_openat2+0x1b4/0x1e0 [ 251.268976][ T8706] do_futex+0x32b/0x350 [ 251.269000][ T8706] ? __pfx_do_futex+0x10/0x10 [ 251.269022][ T8706] ? __pfx_do_sys_openat2+0x10/0x10 [ 251.269057][ T8706] ? find_held_lock+0x2b/0x80 [ 251.269076][ T8706] __x64_sys_futex+0x34f/0x4d0 [ 251.269101][ T8706] ? __x64_sys_openat+0x12d/0x210 [ 251.269126][ T8706] ? __pfx___x64_sys_futex+0x10/0x10 [ 251.269158][ T8706] do_syscall_64+0x106/0xf80 [ 251.269184][ T8706] ? clear_bhb_loop+0x40/0x90 [ 251.269206][ T8706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.269225][ T8706] RIP: 0033:0x7f27c0f9c799 [ 251.269241][ T8706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 251.269258][ T8706] RSP: 002b:00007f27c1ece0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 251.269276][ T8706] RAX: ffffffffffffffda RBX: 00007f27c1216188 RCX: 00007f27c0f9c799 [ 251.269288][ T8706] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f27c121618c [ 251.269298][ T8706] RBP: 00007f27c1216180 R08: 0000000000000000 R09: 0000000000000000 [ 251.269309][ T8706] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 251.269319][ T8706] R13: 00007f27c1216218 R14: 00007fff008130b0 R15: 00007fff00813198 [ 251.269341][ T8706] [ 253.343428][ T8744] random: crng reseeded on system resumption [ 253.522891][ T8748] netlink: 8 bytes leftover after parsing attributes in process `syz.2.685'. [ 254.029325][ T8754] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 254.723963][ T8765] zram: Added device: zram1 [ 255.286373][ T8768] zswap: compressor not available [ 255.897387][ T8802] random: crng reseeded on system resumption [ 255.979394][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.007500][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.137869][ T8805] FAULT_INJECTION: forcing a failure. [ 256.137869][ T8805] name failslab, interval 1, probability 0, space 0, times 0 [ 256.156820][ T8805] CPU: 1 UID: 0 PID: 8805 Comm: syz.2.698 Not tainted syzkaller #0 PREEMPT(full) [ 256.156866][ T8805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 256.156884][ T8805] Call Trace: [ 256.156895][ T8805] [ 256.156908][ T8805] dump_stack_lvl+0x100/0x190 [ 256.156961][ T8805] should_fail_ex.cold+0x5/0xa [ 256.156999][ T8805] should_failslab+0xc2/0x120 [ 256.157044][ T8805] __kmalloc_cache_noprof+0x7a/0x6f0 [ 256.157086][ T8805] ? key_user_lookup+0x1a3/0x5a0 [ 256.157138][ T8805] key_user_lookup+0x1a3/0x5a0 [ 256.157177][ T8805] ? __pfx_key_user_lookup+0x10/0x10 [ 256.157218][ T8805] ? bpf_lsm_capable+0x9/0x10 [ 256.157251][ T8805] ? security_capable+0x80/0x260 [ 256.157307][ T8805] keyctl_chown_key+0x358/0x1010 [ 256.157358][ T8805] ? __x64_sys_futex+0x34f/0x4d0 [ 256.157396][ T8805] ? __x64_sys_futex+0x358/0x4d0 [ 256.157437][ T8805] ? __pfx_keyctl_chown_key+0x10/0x10 [ 256.157484][ T8805] ? xfd_validate_state+0x129/0x190 [ 256.157537][ T8805] __do_sys_keyctl+0x1e8/0x5a0 [ 256.157572][ T8805] do_syscall_64+0x106/0xf80 [ 256.157616][ T8805] ? clear_bhb_loop+0x40/0x90 [ 256.157657][ T8805] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.157690][ T8805] RIP: 0033:0x7f47d659c799 [ 256.157717][ T8805] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.157748][ T8805] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 256.157779][ T8805] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 256.157800][ T8805] RDX: 0000000000000006 RSI: 00000000fffffffe RDI: 0000000000000004 [ 256.157819][ T8805] RBP: 00007f47d6632c99 R08: 000000000000000e R09: 0000000000000000 [ 256.157837][ T8805] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 256.157856][ T8805] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 256.157900][ T8805] [ 256.775316][ T8812] FAULT_INJECTION: forcing a failure. [ 256.775316][ T8812] name fail_futex, interval 1, probability 0, space 0, times 0 [ 256.788507][ T8812] CPU: 1 UID: 8 PID: 8812 Comm: syz.0.699 Not tainted syzkaller #0 PREEMPT(full) [ 256.788548][ T8812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 256.788566][ T8812] Call Trace: [ 256.788578][ T8812] [ 256.788589][ T8812] dump_stack_lvl+0x100/0x190 [ 256.788641][ T8812] should_fail_ex.cold+0x5/0xa [ 256.788679][ T8812] get_futex_key+0x1d2/0x1620 [ 256.788722][ T8812] ? __pfx_get_futex_key+0x10/0x10 [ 256.788772][ T8812] futex_wait_setup+0x83/0x510 [ 256.788829][ T8812] __futex_wait+0x19f/0x300 [ 256.788880][ T8812] ? __pfx___futex_wait+0x10/0x10 [ 256.788932][ T8812] ? __pfx_futex_wake_mark+0x10/0x10 [ 256.788985][ T8812] ? futex_hash+0x2c5/0x380 [ 256.789034][ T8812] futex_wait+0xed/0x380 [ 256.789091][ T8812] ? __pfx_futex_wait+0x10/0x10 [ 256.789145][ T8812] ? ksys_write+0x190/0x250 [ 256.789184][ T8812] do_futex+0x1ef/0x350 [ 256.789224][ T8812] ? __pfx_do_futex+0x10/0x10 [ 256.789274][ T8812] __x64_sys_futex+0x34f/0x4d0 [ 256.789314][ T8812] ? cap_capable+0x107/0x460 [ 256.789362][ T8812] ? __pfx___x64_sys_futex+0x10/0x10 [ 256.789405][ T8812] ? security_capable+0xbd/0x260 [ 256.789465][ T8812] do_syscall_64+0x106/0xf80 [ 256.789505][ T8812] ? clear_bhb_loop+0x40/0x90 [ 256.789542][ T8812] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.789571][ T8812] RIP: 0033:0x7f1a5df9c799 [ 256.789595][ T8812] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 256.789626][ T8812] RSP: 002b:00007f1a5eda30e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 256.789656][ T8812] RAX: ffffffffffffffda RBX: 00007f1a5e215fa8 RCX: 00007f1a5df9c799 [ 256.789675][ T8812] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1a5e215fa8 [ 256.789693][ T8812] RBP: 00007f1a5e215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 256.789710][ T8812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.789728][ T8812] R13: 00007f1a5e216038 R14: 00007fff8f5d1a60 R15: 00007fff8f5d1b48 [ 256.789768][ T8812] [ 258.210953][ T8831] zswap: compressor not available [ 259.549307][ T8877] mkiss: ax0: crc mode is auto. [ 261.921021][ T51] Bluetooth: hci1: unexpected event 0x32 length: 727 > 9 [ 262.149187][ T8954] netlink: 'syz.1.738': attribute type 1 has an invalid length. [ 262.425706][ T8961] netlink: 342 bytes leftover after parsing attributes in process `syz.1.742'. [ 262.626544][ T8963] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 267.187483][ T9037] zswap: compressor not available [ 267.985961][ T9052] FAULT_INJECTION: forcing a failure. [ 267.985961][ T9052] name fail_futex, interval 1, probability 0, space 0, times 0 [ 267.986021][ T9052] CPU: 1 UID: 0 PID: 9052 Comm: syz.0.768 Not tainted syzkaller #0 PREEMPT(full) [ 267.986058][ T9052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 267.986076][ T9052] Call Trace: [ 267.986086][ T9052] [ 267.986098][ T9052] dump_stack_lvl+0x100/0x190 [ 267.986151][ T9052] should_fail_ex.cold+0x5/0xa [ 267.986180][ T9052] get_futex_key+0x1d2/0x1620 [ 267.986213][ T9052] ? __pfx_get_futex_key+0x10/0x10 [ 267.986242][ T9052] ? irqentry_exit+0x180/0x670 [ 267.986274][ T9052] ? lockdep_hardirqs_on+0x78/0x100 [ 267.986307][ T9052] ? irqentry_exit+0x180/0x670 [ 267.986346][ T9052] futex_wake+0xea/0x530 [ 267.986385][ T9052] ? __pfx_futex_wake+0x10/0x10 [ 267.986421][ T9052] ? __pfx___sanitizer_cov_trace_pc+0x10/0x10 [ 267.986463][ T9052] ? lookup_user_key+0x3f3/0x1300 [ 267.986497][ T9052] do_futex+0x32b/0x350 [ 267.986528][ T9052] ? __pfx_do_futex+0x10/0x10 [ 267.986560][ T9052] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 267.986592][ T9052] __x64_sys_futex+0x34f/0x4d0 [ 267.986626][ T9052] ? __pfx___x64_sys_futex+0x10/0x10 [ 267.986659][ T9052] ? keyctl_read_key+0x126/0x510 [ 267.986704][ T9052] do_syscall_64+0x106/0xf80 [ 267.986735][ T9052] ? clear_bhb_loop+0x40/0x90 [ 267.986765][ T9052] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.986789][ T9052] RIP: 0033:0x7f1a5df9c799 [ 267.986810][ T9052] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.986833][ T9052] RSP: 002b:00007f1a5ed820e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 267.986857][ T9052] RAX: ffffffffffffffda RBX: 00007f1a5e216098 RCX: 00007f1a5df9c799 [ 267.986873][ T9052] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f1a5e21609c [ 267.986888][ T9052] RBP: 00007f1a5e216090 R08: 0000000000000000 R09: 0000000000000000 [ 267.986902][ T9052] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 267.986917][ T9052] R13: 00007f1a5e216128 R14: 00007fff8f5d1a60 R15: 00007fff8f5d1b48 [ 267.986949][ T9052] [ 268.459887][ T9059] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 268.498780][ T51] Bluetooth: hci3: unexpected event 0x1c length: 725 > 5 [ 268.839998][ T51] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 268.840043][ T51] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 268.843598][ T51] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 268.843699][ T51] Bluetooth: hci3: adv larger than maximum supported [ 268.843718][ T51] Bluetooth: hci3: Unknown advertising packet type: 0x3a [ 268.843740][ T51] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 268.843758][ T51] Bluetooth: hci3: Malformed LE Event: 0x0d [ 269.313066][ T9067] netlink: 'syz.0.774': attribute type 27 has an invalid length. [ 269.313094][ T9067] netlink: 334 bytes leftover after parsing attributes in process `syz.0.774'. [ 269.335782][ T9069] netlink: 'syz.0.774': attribute type 27 has an invalid length. [ 269.335809][ T9069] netlink: 334 bytes leftover after parsing attributes in process `syz.0.774'. [ 269.855108][ T9075] zswap: compressor not available [ 270.131448][ T9091] FAULT_INJECTION: forcing a failure. [ 270.131448][ T9091] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 270.179274][ T9091] CPU: 1 UID: 0 PID: 9091 Comm: syz.3.780 Not tainted syzkaller #0 PREEMPT(full) [ 270.179312][ T9091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 270.179330][ T9091] Call Trace: [ 270.179339][ T9091] [ 270.179350][ T9091] dump_stack_lvl+0x100/0x190 [ 270.179400][ T9091] should_fail_ex.cold+0x5/0xa [ 270.179436][ T9091] _copy_to_user+0x32/0xd0 [ 270.179473][ T9091] simple_read_from_buffer+0xcb/0x170 [ 270.179522][ T9091] proc_fail_nth_read+0x1af/0x230 [ 270.179560][ T9091] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 270.179599][ T9091] ? rw_verify_area+0xce/0x6d0 [ 270.179642][ T9091] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 270.179677][ T9091] vfs_read+0x1e4/0xb30 [ 270.179730][ T9091] ? __pfx_vfs_read+0x10/0x10 [ 270.179774][ T9091] ? __fget_files+0x215/0x3d0 [ 270.179811][ T9091] ? __fget_files+0x21f/0x3d0 [ 270.179851][ T9091] ksys_read+0x12a/0x250 [ 270.179877][ T9091] ? __pfx_ksys_read+0x10/0x10 [ 270.179917][ T9091] do_syscall_64+0x106/0xf80 [ 270.179966][ T9091] ? clear_bhb_loop+0x40/0x90 [ 270.180004][ T9091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 270.180034][ T9091] RIP: 0033:0x7f27c0f5cfce [ 270.180058][ T9091] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 270.180086][ T9091] RSP: 002b:00007f27c1f0ffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 270.180115][ T9091] RAX: ffffffffffffffda RBX: 00007f27c1f106c0 RCX: 00007f27c0f5cfce [ 270.180134][ T9091] RDX: 000000000000000f RSI: 00007f27c1f100a0 RDI: 0000000000000004 [ 270.180151][ T9091] RBP: 00007f27c1f10090 R08: 0000000000000000 R09: 0000000000000000 [ 270.180168][ T9091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 270.180185][ T9091] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 270.180226][ T9091] [ 271.040996][ T9108] netlink: 8 bytes leftover after parsing attributes in process `syz.3.786'. [ 272.166048][ T9138] phram: not enough arguments [ 272.332093][ T9145] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 274.186168][ T51] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 274.673567][ T51] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 274.687352][ T51] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 274.702705][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 274.702758][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x56 [ 274.710425][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x5a [ 274.717698][ T51] Bluetooth: hci0: Unknown advertising packet type: 0x18 [ 274.724802][ T51] Bluetooth: hci0: Malformed LE Event: 0x0d [ 274.742198][ T9196] Process accounting paused [ 274.853279][ T9199] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 275.979254][ C1] sd 0:0:1:0: [sda] tag#2307 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 275.989890][ C1] sd 0:0:1:0: [sda] tag#2307 CDB: Read(6) 08 00 00 00 10 00 00 00 00 00 00 00 [ 277.746118][ T51] Bluetooth: hci2: unexpected event 0x1c length: 725 > 5 [ 277.833313][ T9248] zswap: compressor not available [ 278.188663][ T5144] Bluetooth: hci2: unexpected event 0x3e length: 726 > 260 [ 278.188707][ T5144] Bluetooth: hci2: unexpected subevent 0x0d length: 725 > 260 [ 278.203476][ T5144] Bluetooth: hci2: Unknown advertising packet type: 0x7f [ 278.203514][ T5144] Bluetooth: hci2: adv larger than maximum supported [ 278.211577][ T5144] Bluetooth: hci2: Unknown advertising packet type: 0x1e [ 278.218809][ T5144] Bluetooth: hci2: Malformed LE Event: 0x0d [ 281.037885][ T9329] netlink: 504 bytes leftover after parsing attributes in process `syz.3.846'. [ 281.073606][ T9329] netlink: 504 bytes leftover after parsing attributes in process `syz.3.846'. [ 282.087752][ T9359] FAULT_INJECTION: forcing a failure. [ 282.087752][ T9359] name failslab, interval 1, probability 0, space 0, times 0 [ 282.100525][ T9359] CPU: 0 UID: 0 PID: 9359 Comm: syz.2.854 Not tainted syzkaller #0 PREEMPT(full) [ 282.100563][ T9359] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 282.100580][ T9359] Call Trace: [ 282.100589][ T9359] [ 282.100600][ T9359] dump_stack_lvl+0x100/0x190 [ 282.100648][ T9359] should_fail_ex.cold+0x5/0xa [ 282.100682][ T9359] ? tomoyo_realpath_from_path+0xb6/0x690 [ 282.100723][ T9359] should_failslab+0xc2/0x120 [ 282.100755][ T9359] __kmalloc_noprof+0xe0/0x850 [ 282.100807][ T9359] tomoyo_realpath_from_path+0xb6/0x690 [ 282.100856][ T9359] tomoyo_path_number_perm+0x23c/0x580 [ 282.100888][ T9359] ? tomoyo_path_number_perm+0x22e/0x580 [ 282.100943][ T9359] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 282.100992][ T9359] ? rcu_read_lock_any_held+0x6a/0xa0 [ 282.101045][ T9359] ? fd_install+0x24f/0x580 [ 282.101071][ T9359] ? hook_file_ioctl_common+0x146/0x410 [ 282.101125][ T9359] security_file_ioctl+0xd3/0x230 [ 282.101161][ T9359] __x64_sys_ioctl+0xb7/0x210 [ 282.101206][ T9359] do_syscall_64+0x106/0xf80 [ 282.101246][ T9359] ? clear_bhb_loop+0x40/0x90 [ 282.101282][ T9359] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.101312][ T9359] RIP: 0033:0x7f47d659c799 [ 282.101336][ T9359] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.101363][ T9359] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 282.101392][ T9359] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 282.101411][ T9359] RDX: 0000000000000000 RSI: 0000000000004b72 RDI: 0000000000000000 [ 282.101426][ T9359] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 282.101442][ T9359] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 282.101457][ T9359] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 282.101497][ T9359] [ 282.101508][ T9359] ERROR: Out of memory at tomoyo_realpath_from_path. [ 282.645990][ T9374] netlink: 28 bytes leftover after parsing attributes in process `syz.3.858'. [ 282.933464][ T9374] veth0_macvtap: left promiscuous mode [ 282.977976][ T9381] netlink: 28 bytes leftover after parsing attributes in process `syz.3.858'. [ 282.987215][ T9374] macvtap0: entered promiscuous mode [ 283.171346][ T9374] macvtap0: entered allmulticast mode [ 284.568529][ T9407] FAULT_INJECTION: forcing a failure. [ 284.568529][ T9407] name failslab, interval 1, probability 0, space 0, times 0 [ 284.642174][ T9407] CPU: 0 UID: 0 PID: 9407 Comm: syz.2.863 Not tainted syzkaller #0 PREEMPT(full) [ 284.642204][ T9407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 284.642215][ T9407] Call Trace: [ 284.642221][ T9407] [ 284.642228][ T9407] dump_stack_lvl+0x100/0x190 [ 284.642259][ T9407] should_fail_ex.cold+0x5/0xa [ 284.642280][ T9407] ? tomoyo_realpath_from_path+0xb6/0x690 [ 284.642305][ T9407] should_failslab+0xc2/0x120 [ 284.642324][ T9407] __kmalloc_noprof+0xe0/0x850 [ 284.642356][ T9407] tomoyo_realpath_from_path+0xb6/0x690 [ 284.642387][ T9407] tomoyo_get_exe+0x63/0xa0 [ 284.642407][ T9407] tomoyo_write_control+0x69e/0x13a0 [ 284.642444][ T9407] ? __pfx_tomoyo_write_control+0x10/0x10 [ 284.642479][ T9407] vfs_write+0x2aa/0x1070 [ 284.642496][ T9407] ? __pfx_tomoyo_write+0x10/0x10 [ 284.642523][ T9407] ? __pfx_vfs_write+0x10/0x10 [ 284.642538][ T9407] ? __fget_files+0x215/0x3d0 [ 284.642560][ T9407] ? __fget_files+0x21f/0x3d0 [ 284.642583][ T9407] ksys_write+0x12a/0x250 [ 284.642599][ T9407] ? __pfx_ksys_write+0x10/0x10 [ 284.642622][ T9407] do_syscall_64+0x106/0xf80 [ 284.642648][ T9407] ? clear_bhb_loop+0x40/0x90 [ 284.642670][ T9407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 284.642689][ T9407] RIP: 0033:0x7f47d659c799 [ 284.642704][ T9407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 284.642721][ T9407] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 284.642739][ T9407] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 284.642750][ T9407] RDX: 0000000000000038 RSI: 0000200000000180 RDI: 0000000000000003 [ 284.642760][ T9407] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 284.642770][ T9407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 284.642781][ T9407] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 284.642803][ T9407] [ 284.642811][ T9407] ERROR: Out of memory at tomoyo_realpath_from_path. [ 285.893937][ T9438] netlink: 206 bytes leftover after parsing attributes in process `syz.0.870'. [ 286.243612][ T9445] FAULT_INJECTION: forcing a failure. [ 286.243612][ T9445] name failslab, interval 1, probability 0, space 0, times 0 [ 286.285081][ T9445] CPU: 1 UID: 0 PID: 9445 Comm: syz.0.872 Not tainted syzkaller #0 PREEMPT(full) [ 286.285108][ T9445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 286.285119][ T9445] Call Trace: [ 286.285125][ T9445] [ 286.285132][ T9445] dump_stack_lvl+0x100/0x190 [ 286.285163][ T9445] should_fail_ex.cold+0x5/0xa [ 286.285183][ T9445] ? tomoyo_encode2+0xfb/0x3c0 [ 286.285205][ T9445] should_failslab+0xc2/0x120 [ 286.285224][ T9445] __kmalloc_noprof+0xe0/0x850 [ 286.285250][ T9445] ? d_absolute_path+0x136/0x1b0 [ 286.285277][ T9445] tomoyo_encode2+0xfb/0x3c0 [ 286.285303][ T9445] tomoyo_encode+0x29/0x50 [ 286.285326][ T9445] tomoyo_realpath_from_path+0x18c/0x690 [ 286.285354][ T9445] tomoyo_check_open_permission+0x2af/0x3c0 [ 286.285376][ T9445] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 286.285417][ T9445] ? do_raw_spin_lock+0x128/0x260 [ 286.285452][ T9445] ? path_get+0x61/0x80 [ 286.285474][ T9445] tomoyo_file_open+0x6b/0x90 [ 286.285501][ T9445] security_file_open+0xb5/0x1e0 [ 286.285524][ T9445] do_dentry_open+0x5aa/0x1660 [ 286.285543][ T9445] ? security_inode_permission+0xbf/0x250 [ 286.285566][ T9445] vfs_open+0x82/0x3f0 [ 286.285591][ T9445] path_openat+0x208c/0x31a0 [ 286.285617][ T9445] ? __pfx_path_openat+0x10/0x10 [ 286.285643][ T9445] do_file_open+0x20e/0x430 [ 286.285663][ T9445] ? __pfx_do_file_open+0x10/0x10 [ 286.285697][ T9445] ? alloc_fd+0x476/0x790 [ 286.285716][ T9445] ? do_getname+0x191/0x390 [ 286.285740][ T9445] do_sys_openat2+0x10d/0x1e0 [ 286.285764][ T9445] ? __pfx_do_sys_openat2+0x10/0x10 [ 286.285786][ T9445] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 286.285816][ T9445] ? __fget_files+0x21f/0x3d0 [ 286.285836][ T9445] __x64_sys_openat+0x12d/0x210 [ 286.285860][ T9445] ? __pfx___x64_sys_openat+0x10/0x10 [ 286.285883][ T9445] ? ksys_write+0x1ac/0x250 [ 286.285906][ T9445] do_syscall_64+0x106/0xf80 [ 286.285930][ T9445] ? clear_bhb_loop+0x40/0x90 [ 286.285952][ T9445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.285970][ T9445] RIP: 0033:0x7f1a5df9c799 [ 286.285986][ T9445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.286003][ T9445] RSP: 002b:00007f1a5eda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 286.286020][ T9445] RAX: ffffffffffffffda RBX: 00007f1a5e215fa0 RCX: 00007f1a5df9c799 [ 286.286032][ T9445] RDX: 0000000000020342 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 286.286043][ T9445] RBP: 00007f1a5eda3090 R08: 0000000000000000 R09: 0000000000000000 [ 286.286053][ T9445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 286.286068][ T9445] R13: 00007f1a5e216038 R14: 00007f1a5e215fa0 R15: 00007fff8f5d1b48 [ 286.286090][ T9445] [ 286.287014][ T9445] ERROR: Out of memory at tomoyo_realpath_from_path. [ 287.248409][ T9462] random: crng reseeded on system resumption [ 288.447324][ T9483] netlink: 28 bytes leftover after parsing attributes in process `syz.0.886'. [ 288.654437][ T9480] netlink: 12 bytes leftover after parsing attributes in process `syz.3.882'. [ 288.816152][ T9488] netlink: 4 bytes leftover after parsing attributes in process `syz.1.888'. [ 288.841471][ T9488] netlink: 'syz.1.888': attribute type 1 has an invalid length. [ 288.849163][ T9488] netlink: 13 bytes leftover after parsing attributes in process `syz.1.888'. [ 289.454016][ T9495] FAULT_INJECTION: forcing a failure. [ 289.454016][ T9495] name failslab, interval 1, probability 0, space 0, times 0 [ 289.517208][ T9495] CPU: 1 UID: 0 PID: 9495 Comm: syz.1.890 Not tainted syzkaller #0 PREEMPT(full) [ 289.517253][ T9495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 289.517270][ T9495] Call Trace: [ 289.517280][ T9495] [ 289.517291][ T9495] dump_stack_lvl+0x100/0x190 [ 289.517338][ T9495] should_fail_ex.cold+0x5/0xa [ 289.517373][ T9495] should_failslab+0xc2/0x120 [ 289.517406][ T9495] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 289.517449][ T9495] ? copy_fs_struct+0x49/0x340 [ 289.517490][ T9495] ? __pfx_do_futex+0x10/0x10 [ 289.517532][ T9495] copy_fs_struct+0x49/0x340 [ 289.517578][ T9495] ksys_unshare+0x377/0xad0 [ 289.517616][ T9495] ? __pfx_ksys_unshare+0x10/0x10 [ 289.517668][ T9495] __x64_sys_unshare+0x31/0x40 [ 289.517707][ T9495] do_syscall_64+0x106/0xf80 [ 289.517748][ T9495] ? clear_bhb_loop+0x40/0x90 [ 289.517784][ T9495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 289.517816][ T9495] RIP: 0033:0x7f530419c799 [ 289.517843][ T9495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 289.517872][ T9495] RSP: 002b:00007f5305136028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 289.517904][ T9495] RAX: ffffffffffffffda RBX: 00007f5304415fa0 RCX: 00007f530419c799 [ 289.517925][ T9495] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 289.517944][ T9495] RBP: 00007f5304232c99 R08: 0000000000000000 R09: 0000000000000000 [ 289.517962][ T9495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 289.517994][ T9495] R13: 00007f5304416038 R14: 00007f5304415fa0 R15: 00007ffe445a1ba8 [ 289.518035][ T9495] [ 289.944434][ T9510] FAULT_INJECTION: forcing a failure. [ 289.944434][ T9510] name failslab, interval 1, probability 0, space 0, times 0 [ 289.963862][ T9505] netlink: 28 bytes leftover after parsing attributes in process `syz.1.894'. [ 290.001030][ T9510] CPU: 1 UID: 0 PID: 9510 Comm: syz.2.893 Not tainted syzkaller #0 PREEMPT(full) [ 290.001069][ T9510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 290.001086][ T9510] Call Trace: [ 290.001096][ T9510] [ 290.001107][ T9510] dump_stack_lvl+0x100/0x190 [ 290.001156][ T9510] should_fail_ex.cold+0x5/0xa [ 290.001191][ T9510] should_failslab+0xc2/0x120 [ 290.001222][ T9510] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 290.001265][ T9510] ? alloc_empty_file+0x55/0x1c0 [ 290.001298][ T9510] ? devpts_mntget+0x2fb/0x410 [ 290.001332][ T9510] ? _raw_spin_unlock+0x28/0x50 [ 290.001383][ T9510] alloc_empty_file+0x55/0x1c0 [ 290.001422][ T9510] dentry_open+0x46/0xd0 [ 290.001458][ T9510] ptm_open_peer+0x1c5/0x2d0 [ 290.001497][ T9510] ? __pfx_ptm_open_peer+0x10/0x10 [ 290.001545][ T9510] tty_ioctl+0xae6/0x1690 [ 290.001589][ T9510] ? __pfx_tty_ioctl+0x10/0x10 [ 290.001643][ T9510] ? find_held_lock+0x2b/0x80 [ 290.001670][ T9510] ? __fget_files+0x215/0x3d0 [ 290.001695][ T9510] ? hook_file_ioctl_common+0x146/0x410 [ 290.001738][ T9510] ? __fget_files+0x21f/0x3d0 [ 290.001772][ T9510] ? __pfx_tty_ioctl+0x10/0x10 [ 290.001812][ T9510] __x64_sys_ioctl+0x18e/0x210 [ 290.001856][ T9510] do_syscall_64+0x106/0xf80 [ 290.001892][ T9510] ? clear_bhb_loop+0x40/0x90 [ 290.001930][ T9510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 290.001960][ T9510] RIP: 0033:0x7f47d659c799 [ 290.001985][ T9510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 290.002013][ T9510] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 290.002042][ T9510] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 290.002062][ T9510] RDX: 0000000000000000 RSI: 0000000000005441 RDI: 0000000000000003 [ 290.002079][ T9510] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 290.002096][ T9510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 290.002112][ T9510] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 290.002152][ T9510] [ 290.299268][ T9505] team0 (unregistering): Port device team_slave_0 removed [ 290.734754][ T9505] team0 (unregistering): Port device team_slave_1 removed [ 292.382108][ T9545] random: crng reseeded on system resumption [ 292.444473][ T9547] netlink: 4 bytes leftover after parsing attributes in process `syz.3.902'. [ 292.460805][ T9543] netlink: 'syz.3.902': attribute type 1 has an invalid length. [ 292.494428][ T9543] netlink: 13 bytes leftover after parsing attributes in process `syz.3.902'. [ 295.036233][ T9584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.913'. [ 295.055233][ T9584] netlink: 'syz.0.913': attribute type 1 has an invalid length. [ 295.063399][ T9584] netlink: 13 bytes leftover after parsing attributes in process `syz.0.913'. [ 295.282283][ T9587] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input27 [ 296.092910][ T9604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.920'. [ 296.117533][ T9604] veth0_macvtap: left promiscuous mode [ 296.156839][ T9604] macvtap0: entered promiscuous mode [ 296.162203][ T9604] macvtap0: entered allmulticast mode [ 296.176947][ T9605] netlink: 28 bytes leftover after parsing attributes in process `syz.2.920'. [ 296.352092][ T9609] netlink: 28 bytes leftover after parsing attributes in process `syz.0.921'. [ 296.398431][ T9609] veth0_macvtap: left promiscuous mode [ 296.423690][ T9611] netlink: 28 bytes leftover after parsing attributes in process `syz.0.921'. [ 296.446044][ T9609] macvtap0: entered promiscuous mode [ 296.451396][ T9609] macvtap0: entered allmulticast mode [ 298.125052][ T9641] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input28 [ 298.486819][ T9644] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input29 [ 298.820450][ T9662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.934'. [ 298.931320][ T9664] netlink: 'syz.1.935': attribute type 2 has an invalid length. [ 298.967713][ T9664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.935'. [ 299.643724][ T9677] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input30 [ 301.410327][ T29] audit: type=1800 audit(4294981718.891:7): pid=9698 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.947" name="discovery_nqn" dev="configfs" ino=26482 res=0 errno=0 [ 303.417096][ T29] audit: type=1800 audit(4294981720.900:8): pid=9745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.961" name="discovery_nqn" dev="configfs" ino=27580 res=0 errno=0 [ 303.769649][ T9754] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 304.986763][ T9775] Process accounting resumed [ 305.362861][ T9794] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 305.613476][ T29] audit: type=1800 audit(4294982746.095:9): pid=9796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.978" name="discovery_nqn" dev="configfs" ino=28738 res=0 errno=0 [ 306.505041][ T9826] zswap: compressor not available [ 306.975337][ T9845] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 308.895723][ T9856] netlink: 186 bytes leftover after parsing attributes in process `syz.0.993'. [ 309.002783][ T9862] netlink: 186 bytes leftover after parsing attributes in process `syz.0.993'. [ 309.024763][ T9875] ubi0: attaching mtd0 [ 309.033248][ T9875] ubi0: scanning is finished [ 309.037892][ T9875] ubi0: empty MTD device detected [ 309.272130][ T9875] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 309.281766][ T9875] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 309.291337][ T9875] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 309.300141][ T9875] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 309.310284][ T9875] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 309.319038][ T9875] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 309.328976][ T9875] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3660144349 [ 309.340277][ T9875] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 309.353698][ T9878] ubi0: background thread "ubi_bgt0d" started, PID 9878 [ 309.438498][ T9880] netlink: 24 bytes leftover after parsing attributes in process `syz.2.995'. [ 309.984624][ T9898] FAULT_INJECTION: forcing a failure. [ 309.984624][ T9898] name failslab, interval 1, probability 0, space 0, times 0 [ 310.049432][ T9898] CPU: 1 UID: 0 PID: 9898 Comm: syz.2.1000 Not tainted syzkaller #0 PREEMPT(full) [ 310.049475][ T9898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 310.049494][ T9898] Call Trace: [ 310.049504][ T9898] [ 310.049515][ T9898] dump_stack_lvl+0x100/0x190 [ 310.049567][ T9898] should_fail_ex.cold+0x5/0xa [ 310.049604][ T9898] should_failslab+0xc2/0x120 [ 310.049637][ T9898] __kmalloc_cache_noprof+0x7a/0x6f0 [ 310.049677][ T9898] ? snd_pcm_lib_malloc_pages+0x388/0x9b0 [ 310.049722][ T9898] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 310.049780][ T9898] snd_pcm_lib_malloc_pages+0x388/0x9b0 [ 310.049824][ T9898] ? fixup_unreferenced_params+0x4b5/0xea0 [ 310.049869][ T9898] snd_pcm_hw_params+0x1729/0x1cb0 [ 310.049921][ T9898] ? __pfx_snd_pcm_hw_params+0x10/0x10 [ 310.049966][ T9898] ? snd_pcm_hw_param_near.constprop.0+0x578/0x850 [ 310.050010][ T9898] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 310.050057][ T9898] snd_pcm_kernel_ioctl+0x167/0x2e0 [ 310.050103][ T9898] snd_pcm_oss_change_params_locked+0x1973/0x39f0 [ 310.050162][ T9898] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 310.050199][ T9898] ? task_work_add+0x201/0x3b0 [ 310.050247][ T9898] ? __pfx___mutex_lock+0x10/0x10 [ 310.050317][ T9898] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 310.050367][ T9898] snd_pcm_oss_sync+0x265/0x840 [ 310.050411][ T9898] snd_pcm_oss_release+0x238/0x300 [ 310.050449][ T9898] ? __pfx_snd_pcm_oss_release+0x10/0x10 [ 310.050488][ T9898] __fput+0x3ff/0xb40 [ 310.050536][ T9898] task_work_run+0x150/0x240 [ 310.050583][ T9898] ? __pfx_task_work_run+0x10/0x10 [ 310.050640][ T9898] exit_to_user_mode_loop+0x100/0x4a0 [ 310.050686][ T9898] do_syscall_64+0x668/0xf80 [ 310.050731][ T9898] ? clear_bhb_loop+0x40/0x90 [ 310.050769][ T9898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.050800][ T9898] RIP: 0033:0x7f47d659c799 [ 310.050825][ T9898] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 310.050850][ T9898] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 310.050881][ T9898] RAX: 0000000000000000 RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 310.050900][ T9898] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 310.050916][ T9898] RBP: 00007f47d6632c99 R08: 0000000000000000 R09: 0000000000000000 [ 310.050934][ T9898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.050952][ T9898] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 310.050991][ T9898] [ 310.913136][ T9913] zswap: compressor not available [ 313.375109][ T9995] zswap: compressor not available [ 313.570073][T10002] netlink: 'syz.2.1021': attribute type 11 has an invalid length. [ 313.581731][T10002] FAULT_INJECTION: forcing a failure. [ 313.581731][T10002] name failslab, interval 1, probability 0, space 0, times 0 [ 313.595485][T10002] CPU: 1 UID: 0 PID: 10002 Comm: syz.2.1021 Not tainted syzkaller #0 PREEMPT(full) [ 313.595529][T10002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 313.595548][T10002] Call Trace: [ 313.595558][T10002] [ 313.595570][T10002] dump_stack_lvl+0x100/0x190 [ 313.595622][T10002] should_fail_ex.cold+0x5/0xa [ 313.595660][T10002] should_failslab+0xc2/0x120 [ 313.595694][T10002] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 313.595741][T10002] ? alloc_unbound_pwq+0x3ff/0xdd0 [ 313.595781][T10002] alloc_unbound_pwq+0x3ff/0xdd0 [ 313.595849][T10002] apply_wqattrs_prepare+0x3aa/0xbb0 [ 313.595897][T10002] apply_workqueue_attrs_locked+0x64/0xe0 [ 313.595932][T10002] __alloc_workqueue+0xe25/0x1880 [ 313.595974][T10002] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 313.596022][T10002] alloc_workqueue_noprof+0xd2/0x200 [ 313.596060][T10002] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 313.596116][T10002] ? __pfx___debug_object_init+0x10/0x10 [ 313.596174][T10002] nci_register_device+0x21e/0xb80 [ 313.596209][T10002] ? __pfx_nci_register_device+0x10/0x10 [ 313.596247][T10002] ? lockdep_init_map_type+0x5c/0x250 [ 313.596293][T10002] virtual_ncidev_open+0x141/0x220 [ 313.596337][T10002] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 313.596378][T10002] misc_open+0x26d/0x450 [ 313.596415][T10002] ? __pfx_misc_open+0x10/0x10 [ 313.596449][T10002] chrdev_open+0x234/0x6a0 [ 313.596482][T10002] ? __pfx_apparmor_file_open+0x10/0x10 [ 313.596515][T10002] ? __pfx_chrdev_open+0x10/0x10 [ 313.596550][T10002] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 313.596593][T10002] do_dentry_open+0x6d8/0x1660 [ 313.596623][T10002] ? __pfx_chrdev_open+0x10/0x10 [ 313.596668][T10002] vfs_open+0x82/0x3f0 [ 313.596711][T10002] path_openat+0x208c/0x31a0 [ 313.596757][T10002] ? __pfx_path_openat+0x10/0x10 [ 313.596812][T10002] do_file_open+0x20e/0x430 [ 313.596848][T10002] ? __pfx_do_file_open+0x10/0x10 [ 313.596909][T10002] ? alloc_fd+0x476/0x790 [ 313.596944][T10002] ? do_getname+0x191/0x390 [ 313.596986][T10002] do_sys_openat2+0x10d/0x1e0 [ 313.597024][T10002] ? __pfx_do_sys_openat2+0x10/0x10 [ 313.597068][T10002] ? __fget_files+0x21f/0x3d0 [ 313.597107][T10002] __x64_sys_openat+0x12d/0x210 [ 313.597149][T10002] ? __pfx___x64_sys_openat+0x10/0x10 [ 313.597208][T10002] do_syscall_64+0x106/0xf80 [ 313.597251][T10002] ? clear_bhb_loop+0x40/0x90 [ 313.597290][T10002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.597321][T10002] RIP: 0033:0x7f47d659c799 [ 313.597347][T10002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 313.597377][T10002] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 313.597408][T10002] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 313.597428][T10002] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 313.597447][T10002] RBP: 00007f47d6632c99 R08: 0000000000000000 R09: 0000000000000000 [ 313.597465][T10002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 313.597484][T10002] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 313.597526][T10002] [ 313.982468][T10005] futex_wake_op: syz.0.1022 tries to shift op by -2048; fix this program [ 314.472086][T10023] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1026'. [ 314.538826][T10022] bridge0: port 3(gretap0) entered blocking state [ 314.545475][T10022] bridge0: port 3(gretap0) entered disabled state [ 314.552558][T10022] gretap0: entered allmulticast mode [ 314.578743][T10022] gretap0: entered promiscuous mode [ 314.611325][T10022] bridge0: port 3(gretap0) entered blocking state [ 314.617932][T10022] bridge0: port 3(gretap0) entered forwarding state [ 315.225583][T10041] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1030'. [ 315.995499][T10053] ubi: mtd0 is already attached to ubi0 [ 317.346312][T10091] ubi: mtd0 is already attached to ubi0 [ 317.450639][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.457417][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.697854][ T5144] Bluetooth: hci1: unexpected event 0x01 length: 124 > 1 [ 325.151117][T10174] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0) [ 325.316133][T10180] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1068'. [ 330.995998][ T29] audit: type=1800 audit(4294986863.454:10): pid=10288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1092" name="lu_gp_id" dev="configfs" ino=32191 res=0 errno=0 [ 331.026796][T10288] kstrtoul() returned -22 for lu_gp_id [ 331.116823][T10291] FAULT_INJECTION: forcing a failure. [ 331.116823][T10291] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 331.151377][T10291] CPU: 1 UID: 0 PID: 10291 Comm: syz.2.1093 Not tainted syzkaller #0 PREEMPT(full) [ 331.151403][T10291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 331.151414][T10291] Call Trace: [ 331.151420][T10291] [ 331.151426][T10291] dump_stack_lvl+0x100/0x190 [ 331.151457][T10291] should_fail_ex.cold+0x5/0xa [ 331.151480][T10291] _copy_to_user+0x32/0xd0 [ 331.151506][T10291] simple_read_from_buffer+0xcb/0x170 [ 331.151537][T10291] proc_fail_nth_read+0x1af/0x230 [ 331.151560][T10291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 331.151583][T10291] ? rw_verify_area+0xce/0x6d0 [ 331.151608][T10291] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 331.151630][T10291] vfs_read+0x1e4/0xb30 [ 331.151661][T10291] ? __pfx_vfs_read+0x10/0x10 [ 331.151688][T10291] ? __fget_files+0x215/0x3d0 [ 331.151710][T10291] ? __fget_files+0x21f/0x3d0 [ 331.151736][T10291] ksys_read+0x12a/0x250 [ 331.151751][T10291] ? __pfx_ksys_read+0x10/0x10 [ 331.151773][T10291] do_syscall_64+0x106/0xf80 [ 331.151798][T10291] ? clear_bhb_loop+0x40/0x90 [ 331.151820][T10291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.151838][T10291] RIP: 0033:0x7f47d655cfce [ 331.151854][T10291] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 331.151871][T10291] RSP: 002b:00007f47d744bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 331.151888][T10291] RAX: ffffffffffffffda RBX: 00007f47d744c6c0 RCX: 00007f47d655cfce [ 331.151900][T10291] RDX: 000000000000000f RSI: 00007f47d744c0a0 RDI: 0000000000000004 [ 331.151912][T10291] RBP: 00007f47d744c090 R08: 0000000000000000 R09: 0000000000000000 [ 331.151922][T10291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 331.151932][T10291] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 331.151954][T10291] [ 331.711723][T10299] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 333.761865][T10347] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input31 [ 334.945117][T10374] FAULT_INJECTION: forcing a failure. [ 334.945117][T10374] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 334.993315][T10374] CPU: 0 UID: 0 PID: 10374 Comm: syz.0.1112 Not tainted syzkaller #0 PREEMPT(full) [ 334.993341][T10374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 334.993351][T10374] Call Trace: [ 334.993358][T10374] [ 334.993364][T10374] dump_stack_lvl+0x100/0x190 [ 334.993395][T10374] should_fail_ex.cold+0x5/0xa [ 334.993416][T10374] _copy_to_user+0x32/0xd0 [ 334.993439][T10374] tomoyo_flush+0x161/0x520 [ 334.993467][T10374] tomoyo_read_exception+0x7f3/0x15e0 [ 334.993501][T10374] tomoyo_read_control+0x29c/0x540 [ 334.993530][T10374] ? __pfx_tomoyo_read+0x10/0x10 [ 334.993555][T10374] vfs_read+0x1e4/0xb30 [ 334.993587][T10374] ? __pfx_vfs_read+0x10/0x10 [ 334.993614][T10374] ? __fget_files+0x215/0x3d0 [ 334.993636][T10374] ? __fget_files+0x21f/0x3d0 [ 334.993658][T10374] ksys_read+0x12a/0x250 [ 334.993674][T10374] ? __pfx_ksys_read+0x10/0x10 [ 334.993696][T10374] do_syscall_64+0x106/0xf80 [ 334.993721][T10374] ? clear_bhb_loop+0x40/0x90 [ 334.993743][T10374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.993769][T10374] RIP: 0033:0x7f1a5df9c799 [ 334.993785][T10374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 334.993802][T10374] RSP: 002b:00007f1a5ed82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 334.993820][T10374] RAX: ffffffffffffffda RBX: 00007f1a5e216090 RCX: 00007f1a5df9c799 [ 334.993832][T10374] RDX: 000000000000b4d3 RSI: 0000000000000000 RDI: 0000000000000004 [ 334.993842][T10374] RBP: 00007f1a5ed82090 R08: 0000000000000000 R09: 0000000000000000 [ 334.993852][T10374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 334.993862][T10374] R13: 00007f1a5e216128 R14: 00007f1a5e216090 R15: 00007fff8f5d1b48 [ 334.993884][T10374] [ 335.971177][T10373] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input32 [ 336.186761][T10377] Process accounting paused [ 336.339288][T10395] random: crng reseeded on system resumption [ 336.787036][T10405] FAULT_INJECTION: forcing a failure. [ 336.787036][T10405] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 336.844511][T10405] CPU: 1 UID: 0 PID: 10405 Comm: syz.3.1120 Not tainted syzkaller #0 PREEMPT(full) [ 336.844552][T10405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 336.844569][T10405] Call Trace: [ 336.844580][T10405] [ 336.844591][T10405] dump_stack_lvl+0x100/0x190 [ 336.844642][T10405] should_fail_ex.cold+0x5/0xa [ 336.844679][T10405] _copy_from_iter+0x1f4/0x1690 [ 336.844735][T10405] ? __pfx__copy_from_iter+0x10/0x10 [ 336.844779][T10405] ? __pfx___might_resched+0x10/0x10 [ 336.844833][T10405] file_tty_write.isra.0+0x45b/0x890 [ 336.844891][T10405] redirected_tty_write+0xd4/0x120 [ 336.844936][T10405] vfs_write+0x6ac/0x1070 [ 336.844967][T10405] ? __pfx_redirected_tty_write+0x10/0x10 [ 336.845015][T10405] ? __pfx_vfs_write+0x10/0x10 [ 336.845041][T10405] ? find_held_lock+0x2b/0x80 [ 336.845096][T10405] ksys_write+0x12a/0x250 [ 336.845125][T10405] ? __pfx_ksys_write+0x10/0x10 [ 336.845165][T10405] do_syscall_64+0x106/0xf80 [ 336.845208][T10405] ? clear_bhb_loop+0x40/0x90 [ 336.845245][T10405] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.845275][T10405] RIP: 0033:0x7f27c0f9c799 [ 336.845300][T10405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 336.845328][T10405] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 336.845357][T10405] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 336.845377][T10405] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 336.845395][T10405] RBP: 00007f27c1f10090 R08: 0000000000000000 R09: 0000000000000000 [ 336.845412][T10405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.845430][T10405] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 336.845470][T10405] [ 338.200519][T10430] random: crng reseeded on system resumption [ 338.783670][T10446] random: crng reseeded on system resumption [ 341.399791][T10499] FAULT_INJECTION: forcing a failure. [ 341.399791][T10499] name failslab, interval 1, probability 0, space 0, times 0 [ 341.457599][T10499] CPU: 0 UID: 0 PID: 10499 Comm: syz.0.1141 Not tainted syzkaller #0 PREEMPT(full) [ 341.457639][T10499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 341.457656][T10499] Call Trace: [ 341.457666][T10499] [ 341.457678][T10499] dump_stack_lvl+0x100/0x190 [ 341.457725][T10499] should_fail_ex.cold+0x5/0xa [ 341.457757][T10499] ? tomoyo_realpath_from_path+0xb6/0x690 [ 341.457805][T10499] should_failslab+0xc2/0x120 [ 341.457836][T10499] __kmalloc_noprof+0xe0/0x850 [ 341.457888][T10499] tomoyo_realpath_from_path+0xb6/0x690 [ 341.457935][T10499] tomoyo_check_open_permission+0x2af/0x3c0 [ 341.457971][T10499] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 341.458044][T10499] ? do_raw_spin_lock+0x128/0x260 [ 341.458088][T10499] ? path_get+0x61/0x80 [ 341.458124][T10499] tomoyo_file_open+0x6b/0x90 [ 341.458169][T10499] security_file_open+0xb5/0x1e0 [ 341.458205][T10499] do_dentry_open+0x5aa/0x1660 [ 341.458237][T10499] ? security_inode_permission+0xbf/0x250 [ 341.458275][T10499] vfs_open+0x82/0x3f0 [ 341.458316][T10499] path_openat+0x208c/0x31a0 [ 341.458357][T10499] ? __pfx_path_openat+0x10/0x10 [ 341.458403][T10499] do_file_open+0x20e/0x430 [ 341.458436][T10499] ? __pfx_do_file_open+0x10/0x10 [ 341.458495][T10499] ? alloc_fd+0x476/0x790 [ 341.458527][T10499] ? do_getname+0x191/0x390 [ 341.458571][T10499] do_sys_openat2+0x10d/0x1e0 [ 341.458608][T10499] ? __pfx_do_sys_openat2+0x10/0x10 [ 341.458660][T10499] __x64_sys_openat+0x12d/0x210 [ 341.458699][T10499] ? __pfx___x64_sys_openat+0x10/0x10 [ 341.458752][T10499] do_syscall_64+0x106/0xf80 [ 341.458803][T10499] ? clear_bhb_loop+0x40/0x90 [ 341.458841][T10499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.458872][T10499] RIP: 0033:0x7f1a5df9c799 [ 341.458898][T10499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.458926][T10499] RSP: 002b:00007f1a5eda3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 341.458958][T10499] RAX: ffffffffffffffda RBX: 00007f1a5e215fa0 RCX: 00007f1a5df9c799 [ 341.458978][T10499] RDX: 0000000000008000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 341.458996][T10499] RBP: 00007f1a5e032c99 R08: 0000000000000000 R09: 0000000000000000 [ 341.459014][T10499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 341.459032][T10499] R13: 00007f1a5e216038 R14: 00007f1a5e215fa0 R15: 00007fff8f5d1b48 [ 341.459071][T10499] [ 341.767279][T10499] ERROR: Out of memory at tomoyo_realpath_from_path. [ 342.534428][ T5144] Bluetooth: hci0: unexpected event 0x36 length: 123 > 7 [ 344.703445][ T29] audit: type=1800 audit(4294987900.159:11): pid=10538 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1158" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 346.395682][T10577] random: crng reseeded on system resumption [ 347.435362][T10594] FAULT_INJECTION: forcing a failure. [ 347.435362][T10594] name failslab, interval 1, probability 0, space 0, times 0 [ 347.448672][T10594] CPU: 1 UID: 0 PID: 10594 Comm: syz.0.1172 Not tainted syzkaller #0 PREEMPT(full) [ 347.448709][T10594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 347.448726][T10594] Call Trace: [ 347.448736][T10594] [ 347.448748][T10594] dump_stack_lvl+0x100/0x190 [ 347.448796][T10594] should_fail_ex.cold+0x5/0xa [ 347.448832][T10594] should_failslab+0xc2/0x120 [ 347.448864][T10594] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 347.448907][T10594] ? __anon_vma_prepare+0x344/0x5e0 [ 347.448954][T10594] __anon_vma_prepare+0x344/0x5e0 [ 347.448993][T10594] ? __pfx___pte_alloc+0x10/0x10 [ 347.449028][T10594] __vmf_anon_prepare+0x11f/0x250 [ 347.449064][T10594] do_anonymous_page+0x552/0x1fb0 [ 347.449118][T10594] __handle_mm_fault+0x1d42/0x2b60 [ 347.449160][T10594] ? mt_find+0x45e/0x8e0 [ 347.449190][T10594] ? __pfx___handle_mm_fault+0x10/0x10 [ 347.449214][T10594] ? __pfx_mt_find+0x10/0x10 [ 347.449260][T10594] handle_mm_fault+0x36d/0xa20 [ 347.449289][T10594] __get_user_pages+0xf9c/0x34d0 [ 347.449318][T10594] ? __pfx___get_user_pages+0x10/0x10 [ 347.449345][T10594] populate_vma_page_range+0x267/0x3f0 [ 347.449368][T10594] ? __pfx_populate_vma_page_range+0x10/0x10 [ 347.449397][T10594] ? __pfx_find_vma_intersection+0x10/0x10 [ 347.449431][T10594] ? do_mmap+0x93f/0x12f0 [ 347.449469][T10594] __mm_populate+0x107/0x3a0 [ 347.449498][T10594] ? __pfx___mm_populate+0x10/0x10 [ 347.449522][T10594] ? up_write+0x290/0x4f0 [ 347.449551][T10594] vm_mmap_pgoff+0x37f/0x470 [ 347.449574][T10594] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 347.449596][T10594] ? do_futex+0x192/0x350 [ 347.449620][T10594] ? __pfx_do_futex+0x10/0x10 [ 347.449648][T10594] ksys_mmap_pgoff+0xe1/0x650 [ 347.449675][T10594] ? __x64_sys_futex+0x34f/0x4d0 [ 347.449697][T10594] ? __x64_sys_futex+0x358/0x4d0 [ 347.449721][T10594] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 347.449740][T10594] ? xfd_validate_state+0x129/0x190 [ 347.449771][T10594] __x64_sys_mmap+0x125/0x190 [ 347.449800][T10594] do_syscall_64+0x106/0xf80 [ 347.449825][T10594] ? clear_bhb_loop+0x40/0x90 [ 347.449848][T10594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.449866][T10594] RIP: 0033:0x7f1a5df9c799 [ 347.449882][T10594] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 347.449900][T10594] RSP: 002b:00007f1a5ed82028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 347.449918][T10594] RAX: ffffffffffffffda RBX: 00007f1a5e216090 RCX: 00007f1a5df9c799 [ 347.449930][T10594] RDX: 00000000000000df RSI: 0000000000400005 RDI: 0000000007000000 [ 347.449940][T10594] RBP: 00007f1a5e032c99 R08: 0000000000000002 R09: 0000000000008000 [ 347.449951][T10594] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 347.449962][T10594] R13: 00007f1a5e216128 R14: 00007f1a5e216090 R15: 00007fff8f5d1b48 [ 347.449985][T10594] [ 354.524383][T10672] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input33 [ 355.990280][T10703] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input34 [ 356.774634][T10723] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input35 [ 359.244027][T10764] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input36 [ 361.593312][T10801] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input37 [ 365.745050][T10873] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input38 [ 365.878998][T10875] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input39 [ 366.200193][T10882] Process accounting resumed [ 366.943127][T10907] FAULT_INJECTION: forcing a failure. [ 366.943127][T10907] name failslab, interval 1, probability 0, space 0, times 0 [ 366.957386][T10907] CPU: 0 UID: 0 PID: 10907 Comm: syz.3.1231 Not tainted syzkaller #0 PREEMPT(full) [ 366.957417][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 366.957428][T10907] Call Trace: [ 366.957435][T10907] [ 366.957442][T10907] dump_stack_lvl+0x100/0x190 [ 366.957473][T10907] should_fail_ex.cold+0x5/0xa [ 366.957496][T10907] should_failslab+0xc2/0x120 [ 366.957515][T10907] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 366.957544][T10907] ? alloc_vmap_area+0x640/0x2bd0 [ 366.957566][T10907] alloc_vmap_area+0x640/0x2bd0 [ 366.957593][T10907] ? __pfx_alloc_vmap_area+0x10/0x10 [ 366.957624][T10907] __get_vm_area_node+0x1ca/0x330 [ 366.957646][T10907] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 366.957668][T10907] get_vm_area_caller+0x71/0xa0 [ 366.957689][T10907] ? ringbuf_map_alloc+0x3a1/0x8b0 [ 366.957711][T10907] vmap+0x131/0x2f0 [ 366.957730][T10907] ? __pfx_vmap+0x10/0x10 [ 366.957755][T10907] ringbuf_map_alloc+0x3a1/0x8b0 [ 366.957780][T10907] ? __pfx_ringbuf_map_mem_usage+0x10/0x10 [ 366.957802][T10907] map_create+0x84e/0x2ba0 [ 366.957818][T10907] ? futex_unqueue+0x13d/0x2c0 [ 366.957841][T10907] ? __futex_wait+0x256/0x300 [ 366.957873][T10907] ? __pfx_map_create+0x10/0x10 [ 366.957889][T10907] ? __might_fault+0xc5/0x140 [ 366.957913][T10907] ? __might_fault+0xc5/0x140 [ 366.957946][T10907] __sys_bpf+0x2091/0x4b90 [ 366.957969][T10907] ? __pfx___sys_bpf+0x10/0x10 [ 366.957989][T10907] ? __pfx_futex_wait+0x10/0x10 [ 366.958020][T10907] ? putname+0xb1/0x110 [ 366.958038][T10907] ? kmem_cache_free+0x124/0x6a0 [ 366.958067][T10907] ? do_futex+0x192/0x350 [ 366.958100][T10907] ? __x64_sys_openat+0x12d/0x210 [ 366.958127][T10907] ? xfd_validate_state+0x129/0x190 [ 366.958157][T10907] __x64_sys_bpf+0x7b/0xc0 [ 366.958178][T10907] ? lockdep_hardirqs_on+0x78/0x100 [ 366.958203][T10907] do_syscall_64+0x106/0xf80 [ 366.958228][T10907] ? clear_bhb_loop+0x40/0x90 [ 366.958250][T10907] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 366.958269][T10907] RIP: 0033:0x7f27c0f9c799 [ 366.958285][T10907] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 366.958303][T10907] RSP: 002b:00007f27c1f10028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 366.958328][T10907] RAX: ffffffffffffffda RBX: 00007f27c1215fa0 RCX: 00007f27c0f9c799 [ 366.958339][T10907] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000000 [ 366.958350][T10907] RBP: 00007f27c1032c99 R08: 0000000000000000 R09: 0000000000000000 [ 366.958361][T10907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 366.958371][T10907] R13: 00007f27c1216038 R14: 00007f27c1215fa0 R15: 00007fff00813198 [ 366.958394][T10907] [ 369.170081][T10941] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input40 [ 370.767649][T10978] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1245'. [ 370.985862][T10991] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input41 [ 373.227966][T11038] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input42 [ 373.684391][T11041] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1262'. [ 376.691092][T11115] vhci_hcd vhci_hcd.1: invalid port number 16 [ 376.744599][T11115] vhci_hcd vhci_hcd.1: USB_PORT_FEAT_SUSPEND req not supported for USB 3.0 roothub [ 378.920755][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.927376][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.787736][T11187] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1286'. [ 396.386566][T11496] Process accounting paused [ 427.066905][T12074] Process accounting resumed [ 440.389999][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.409063][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 459.422501][T12642] Process accounting paused [ 490.344546][T13170] Process accounting resumed [ 501.874417][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.880848][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 521.038801][T13627] Process accounting paused [ 527.336878][T13744] random: crng reseeded on system resumption [ 527.643163][T13745] hub 1-0:1.0: USB hub found [ 527.685967][T13745] hub 1-0:1.0: 1 port detected [ 531.999853][T13815] netlink: 'syz.2.1736': attribute type 33 has an invalid length. [ 533.260321][T13829] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1739'. [ 533.275946][T13829] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 533.302280][T13829] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 533.314240][T13829] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 533.329532][T13829] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 537.818294][T13898] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1752'. [ 540.844576][T13964] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1765'. [ 552.046266][T14137] Process accounting resumed [ 552.421405][T14148] ================================================================== [ 552.421453][T14148] BUG: KASAN: vmalloc-out-of-bounds in sys_fillrect+0x174a/0x1910 [ 552.421518][T14148] Write of size 8 at addr ffffc900044a9000 by task syz.2.1803/14148 [ 552.421545][T14148] [ 552.421559][T14148] CPU: 0 UID: 0 PID: 14148 Comm: syz.2.1803 Not tainted syzkaller #0 PREEMPT(full) [ 552.421595][T14148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 552.421614][T14148] Call Trace: [ 552.421625][T14148] [ 552.421637][T14148] dump_stack_lvl+0x100/0x190 [ 552.421682][T14148] print_report+0x156/0x4c9 [ 552.421724][T14148] ? _raw_spin_lock_irqsave+0x52/0x60 [ 552.421768][T14148] ? __virt_addr_valid+0x81/0x620 [ 552.421807][T14148] ? sys_fillrect+0x174a/0x1910 [ 552.421846][T14148] kasan_report+0xdf/0x1e0 [ 552.421877][T14148] ? sys_fillrect+0x174a/0x1910 [ 552.421923][T14148] sys_fillrect+0x174a/0x1910 [ 552.421968][T14148] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 552.422020][T14148] bit_clear+0x17d/0x220 [ 552.422055][T14148] ? __pfx_bit_clear+0x10/0x10 [ 552.422090][T14148] ? fb_get_color_depth+0x120/0x250 [ 552.422123][T14148] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 552.422178][T14148] __fbcon_clear+0x633/0x760 [ 552.422211][T14148] ? __pfx_bit_clear+0x10/0x10 [ 552.422249][T14148] fbcon_scroll+0x48b/0x650 [ 552.422283][T14148] con_scroll+0x464/0x690 [ 552.422325][T14148] do_con_write+0x6883/0x8540 [ 552.422381][T14148] ? __pfx_do_con_write+0x10/0x10 [ 552.422432][T14148] con_write+0x23/0xb0 [ 552.422475][T14148] n_tty_write+0x44f/0x12d0 [ 552.422523][T14148] ? __pfx_n_tty_write+0x10/0x10 [ 552.422555][T14148] ? _mutex_trylock_nest_lock+0x170/0x310 [ 552.422602][T14148] ? __pfx_woken_wake_function+0x10/0x10 [ 552.422653][T14148] ? __pfx_n_tty_write+0x10/0x10 [ 552.422685][T14148] file_tty_write.isra.0+0x4d2/0x890 [ 552.422735][T14148] redirected_tty_write+0xd4/0x120 [ 552.422781][T14148] vfs_write+0x6ac/0x1070 [ 552.422809][T14148] ? __pfx_redirected_tty_write+0x10/0x10 [ 552.422856][T14148] ? __pfx_vfs_write+0x10/0x10 [ 552.422881][T14148] ? find_held_lock+0x2b/0x80 [ 552.422921][T14148] ksys_write+0x12a/0x250 [ 552.422948][T14148] ? __pfx_ksys_write+0x10/0x10 [ 552.422980][T14148] do_syscall_64+0x106/0xf80 [ 552.423020][T14148] ? clear_bhb_loop+0x40/0x90 [ 552.423056][T14148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.423087][T14148] RIP: 0033:0x7f47d659c799 [ 552.423113][T14148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.423144][T14148] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 552.423175][T14148] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 552.423198][T14148] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000000 [ 552.423218][T14148] RBP: 00007f47d6632c99 R08: 0000000000000000 R09: 0000000000000000 [ 552.423237][T14148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.423255][T14148] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 552.423285][T14148] [ 552.423297][T14148] [ 552.423306][T14148] The buggy address belongs to a vmalloc virtual mapping [ 552.423326][T14148] Memory state around the buggy address: [ 552.423342][T14148] ffffc900044a8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 552.423381][T14148] ffffc900044a8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 552.423404][T14148] >ffffc900044a9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 552.423421][T14148] ^ [ 552.423438][T14148] ffffc900044a9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 552.423460][T14148] ffffc900044a9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 552.423478][T14148] ================================================================== [ 552.432047][T14148] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 552.432071][T14148] CPU: 0 UID: 0 PID: 14148 Comm: syz.2.1803 Not tainted syzkaller #0 PREEMPT(full) [ 552.432107][T14148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 552.432127][T14148] Call Trace: [ 552.432138][T14148] [ 552.432150][T14148] dump_stack_lvl+0x100/0x190 [ 552.432196][T14148] vpanic+0x552/0x970 [ 552.432225][T14148] ? __pfx_vpanic+0x10/0x10 [ 552.432260][T14148] ? sys_fillrect+0x174a/0x1910 [ 552.432302][T14148] panic+0xd1/0xe0 [ 552.432330][T14148] ? __pfx_panic+0x10/0x10 [ 552.432360][T14148] ? sys_fillrect+0x174a/0x1910 [ 552.432402][T14148] ? preempt_schedule_common+0x42/0xc0 [ 552.432449][T14148] check_panic_on_warn.cold+0x19/0x34 [ 552.432491][T14148] end_report.part.0+0x3a/0x90 [ 552.432534][T14148] kasan_report.cold+0xe/0x18 [ 552.432578][T14148] ? sys_fillrect+0x174a/0x1910 [ 552.432625][T14148] sys_fillrect+0x174a/0x1910 [ 552.432675][T14148] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 552.432729][T14148] bit_clear+0x17d/0x220 [ 552.432764][T14148] ? __pfx_bit_clear+0x10/0x10 [ 552.432800][T14148] ? fb_get_color_depth+0x120/0x250 [ 552.432833][T14148] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 552.432886][T14148] __fbcon_clear+0x633/0x760 [ 552.432918][T14148] ? __pfx_bit_clear+0x10/0x10 [ 552.432955][T14148] fbcon_scroll+0x48b/0x650 [ 552.432989][T14148] con_scroll+0x464/0x690 [ 552.433033][T14148] do_con_write+0x6883/0x8540 [ 552.433088][T14148] ? __pfx_do_con_write+0x10/0x10 [ 552.433141][T14148] con_write+0x23/0xb0 [ 552.433185][T14148] n_tty_write+0x44f/0x12d0 [ 552.433224][T14148] ? __pfx_n_tty_write+0x10/0x10 [ 552.433256][T14148] ? _mutex_trylock_nest_lock+0x170/0x310 [ 552.433304][T14148] ? __pfx_woken_wake_function+0x10/0x10 [ 552.433356][T14148] ? __pfx_n_tty_write+0x10/0x10 [ 552.433389][T14148] file_tty_write.isra.0+0x4d2/0x890 [ 552.433439][T14148] redirected_tty_write+0xd4/0x120 [ 552.433493][T14148] vfs_write+0x6ac/0x1070 [ 552.433522][T14148] ? __pfx_redirected_tty_write+0x10/0x10 [ 552.433570][T14148] ? __pfx_vfs_write+0x10/0x10 [ 552.433595][T14148] ? find_held_lock+0x2b/0x80 [ 552.433635][T14148] ksys_write+0x12a/0x250 [ 552.433663][T14148] ? __pfx_ksys_write+0x10/0x10 [ 552.433696][T14148] do_syscall_64+0x106/0xf80 [ 552.433738][T14148] ? clear_bhb_loop+0x40/0x90 [ 552.433775][T14148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.433807][T14148] RIP: 0033:0x7f47d659c799 [ 552.433831][T14148] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 552.433862][T14148] RSP: 002b:00007f47d744c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 552.433893][T14148] RAX: ffffffffffffffda RBX: 00007f47d6815fa0 RCX: 00007f47d659c799 [ 552.433914][T14148] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000000 [ 552.433934][T14148] RBP: 00007f47d6632c99 R08: 0000000000000000 R09: 0000000000000000 [ 552.433953][T14148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.433972][T14148] R13: 00007f47d6816038 R14: 00007f47d6815fa0 R15: 00007ffca533bb98 [ 552.434001][T14148] [ 552.434273][T14148] Kernel Offset: disabled