last executing test programs: 9.035986096s ago: executing program 1 (id=4971): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0xffffff69, 0x8, 0x0, 0x3, 0x800000000000000) select$auto(0x644b, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r1 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r1, 0x0, 0x4) rseq$auto(0x0, 0x8000, 0x0, 0x6) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/scsi/sg/def_reserved_size\x00', 0xc8000, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) sigaltstack$auto(&(0x7f00000000c0)={&(0x7f0000000040)="6fd0ff00000000000000d2a0be6ac3582690c7314696836e1fda106d9f92a846ee01e269f3cc4d763706d08af4d8b40e238e50fa", 0x4, 0xffff}, &(0x7f0000000140)={&(0x7f0000000440)="f5b02af123815905b964327959d8c95cbc19112206921c82f521203454474766d9065fabed2d10cb53a9683f6e7961a55d1810c6ddaefa05da53de79fd1671dc292ed755e6d9a99f91159031ddd44d26e80aea77411f72961af2f59042c4ff2d2bfe3cf933ff9ded1709d0ac4fbd5d50b973a80659156bb216de78f4d4550298509e33742a26c815e03144a6886b3fda191ebd9fe9795233cf84645870d78d6845b9c2a9cdff1c424f2752f8791cd13e3bb69b569cd437d332ae47fa0c12fc74e1c02d1539793f704b1a92a894b09f2bbecde610f83ccf416b9bb054d385caeac43e696366a165b89806ebb1d207d0874d423e5b6ac7f3046544de6fe141d1870e41c475ce967d11008255356105257d38eab8ee323d297c6781a322c2265ae7f188e4601a571778b2aa4e097707ed61d28274b6fb0bbb3aea2711b6b27dd293a5548712c534ab343ae38c0a320b23823d987e3def9fb2a8b8cd1e0dca503b8fc4d1151e329736f2bdd8f8502c170fac5887f3d2f8c4fda84fbf7c97bc12c667bd615a9870199f37dec8c819b71345f9b005f18c205f03d15f874cd9aa4518d635ce7e6cd4574be9c7c7b91904c5e5a74adfe3e86709da86481686622e9210da24c000aeea662450735fd55ef471c923f4ab09f09a9cef225ffa52d43ace7b6d6fbd393e2058f71dfd9203d80f200e3a8539c27e62ac4051fea1fd19ac9f95e8bad5255b7867f3d857cb1b0252f719f07f15faa7239ad35cf6f4257d69d1d6d591d3caecf3bed4fb1c25ec677ae8b72218381e68cf3a3228e6eab01e946cdfa16ff510c5b01758a8a41927a5f5995a52abd80fd149c9635cb164ab73f5e7d31833678aa1be49a46b0dea4678e693adf8a8d6f41cb04f192b14dd0d4c98737de8b2b832e1ff088f5052b8feeb101db7237fce2738466a1e798abc42c52f29ef6e27875ad865c9ff94e7f0b829adf76c01e12045c08c47ee65dcbc57fcdd04f210a686d816e704f7f19019c2d51f8be2c94eccc65ac455183a2eec53aab4f6091ac2271f341662b1cf54a3a1da3f7aa9948b2c5d22b8728bc6a162ea73af9d8953f447e2907e7fef8f79519a76367dded19e562bc22faf3a26879ec528144f6bfbb1ac2a3420630b1f76899db92e09fc94a278e3c229c2ff3f97cd7abfec45d37b60829b850934f2ca2ed19c832665f32de3ad507a8ca41cbeed838908e6c62168936f4ede68c6da63de06990d791a640c03ec56bddfe8c50bedb10c089e407b9e808d360f73c7c7ccd663e7845485d54f6b276e2eedbb437a78636eb068e3b05d7806e1ed6df29e595d17c774d152ac2c07a6c54a771872b76106fe827ae98730d2f63e7857c239ab3ed40d8313edb04b989a59d0dbe4ad47b10cb07fe8e6f3a02aa8643673638cf603f7050bbdf9f0ba20b3b43f931a341057a07c4b1f5851df620a983179035c538d5b7bef399545d332d72f4a9a580538a600b3c809465802929f0415285300ae855cfdba9ade735fa6ba9dc4d010866a19c85dd788a9766c51dcb6041a20e0fdd29aa58ae0fb8058b42201fd324986f06c2ceb4823bc4eae030909c8e1807d73890885dbff00b6a17d8e1771783c22d158048303df4feff5e0cdd84a7bb4e3e231d91887f0556294d69ff50649a5efaeb787817cf1342645447bec1f464663e7949f08634ac2355c3587d82ab7d04e4fbd098abc5ba46bdf94924884931b8480a2a77ee41628e13006c712eec771ee4e894b21a5f791d66303cb7c58d96b35ffffaff8c19c9f09726e52e1aba192dd17b345bc3534ad6817427b8b1a0992af1b010fca2a438b5932ffa8ca257867683810e55759f42ba5eb5a0bee174e914a955169d6d354eb10a6ce59f9c86b418e2e9bd807b1b1a4f83587c6eeb42782dfdb0dbaa39d52323d0298affe6e77a6e6825fbd0e5527694e74a096b37f7c21d9ff4206a221c5018dec042ecb39781ca604124f31992b6bfb684da8c338d5835b995bf6beb20ddbe3926ec390010c7bf47bafab9905cdc3d0c2167224fe3b3b701e7f530aa8e2e4620af395f679c46204506a1da8ef296c2bc9cc836540f192342d56571603d7bfb16fcbeb4f286c58277131afaf1c2491c762bd3dd686b68f3ec5b171d0752acce1418a72f969141ce5ad636d6060a44dfc81794f404e9d3feb3a2e7ab98d88e0da70be08c502327c4a1121ff924413cabc2c293e2022e8b213a60d1d696b46a5773e86b3dcc9fcfcd8fba201e8beb9478b3b4f33906d2cf7389125a1e3c4aba15f19e93c0582ce5b93367c8906c3f6a311a00d31e17872d3fa74dedaac47ea6c3c814bd0e04dd8825a7ffff6cfab681e041f8c0944f48d78cb2b611009cb779ecaa123eb6d93485ced7461b9cd475b8347356e25c8ab21ed78c616553679004d1c85e518705648c12cdd4a6b9b2e6430926513fc5ed7f941d68e59f0f8a8efe00da957e3f5de7c13648d32d95bf552c7b5913ca435cadc503a584a4a36a07287269e01b3431f2ca63df54c33edc1aa511226bc77923faf77047a4d6cd1aa23d9a93209517af71eec8fa943b8371532f4c06e02068c581eb6fcecb89fe3a96cf5fbc2f33b2ce893d7019cf22ec261fc1c087b09020cb63531fbd7aa9ac2845ec3b9fa8e30de31ff090eebd7e2d6187114b8a19474570f147d77944646b4494f4fd51049d8565ae0da0c0a5a3533a1739058968c39e72fde2217abe8d5c9239778c4d27886d2af361ba7660468c2ba7070d45267119f94162837fb2f055620799986e0e46d943f520870d88324aa5de24fc1bc1b9897ec7821c16ee3ed8d612ff21d9794df35d6f4a046e9dd8a892413ea495b511a1bcb62d8adbf83f08b68d1355a2355cda54245d0cbea04e34f0364434a3c1025b27f5b9dc4bd4857dbd0a60c5b05bbb2f056a2b4c86f97f65bfb174fa276b56e926b8a521ae50059bc0ed5e3638c59512ef9b145282d9b68bc083b3457b900c9c2e378d19cb30dc2a4ed2ede5d93ed026b20d31bdf5e450bfb66d25b443249ce7e7c71ea433d6691705ff84b8476aa5a77898b5f8e9893d98bc7140b7cfe4e6afa3e0df4811a28c4a17a46eacede4a6803e32bb71ebaadd094836a22b4140508f3fea76eadcd08e82c6e5bcf89bd8f6d936df0a95fb38536c84dc38a3a9411c5e606134c7d4eb3306b94ca1fd00d8dfce6706fd2a1c164b299f57f3412a9a0d8d4c24fbfcca8f9e75601c3de8c6c46bfae64274f4d0f795138e7ec196bc8481d79c730be97e13f3a5d505081c82f55807cfa41877a0f29e485400038726f01198aea987942215f909e4bdc24f8fa59aa4c0f7feedf4cbf5b4f0fd68a75a0308f1c0b49ec9e7277d1092f8f61d2596c43e9ef89b6c7e8e6fb834f3e40041a0a7f421b97d7952cca16b51f407c8d4d84c4c69d68009386f69da6a353b9ba867d36b39540884b47387783f8bd0fce6f3a7b538d150e907349eb259d964e65d7e0561e3915278fc8557055f246231c4244e43af307b65a85afde009e8214711e32e67ca8eb673da5f93980179c999b836c671fc7e01f57d884e6d1de2422b65c46742cc592877e89972ed6306e44068a2f72880adef626d110bca2c7719731f37ee553c48c5e4b7c14d071b18172f94f36dc5ccbd0a0961a06e9983f9f123ee4c8ec6df51c02f65efcb645b5321dcf064f37f07f8bde6320ace9b4b23525804a157576aee72cae623d4bc4214530aeca6dd6d162db15d6a356c7d56e72da9ee27f1fc3448c4e730f3fc2cb295c9a45bfcdfbd5e5cf60472c222611cc6ee3f243bc162f50ef82e594e0b2ac7b86b64514d8ab3064da68b5e6b0f580be2c15c8ce39fd5fcb5fb1c19e35eed8537cf4e253da4c76f154f485d4d351d7274d8b566610c360abde4bf3c016203df9e9068b1b78a97008077a00d17f850094231998eaee66a62cbb62397f9c256117c9f30100c54a58587cb0412b5a2cb2405223590c93237030798cc32eb93d2afd97fb55c0611253436eeb12d0b3dd1d353cbb060b151ce36f184def4a4a717e635f701fcbe1af5ddcc8bdc45b1196acc5e944c770df23fa3f3f57865d0703ea7791c291c609c4da9dfe343b27b47532b03ab0f9f7e7e69d012072f715deb31826ef3b0af362fb1a04cc075d9df4c503cb62ce0947d958e56e5e1281a7bcc171edf167dd4bee0925af3fcfcfa5f030c18206fb5675a3f4b7795179db2db8ba250f20fe6e351223ede881269aa89ab83d1693800fecd21c670ec9ea2050eb897017a3dbd9db2ad760c9ab72d1ea5dbdc391b2a48d08522c3eb19053c23848027dbea4f189d36641f4bc3b4cd5836ac1c3f8662fcae257e4846d7f0b79979bb01ef8646f659df1ce1678e6d311730dbadcac12081987a7ddba3fabac910b0933f4bacfd73f727335e4c38f6f2573301b50a38616cd663f0d74ef6346475c89e7c61b0af0cff6e2672ed83665289719a9ca5c0fc3b510ac5d8967fb4ab150f72526b32334002fd344b26da2b78dfdff76f3b8392e20d2e0d0f13607c2655a533a7a35e932d4597ecad7704cc2322e917074a71371b1f3c164b80cdbed320cf0b45106b2b4c6c44b7557938f271c32f58e2898eabee0ed54d5687936f536da6b66e299b1d940dde8a802376e11164377fd56dffa951e95f15a27504b9106b29c09394a47f8b865b48290191a463a722ec8c1a9d36cc0c3d1c50c536efdea0b7143153fec4882a42ecdd6d86105e04de872d86c84bbd676615179f4c3da9427934bb3c6b39d24923117e6c2b9ab7d11900ac718d367c22dd919629f26c9efc29892331996871792b19865f0a0a571a2883b27193e63fd631a5398a864f994e2d543a7615764841622ffa1f7530e1a642d145a636f293f154cb6b3cabb9101d86e7ed9532859f901813dacb9f4cb1d76f000ff637ab0a2b37d790a16c8d31f3a317ce80669a538bbb79b01b7411714e68122648cb6acacadabe9767805863dfae50db518d3f4b243e96fd9348094922a9f6e324467bb201a36cd17614af0b9d305e8eb4846d8e10d9f170967201a36f6e35e8c3f469e6e5b5a6bfce292f573f22c53d8e1a742a2d2e6bead8e7a08a585c4ae59a8bffc3555c196dba0c28255ccd758897c485d96004dc11a256695c4f1e457dc666a40a676be6fc877157be4c6140ec86b095c3b286fcdd69eecfb4c59835c8a994861696e773505e4fc1a3c0c53a7348c88a301ee3130cb7e7b766da29cb1f0b96a71ec2bf4dd3e4ca3e419239822ce293aae9cb34b307a4339e10532f3be215f69f5c0390ef62d10ff3c28a65eb71b0a5449a7841bab51407cf16b38e3fcd8f7c91fb5e4184003fd01f2680c0ca8d687c0b7db80f25d57182f93833d71d9c5ee46f3c69213daa5e0f6e6efe66419a31b763c149fe40d3d63237c1e4a447a90febaf7cba3715724e554522727aa34653ff40c62b9d0b1fe8b09af28688155ebc3a08830f7a74e38e483b0e210eba6480b8200da1dfec4cd4ab1d9c6ccc92e37841267f3875a751266b76d4761fb1ea1235f22a55bf94f89e2bd50ee128fd5b79cd8ca1f0ced7c20449bd606bd9d999b77e2ca05983b4d0e67e9dd68247f2b14b9475e1a623fab258f590f9d01ed5077a3578e031d42db9ff8f721f6aa2d5f3aa291fddc76cdadd0a00c29a39ec527d8b7e7808871d174e7ceb570dfb0e286d0596d51adc1d8b353b63a11d3407c8a5e305c4d36d7e4b938560b1b579521670c45b100cc2837a62812aa316bf2bb4a2ced473ff448d0c0939aac135de0e6647d1dcb19f091", 0x3, 0x1}) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x202000f, 0x2000000000000000, 0x18, 0xfffffffffffffffa, 0x8000) mlock$auto(0x1004, 0x6) ioctl$auto_RTC_PIE_ON(0xffffffffffffffff, 0x7005, 0x0) mmap$auto(0x4, 0x4994, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000004740), r2) 7.994259096s ago: executing program 0 (id=4975): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) sendmmsg$auto(r0, 0x0, 0x5, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000600), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000480)={'dummy0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_MODULE_FW_FLASH_ACT(r1, 0x0, 0x400c080) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @private=0xa010102}, 0xfffffff4) connect$auto(r1, &(0x7f00000000c0)=@xdp={0x2c, 0x7, r2, 0x13}, 0x3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x3f7, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/ext4/sda1/lifetime_write_kbytes\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f00000000c0)=""/4096, 0x1000) prctl$auto_PR_GET_TID_ADDRESS(0x28, 0x2, 0x0, 0x0, 0x40) mmap$auto(0x0, 0x400007, 0xdf, 0x12, 0x2, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x20000000fffffdef) madvise$auto_MADV_GUARD_INSTALL(0x0, 0x0, 0x66) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4840) mmap$auto(0x0, 0x40008, 0xdf, 0x9b74, 0x7, 0x28000) syz_open_procfs$namespace(0x0, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x29202, 0x0) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mremap$auto(0x0, 0xffffffffffffffff, 0x3fd6, 0x3, 0x7fffffffb000) prctl$auto(0x23, 0x200000000000009, 0x7fffffffefff, 0x0, 0x0) bpf$auto(0x3, &(0x7f0000001100)=@link_create={@prog_fd=r5, @target_fd=r4, 0x1, 0x7, @uprobe_multi={0x9, 0x6, 0x2, 0xb2, 0x9, 0x2b9}}, 0x101) r6 = openat$auto_proc_pid_cmdline_ops_base(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/cmdline\x00', 0x60502, 0x0) read$auto_proc_pid_cmdline_ops_base(r6, &(0x7f0000000040)=""/159, 0x9f) 7.671108133s ago: executing program 3 (id=4977): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000240)={0x1, 0x81, 0x5b, 0x4, &(0x7f0000000000), 0x9, 0xeb90, 0x2, @stream_id=0x102, 0x7, 0x476, 0x0}) close_range$auto(0x2, 0x8, 0x0) 7.408700364s ago: executing program 1 (id=4978): openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC0D0c\x00', 0x40002, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x200000000001, 0x10, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) write$auto(0xffffffffffffffff, 0x0, 0x1098c7) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/query\x00', 0x0, 0x0) read$auto(r3, 0x0, 0xb4d3) msgctl$auto_IPC_SET(0x10001, 0x1, &(0x7f0000000140)={{0x0, 0xee00, 0x0, 0x8, 0x3f, 0x400, 0x80}, &(0x7f0000000080)=0x5, 0x0, 0x8, 0x94e, 0xb, 0x100, 0x7fffffff, 0x1ff, 0x6, 0x3, @raw=0x7, @raw=0x9}) capset$auto(&(0x7f00000001c0)={0x1}, &(0x7f0000000200)={0x8, 0x8, 0x1}) 7.407343753s ago: executing program 3 (id=4979): setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/173, 0xad) msgsnd$auto(0x2, &(0x7f0000000300)={0x4, 0x9}, 0x65, 0xfffffffd) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r2, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000ab40d66a9c8807eac5ce705a385620e5f12946738af55d2c0c843c7f334e", @ANYRES16=r3, @ANYBLOB="e3db28bd7000fcdbdf2510000000"], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fsconfig$auto(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mbind$auto(0xfffffffffffff000, 0x100000004, 0xfffffffe, 0x0, 0x2000000000006, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = getegid() r5 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000280)={@_si_pad}, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x3, 0x1, 0xf9, 0xfffffffffffffffc, 0x5, 0x6274, 0x9, 0x0, 0xb, 0x35d, 0x439c, 0x9, 0x7}) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r0, r4, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred=r5, @raw=0x5, 0x5, 0x0, 0x0, &(0x7f0000000600)="3b4aab5baf7b70279f51554278b9b2497af28d2f68748361dda23b269d8b59ff913dc2ce2f41389066481eb9ea5492d38b5b950569f4d785c41fe5d0ab02234a66c5d804108051813044b3235a4b452ff0c51b938f2f5440d9ecee6cfad16d8271c93fa2488f5af21c4361fca3799a20b53b6f0c6c3b19b35a674aec24b246c982d5f007b2ecde6cab52699af3b1e94e1a42d4e44b022d7d64730dd5127ccd9f02f7590e93c2c7d8eb6e44"}) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0101, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x8a042, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 5.576426296s ago: executing program 1 (id=4981): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000440)={&(0x7f0000001900)={0x544, 0x0, 0x4, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_MESH_ID={0xa, 0x18, "8765839be1d1"}, @NL80211_ATTR_DFS_REGION={0x5, 0x92, 0x5}, @NL80211_ATTR_VENDOR_DATA={0x28, 0xc5, "d19f3b98daeb63ec0a45156a38993e14fc3f2accabf37e8c522d8058e434ecc56b0794e5"}, @NL80211_ATTR_VENDOR_SUBCMD={0x8, 0xc4, 0x9}, @NL80211_ATTR_NAN_MASTER_PREF={0x5, 0xee, 0x34}, @NL80211_ATTR_PBSS={0x4}, @NL80211_ATTR_VHT_CAPABILITY_MASK={0x10, 0xb0, "d366b7db35437c4dea30f43b"}, @NL80211_ATTR_KEY_DEFAULT_TYPES={0x42c, 0x6e, 0x0, 0x1, [@nested={0x83, 0x19, 0x0, 0x1, [@generic="f7b1840e10c37193057e77525de3f9ee243423a5a3239d46e4a7778f37773837bfa5e978c3c25f7bdd320deecd5cfa50088ab114ab2fb9047154a3339ddf60c125a3df53d0394875f6ce6dd05fa3d39e356b94000a8ffcb286df082954cc900f2b046574c181c70ebf2afac4aa68fdeba2d68045c51a12", @typed={0x8, 0xf6, 0x0, 0x0, @u32=0x5}]}, @nested={0xe6, 0x25, 0x0, 0x1, [@typed={0x14, 0xd6, 0x0, 0x0, @ipv6=@remote}, @generic="85f58c546fbbe9347ba3592fcfdb8d309a7fd803c613c6bdf8ab8f90167b7e03990ff504d46bcebc5c22b2052345531a063eb153e5abec3bbad9df4c3ea2e82692723a7b78761772bd869cfcdcc54fce8d2c66d5553d3d53c54f5883ecdfce9c0065075348e9790199ce598c68d37e116f2f22e0b10a511cacb063e9cb23c9479d1327dd03007eb2048a5ecda13d23ba2e95a13ba754", @nested={0x4, 0x5f}, @generic, @generic="3c78c1722797b20255d296f37c20c1936ed1a83418d1abf888071530917573d373ea729d1951b38121cffba58307fa7b6bc4cb10"]}, @generic, @typed={0x8, 0xf4, 0x0, 0x0, @pid=0xffffffffffffffff}, @nested={0xc, 0x59, 0x0, 0x1, [@typed={0x8, 0x120, 0x0, 0x0, @uid}]}, @nested={0x4, 0xd}, @nested={0x28d, 0xeb, 0x0, 0x1, [@generic="64aba5ec5f90e9fac103ed631d74a6cfba6bd220c97def1dcf2840e7550d84b02bc984ba3d650276d02d1c32e1fbd5f4a6196af2d442c534645a1c644f24e545511f55063d628381a3724fa186119459ce70eeabc2475bb40515a75479360cafb8c55b62a8b955d10b7b25722bc791312ce24e8df651b0a826ee6fe4fb780fada2a46acf82e27331ec50c3ed96e31fc2f7d5060434", @generic="030b34f2bc7bc05aa7f024c1fbcc7af314178a1b3f115bf287243a1213ad33b376533f6e4dcdac84342a73e86b64e20706ec9525868eeab624ca0e8aec", @generic="7561ddbee01d2c970e957e15e508669a0cd9eed4b0a172e9320f6fde0678cb8c37a994a9369a69cd1a3eadfa6c8f9b2d71c7f8d529ef75c4883a695c492c1cea554702da19d44cc2cbfb388feee942b58947b495383533056d6e75ab7aaecf4c5ebbdbb127c179c3c9e661d75268ad426e60151c82d09d3356f3b3bac0117367fd0ada0f35c8afcf1a6935fe2a576a6db95278d802292697e3ab6c53e2b05114fff8706bfb68c3ee56fbe5cede0a7561468966cbfd7de54214b7769aff377a858de3a294d7", @generic="3090822e392fec6f5777c2b0880044e6cb5f644249e69f8218f6abec8e15618a41f0ed6b2d85eeae7f5d1ac13734ee91b2576aa03733871645efebe468c0f8ce928b1879cc210e747ca7963a77b29fe259cf966dbc3761e0149e0f309c5f6ca4eb42f4c59824dd8b0a8f99426211182eed3c5f22083675b90b170a821ada334bd3c5eaae138a6f23b52c035f2fa40251573662d83daf7cd72a7eed723c4665302d28d64f45df5a7439bd4bc5abe8c56626e75a08a70dd4806237dd043a52f8dd1bac01386aecdaf7213b6fdc8506f5cc01fc650bf2d170d55f8e953e0c678342fc33d0519934d0a61a3c5bf4ed9eda1390dc"]}, @typed={0x14, 0x23, 0x0, 0x0, @ipv6=@loopback}]}, @NL80211_ATTR_PMKR0_NAME={0x9a, 0x102, "98433b45485b0d07f3af16801785094a6587d6303f241689b1d1c9c0c8398b54f43586f91d1324ce74406cf1b171de4a0068812e62f6ee82b56662a4f9f2b45fe2d5efe9c4222554921d37e9804a49ae94bd1ffbe0c245d2c015b1f89d9a5a826ccbd3cb8e7525cb9d7e46d2603719ba2441008a02c106d487e169bc205da6b217a386a17f197ef50047b281fd5b5062d60c793c2a13"}, @NL80211_ATTR_CENTER_FREQ1_OFFSET={0x8, 0x123, 0xef07}]}, 0x544}, 0x1, 0x0, 0x0, 0x8805}, 0x8000) openat$auto_evm_xattr_ops_evm_secfs(0xffffffffffffff9c, &(0x7f0000000140), 0x189000, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto_PR_SET_MM_START_STACK(0x80000000, 0x5, 0x0, 0x2, 0x1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/anycast6\x00', 0x181500, 0x0) sched_setattr$auto(r0, 0x0, 0x7b) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) (fail_nth: 8) 5.270150705s ago: executing program 0 (id=4983): r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x1, 0x21, 0x0, 0x9) ustat$auto(0x801, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) mmap$auto(0x0, 0x0, 0x4, 0x52, 0xffffffffffffffff, 0x800048000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x400100000001, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) fstat$auto(r1, &(0x7f0000000280)={0xffff, 0x5, 0x9, 0x1000, 0x0, 0xee00, 0x0, 0x4, 0x3, 0x2, 0x7fffffff, 0x6, 0x7, 0x8, 0x4, 0x9, 0x4}) shmctl$auto_SHM_LOCK(0xfffff21d, 0xb, &(0x7f0000000440)={{0x800, r2, 0xee00, 0x0, 0x6, 0x3}, 0x9, 0xffffffff, 0xb, 0x1, @raw=0x7, @inferred=0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000340)="e31815967dfec7eec0aef559dd3fe9", &(0x7f0000000380)="9c5b2f0211336a40fec8ee44ead4d8d83b60fdf18c99bde876082d71e436f9a2c925f4298803b033113f78f360ea95c7a57bbeee8a9d144f8a776cc63e0128fa28b640c2a7f61c673e02cbec122498cdc59f8382db443a00ac36904d2ef0ff279b82df81cc3b1c25ec2181b00d5b2b20d442cfb689750a2fc7540abeec4bd0a6e8905bd2e51b5cd4e9c48308b6126286249f9507f4726e74f25489941ad0f91a26d4"}) wait4$auto(0xffffffffffffffff, &(0x7f00000004c0)=0x2, 0x9, &(0x7f0000000500)={{0x7, 0xe1}, {0xef7d, 0x80000001}, 0xbd33, 0x1, 0xfffffffffffff001, 0x5, 0x8000000000000000, 0x5, 0x2, 0x7fffffffffffffff, 0xfffffffffffffffa, 0x4, 0x0, 0x9, 0x9, 0xd}) sendmsg$auto_TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000003580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000003540)={0x0, 0x7468}, 0x1, 0x0, 0x0, 0x4008080}, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x2, 0x4cbd5d) mmap$auto(0xf22, 0x6, 0xfd5, 0x9d, r3, 0x0) openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy7/ht40allow_map\x00', 0x20000, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x800, 0x0) 5.047716245s ago: executing program 2 (id=4984): socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x2c, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x2ffffffffffd) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) splice$auto(r1, 0x0, 0xffffffffffffffff, 0x0, 0x8a5b, 0x401) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 4.603414228s ago: executing program 3 (id=4985): r0 = openat$auto_fops_u8_(0xffffffffffffff9c, &(0x7f00000014c0)='/sys/kernel/debug/nfcsim/nfc0/dropframe\x00', 0x20000, 0x0) read$auto_fops_u8_(r0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r3, 0x0, 0x1f42) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f00000001c0)={0x0, 0x9}, 0x3) io_uring_register$auto_IORING_UNREGISTER_NAPI(r2, 0x1c, 0x0, 0x8) io_uring_setup$auto(0x3, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/loop6\x00', 0x0, 0x0) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x121900, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x7, 0x1ff, 0x7, 0x3, 0x7181, 0x8002, 0x7, 0x3, 0x9, 0x5, 0x80003, 0x4, 0x200000000000, 0x3, 0x9, 0x8, 0x10006, 0x4000080, 0x0, 0xfffffffd, 0xe, 0x22000, 0x200, 0x0, 0xd363, 0x0, 0x0, 0x0, 0x0, 0x3, [0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000, 0x0, 0x0, 0x0, 0x0, 0x43a]}, 0x201, 0xd) r5 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, 0x0, 0x1541, 0x0) r6 = socket(0xa, 0x802, 0x3a) mmap$auto(0x0, 0x2, 0x4000000000e3, 0xeb1, 0x401, 0xfffffffffffffff2) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x2aa82, 0x0) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/orangefs/perf_counters/ncache\x00', 0xa001, 0x0) write$auto(r8, &(0x7f0000000000)='72\xa1\x84\xbd0\x00f\x19\x1c\xc7k\x00\x00\x00\x00', 0x7) ioctl$auto_KVM_CREATE_VM(r7, 0x4018aee2, 0x88) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/wchan\x00', 0x8580, 0x0) setsockopt$auto(r6, 0x29, 0x21, 0x0, 0x18000113) ioctl$auto__ctl_fops_dm_ioctl(r5, 0xfffffffffffffd09, &(0x7f00000001c0)) r9 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r9, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec17\x00', 0x10000, 0x0) 4.510901614s ago: executing program 1 (id=4986): openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x40002, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) select$auto(0x3, 0x0, 0x0, 0x0, 0x0) socket(0x2, 0x80002, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket(0xa, 0x5, 0x0) getsockopt$auto(r1, 0x200000000001, 0x10, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) r2 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r2, 0x0, 0x4) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) write$auto(0xffffffffffffffff, 0x0, 0x1098c7) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/security/tomoyo/query\x00', 0x0, 0x0) read$auto(r3, 0x0, 0xb4d3) msgctl$auto_IPC_SET(0x10001, 0x1, &(0x7f0000000140)={{0x0, 0xee00, 0x0, 0x8, 0x3f, 0x400, 0x80}, &(0x7f0000000080)=0x5, 0x0, 0x8, 0x94e, 0xb, 0x100, 0x7fffffff, 0x1ff, 0x6, 0x3, @raw=0x7, @raw=0x9}) capset$auto(&(0x7f00000001c0)={0x1}, &(0x7f0000000200)={0x8, 0x8, 0x1}) 4.481392751s ago: executing program 2 (id=4987): socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), r0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/module/zswap/parameters/enabled\x00', 0x62, 0x0) write$auto(r1, &(0x7f0000000440)='ON\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf0F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\xed\'\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1\xbb\xe4pd$\xd7\x1b\v\x82\rd\xd2\xaa\v!\xb1}\x92\x89\x8d\xcd\x1e\xc7N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8=R+\a\xb7R\t\f+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb', 0xb8c5) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={0x0}, 0x1, 0x0, 0x0, 0x220000c1}, 0xc0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, 0x2, 0x40000008000) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x20401, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) r2 = gettid() futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x80000001) kill$auto(r2, 0x11) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r3, r4, 0x0, 0x1000200) (fail_nth: 8) 3.499460233s ago: executing program 0 (id=4988): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) statx$auto(r0, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x200, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000140)='ns/uts\x00') r1 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r1, 0xc0686611, &(0x7f0000000080)={0x102, 0x34, 0x7fff, 0x5, 0x100, 0x1, 0x4000000000c, 0x101, 0x4, 0x7f93, 0x2, 0x0, 0x7ff, 0x0, 0x9}) setsockopt$auto(0x3, 0x1, 0x1d, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) msgctl$auto_IPC_SET(0x9, 0x1, &(0x7f00000000c0)={{0x2, 0x0, 0xee00, 0x1, 0x40, 0x2, 0x8c4}, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x3, 0x401, 0xbd3e, 0x2, 0x2, 0x8, 0x246b, 0x0, 0x0, @inferred, @raw=0x4}) setreuid$auto(r2, r2) 2.752078233s ago: executing program 3 (id=4989): r0 = socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x7, 0x800008000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) setsockopt$auto(r0, 0x1, 0x21, 0x0, 0x9) ustat$auto(0x801, 0x0) sendmsg$auto(r0, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) mmap$auto(0x0, 0x0, 0x4, 0x52, 0xffffffffffffffff, 0x800048000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000180)={0x1, 0x7, 0x6}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) connect$auto(0x3, 0x0, 0x81) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x400100000001, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) fstat$auto(r1, &(0x7f0000000280)={0xffff, 0x5, 0x9, 0x1000, 0x0, 0xee00, 0x0, 0x4, 0x3, 0x2, 0x7fffffff, 0x6, 0x7, 0x8, 0x4, 0x9, 0x4}) shmctl$auto_SHM_LOCK(0xfffff21d, 0xb, &(0x7f0000000440)={{0x800, r2, 0xee00, 0x0, 0x6, 0x3}, 0x9, 0xffffffff, 0xb, 0x1, @raw=0x7, @inferred=0xffffffffffffffff, 0x7, 0x0, &(0x7f0000000340)="e31815967dfec7eec0aef559dd3fe9", &(0x7f0000000380)="9c5b2f0211336a40fec8ee44ead4d8d83b60fdf18c99bde876082d71e436f9a2c925f4298803b033113f78f360ea95c7a57bbeee8a9d144f8a776cc63e0128fa28b640c2a7f61c673e02cbec122498cdc59f8382db443a00ac36904d2ef0ff279b82df81cc3b1c25ec2181b00d5b2b20d442cfb689750a2fc7540abeec4bd0a6e8905bd2e51b5cd4e9c48308b6126286249f9507f4726e74f25489941ad0f91a26d4"}) wait4$auto(0xffffffffffffffff, &(0x7f00000004c0)=0x2, 0x9, &(0x7f0000000500)={{0x7, 0xe1}, {0xef7d, 0x80000001}, 0xbd33, 0x1, 0xfffffffffffff001, 0x5, 0x8000000000000000, 0x5, 0x2, 0x7fffffffffffffff, 0xfffffffffffffffa, 0x4, 0x0, 0x9, 0x9, 0xd}) sendmsg$auto_TIPC_NL_NET_GET(0xffffffffffffffff, &(0x7f0000003580)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000003540)={0x0, 0x7468}, 0x1, 0x0, 0x0, 0x4008080}, 0x0) r3 = open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x2, 0x4cbd5d) mmap$auto(0xf22, 0x6, 0xfd5, 0x9d, r3, 0x0) openat$auto_ht40allow_map_ops_debugfs(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/ieee80211/phy7/ht40allow_map\x00', 0x20000, 0x0) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/oom_adj\x00', 0x800, 0x0) 2.578936796s ago: executing program 2 (id=4990): writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_DEL(r0, 0x0, 0x800) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x2c, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x2ffffffffffd) mmap$auto(0x3, 0x402000b, 0x2000006, 0xeb1, 0x401, 0xfff) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/all_slaves_active\x00', 0xb02, 0x0) pwritev$auto(0x3, &(0x7f0000001000)={0x0, 0x8}, 0x5, 0x3, 0x9) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) splice$auto(r1, 0x0, 0xffffffffffffffff, 0x0, 0x8a5b, 0x401) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f00000011c0), 0xa2741, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 2.422016558s ago: executing program 1 (id=4991): setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/173, 0xad) msgsnd$auto(0x2, &(0x7f0000000300)={0x4, 0x9}, 0x65, 0xfffffffd) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r2, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000ab40d66a9c8807eac5ce705a385620e5f12946738af55d2c0c843c7f334e", @ANYRES16=r3, @ANYBLOB="e3db28bd7000fcdbdf2510000000"], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fsconfig$auto(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mbind$auto(0xfffffffffffff000, 0x100000004, 0xfffffffe, 0x0, 0x2000000000006, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = getegid() r5 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000280)={@_si_pad}, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x3, 0x1, 0xf9, 0xfffffffffffffffc, 0x5, 0x6274, 0x9, 0x0, 0xb, 0x35d, 0x439c, 0x9, 0x7}) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r0, r4, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred=r5, @raw=0x5, 0x5, 0x0, 0x0, &(0x7f0000000600)="3b4aab5baf7b70279f51554278b9b2497af28d2f68748361dda23b269d8b59ff913dc2ce2f41389066481eb9ea5492d38b5b950569f4d785c41fe5d0ab02234a66c5d804108051813044b3235a4b452ff0c51b938f2f5440d9ecee6cfad16d8271c93fa2488f5af21c4361fca3799a20b53b6f0c6c3b19b35a674aec24b246c982d5f007b2ecde6cab52699af3b1e94e1a42d4e44b022d7d64730dd5127ccd9f02f7590e93c2c7d8eb6e44"}) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0101, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x8a042, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 2.165931001s ago: executing program 2 (id=4992): rseq$auto(0x0, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x10, 0x2, 0xc) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) r1 = socket(0x2, 0x1, 0x0) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x7fff, 0x4}, 0x80000b}, 0x5, 0x20000000) 1.710243963s ago: executing program 2 (id=4993): setresuid$auto(0x8, 0x8, 0x0) r0 = setfsuid$auto(0xee00) setreuid$auto(r0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000000080)=""/173, 0xad) msgsnd$auto(0x2, &(0x7f0000000300)={0x4, 0x9}, 0x65, 0xfffffffd) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f000000c180), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r2, &(0x7f000000ca40)={0x0, 0x0, &(0x7f000000ca00)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000ab40d66a9c8807eac5ce705a385620e5f12946738af55d2c0c843c7f334e", @ANYRES16=r3, @ANYBLOB="e3db28bd7000fcdbdf2510000000"], 0x14}, 0x1, 0x0, 0x0, 0x841}, 0x4) mmap$auto(0xc, 0x20009, 0x5, 0x14, 0xffffffffffffffff, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) fsconfig$auto(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mbind$auto(0xfffffffffffff000, 0x100000004, 0xfffffffe, 0x0, 0x2000000000006, 0x1) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r4 = getegid() r5 = waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000280)={@_si_pad}, 0x3, &(0x7f0000000440)={{0x8, 0x6}, {0x8, 0xc5e}, 0x100000001, 0x3, 0x1, 0xf9, 0xfffffffffffffffc, 0x5, 0x6274, 0x9, 0x0, 0xb, 0x35d, 0x439c, 0x9, 0x7}) shmctl$auto_SHM_STAT_ANY(0x0, 0xf, &(0x7f00000006c0)={{0x7, r0, r4, 0x4, 0x6, 0x81, 0x48d}, 0x1, 0x5, 0x8, 0x2, @inferred=r5, @raw=0x5, 0x5, 0x0, 0x0, &(0x7f0000000600)="3b4aab5baf7b70279f51554278b9b2497af28d2f68748361dda23b269d8b59ff913dc2ce2f41389066481eb9ea5492d38b5b950569f4d785c41fe5d0ab02234a66c5d804108051813044b3235a4b452ff0c51b938f2f5440d9ecee6cfad16d8271c93fa2488f5af21c4361fca3799a20b53b6f0c6c3b19b35a674aec24b246c982d5f007b2ecde6cab52699af3b1e94e1a42d4e44b022d7d64730dd5127ccd9f02f7590e93c2c7d8eb6e44"}) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0101, 0x15) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x181482, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) openat$auto_transactions_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x8a042, 0x0) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex, 0x3, 0x81, @uprobe_multi={0x81, 0x1ff, 0x3d7e, 0x0, 0x1, 0x4}}, 0x92) 1.666037257s ago: executing program 0 (id=4994): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0xa, 0x1, 0x84) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x4, 0x6, 0x3}, 0x8000, 0x0, 0x6) ppoll$auto(&(0x7f0000000040)={0xffffffffffffffff, 0x5, 0xf}, 0x4, 0x0, 0x0, 0x8) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) 1.643264945s ago: executing program 3 (id=4995): mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x13e, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) r1 = open(&(0x7f0000000040)='./file0\x00', 0x169443, 0x114) r2 = socket(0x29, 0x2, 0x0) ioctl$auto(r2, 0x89f2, 0x24) fcntl$auto(r1, 0x40a, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x28, 0x801, 0x0) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x14d27e, 0x72) socket(0x11, 0x2, 0x0) select$auto(0x6, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x3, 0xfff, 0x1, 0x948b, 0x3, 0x95f4da2d, 0xc, 0x6, 0x62, 0x7, 0x7, 0x6d3f, 0xa, 0x5, 0x5]}, 0x0) write$auto(r4, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000140), 0x60a41, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000100)={[0x1ff, 0x6, 0x1, 0xffffffffffffffe7, 0x800000000000948b, 0x3, 0x15f4da0a, 0x3, 0x4000000000000003, 0x62, 0x80000021, 0x7, 0x6d3e, 0x7fff, 0x8, 0x6]}, 0x0) listen$auto(r3, 0xffffffff) close_range$auto(0x2, 0x8, 0x0) madvise$auto(0x110c230000, 0x8031ca, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SPEED(r5, 0xc0045002, 0x0) 479.461519ms ago: executing program 0 (id=4996): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) write$auto(0xffffffffffffffff, &(0x7f0000000000)='\'\x00', 0x4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x10004) map_shadow_stack$auto(0x40, 0x7, 0x1ff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f602, 0x0) mmap$auto(0xfffffffffffffffc, 0xac15, 0xffc, 0x8000000008011, 0xffffffffffffffff, 0x200009000) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x400000000000, 0x20009, 0x5, 0xeb1, 0x40000000000a5, 0x40000008000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendto$auto(0x3, 0x0, 0x13, 0xfffffff8, &(0x7f0000000440)=@tipc=@name={0x1e, 0x2, 0x3, {{0x1, 0x1}}}, 0x20) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) socket(0x10, 0x2, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x200, 0x1) r2 = open(&(0x7f0000001bc0)='./file0\x00', 0x4140, 0x0) fanotify_mark$auto(0x0, 0x105, 0x8009, r2, 0x0) sendmsg$auto_OVS_METER_CMD_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="be9b6b390d1a8233a7bef2d3c809000000fedbdf2502000000040002000400048008"], 0x28}}, 0x8080) 366.219907ms ago: executing program 0 (id=4997): memfd_secret$auto(0x0) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x1a, 0x1, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x7}, 0x3) listmount$auto(&(0x7f0000000100)={0x1f, @raw, 0x80000002, 0xfffffffffffffff7, 0x2}, 0x0, 0xf4240, 0x1) socket(0x2b, 0x1, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) msgrcv$auto(0x0, 0x0, 0xff9, 0xfffffffffffffffc, 0xb4) r2 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r2, &(0x7f0000000000)="4c91f2c388274610e12c861bb2bfd9", 0xf) 118.668033ms ago: executing program 2 (id=4998): ioperm$auto(0x7, 0x2, 0x10) madvise$auto(0x3a, 0x4, 0xa) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x0, 0x0) pread64$auto(r0, 0x0, 0x10, 0x101000000003) write$auto(0x3, 0x0, 0x70) ioctl$auto_BLKZEROOUT(0xffffffffffffffff, 0x127f, 0x0) socketpair$auto(0x2, 0x1, 0x8000000000000000, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x2) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r1, 0x0, 0x1f40) prctl$auto_PR_SET_VMA(0x53564d41, 0x8, 0x0, 0x8002, 0x2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x44, 0x0) prctl$auto_PR_SET_VMA(0x53564d41, 0x0, 0x0, 0x8002, 0x2) writev$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffff}, 0x6) read$auto(r0, &(0x7f0000000180)='2proc/timer_list\x00\xe1\xfc\xc4\x8f,\xd0\xcb\x1c#\x89\xdc\x008[3C\xbd\x02\x8e-@\x91\a\xf2\x9bY\b\x03k', 0x11) r2 = getpid() sched_setparam$auto(r2, &(0x7f00000000c0)={0x86bc}) ioctl$auto_RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0) madvise$auto(0x7dd0, 0xc, 0xfd) setsockopt$auto(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x17) acct$auto(&(0x7f0000000100)='/dev/v4l-subdev2\x00') openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0x2c0101, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000014c0)={0x3, 0x3000005, 0x1, 0xffffefff, 0xffffffff}) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) 114.316472ms ago: executing program 3 (id=4999): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0x40000000000a5, 0x8000) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='\x00\x00\x00\x00', 0x100000a3d9) mremap$auto(0x0, 0x4000007, 0x3fd7, 0x0, 0x20000020000000) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) ioctl$auto(0x3, 0x400454ca, 0x38) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0x9118) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x3800000, 0xffb, 0x8000000008011, 0x3, 0x8000) msync$auto(0x0, 0xe0, 0x6) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) socket(0x2c, 0x3, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x3, 0x8000000000000000, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x13, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x261c2, 0x184) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000080)='/proc/kpageflags\x00', 0x2, 0x0) readv$auto(0x3, &(0x7f00000000c0)={0x0, 0x101d0}, 0x400) 0s ago: executing program 1 (id=5000): mmap$auto(0x0, 0x400008, 0xdc, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0x1, 0x8) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f00000001c0)="976f09bd689a850edbe36136c8535f593331280bb0b4ba0edd7932ab185cca064833fd9b4d0f81d1b16c3cca5b2611827c2f1ca88bb01e672131ac62d346b5601f538ccf285e7a197166480ef899794cab4b61107cdae019c6139ce8761b2338", 0x60) r1 = socket(0x11, 0x3, 0x6) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x47, 0x4a}) sendmmsg$auto(r1, &(0x7f00000001c0)={{&(0x7f0000000000), 0x5aa, &(0x7f0000000100)={&(0x7f0000000180)="e9fa89a53e03ac7aa286", 0x5ea}, 0x5, 0x0, 0x0, 0x1001}, 0x5}, 0x2, 0x140) kernel console output (not intermixed with test programs): EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1571.342584][T27871] RAX: ffffffffffffffda RBX: 00007f51853e5fa0 RCX: 00007f518518efc9 [ 1571.342602][T27871] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1571.342620][T27871] RBP: 00007f5185211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1571.342644][T27871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1571.342661][T27871] R13: 00007f51853e6038 R14: 00007f51853e5fa0 R15: 00007ffeb9be7fd8 [ 1571.342699][T27871] [ 1571.598764][T27880] syz.0.4679 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 1571.934413][T27889] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1572.219363][T27892] zswap: compressor not available [ 1574.301822][T27943] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1575.677043][T27966] zswap: compressor not available [ 1575.716059][T27965] vivid-007: ================= START STATUS ================= [ 1575.743045][T27965] vivid-007: Enable Output Cropping: true [ 1575.775352][T27965] vivid-007: Enable Output Composing: true [ 1575.844564][T27965] vivid-007: Enable Output Scaler: true [ 1575.850209][T27965] vivid-007: Tx RGB Quantization Range: Automatic [ 1575.862723][T27965] vivid-007: Transmit Mode: HDMI [ 1575.949313][T27965] vivid-007: Hotplug Present: 0x00000000 [ 1575.955412][T27965] vivid-007: RxSense Present: 0x00000000 [ 1575.962773][T27965] vivid-007: EDID Present: 0x00000000 [ 1575.969404][T27965] vivid-007: ================== END STATUS ================== [ 1577.485488][T28007] FAULT_INJECTION: forcing a failure. [ 1577.485488][T28007] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1577.535695][T28007] CPU: 1 UID: 0 PID: 28007 Comm: syz.0.4706 Not tainted syzkaller #0 PREEMPT(full) [ 1577.535728][T28007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1577.535742][T28007] Call Trace: [ 1577.535750][T28007] [ 1577.535759][T28007] dump_stack_lvl+0x16c/0x1f0 [ 1577.535791][T28007] should_fail_ex+0x512/0x640 [ 1577.535828][T28007] should_fail_alloc_page+0xe7/0x130 [ 1577.535861][T28007] prepare_alloc_pages+0x3c2/0x610 [ 1577.535898][T28007] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1577.535925][T28007] ? stack_trace_save+0x8e/0xc0 [ 1577.535953][T28007] ? __pfx_stack_trace_save+0x10/0x10 [ 1577.535976][T28007] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1577.536006][T28007] ? stack_depot_save_flags+0x29/0x9c0 [ 1577.536047][T28007] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1577.536069][T28007] ? __kasan_kmalloc+0xaa/0xb0 [ 1577.536093][T28007] ? copy_splice_read+0x1a8/0xc20 [ 1577.536114][T28007] ? splice_direct_to_actor+0x2a1/0xa30 [ 1577.536136][T28007] ? do_splice_direct+0x174/0x240 [ 1577.536156][T28007] ? do_sendfile+0xb06/0xe50 [ 1577.536177][T28007] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1577.536203][T28007] ? do_syscall_64+0xcd/0xfa0 [ 1577.536227][T28007] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1577.536285][T28007] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1577.536321][T28007] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1577.536356][T28007] ? copy_splice_read+0x1a8/0xc20 [ 1577.536386][T28007] copy_splice_read+0x1e1/0xc20 [ 1577.536418][T28007] ? __pfx_copy_splice_read+0x10/0x10 [ 1577.536458][T28007] ? look_up_lock_class+0x6b/0x150 [ 1577.536494][T28007] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1577.536524][T28007] ? __pfx_filemap_splice_read+0x10/0x10 [ 1577.536552][T28007] do_splice_read+0x2bd/0x370 [ 1577.536579][T28007] splice_direct_to_actor+0x2a1/0xa30 [ 1577.536607][T28007] ? __pfx_direct_splice_actor+0x10/0x10 [ 1577.536638][T28007] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1577.536661][T28007] ? get_pid_task+0xfc/0x250 [ 1577.536701][T28007] do_splice_direct+0x174/0x240 [ 1577.536728][T28007] ? __pfx_do_splice_direct+0x10/0x10 [ 1577.536753][T28007] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1577.536792][T28007] ? bpf_lsm_file_permission+0x9/0x10 [ 1577.536819][T28007] ? security_file_permission+0x71/0x210 [ 1577.536847][T28007] ? rw_verify_area+0xcf/0x6c0 [ 1577.536873][T28007] do_sendfile+0xb06/0xe50 [ 1577.536905][T28007] ? __pfx_do_sendfile+0x10/0x10 [ 1577.536930][T28007] ? __fget_files+0x20e/0x3c0 [ 1577.536964][T28007] __x64_sys_sendfile64+0x1d8/0x220 [ 1577.536994][T28007] ? ksys_write+0x1ac/0x250 [ 1577.537020][T28007] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1577.537061][T28007] do_syscall_64+0xcd/0xfa0 [ 1577.537090][T28007] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1577.537114][T28007] RIP: 0033:0x7f265f38efc9 [ 1577.537136][T28007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1577.537159][T28007] RSP: 002b:00007f265d593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1577.537183][T28007] RAX: ffffffffffffffda RBX: 00007f265f5e6270 RCX: 00007f265f38efc9 [ 1577.537200][T28007] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1577.537215][T28007] RBP: 00007f265d593090 R08: 0000000000000000 R09: 0000000000000000 [ 1577.537236][T28007] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1577.537252][T28007] R13: 00007f265f5e6308 R14: 00007f265f5e6270 R15: 00007ffd359b22f8 [ 1577.537288][T28007] [ 1577.876890][ C1] vkms_vblank_simulate: vblank timer overrun [ 1577.986698][T28009] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1578.715208][T28023] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1579.183487][T28025] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4713'. [ 1580.376928][T28056] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1581.202070][T28073] FAULT_INJECTION: forcing a failure. [ 1581.202070][T28073] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.240221][T28073] CPU: 0 UID: 0 PID: 28073 Comm: syz.3.4719 Not tainted syzkaller #0 PREEMPT(full) [ 1581.240255][T28073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1581.240271][T28073] Call Trace: [ 1581.240280][T28073] [ 1581.240290][T28073] dump_stack_lvl+0x16c/0x1f0 [ 1581.240324][T28073] should_fail_ex+0x512/0x640 [ 1581.240358][T28073] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1581.240388][T28073] should_failslab+0xc2/0x120 [ 1581.240421][T28073] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1581.240447][T28073] ? do_raw_spin_unlock+0x172/0x230 [ 1581.240480][T28073] ? alloc_empty_file+0x55/0x1e0 [ 1581.240517][T28073] ? alloc_empty_file+0x55/0x1e0 [ 1581.240539][T28073] alloc_empty_file+0x55/0x1e0 [ 1581.240562][T28073] dentry_open+0x46/0xd0 [ 1581.240581][T28073] open_namespace+0x100/0x190 [ 1581.240597][T28073] ? __pfx_open_namespace+0x10/0x10 [ 1581.240613][T28073] ? bpf_lsm_capable+0x9/0x10 [ 1581.240634][T28073] open_related_ns+0x41/0x70 [ 1581.240648][T28073] __tun_chr_ioctl+0x1fae/0x4880 [ 1581.240663][T28073] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1581.240687][T28073] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1581.240702][T28073] ? hook_file_ioctl_common+0x145/0x410 [ 1581.240723][T28073] ? __fget_files+0x20e/0x3c0 [ 1581.240740][T28073] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1581.240754][T28073] __x64_sys_ioctl+0x18e/0x210 [ 1581.240776][T28073] do_syscall_64+0xcd/0xfa0 [ 1581.240794][T28073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1581.240817][T28073] RIP: 0033:0x7f0e9ef8efc9 [ 1581.240830][T28073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1581.240846][T28073] RSP: 002b:00007f0e9fd99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1581.240861][T28073] RAX: ffffffffffffffda RBX: 00007f0e9f1e5fa0 RCX: 00007f0e9ef8efc9 [ 1581.240871][T28073] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1581.240880][T28073] RBP: 00007f0e9f011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1581.240889][T28073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1581.240898][T28073] R13: 00007f0e9f1e6038 R14: 00007f0e9f1e5fa0 R15: 00007fff8caabeb8 [ 1581.240918][T28073] [ 1582.056730][T28082] binder: 28081:28082 unknown command 80 [ 1582.062435][T28082] binder: 28081:28082 ioctl c0306201 0 returned -22 [ 1582.064043][T28087] i2c i2c-0: delete_device: Can't find device in list [ 1582.077185][T28082] netlink: 342 bytes leftover after parsing attributes in process `syz.3.4721'. [ 1582.189008][T28080] FAULT_INJECTION: forcing a failure. [ 1582.189008][T28080] name failslab, interval 1, probability 0, space 0, times 0 [ 1582.201907][T28080] CPU: 0 UID: 0 PID: 28080 Comm: syz.2.4722 Not tainted syzkaller #0 PREEMPT(full) [ 1582.201942][T28080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1582.201957][T28080] Call Trace: [ 1582.201966][T28080] [ 1582.201977][T28080] dump_stack_lvl+0x16c/0x1f0 [ 1582.202013][T28080] should_fail_ex+0x512/0x640 [ 1582.202050][T28080] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1582.202083][T28080] should_failslab+0xc2/0x120 [ 1582.202110][T28080] __kvmalloc_node_noprof+0x141/0x9c0 [ 1582.202134][T28080] ? trace_kmalloc+0x2b/0xd0 [ 1582.202157][T28080] ? io_alloc_cache_init+0x38/0x170 [ 1582.202189][T28080] ? io_alloc_cache_init+0x38/0x170 [ 1582.202215][T28080] io_alloc_cache_init+0x38/0x170 [ 1582.202243][T28080] io_rsrc_cache_init+0x40/0x50 [ 1582.202269][T28080] io_uring_setup+0x68e/0x20e0 [ 1582.202294][T28080] ? __pfx_io_uring_setup+0x10/0x10 [ 1582.202316][T28080] ? do_futex+0x122/0x350 [ 1582.202343][T28080] ? __pfx_do_futex+0x10/0x10 [ 1582.202369][T28080] ? find_held_lock+0x2b/0x80 [ 1582.202401][T28080] ? xfd_validate_state+0x61/0x180 [ 1582.202434][T28080] __x64_sys_io_uring_setup+0xc2/0x170 [ 1582.202459][T28080] do_syscall_64+0xcd/0xfa0 [ 1582.202488][T28080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1582.202512][T28080] RIP: 0033:0x7f518518efc9 [ 1582.202532][T28080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1582.202551][T28080] RSP: 002b:00007f518608b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1582.202571][T28080] RAX: ffffffffffffffda RBX: 00007f51853e5fa0 RCX: 00007f518518efc9 [ 1582.202584][T28080] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1582.202596][T28080] RBP: 00007f5185211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1582.202608][T28080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1582.202620][T28080] R13: 00007f51853e6038 R14: 00007f51853e5fa0 R15: 00007ffeb9be7fd8 [ 1582.202649][T28080] [ 1582.533009][T28094] bond0: option all_slaves_active: invalid value () [ 1582.610638][T28097] FAULT_INJECTION: forcing a failure. [ 1582.610638][T28097] name failslab, interval 1, probability 0, space 0, times 0 [ 1582.628092][T28097] CPU: 0 UID: 0 PID: 28097 Comm: syz.1.4726 Not tainted syzkaller #0 PREEMPT(full) [ 1582.628127][T28097] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1582.628148][T28097] Call Trace: [ 1582.628157][T28097] [ 1582.628167][T28097] dump_stack_lvl+0x16c/0x1f0 [ 1582.628199][T28097] should_fail_ex+0x512/0x640 [ 1582.628232][T28097] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1582.628264][T28097] should_failslab+0xc2/0x120 [ 1582.628294][T28097] __kvmalloc_node_noprof+0x141/0x9c0 [ 1582.628321][T28097] ? security_capable+0x7e/0x260 [ 1582.628353][T28097] ? proc_sys_call_handler+0x286/0x570 [ 1582.628383][T28097] ? ns_capable_noaudit+0xda/0x110 [ 1582.628416][T28097] ? proc_sys_call_handler+0x286/0x570 [ 1582.628445][T28097] proc_sys_call_handler+0x286/0x570 [ 1582.628486][T28097] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1582.628518][T28097] ? splice_from_pipe_next+0x1f7/0x5d0 [ 1582.628551][T28097] iter_file_splice_write+0xa24/0x12e0 [ 1582.628598][T28097] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1582.628630][T28097] ? __pfx_copy_splice_read+0x10/0x10 [ 1582.628685][T28097] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1582.628713][T28097] direct_splice_actor+0x192/0x6c0 [ 1582.628742][T28097] splice_direct_to_actor+0x345/0xa30 [ 1582.628768][T28097] ? __pfx_direct_splice_actor+0x10/0x10 [ 1582.628800][T28097] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1582.628823][T28097] ? get_pid_task+0xfc/0x250 [ 1582.628863][T28097] do_splice_direct+0x174/0x240 [ 1582.628888][T28097] ? __pfx_do_splice_direct+0x10/0x10 [ 1582.628913][T28097] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1582.628956][T28097] ? rw_verify_area+0xcf/0x6c0 [ 1582.628983][T28097] do_sendfile+0xb06/0xe50 [ 1582.629014][T28097] ? __pfx_do_sendfile+0x10/0x10 [ 1582.629040][T28097] ? __fget_files+0x20e/0x3c0 [ 1582.629074][T28097] __x64_sys_sendfile64+0x1d8/0x220 [ 1582.629103][T28097] ? ksys_write+0x1ac/0x250 [ 1582.629129][T28097] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1582.629171][T28097] do_syscall_64+0xcd/0xfa0 [ 1582.629200][T28097] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1582.629226][T28097] RIP: 0033:0x7fdf5758efc9 [ 1582.629247][T28097] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1582.629270][T28097] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1582.629294][T28097] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1582.629311][T28097] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 1582.629326][T28097] RBP: 00007fdf58368090 R08: 0000000000000000 R09: 0000000000000000 [ 1582.629341][T28097] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001 [ 1582.629357][T28097] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1582.629394][T28097] [ 1583.301088][T28109] FAULT_INJECTION: forcing a failure. [ 1583.301088][T28109] name failslab, interval 1, probability 0, space 0, times 0 [ 1583.353770][T28109] CPU: 0 UID: 0 PID: 28109 Comm: syz.1.4729 Not tainted syzkaller #0 PREEMPT(full) [ 1583.353808][T28109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1583.353820][T28109] Call Trace: [ 1583.353826][T28109] [ 1583.353833][T28109] dump_stack_lvl+0x16c/0x1f0 [ 1583.353854][T28109] should_fail_ex+0x512/0x640 [ 1583.353876][T28109] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1583.353897][T28109] should_failslab+0xc2/0x120 [ 1583.353917][T28109] __kvmalloc_node_noprof+0x141/0x9c0 [ 1583.353934][T28109] ? trace_kmalloc+0x2b/0xd0 [ 1583.353950][T28109] ? __kvmalloc_node_noprof+0x3c0/0x9c0 [ 1583.353966][T28109] ? io_alloc_cache_init+0x38/0x170 [ 1583.353990][T28109] ? io_alloc_cache_init+0x38/0x170 [ 1583.354008][T28109] io_alloc_cache_init+0x38/0x170 [ 1583.354029][T28109] io_rsrc_cache_init+0x40/0x50 [ 1583.354048][T28109] io_uring_setup+0x68e/0x20e0 [ 1583.354067][T28109] ? __pfx_io_uring_setup+0x10/0x10 [ 1583.354082][T28109] ? do_futex+0x122/0x350 [ 1583.354101][T28109] ? __pfx_do_futex+0x10/0x10 [ 1583.354120][T28109] ? find_held_lock+0x2b/0x80 [ 1583.354143][T28109] ? xfd_validate_state+0x61/0x180 [ 1583.354167][T28109] __x64_sys_io_uring_setup+0xc2/0x170 [ 1583.354184][T28109] do_syscall_64+0xcd/0xfa0 [ 1583.354201][T28109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1583.354216][T28109] RIP: 0033:0x7fdf5758efc9 [ 1583.354228][T28109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1583.354242][T28109] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1583.354256][T28109] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1583.354266][T28109] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1583.354274][T28109] RBP: 00007fdf57611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1583.354282][T28109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1583.354290][T28109] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1583.354309][T28109] [ 1584.516410][T28127] i2c i2c-0: delete_device: Can't find device in list [ 1584.641325][T28134] bond0: option all_slaves_active: invalid value () [ 1584.729948][T28135] FAULT_INJECTION: forcing a failure. [ 1584.729948][T28135] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1584.747521][T28135] CPU: 1 UID: 0 PID: 28135 Comm: syz.0.4735 Not tainted syzkaller #0 PREEMPT(full) [ 1584.747556][T28135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1584.747571][T28135] Call Trace: [ 1584.747580][T28135] [ 1584.747590][T28135] dump_stack_lvl+0x16c/0x1f0 [ 1584.747622][T28135] should_fail_ex+0x512/0x640 [ 1584.747660][T28135] should_fail_alloc_page+0xe7/0x130 [ 1584.747694][T28135] prepare_alloc_pages+0x3c2/0x610 [ 1584.747730][T28135] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1584.747759][T28135] ? stack_trace_save+0x8e/0xc0 [ 1584.747787][T28135] ? __pfx_stack_trace_save+0x10/0x10 [ 1584.747812][T28135] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1584.747843][T28135] ? stack_depot_save_flags+0x29/0x9c0 [ 1584.747887][T28135] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1584.747912][T28135] ? __kasan_kmalloc+0xaa/0xb0 [ 1584.747938][T28135] ? copy_splice_read+0x1a8/0xc20 [ 1584.747961][T28135] ? splice_direct_to_actor+0x2a1/0xa30 [ 1584.747983][T28135] ? do_splice_direct+0x174/0x240 [ 1584.748004][T28135] ? do_sendfile+0xb06/0xe50 [ 1584.748026][T28135] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1584.748054][T28135] ? do_syscall_64+0xcd/0xfa0 [ 1584.748079][T28135] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1584.748130][T28135] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1584.748172][T28135] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1584.748208][T28135] ? copy_splice_read+0x1a8/0xc20 [ 1584.748243][T28135] copy_splice_read+0x1e1/0xc20 [ 1584.748274][T28135] ? __pfx_copy_splice_read+0x10/0x10 [ 1584.748314][T28135] ? look_up_lock_class+0x6b/0x150 [ 1584.748349][T28135] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1584.748378][T28135] ? __pfx_filemap_splice_read+0x10/0x10 [ 1584.748406][T28135] do_splice_read+0x2bd/0x370 [ 1584.748434][T28135] splice_direct_to_actor+0x2a1/0xa30 [ 1584.748461][T28135] ? __pfx_direct_splice_actor+0x10/0x10 [ 1584.748492][T28135] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1584.748515][T28135] ? get_pid_task+0xfc/0x250 [ 1584.748556][T28135] do_splice_direct+0x174/0x240 [ 1584.748581][T28135] ? __pfx_do_splice_direct+0x10/0x10 [ 1584.748606][T28135] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1584.748645][T28135] ? bpf_lsm_file_permission+0x9/0x10 [ 1584.748672][T28135] ? security_file_permission+0x71/0x210 [ 1584.748699][T28135] ? rw_verify_area+0xcf/0x6c0 [ 1584.748725][T28135] do_sendfile+0xb06/0xe50 [ 1584.748756][T28135] ? __pfx_do_sendfile+0x10/0x10 [ 1584.748781][T28135] ? __fget_files+0x20e/0x3c0 [ 1584.748815][T28135] __x64_sys_sendfile64+0x1d8/0x220 [ 1584.748844][T28135] ? ksys_write+0x1ac/0x250 [ 1584.748869][T28135] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1584.748898][T28135] ? xfd_validate_state+0x61/0x180 [ 1584.748941][T28135] do_syscall_64+0xcd/0xfa0 [ 1584.748969][T28135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1584.748992][T28135] RIP: 0033:0x7f265f38efc9 [ 1584.749013][T28135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1584.749035][T28135] RSP: 002b:00007f265d5d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1584.749060][T28135] RAX: ffffffffffffffda RBX: 00007f265f5e6090 RCX: 00007f265f38efc9 [ 1584.749078][T28135] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1584.749093][T28135] RBP: 00007f265d5d5090 R08: 0000000000000000 R09: 0000000000000000 [ 1584.749108][T28135] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1584.749124][T28135] R13: 00007f265f5e6128 R14: 00007f265f5e6090 R15: 00007ffd359b22f8 [ 1584.749160][T28135] [ 1585.793818][T28155] zswap: compressor not available [ 1586.094286][T28167] netlink: 338 bytes leftover after parsing attributes in process `syz.2.4743'. [ 1586.124858][T28167] vxcan1: entered promiscuous mode [ 1586.751655][T28175] FAULT_INJECTION: forcing a failure. [ 1586.751655][T28175] name failslab, interval 1, probability 0, space 0, times 0 [ 1586.778372][T28175] CPU: 1 UID: 0 PID: 28175 Comm: syz.2.4744 Not tainted syzkaller #0 PREEMPT(full) [ 1586.778413][T28175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1586.778427][T28175] Call Trace: [ 1586.778435][T28175] [ 1586.778445][T28175] dump_stack_lvl+0x16c/0x1f0 [ 1586.778476][T28175] should_fail_ex+0x512/0x640 [ 1586.778508][T28175] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1586.778538][T28175] should_failslab+0xc2/0x120 [ 1586.778565][T28175] __kvmalloc_node_noprof+0x141/0x9c0 [ 1586.778590][T28175] ? security_capable+0x7e/0x260 [ 1586.778619][T28175] ? proc_sys_call_handler+0x286/0x570 [ 1586.778650][T28175] ? ns_capable_noaudit+0xda/0x110 [ 1586.778683][T28175] ? proc_sys_call_handler+0x286/0x570 [ 1586.778711][T28175] proc_sys_call_handler+0x286/0x570 [ 1586.778744][T28175] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1586.778778][T28175] ? splice_from_pipe_next+0x1f7/0x5d0 [ 1586.778811][T28175] iter_file_splice_write+0xa24/0x12e0 [ 1586.778857][T28175] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1586.778890][T28175] ? __pfx_copy_splice_read+0x10/0x10 [ 1586.778946][T28175] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1586.778975][T28175] direct_splice_actor+0x192/0x6c0 [ 1586.779004][T28175] splice_direct_to_actor+0x345/0xa30 [ 1586.779040][T28175] ? __pfx_direct_splice_actor+0x10/0x10 [ 1586.779072][T28175] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1586.779094][T28175] ? get_pid_task+0xfc/0x250 [ 1586.779135][T28175] do_splice_direct+0x174/0x240 [ 1586.779161][T28175] ? __pfx_do_splice_direct+0x10/0x10 [ 1586.779186][T28175] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1586.779230][T28175] ? rw_verify_area+0xcf/0x6c0 [ 1586.779257][T28175] do_sendfile+0xb06/0xe50 [ 1586.779289][T28175] ? __pfx_do_sendfile+0x10/0x10 [ 1586.779314][T28175] ? __fget_files+0x20e/0x3c0 [ 1586.779349][T28175] __x64_sys_sendfile64+0x1d8/0x220 [ 1586.779379][T28175] ? ksys_write+0x1ac/0x250 [ 1586.779404][T28175] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1586.779447][T28175] do_syscall_64+0xcd/0xfa0 [ 1586.779476][T28175] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1586.779501][T28175] RIP: 0033:0x7f518518efc9 [ 1586.779522][T28175] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1586.779545][T28175] RSP: 002b:00007f5186028038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1586.779569][T28175] RAX: ffffffffffffffda RBX: 00007f51853e6270 RCX: 00007f518518efc9 [ 1586.779586][T28175] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000008 [ 1586.779600][T28175] RBP: 00007f5186028090 R08: 0000000000000000 R09: 0000000000000000 [ 1586.779615][T28175] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001 [ 1586.779630][T28175] R13: 00007f51853e6308 R14: 00007f51853e6270 R15: 00007ffeb9be7fd8 [ 1586.779667][T28175] [ 1587.055211][ C1] vkms_vblank_simulate: vblank timer overrun [ 1587.701961][T28187] netlink: 146 bytes leftover after parsing attributes in process `syz.0.4748'. [ 1588.111872][T28192] bond0: invalid ARP target specified [ 1588.338349][T28198] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1590.056885][T28228] usb usb36: usbfs: process 28228 (syz.3.4756) did not claim interface 0 before use [ 1590.087801][T28228] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4756'. [ 1590.191401][T28233] nbd: must specify at least one socket [ 1590.833256][T28252] FAULT_INJECTION: forcing a failure. [ 1590.833256][T28252] name failslab, interval 1, probability 0, space 0, times 0 [ 1590.859858][T28252] CPU: 0 UID: 0 PID: 28252 Comm: syz.0.4759 Not tainted syzkaller #0 PREEMPT(full) [ 1590.859892][T28252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1590.859907][T28252] Call Trace: [ 1590.859916][T28252] [ 1590.859926][T28252] dump_stack_lvl+0x16c/0x1f0 [ 1590.859957][T28252] should_fail_ex+0x512/0x640 [ 1590.859991][T28252] ? __kmalloc_noprof+0xca/0x880 [ 1590.860029][T28252] should_failslab+0xc2/0x120 [ 1590.860060][T28252] __kmalloc_noprof+0xdd/0x880 [ 1590.860095][T28252] ? iter_file_splice_write+0x1cc/0x12e0 [ 1590.860128][T28252] ? iter_file_splice_write+0x1cc/0x12e0 [ 1590.860151][T28252] iter_file_splice_write+0x1cc/0x12e0 [ 1590.860183][T28252] ? kfree+0x2b8/0x6d0 [ 1590.860201][T28252] ? copy_splice_read+0x897/0xc20 [ 1590.860230][T28252] ? copy_splice_read+0x897/0xc20 [ 1590.860254][T28252] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1590.860281][T28252] ? __lock_acquire+0xb8a/0x1c90 [ 1590.860316][T28252] ? __pfx_copy_splice_read+0x10/0x10 [ 1590.860371][T28252] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1590.860399][T28252] direct_splice_actor+0x192/0x6c0 [ 1590.860427][T28252] splice_direct_to_actor+0x345/0xa30 [ 1590.860454][T28252] ? __pfx_direct_splice_actor+0x10/0x10 [ 1590.860485][T28252] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1590.860507][T28252] ? get_pid_task+0xfc/0x250 [ 1590.860549][T28252] do_splice_direct+0x174/0x240 [ 1590.860577][T28252] ? __pfx_do_splice_direct+0x10/0x10 [ 1590.860602][T28252] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1590.860651][T28252] ? rw_verify_area+0xcf/0x6c0 [ 1590.860678][T28252] do_sendfile+0xb06/0xe50 [ 1590.860709][T28252] ? __pfx_do_sendfile+0x10/0x10 [ 1590.860734][T28252] ? __fget_files+0x20e/0x3c0 [ 1590.860768][T28252] __x64_sys_sendfile64+0x1d8/0x220 [ 1590.860798][T28252] ? ksys_write+0x1ac/0x250 [ 1590.860823][T28252] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1590.860865][T28252] do_syscall_64+0xcd/0xfa0 [ 1590.860894][T28252] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1590.860919][T28252] RIP: 0033:0x7f265f38efc9 [ 1590.860939][T28252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1590.860961][T28252] RSP: 002b:00007f265d593038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1590.860985][T28252] RAX: ffffffffffffffda RBX: 00007f265f5e6270 RCX: 00007f265f38efc9 [ 1590.861001][T28252] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000008 [ 1590.861016][T28252] RBP: 00007f265d593090 R08: 0000000000000000 R09: 0000000000000000 [ 1590.861031][T28252] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001 [ 1590.861046][T28252] R13: 00007f265f5e6308 R14: 00007f265f5e6270 R15: 00007ffd359b22f8 [ 1590.861081][T28252] [ 1592.361049][T28258] bond0: invalid ARP target specified [ 1592.920291][T28288] FAULT_INJECTION: forcing a failure. [ 1592.920291][T28288] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1592.939328][T28291] FAULT_INJECTION: forcing a failure. [ 1592.939328][T28291] name failslab, interval 1, probability 0, space 0, times 0 [ 1592.974409][T28288] CPU: 0 UID: 0 PID: 28288 Comm: syz.2.4766 Not tainted syzkaller #0 PREEMPT(full) [ 1592.974452][T28288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1592.974468][T28288] Call Trace: [ 1592.974477][T28288] [ 1592.974488][T28288] dump_stack_lvl+0x16c/0x1f0 [ 1592.974520][T28288] should_fail_ex+0x512/0x640 [ 1592.974560][T28288] should_fail_alloc_page+0xe7/0x130 [ 1592.974594][T28288] prepare_alloc_pages+0x3c2/0x610 [ 1592.974631][T28288] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1592.974661][T28288] ? stack_trace_save+0x8e/0xc0 [ 1592.974689][T28288] ? __pfx_stack_trace_save+0x10/0x10 [ 1592.974715][T28288] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1592.974745][T28288] ? stack_depot_save_flags+0x29/0x9c0 [ 1592.974788][T28288] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1592.974813][T28288] ? __kasan_kmalloc+0xaa/0xb0 [ 1592.974840][T28288] ? copy_splice_read+0x1a8/0xc20 [ 1592.974862][T28288] ? splice_direct_to_actor+0x2a1/0xa30 [ 1592.974885][T28288] ? do_splice_direct+0x174/0x240 [ 1592.974907][T28288] ? do_sendfile+0xb06/0xe50 [ 1592.974929][T28288] ? __x64_sys_sendfile64+0x1d8/0x220 [ 1592.974958][T28288] ? do_syscall_64+0xcd/0xfa0 [ 1592.974982][T28288] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1592.975033][T28288] alloc_pages_bulk_noprof+0x71c/0x1410 [ 1592.975071][T28288] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 1592.975109][T28288] ? copy_splice_read+0x1a8/0xc20 [ 1592.975138][T28288] copy_splice_read+0x1e1/0xc20 [ 1592.975170][T28288] ? __pfx_copy_splice_read+0x10/0x10 [ 1592.975211][T28288] ? look_up_lock_class+0x6b/0x150 [ 1592.975248][T28288] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1592.975277][T28288] ? __pfx_filemap_splice_read+0x10/0x10 [ 1592.975305][T28288] do_splice_read+0x2bd/0x370 [ 1592.975334][T28288] splice_direct_to_actor+0x2a1/0xa30 [ 1592.975361][T28288] ? __pfx_direct_splice_actor+0x10/0x10 [ 1592.975393][T28288] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1592.975420][T28288] ? get_pid_task+0xfc/0x250 [ 1592.975470][T28288] do_splice_direct+0x174/0x240 [ 1592.975496][T28288] ? __pfx_do_splice_direct+0x10/0x10 [ 1592.975522][T28288] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1592.975561][T28288] ? bpf_lsm_file_permission+0x9/0x10 [ 1592.975589][T28288] ? security_file_permission+0x71/0x210 [ 1592.975616][T28288] ? rw_verify_area+0xcf/0x6c0 [ 1592.975643][T28288] do_sendfile+0xb06/0xe50 [ 1592.975676][T28288] ? __pfx_do_sendfile+0x10/0x10 [ 1592.975701][T28288] ? __fget_files+0x20e/0x3c0 [ 1592.975735][T28288] __x64_sys_sendfile64+0x1d8/0x220 [ 1592.975765][T28288] ? ksys_write+0x1ac/0x250 [ 1592.975790][T28288] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1592.975832][T28288] do_syscall_64+0xcd/0xfa0 [ 1592.975861][T28288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1592.975886][T28288] RIP: 0033:0x7f518518efc9 [ 1592.975907][T28288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1592.975930][T28288] RSP: 002b:00007f5186049038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1592.975954][T28288] RAX: ffffffffffffffda RBX: 00007f51853e6180 RCX: 00007f518518efc9 [ 1592.975971][T28288] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1592.975986][T28288] RBP: 00007f5186049090 R08: 0000000000000000 R09: 0000000000000000 [ 1592.976001][T28288] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1592.976017][T28288] R13: 00007f51853e6218 R14: 00007f51853e6180 R15: 00007ffeb9be7fd8 [ 1592.976053][T28288] [ 1593.069175][T28291] CPU: 1 UID: 0 PID: 28291 Comm: syz.0.4768 Not tainted syzkaller #0 PREEMPT(full) [ 1593.069208][T28291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1593.069224][T28291] Call Trace: [ 1593.069232][T28291] [ 1593.069242][T28291] dump_stack_lvl+0x16c/0x1f0 [ 1593.069274][T28291] should_fail_ex+0x512/0x640 [ 1593.069308][T28291] ? fs_reclaim_acquire+0xae/0x150 [ 1593.069350][T28291] should_failslab+0xc2/0x120 [ 1593.069381][T28291] __kmalloc_noprof+0xdd/0x880 [ 1593.069416][T28291] ? kfree+0x252/0x6d0 [ 1593.069434][T28291] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1593.069469][T28291] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1593.069496][T28291] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1593.069533][T28291] tomoyo_get_exe+0x63/0xa0 [ 1593.069566][T28291] tomoyo_write_control+0x689/0x1430 [ 1593.069611][T28291] ? __pfx_tomoyo_write_control+0x10/0x10 [ 1593.069651][T28291] ? __pfx_tomoyo_write+0x10/0x10 [ 1593.069676][T28291] vfs_write+0x2a0/0x11d0 [ 1593.069714][T28291] ? __pfx___mutex_lock+0x10/0x10 [ 1593.069743][T28291] ? __pfx_vfs_write+0x10/0x10 [ 1593.069782][T28291] ? __fget_files+0x20e/0x3c0 [ 1593.069817][T28291] ksys_write+0x12a/0x250 [ 1593.069842][T28291] ? __pfx_ksys_write+0x10/0x10 [ 1593.069879][T28291] do_syscall_64+0xcd/0xfa0 [ 1593.069908][T28291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1593.069933][T28291] RIP: 0033:0x7f265f38efc9 [ 1593.069953][T28291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1593.069976][T28291] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1593.070000][T28291] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1593.070017][T28291] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 1593.070032][T28291] RBP: 00007f265d5f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1593.070047][T28291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1593.070062][T28291] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1593.070098][T28291] [ 1593.072657][T28291] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1594.019599][T28307] FAULT_INJECTION: forcing a failure. [ 1594.019599][T28307] name failslab, interval 1, probability 0, space 0, times 0 [ 1594.058208][T28307] CPU: 0 UID: 0 PID: 28307 Comm: syz.0.4772 Not tainted syzkaller #0 PREEMPT(full) [ 1594.058231][T28307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1594.058240][T28307] Call Trace: [ 1594.058246][T28307] [ 1594.058261][T28307] dump_stack_lvl+0x16c/0x1f0 [ 1594.058282][T28307] should_fail_ex+0x512/0x640 [ 1594.058304][T28307] ? __kmalloc_noprof+0xca/0x880 [ 1594.058329][T28307] should_failslab+0xc2/0x120 [ 1594.058349][T28307] __kmalloc_noprof+0xdd/0x880 [ 1594.058371][T28307] ? vb2_core_allocated_buffers_storage+0x184/0x220 [ 1594.058397][T28307] ? vb2_core_allocated_buffers_storage+0x184/0x220 [ 1594.058418][T28307] vb2_core_allocated_buffers_storage+0x184/0x220 [ 1594.058441][T28307] vb2_core_reqbufs+0x398/0xfe0 [ 1594.058466][T28307] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 1594.058499][T28307] __vb2_init_fileio+0x3f1/0x1100 [ 1594.058522][T28307] ? __mutex_lock+0x1c5/0x1060 [ 1594.058544][T28307] __vb2_perform_fileio+0x9c2/0x1660 [ 1594.058571][T28307] ? __pfx___vb2_perform_fileio+0x10/0x10 [ 1594.058594][T28307] ? get_pid_task+0xfc/0x250 [ 1594.058618][T28307] vb2_fop_read+0x215/0x3e0 [ 1594.058636][T28307] ? common_file_perm+0x1a9/0x340 [ 1594.058654][T28307] v4l2_read+0x229/0x360 [ 1594.058670][T28307] ? __pfx_v4l2_read+0x10/0x10 [ 1594.058686][T28307] vfs_read+0x1e4/0xcf0 [ 1594.058705][T28307] ? __pfx_vfs_read+0x10/0x10 [ 1594.058719][T28307] ? find_held_lock+0x2b/0x80 [ 1594.058734][T28307] ? __fget_files+0x204/0x3c0 [ 1594.058751][T28307] ? __fget_files+0x20e/0x3c0 [ 1594.058771][T28307] ksys_read+0x12a/0x250 [ 1594.058785][T28307] ? __pfx_ksys_read+0x10/0x10 [ 1594.058806][T28307] do_syscall_64+0xcd/0xfa0 [ 1594.058823][T28307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1594.058838][T28307] RIP: 0033:0x7f265f38efc9 [ 1594.058851][T28307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1594.058865][T28307] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1594.058879][T28307] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1594.058889][T28307] RDX: 0000000000000016 RSI: 00002000000010c0 RDI: 0000000000000005 [ 1594.058898][T28307] RBP: 00007f265d5f6090 R08: 0000000000000000 R09: 0000000000000000 [ 1594.058907][T28307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1594.058915][T28307] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1594.058935][T28307] [ 1594.399685][T28311] usb usb36: usbfs: process 28311 (syz.3.4773) did not claim interface 0 before use [ 1594.835742][T28315] bond0: invalid ARP target specified [ 1596.185044][T28346] zswap: compressor not available [ 1597.309876][T28368] FAULT_INJECTION: forcing a failure. [ 1597.309876][T28368] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.339156][T28368] CPU: 0 UID: 0 PID: 28368 Comm: syz.1.4784 Not tainted syzkaller #0 PREEMPT(full) [ 1597.339195][T28368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1597.339209][T28368] Call Trace: [ 1597.339217][T28368] [ 1597.339225][T28368] dump_stack_lvl+0x16c/0x1f0 [ 1597.339254][T28368] should_fail_ex+0x512/0x640 [ 1597.339283][T28368] ? fs_reclaim_acquire+0xae/0x150 [ 1597.339313][T28368] should_failslab+0xc2/0x120 [ 1597.339340][T28368] __kmalloc_noprof+0xdd/0x880 [ 1597.339372][T28368] ? tomoyo_encode2+0x100/0x3e0 [ 1597.339401][T28368] ? tomoyo_encode2+0x100/0x3e0 [ 1597.339421][T28368] tomoyo_encode2+0x100/0x3e0 [ 1597.339448][T28368] tomoyo_encode+0x29/0x50 [ 1597.339469][T28368] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1597.339501][T28368] tomoyo_path_number_perm+0x245/0x580 [ 1597.339532][T28368] ? tomoyo_path_number_perm+0x237/0x580 [ 1597.339566][T28368] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1597.339599][T28368] ? find_held_lock+0x2b/0x80 [ 1597.339649][T28368] ? find_held_lock+0x2b/0x80 [ 1597.339669][T28368] ? hook_file_ioctl_common+0x145/0x410 [ 1597.339697][T28368] ? __fget_files+0x20e/0x3c0 [ 1597.339724][T28368] security_file_ioctl+0x9b/0x240 [ 1597.339746][T28368] __x64_sys_ioctl+0xb7/0x210 [ 1597.339779][T28368] do_syscall_64+0xcd/0xfa0 [ 1597.339804][T28368] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.339826][T28368] RIP: 0033:0x7fdf5758efc9 [ 1597.339845][T28368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1597.339865][T28368] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1597.339886][T28368] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1597.339900][T28368] RDX: 0000200000000180 RSI: 000000000000227d RDI: 0000000000000007 [ 1597.339914][T28368] RBP: 00007fdf58368090 R08: 0000000000000000 R09: 0000000000000000 [ 1597.339926][T28368] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1597.339939][T28368] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1597.339972][T28368] [ 1597.341045][T28368] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1597.575815][T28364] FAULT_INJECTION: forcing a failure. [ 1597.575815][T28364] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.588614][T28364] CPU: 0 UID: 0 PID: 28364 Comm: syz.0.4783 Not tainted syzkaller #0 PREEMPT(full) [ 1597.588650][T28364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1597.588665][T28364] Call Trace: [ 1597.588674][T28364] [ 1597.588684][T28364] dump_stack_lvl+0x16c/0x1f0 [ 1597.588720][T28364] should_fail_ex+0x512/0x640 [ 1597.588756][T28364] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1597.588786][T28364] should_failslab+0xc2/0x120 [ 1597.588820][T28364] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1597.588847][T28364] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 1597.588877][T28364] ? __d_alloc+0x32/0xae0 [ 1597.588911][T28364] ? __d_alloc+0x32/0xae0 [ 1597.588935][T28364] __d_alloc+0x32/0xae0 [ 1597.588969][T28364] path_from_stashed+0x427/0x750 [ 1597.589005][T28364] open_namespace+0x8e/0x190 [ 1597.589032][T28364] ? __pfx_open_namespace+0x10/0x10 [ 1597.589062][T28364] ? bpf_lsm_capable+0x9/0x10 [ 1597.589099][T28364] open_related_ns+0x41/0x70 [ 1597.589124][T28364] __tun_chr_ioctl+0x1fae/0x4880 [ 1597.589149][T28364] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1597.589199][T28364] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1597.589231][T28364] ? hook_file_ioctl_common+0x145/0x410 [ 1597.589264][T28364] ? __fget_files+0x20e/0x3c0 [ 1597.589296][T28364] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1597.589323][T28364] __x64_sys_ioctl+0x18e/0x210 [ 1597.589373][T28364] do_syscall_64+0xcd/0xfa0 [ 1597.589405][T28364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.589431][T28364] RIP: 0033:0x7f265f38efc9 [ 1597.589452][T28364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1597.589477][T28364] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1597.589502][T28364] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1597.589519][T28364] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1597.589536][T28364] RBP: 00007f265f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1597.589552][T28364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1597.589568][T28364] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1597.589604][T28364] [ 1598.019604][T28381] random: crng reseeded on system resumption [ 1598.070979][T28384] bond0: option all_slaves_active: invalid value () [ 1598.125255][T28385] i2c i2c-0: delete_device: Can't find device in list [ 1601.039844][T28436] FAULT_INJECTION: forcing a failure. [ 1601.039844][T28436] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.082834][T28436] CPU: 0 UID: 0 PID: 28436 Comm: syz.1.4801 Not tainted syzkaller #0 PREEMPT(full) [ 1601.082872][T28436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1601.082883][T28436] Call Trace: [ 1601.082889][T28436] [ 1601.082896][T28436] dump_stack_lvl+0x16c/0x1f0 [ 1601.082916][T28436] should_fail_ex+0x512/0x640 [ 1601.082938][T28436] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1601.082959][T28436] should_failslab+0xc2/0x120 [ 1601.082978][T28436] __kvmalloc_node_noprof+0x141/0x9c0 [ 1601.082995][T28436] ? trace_kmalloc+0x2b/0xd0 [ 1601.083012][T28436] ? io_alloc_cache_init+0x38/0x170 [ 1601.083036][T28436] ? io_alloc_cache_init+0x38/0x170 [ 1601.083055][T28436] io_alloc_cache_init+0x38/0x170 [ 1601.083075][T28436] io_rsrc_cache_init+0x40/0x50 [ 1601.083094][T28436] io_uring_setup+0x68e/0x20e0 [ 1601.083112][T28436] ? __pfx_io_uring_setup+0x10/0x10 [ 1601.083128][T28436] ? do_futex+0x122/0x350 [ 1601.083147][T28436] ? __pfx_do_futex+0x10/0x10 [ 1601.083167][T28436] ? find_held_lock+0x2b/0x80 [ 1601.083189][T28436] ? xfd_validate_state+0x61/0x180 [ 1601.083214][T28436] __x64_sys_io_uring_setup+0xc2/0x170 [ 1601.083231][T28436] do_syscall_64+0xcd/0xfa0 [ 1601.083248][T28436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1601.083263][T28436] RIP: 0033:0x7fdf5758efc9 [ 1601.083275][T28436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1601.083289][T28436] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1601.083304][T28436] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1601.083313][T28436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1601.083321][T28436] RBP: 00007fdf57611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1601.083330][T28436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1601.083339][T28436] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1601.083359][T28436] [ 1601.480401][T28444] FAULT_INJECTION: forcing a failure. [ 1601.480401][T28444] name failslab, interval 1, probability 0, space 0, times 0 [ 1601.504795][T28444] CPU: 0 UID: 0 PID: 28444 Comm: syz.0.4803 Not tainted syzkaller #0 PREEMPT(full) [ 1601.504833][T28444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1601.504849][T28444] Call Trace: [ 1601.504859][T28444] [ 1601.504870][T28444] dump_stack_lvl+0x16c/0x1f0 [ 1601.504903][T28444] should_fail_ex+0x512/0x640 [ 1601.504937][T28444] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1601.504965][T28444] should_failslab+0xc2/0x120 [ 1601.504992][T28444] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1601.505014][T28444] ? vm_area_alloc+0x1f/0x160 [ 1601.505050][T28444] ? vm_area_alloc+0x1f/0x160 [ 1601.505077][T28444] vm_area_alloc+0x1f/0x160 [ 1601.505106][T28444] __mmap_region+0xf85/0x27a0 [ 1601.505127][T28444] ? find_held_lock+0x2b/0x80 [ 1601.505150][T28444] ? __pfx___mmap_region+0x10/0x10 [ 1601.505168][T28444] ? finish_task_switch.isra.0+0x21c/0xc10 [ 1601.505192][T28444] ? rcu_is_watching+0x12/0xc0 [ 1601.505214][T28444] ? finish_task_switch.isra.0+0x221/0xc10 [ 1601.505235][T28444] ? lockdep_hardirqs_on+0x7c/0x110 [ 1601.505259][T28444] ? finish_task_switch.isra.0+0x221/0xc10 [ 1601.505306][T28444] ? __pfx___schedule+0x10/0x10 [ 1601.505359][T28444] ? trace_cap_capable+0x18d/0x200 [ 1601.505395][T28444] mmap_region+0x1ab/0x3f0 [ 1601.505416][T28444] ? __get_unmapped_area+0x267/0x440 [ 1601.505444][T28444] do_mmap+0xa3e/0x1210 [ 1601.505474][T28444] ? __pfx_do_mmap+0x10/0x10 [ 1601.505500][T28444] ? __pfx_down_write_killable+0x10/0x10 [ 1601.505532][T28444] vm_mmap_pgoff+0x29e/0x470 [ 1601.505563][T28444] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 1601.505588][T28444] ? find_held_lock+0x2b/0x80 [ 1601.505612][T28444] ? __x64_sys_futex+0x1e0/0x4c0 [ 1601.505638][T28444] ? __x64_sys_futex+0x1e9/0x4c0 [ 1601.505668][T28444] ksys_mmap_pgoff+0x7d/0x5c0 [ 1601.505691][T28444] ? xfd_validate_state+0x61/0x180 [ 1601.505724][T28444] __x64_sys_mmap+0x125/0x190 [ 1601.505763][T28444] do_syscall_64+0xcd/0xfa0 [ 1601.505789][T28444] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1601.505812][T28444] RIP: 0033:0x7f265f38efc9 [ 1601.505831][T28444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1601.505851][T28444] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1601.505872][T28444] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1601.505886][T28444] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 1601.505899][T28444] RBP: 00007f265f411f91 R08: 0000000000000002 R09: 0000000000008000 [ 1601.505912][T28444] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 1601.505925][T28444] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1601.505955][T28444] [ 1602.570173][T28468] bond0: invalid ARP target specified [ 1603.095744][T28471] zswap: compressor not available [ 1604.330328][T28506] FAULT_INJECTION: forcing a failure. [ 1604.330328][T28506] name failslab, interval 1, probability 0, space 0, times 0 [ 1604.404549][T28506] CPU: 1 UID: 0 PID: 28506 Comm: syz.1.4811 Not tainted syzkaller #0 PREEMPT(full) [ 1604.404588][T28506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1604.404604][T28506] Call Trace: [ 1604.404615][T28506] [ 1604.404626][T28506] dump_stack_lvl+0x16c/0x1f0 [ 1604.404660][T28506] should_fail_ex+0x512/0x640 [ 1604.404698][T28506] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1604.404729][T28506] should_failslab+0xc2/0x120 [ 1604.404762][T28506] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1604.404789][T28506] ? lockdep_hardirqs_on+0x7c/0x110 [ 1604.404817][T28506] ? __d_alloc+0x32/0xae0 [ 1604.404849][T28506] ? __d_alloc+0x32/0xae0 [ 1604.404876][T28506] __d_alloc+0x32/0xae0 [ 1604.404909][T28506] path_from_stashed+0x427/0x750 [ 1604.404945][T28506] open_namespace+0x8e/0x190 [ 1604.404971][T28506] ? __pfx_open_namespace+0x10/0x10 [ 1604.405001][T28506] ? bpf_lsm_capable+0x9/0x10 [ 1604.405038][T28506] open_related_ns+0x41/0x70 [ 1604.405064][T28506] __tun_chr_ioctl+0x1fae/0x4880 [ 1604.405089][T28506] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1604.405130][T28506] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1604.405159][T28506] ? hook_file_ioctl_common+0x145/0x410 [ 1604.405194][T28506] ? __fget_files+0x20e/0x3c0 [ 1604.405224][T28506] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1604.405252][T28506] __x64_sys_ioctl+0x18e/0x210 [ 1604.405296][T28506] do_syscall_64+0xcd/0xfa0 [ 1604.405328][T28506] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1604.405355][T28506] RIP: 0033:0x7fdf5758efc9 [ 1604.405377][T28506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1604.405401][T28506] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1604.405427][T28506] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1604.405445][T28506] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1604.405462][T28506] RBP: 00007fdf57611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1604.405478][T28506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1604.405494][T28506] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1604.405531][T28506] [ 1604.643478][T28513] FAULT_INJECTION: forcing a failure. [ 1604.643478][T28513] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1604.656649][T28513] CPU: 0 UID: 0 PID: 28513 Comm: syz.3.4810 Not tainted syzkaller #0 PREEMPT(full) [ 1604.656683][T28513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1604.656698][T28513] Call Trace: [ 1604.656708][T28513] [ 1604.656718][T28513] dump_stack_lvl+0x16c/0x1f0 [ 1604.656750][T28513] should_fail_ex+0x512/0x640 [ 1604.656789][T28513] _copy_to_user+0x32/0xd0 [ 1604.656824][T28513] simple_read_from_buffer+0xcb/0x170 [ 1604.656864][T28513] proc_fail_nth_read+0x197/0x240 [ 1604.656892][T28513] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1604.656923][T28513] ? rw_verify_area+0xcf/0x6c0 [ 1604.656947][T28513] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1604.656975][T28513] vfs_read+0x1e4/0xcf0 [ 1604.657007][T28513] ? __pfx___mutex_lock+0x10/0x10 [ 1604.657035][T28513] ? __pfx_vfs_read+0x10/0x10 [ 1604.657072][T28513] ? __fget_files+0x20e/0x3c0 [ 1604.657109][T28513] ksys_read+0x12a/0x250 [ 1604.657134][T28513] ? __pfx_ksys_read+0x10/0x10 [ 1604.657161][T28513] ? fput+0x9b/0xd0 [ 1604.657198][T28513] do_syscall_64+0xcd/0xfa0 [ 1604.657228][T28513] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1604.657254][T28513] RIP: 0033:0x7f0e9ef8d9dc [ 1604.657276][T28513] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1604.657300][T28513] RSP: 002b:00007f0e9fd57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1604.657325][T28513] RAX: ffffffffffffffda RBX: 00007f0e9f1e6180 RCX: 00007f0e9ef8d9dc [ 1604.657343][T28513] RDX: 000000000000000f RSI: 00007f0e9fd570a0 RDI: 0000000000000005 [ 1604.657359][T28513] RBP: 00007f0e9fd57090 R08: 0000000000000000 R09: 0000000000000000 [ 1604.657375][T28513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1604.657391][T28513] R13: 00007f0e9f1e6218 R14: 00007f0e9f1e6180 R15: 00007fff8caabeb8 [ 1604.657428][T28513] [ 1605.098575][T28519] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1605.673921][T28522] zswap: compressor not available [ 1605.898065][ T5147] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 1605.907333][ T5147] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 1605.916354][ T5147] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 1605.941728][ T5147] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 1605.949560][ T5147] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 1606.067368][ T6039] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1606.377009][ T6039] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1606.724408][ T6039] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1606.840853][T28534] chnl_net:caif_netlink_parms(): no params data found [ 1606.987432][ T6039] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1607.190873][T28534] bridge0: port 1(bridge_slave_0) entered blocking state [ 1607.202742][T28534] bridge0: port 1(bridge_slave_0) entered disabled state [ 1607.210228][T28534] bridge_slave_0: entered allmulticast mode [ 1607.218476][T28534] bridge_slave_0: entered promiscuous mode [ 1607.227174][T28534] bridge0: port 2(bridge_slave_1) entered blocking state [ 1607.235116][T28534] bridge0: port 2(bridge_slave_1) entered disabled state [ 1607.242279][T28534] bridge_slave_1: entered allmulticast mode [ 1607.249904][T28534] bridge_slave_1: entered promiscuous mode [ 1607.405685][T28534] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1607.477153][T28534] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1607.560758][T28534] team0: Port device team_slave_0 added [ 1607.595634][T28534] team0: Port device team_slave_1 added [ 1607.608707][T28570] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1607.668379][ T6039] bridge_slave_1: left allmulticast mode [ 1607.674414][ T6039] bridge_slave_1: left promiscuous mode [ 1607.682477][ T6039] bridge0: port 2(bridge_slave_1) entered disabled state [ 1607.691836][ T6039] bridge_slave_0: left allmulticast mode [ 1607.699128][ T6039] bridge_slave_0: left promiscuous mode [ 1607.705310][ T6039] bridge0: port 1(bridge_slave_0) entered disabled state [ 1608.022776][T27713] Bluetooth: hci3: command tx timeout [ 1608.181669][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1608.197242][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1608.208607][ T6039] bond0 (unregistering): Released all slaves [ 1608.231976][T28534] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1608.245616][T28534] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1608.272295][T28534] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1608.403440][T28534] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1608.410798][T28534] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1608.442585][T28534] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1608.542304][T28582] FAULT_INJECTION: forcing a failure. [ 1608.542304][T28582] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1608.560971][T28582] CPU: 0 UID: 0 PID: 28582 Comm: syz.0.4826 Not tainted syzkaller #0 PREEMPT(full) [ 1608.561002][T28582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1608.561015][T28582] Call Trace: [ 1608.561023][T28582] [ 1608.561031][T28582] dump_stack_lvl+0x16c/0x1f0 [ 1608.561062][T28582] should_fail_ex+0x512/0x640 [ 1608.561106][T28582] strncpy_from_user+0x3b/0x2e0 [ 1608.561138][T28582] getname_flags.part.0+0x8f/0x550 [ 1608.561174][T28582] getname_flags+0x93/0xf0 [ 1608.561196][T28582] do_sys_openat2+0xb8/0x1d0 [ 1608.561227][T28582] ? __pfx_do_sys_openat2+0x10/0x10 [ 1608.561268][T28582] __x64_sys_openat+0x174/0x210 [ 1608.561298][T28582] ? __pfx___x64_sys_openat+0x10/0x10 [ 1608.561341][T28582] do_syscall_64+0xcd/0xfa0 [ 1608.561366][T28582] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1608.561388][T28582] RIP: 0033:0x7f265f38efc9 [ 1608.561407][T28582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1608.561427][T28582] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1608.561448][T28582] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1608.561463][T28582] RDX: 0000000000008001 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1608.561477][T28582] RBP: 00007f265f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1608.561490][T28582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1608.561503][T28582] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1608.561534][T28582] [ 1608.776613][T28585] FAULT_INJECTION: forcing a failure. [ 1608.776613][T28585] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1608.790493][T28585] CPU: 0 UID: 0 PID: 28585 Comm: syz.1.4827 Not tainted syzkaller #0 PREEMPT(full) [ 1608.790530][T28585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1608.790547][T28585] Call Trace: [ 1608.790557][T28585] [ 1608.790567][T28585] dump_stack_lvl+0x16c/0x1f0 [ 1608.790603][T28585] should_fail_ex+0x512/0x640 [ 1608.790664][T28585] get_futex_key+0x1d0/0x1560 [ 1608.790704][T28585] ? __pfx_get_futex_key+0x10/0x10 [ 1608.790733][T28585] ? futex_private_hash_put+0x176/0x300 [ 1608.790773][T28585] futex_wake+0xea/0x530 [ 1608.790807][T28585] ? futex_wait+0x120/0x380 [ 1608.790832][T28585] ? __pfx_futex_wake+0x10/0x10 [ 1608.790866][T28585] ? __lock_acquire+0x622/0x1c90 [ 1608.790904][T28585] ? fput+0x9b/0xd0 [ 1608.790942][T28585] do_futex+0x1e3/0x350 [ 1608.790975][T28585] ? __pfx_do_futex+0x10/0x10 [ 1608.791018][T28585] __x64_sys_futex+0x1e0/0x4c0 [ 1608.791056][T28585] ? __pfx___x64_sys_futex+0x10/0x10 [ 1608.791100][T28585] ? __sys_getsockopt+0x144/0x1b0 [ 1608.791151][T28585] do_syscall_64+0xcd/0xfa0 [ 1608.791183][T28585] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1608.791209][T28585] RIP: 0033:0x7fdf5758efc9 [ 1608.791231][T28585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1608.791258][T28585] RSP: 002b:00007fdf583680e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1608.791284][T28585] RAX: ffffffffffffffda RBX: 00007fdf577e5fa8 RCX: 00007fdf5758efc9 [ 1608.791304][T28585] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fdf577e5fac [ 1608.791322][T28585] RBP: 00007fdf577e5fa0 R08: 00007fdf58369000 R09: 0000000000000000 [ 1608.791340][T28585] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 1608.791358][T28585] R13: 00007fdf577e6038 R14: 00007ffe3a1b91f0 R15: 00007ffe3a1b92d8 [ 1608.791397][T28585] [ 1608.991988][T28534] hsr_slave_0: entered promiscuous mode [ 1608.998776][T28534] hsr_slave_1: entered promiscuous mode [ 1609.005224][T28534] debugfs: 'hsr0' already exists in 'hsr' [ 1609.013476][T28534] Cannot create hsr debugfs directory [ 1609.793156][ T6039] hsr_slave_0: left promiscuous mode [ 1609.818328][ T6039] hsr_slave_1: left promiscuous mode [ 1609.845932][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1609.872558][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1609.940819][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1609.953679][T28605] FAULT_INJECTION: forcing a failure. [ 1609.953679][T28605] name failslab, interval 1, probability 0, space 0, times 0 [ 1609.957977][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1609.982587][T28605] CPU: 1 UID: 0 PID: 28605 Comm: syz.1.4829 Not tainted syzkaller #0 PREEMPT(full) [ 1609.982622][T28605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1609.982638][T28605] Call Trace: [ 1609.982648][T28605] [ 1609.982658][T28605] dump_stack_lvl+0x16c/0x1f0 [ 1609.982698][T28605] should_fail_ex+0x512/0x640 [ 1609.982734][T28605] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1609.982765][T28605] should_failslab+0xc2/0x120 [ 1609.982795][T28605] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1609.982822][T28605] ? security_file_alloc+0x34/0x2b0 [ 1609.982853][T28605] ? security_file_alloc+0x34/0x2b0 [ 1609.982875][T28605] security_file_alloc+0x34/0x2b0 [ 1609.982902][T28605] init_file+0x93/0x4c0 [ 1609.982934][T28605] alloc_empty_file+0x73/0x1e0 [ 1609.982969][T28605] path_openat+0xda/0x2cb0 [ 1609.983010][T28605] ? __pfx_path_openat+0x10/0x10 [ 1609.983038][T28605] ? __lock_acquire+0xb8a/0x1c90 [ 1609.983074][T28605] do_filp_open+0x20b/0x470 [ 1609.983101][T28605] ? __pfx_do_filp_open+0x10/0x10 [ 1609.983149][T28605] ? alloc_fd+0x471/0x7d0 [ 1609.983181][T28605] do_sys_openat2+0x11b/0x1d0 [ 1609.983214][T28605] ? __pfx_do_sys_openat2+0x10/0x10 [ 1609.983260][T28605] __x64_sys_openat+0x174/0x210 [ 1609.983293][T28605] ? __pfx___x64_sys_openat+0x10/0x10 [ 1609.983337][T28605] do_syscall_64+0xcd/0xfa0 [ 1609.983368][T28605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1609.983395][T28605] RIP: 0033:0x7fdf5758efc9 [ 1609.983417][T28605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1609.983441][T28605] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1609.983466][T28605] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1609.983483][T28605] RDX: 0000000000008001 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1609.983499][T28605] RBP: 00007fdf57611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1609.983515][T28605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1609.983531][T28605] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1609.983567][T28605] [ 1610.102982][T27713] Bluetooth: hci3: command tx timeout [ 1610.352471][ T6039] veth1_macvtap: left promiscuous mode [ 1610.360456][ T6039] veth0_macvtap: left promiscuous mode [ 1610.367202][ T6039] veth1_vlan: left promiscuous mode [ 1610.373309][ T6039] veth0_vlan: left promiscuous mode [ 1610.840143][T28617] blktrace: Concurrent blktraces are not allowed on loop2 [ 1612.073750][ T6039] team0 (unregistering): Port device team_slave_1 removed [ 1612.119732][ T6039] team0 (unregistering): Port device team_slave_0 removed [ 1612.277011][T27713] Bluetooth: hci3: command tx timeout [ 1612.564404][T28635] FAULT_INJECTION: forcing a failure. [ 1612.564404][T28635] name failslab, interval 1, probability 0, space 0, times 0 [ 1612.577950][T28635] CPU: 0 UID: 0 PID: 28635 Comm: syz.0.4833 Not tainted syzkaller #0 PREEMPT(full) [ 1612.577987][T28635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1612.578004][T28635] Call Trace: [ 1612.578013][T28635] [ 1612.578024][T28635] dump_stack_lvl+0x16c/0x1f0 [ 1612.578058][T28635] should_fail_ex+0x512/0x640 [ 1612.578095][T28635] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1612.578125][T28635] should_failslab+0xc2/0x120 [ 1612.578156][T28635] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1612.578181][T28635] ? do_raw_spin_unlock+0x172/0x230 [ 1612.578217][T28635] ? alloc_empty_file+0x55/0x1e0 [ 1612.578257][T28635] ? alloc_empty_file+0x55/0x1e0 [ 1612.578289][T28635] alloc_empty_file+0x55/0x1e0 [ 1612.578324][T28635] dentry_open+0x46/0xd0 [ 1612.578358][T28635] open_namespace+0x100/0x190 [ 1612.578385][T28635] ? __pfx_open_namespace+0x10/0x10 [ 1612.578416][T28635] ? bpf_lsm_capable+0x9/0x10 [ 1612.578462][T28635] open_related_ns+0x41/0x70 [ 1612.578488][T28635] __tun_chr_ioctl+0x1fae/0x4880 [ 1612.578514][T28635] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1612.578557][T28635] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1612.578586][T28635] ? hook_file_ioctl_common+0x145/0x410 [ 1612.578622][T28635] ? __fget_files+0x20e/0x3c0 [ 1612.578653][T28635] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1612.578679][T28635] __x64_sys_ioctl+0x18e/0x210 [ 1612.578717][T28635] do_syscall_64+0xcd/0xfa0 [ 1612.578748][T28635] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1612.578775][T28635] RIP: 0033:0x7f265f38efc9 [ 1612.578797][T28635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1612.578821][T28635] RSP: 002b:00007f265d5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1612.578847][T28635] RAX: ffffffffffffffda RBX: 00007f265f5e5fa0 RCX: 00007f265f38efc9 [ 1612.578865][T28635] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1612.578881][T28635] RBP: 00007f265f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1612.578897][T28635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1612.578913][T28635] R13: 00007f265f5e6038 R14: 00007f265f5e5fa0 R15: 00007ffd359b22f8 [ 1612.578950][T28635] [ 1612.753482][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1612.812584][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1613.606208][ T5159] Trying to write to read-only block-device sda1 [ 1614.352609][T27713] Bluetooth: hci3: command tx timeout [ 1615.455258][T28534] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1615.513635][T28534] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1615.679052][T28534] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1615.701138][T28534] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1616.265048][T28534] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1616.280794][T28534] 8021q: adding VLAN 0 to HW filter on device team0 [ 1616.301198][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 1616.308371][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1616.355038][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 1616.362253][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1616.790381][T28724] FAULT_INJECTION: forcing a failure. [ 1616.790381][T28724] name failslab, interval 1, probability 0, space 0, times 0 [ 1616.815203][T28724] CPU: 1 UID: 0 PID: 28724 Comm: syz.1.4844 Not tainted syzkaller #0 PREEMPT(full) [ 1616.815241][T28724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1616.815264][T28724] Call Trace: [ 1616.815274][T28724] [ 1616.815286][T28724] dump_stack_lvl+0x16c/0x1f0 [ 1616.815322][T28724] should_fail_ex+0x512/0x640 [ 1616.815360][T28724] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1616.815392][T28724] should_failslab+0xc2/0x120 [ 1616.815427][T28724] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1616.815453][T28724] ? do_raw_spin_unlock+0x172/0x230 [ 1616.815490][T28724] ? alloc_empty_file+0x55/0x1e0 [ 1616.815530][T28724] ? alloc_empty_file+0x55/0x1e0 [ 1616.815562][T28724] alloc_empty_file+0x55/0x1e0 [ 1616.815597][T28724] dentry_open+0x46/0xd0 [ 1616.815631][T28724] open_namespace+0x100/0x190 [ 1616.815659][T28724] ? __pfx_open_namespace+0x10/0x10 [ 1616.815689][T28724] ? bpf_lsm_capable+0x9/0x10 [ 1616.815726][T28724] open_related_ns+0x41/0x70 [ 1616.815753][T28724] __tun_chr_ioctl+0x1fae/0x4880 [ 1616.815778][T28724] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1616.815820][T28724] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1616.815850][T28724] ? hook_file_ioctl_common+0x145/0x410 [ 1616.815886][T28724] ? __fget_files+0x20e/0x3c0 [ 1616.815917][T28724] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1616.815945][T28724] __x64_sys_ioctl+0x18e/0x210 [ 1616.815985][T28724] do_syscall_64+0xcd/0xfa0 [ 1616.816015][T28724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1616.816042][T28724] RIP: 0033:0x7fdf5758efc9 [ 1616.816065][T28724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1616.816090][T28724] RSP: 002b:00007fdf58368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1616.816118][T28724] RAX: ffffffffffffffda RBX: 00007fdf577e5fa0 RCX: 00007fdf5758efc9 [ 1616.816137][T28724] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1616.816154][T28724] RBP: 00007fdf57611f91 R08: 0000000000000000 R09: 0000000000000000 [ 1616.816171][T28724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1616.816186][T28724] R13: 00007fdf577e6038 R14: 00007fdf577e5fa0 R15: 00007ffe3a1b92d8 [ 1616.816225][T28724] [ 1617.429700][T28534] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1617.541562][T28534] veth0_vlan: entered promiscuous mode [ 1617.607049][T28534] veth1_vlan: entered promiscuous mode [ 1617.675835][T28534] veth0_macvtap: entered promiscuous mode [ 1617.696850][T28534] veth1_macvtap: entered promiscuous mode [ 1617.731318][T28534] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1617.789858][T28534] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1617.847435][ T6039] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1617.926799][ T6039] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1617.947157][ T6039] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1617.973654][ T6039] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1618.182791][ T6039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1618.213987][ T6039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1618.243771][T19852] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1618.251648][T19852] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1618.971035][T28770] zswap: compressor not available [ 1619.765839][ T5147] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1619.783772][ T5147] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1619.795064][ T5147] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1619.811810][ T5147] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1619.819456][ T5147] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1620.455876][T28788] FAULT_INJECTION: forcing a failure. [ 1620.455876][T28788] name failslab, interval 1, probability 0, space 0, times 0 [ 1620.472292][T28788] CPU: 0 UID: 0 PID: 28788 Comm: syz.3.4857 Not tainted syzkaller #0 PREEMPT(full) [ 1620.472328][T28788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1620.472345][T28788] Call Trace: [ 1620.472354][T28788] [ 1620.472363][T28788] dump_stack_lvl+0x16c/0x1f0 [ 1620.472397][T28788] should_fail_ex+0x512/0x640 [ 1620.472434][T28788] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1620.472464][T28788] should_failslab+0xc2/0x120 [ 1620.472500][T28788] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1620.472525][T28788] ? do_raw_spin_unlock+0x172/0x230 [ 1620.472560][T28788] ? alloc_empty_file+0x55/0x1e0 [ 1620.472595][T28788] ? alloc_empty_file+0x55/0x1e0 [ 1620.472625][T28788] alloc_empty_file+0x55/0x1e0 [ 1620.472661][T28788] dentry_open+0x46/0xd0 [ 1620.472694][T28788] open_namespace+0x100/0x190 [ 1620.472720][T28788] ? __pfx_open_namespace+0x10/0x10 [ 1620.472752][T28788] ? bpf_lsm_capable+0x9/0x10 [ 1620.472788][T28788] open_related_ns+0x41/0x70 [ 1620.472812][T28788] __tun_chr_ioctl+0x1fae/0x4880 [ 1620.472832][T28788] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1620.472874][T28788] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1620.472898][T28788] ? hook_file_ioctl_common+0x145/0x410 [ 1620.472927][T28788] ? __fget_files+0x20e/0x3c0 [ 1620.472953][T28788] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1620.472975][T28788] __x64_sys_ioctl+0x18e/0x210 [ 1620.473006][T28788] do_syscall_64+0xcd/0xfa0 [ 1620.473031][T28788] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1620.473052][T28788] RIP: 0033:0x7f0e9ef8efc9 [ 1620.473069][T28788] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1620.473090][T28788] RSP: 002b:00007f0e9fd99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1620.473110][T28788] RAX: ffffffffffffffda RBX: 00007f0e9f1e5fa0 RCX: 00007f0e9ef8efc9 [ 1620.473124][T28788] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1620.473137][T28788] RBP: 00007f0e9f011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1620.473150][T28788] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1620.473162][T28788] R13: 00007f0e9f1e6038 R14: 00007f0e9f1e5fa0 R15: 00007fff8caabeb8 [ 1620.473191][T28788] [ 1621.308783][T19852] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1621.446449][T28781] chnl_net:caif_netlink_parms(): no params data found [ 1621.572217][T19852] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1621.863687][ T5147] Bluetooth: hci4: command tx timeout [ 1621.956810][T19852] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.002175][T28781] bridge0: port 1(bridge_slave_0) entered blocking state [ 1622.014618][T28781] bridge0: port 1(bridge_slave_0) entered disabled state [ 1622.033655][T28781] bridge_slave_0: entered allmulticast mode [ 1622.093078][T28781] bridge_slave_0: entered promiscuous mode [ 1622.120439][T28781] bridge0: port 2(bridge_slave_1) entered blocking state [ 1622.132111][T28781] bridge0: port 2(bridge_slave_1) entered disabled state [ 1622.142462][T28781] bridge_slave_1: entered allmulticast mode [ 1622.165461][T28781] bridge_slave_1: entered promiscuous mode [ 1622.257276][T19852] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1622.524978][T28781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1622.597885][T28781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1622.690305][T28781] team0: Port device team_slave_0 added [ 1622.752303][T28781] team0: Port device team_slave_1 added [ 1622.827201][T28781] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1622.874412][T28781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1622.931049][T28781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1622.974028][T19852] bridge_slave_1: left allmulticast mode [ 1622.979714][T19852] bridge_slave_1: left promiscuous mode [ 1623.003543][T19852] bridge0: port 2(bridge_slave_1) entered disabled state [ 1623.028458][T19852] bridge_slave_0: left allmulticast mode [ 1623.049157][T19852] bridge_slave_0: left promiscuous mode [ 1623.060742][T19852] bridge0: port 1(bridge_slave_0) entered disabled state [ 1623.096685][T28822] zswap: compressor 000 not available [ 1623.943238][ T5147] Bluetooth: hci4: command tx timeout [ 1623.984754][T19852] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1624.035512][T19852] bond0 (unregistering): Released all slaves [ 1624.049808][T28781] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1624.059971][T28781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1624.106268][T28781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1624.150237][T28820] FAULT_INJECTION: forcing a failure. [ 1624.150237][T28820] name failslab, interval 1, probability 0, space 0, times 0 [ 1624.208329][T28820] CPU: 0 UID: 0 PID: 28820 Comm: syz.3.4863 Not tainted syzkaller #0 PREEMPT(full) [ 1624.208367][T28820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1624.208384][T28820] Call Trace: [ 1624.208394][T28820] [ 1624.208405][T28820] dump_stack_lvl+0x16c/0x1f0 [ 1624.208440][T28820] should_fail_ex+0x512/0x640 [ 1624.208475][T28820] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1624.208507][T28820] should_failslab+0xc2/0x120 [ 1624.208542][T28820] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1624.208571][T28820] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 1624.208603][T28820] ? __d_alloc+0x32/0xae0 [ 1624.208638][T28820] ? __d_alloc+0x32/0xae0 [ 1624.208664][T28820] __d_alloc+0x32/0xae0 [ 1624.208698][T28820] path_from_stashed+0x427/0x750 [ 1624.208734][T28820] open_namespace+0x8e/0x190 [ 1624.208761][T28820] ? __pfx_open_namespace+0x10/0x10 [ 1624.208792][T28820] ? bpf_lsm_capable+0x9/0x10 [ 1624.208829][T28820] open_related_ns+0x41/0x70 [ 1624.208856][T28820] __tun_chr_ioctl+0x1fae/0x4880 [ 1624.208882][T28820] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1624.208924][T28820] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1624.208954][T28820] ? hook_file_ioctl_common+0x145/0x410 [ 1624.208989][T28820] ? __fget_files+0x20e/0x3c0 [ 1624.209020][T28820] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1624.209047][T28820] __x64_sys_ioctl+0x18e/0x210 [ 1624.209102][T28820] do_syscall_64+0xcd/0xfa0 [ 1624.209134][T28820] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1624.209162][T28820] RIP: 0033:0x7f0e9ef8efc9 [ 1624.209184][T28820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1624.209209][T28820] RSP: 002b:00007f0e9fd99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1624.209241][T28820] RAX: ffffffffffffffda RBX: 00007f0e9f1e5fa0 RCX: 00007f0e9ef8efc9 [ 1624.209260][T28820] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1624.209276][T28820] RBP: 00007f0e9f011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1624.209293][T28820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1624.209310][T28820] R13: 00007f0e9f1e6038 R14: 00007f0e9f1e5fa0 R15: 00007fff8caabeb8 [ 1624.209347][T28820] [ 1625.029954][T28781] hsr_slave_0: entered promiscuous mode [ 1625.046587][T28781] hsr_slave_1: entered promiscuous mode [ 1625.063555][T28781] debugfs: 'hsr0' already exists in 'hsr' [ 1625.070181][T28781] Cannot create hsr debugfs directory [ 1625.356170][T19852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1625.369370][T19852] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1625.397353][T19852] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1625.412636][T19852] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1625.512455][T19852] veth1_macvtap: left promiscuous mode [ 1625.519013][T19852] veth0_macvtap: left promiscuous mode [ 1625.525151][T19852] veth1_vlan: left promiscuous mode [ 1625.530572][T19852] veth0_vlan: left promiscuous mode [ 1626.022726][ T5147] Bluetooth: hci4: command tx timeout [ 1626.149463][T19852] team0 (unregistering): Port device team_slave_1 removed [ 1626.421121][T19852] team0 (unregistering): Port device team_slave_0 removed [ 1626.508768][T28868] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1626.745431][ T6039] Trying to write to read-only block-device sda [ 1626.874925][T28868] zswap: compressor not available [ 1628.118394][ T5147] Bluetooth: hci4: command tx timeout [ 1628.521724][T28894] FAULT_INJECTION: forcing a failure. [ 1628.521724][T28894] name failslab, interval 1, probability 0, space 0, times 0 [ 1628.560321][T28894] CPU: 0 UID: 0 PID: 28894 Comm: syz.3.4875 Not tainted syzkaller #0 PREEMPT(full) [ 1628.560361][T28894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1628.560377][T28894] Call Trace: [ 1628.560387][T28894] [ 1628.560398][T28894] dump_stack_lvl+0x16c/0x1f0 [ 1628.560433][T28894] should_fail_ex+0x512/0x640 [ 1628.560472][T28894] ? __kmalloc_noprof+0xca/0x880 [ 1628.560514][T28894] should_failslab+0xc2/0x120 [ 1628.560549][T28894] __kmalloc_noprof+0xdd/0x880 [ 1628.560585][T28894] ? __pfx___mutex_lock+0x10/0x10 [ 1628.560615][T28894] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 1628.560653][T28894] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 1628.560684][T28894] kvm_io_bus_register_dev+0x1cf/0x720 [ 1628.560726][T28894] kvm_ioapic_init+0x429/0x590 [ 1628.560759][T28894] kvm_arch_vm_ioctl+0x912/0x18b0 [ 1628.560799][T28894] ? register_lock_class+0x41/0x4c0 [ 1628.560831][T28894] ? find_held_lock+0x2b/0x80 [ 1628.560856][T28894] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 1628.560882][T28894] ? ima_match_policy+0x7f9/0x22e0 [ 1628.560914][T28894] ? __lock_acquire+0x622/0x1c90 [ 1628.560953][T28894] ? __lock_acquire+0x622/0x1c90 [ 1628.560998][T28894] ? __lock_acquire+0x622/0x1c90 [ 1628.561054][T28894] ? __lock_acquire+0x622/0x1c90 [ 1628.561114][T28894] ? bpf_ksym_find+0x124/0x1c0 [ 1628.561143][T28894] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1628.561176][T28894] ? is_bpf_text_address+0x94/0x1a0 [ 1628.561212][T28894] ? kernel_text_address+0x8d/0x100 [ 1628.561248][T28894] ? widen_string+0xdc/0x2d0 [ 1628.561282][T28894] ? __kernel_text_address+0xd/0x40 [ 1628.561306][T28894] ? unwind_get_return_address+0x59/0xa0 [ 1628.561334][T28894] ? arch_stack_walk+0xa6/0x100 [ 1628.561376][T28894] ? stack_trace_save+0x8e/0xc0 [ 1628.561404][T28894] ? __pfx_stack_trace_save+0x10/0x10 [ 1628.561435][T28894] ? stack_depot_save_flags+0x29/0x9c0 [ 1628.561473][T28894] ? __lock_acquire+0xb8a/0x1c90 [ 1628.561510][T28894] ? kasan_save_stack+0x42/0x60 [ 1628.561539][T28894] ? kasan_save_stack+0x33/0x60 [ 1628.561565][T28894] ? kasan_save_track+0x14/0x30 [ 1628.561592][T28894] ? __kasan_save_free_info+0x3b/0x60 [ 1628.561616][T28894] ? __kasan_slab_free+0x5f/0x80 [ 1628.561661][T28894] ? kfree+0x2b8/0x6d0 [ 1628.561681][T28894] ? tomoyo_path_number_perm+0x470/0x580 [ 1628.561725][T28894] kvm_vm_ioctl+0x1a91/0x3fd0 [ 1628.561782][T28894] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1628.561839][T28894] ? kasan_quarantine_put+0x10a/0x240 [ 1628.561871][T28894] ? lockdep_hardirqs_on+0x7c/0x110 [ 1628.561903][T28894] ? find_held_lock+0x2b/0x80 [ 1628.561932][T28894] ? tomoyo_path_number_perm+0x295/0x580 [ 1628.561977][T28894] ? tomoyo_path_number_perm+0x18d/0x580 [ 1628.562030][T28894] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1628.562087][T28894] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1628.562130][T28894] ? do_vfs_ioctl+0x128/0x14f0 [ 1628.562167][T28894] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1628.562216][T28894] ? find_held_lock+0x2b/0x80 [ 1628.562243][T28894] ? hook_file_ioctl_common+0x145/0x410 [ 1628.562278][T28894] ? __fget_files+0x20e/0x3c0 [ 1628.562311][T28894] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1628.562342][T28894] __x64_sys_ioctl+0x18e/0x210 [ 1628.562382][T28894] do_syscall_64+0xcd/0xfa0 [ 1628.562413][T28894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1628.562442][T28894] RIP: 0033:0x7f0e9ef8efc9 [ 1628.562465][T28894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1628.562495][T28894] RSP: 002b:00007f0e9fd99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1628.562519][T28894] RAX: ffffffffffffffda RBX: 00007f0e9f1e5fa0 RCX: 00007f0e9ef8efc9 [ 1628.562536][T28894] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 1628.562553][T28894] RBP: 00007f0e9f011f91 R08: 0000000000000000 R09: 0000000000000000 [ 1628.562569][T28894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1628.562585][T28894] R13: 00007f0e9f1e6038 R14: 00007f0e9f1e5fa0 R15: 00007fff8caabeb8 [ 1628.562625][T28894] [ 1629.403954][T28781] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1629.508863][T28781] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1629.538350][T28781] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1629.775751][T28781] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1629.814266][T28907] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1630.201366][T28781] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1630.344967][T28781] 8021q: adding VLAN 0 to HW filter on device team0 [ 1630.361541][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 1630.368688][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1630.414697][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 1630.421843][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1630.812910][T28943] i2c i2c-0: delete_device: Can't find device in list [ 1631.338948][T28781] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1631.484672][T28781] veth0_vlan: entered promiscuous mode [ 1631.517281][T28781] veth1_vlan: entered promiscuous mode [ 1631.767392][T28781] veth0_macvtap: entered promiscuous mode [ 1631.883935][T28781] veth1_macvtap: entered promiscuous mode [ 1631.949311][T28781] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1632.063375][T28781] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1632.126277][T19859] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.136215][T19859] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.167098][T19859] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.228937][T19859] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1632.443511][T28971] FAULT_INJECTION: forcing a failure. [ 1632.443511][T28971] name failslab, interval 1, probability 0, space 0, times 0 [ 1632.459258][T28971] CPU: 0 UID: 0 PID: 28971 Comm: syz.2.4884 Not tainted syzkaller #0 PREEMPT(full) [ 1632.459295][T28971] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1632.459312][T28971] Call Trace: [ 1632.459321][T28971] [ 1632.459332][T28971] dump_stack_lvl+0x16c/0x1f0 [ 1632.459380][T28971] should_fail_ex+0x512/0x640 [ 1632.459419][T28971] ? __kmalloc_noprof+0xca/0x880 [ 1632.459462][T28971] should_failslab+0xc2/0x120 [ 1632.459494][T28971] __kmalloc_noprof+0xdd/0x880 [ 1632.459529][T28971] ? __pfx___mutex_lock+0x10/0x10 [ 1632.459559][T28971] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 1632.459596][T28971] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 1632.459624][T28971] kvm_io_bus_register_dev+0x1cf/0x720 [ 1632.459667][T28971] kvm_ioapic_init+0x429/0x590 [ 1632.459699][T28971] kvm_arch_vm_ioctl+0x912/0x18b0 [ 1632.459731][T28971] ? register_lock_class+0x41/0x4c0 [ 1632.459763][T28971] ? find_held_lock+0x2b/0x80 [ 1632.459789][T28971] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 1632.459818][T28971] ? ima_match_policy+0x7f9/0x22e0 [ 1632.459849][T28971] ? __lock_acquire+0x622/0x1c90 [ 1632.459886][T28971] ? __lock_acquire+0x622/0x1c90 [ 1632.459930][T28971] ? __lock_acquire+0x622/0x1c90 [ 1632.459971][T28971] ? __lock_acquire+0x622/0x1c90 [ 1632.460027][T28971] ? bpf_ksym_find+0x124/0x1c0 [ 1632.460056][T28971] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1632.460084][T28971] ? is_bpf_text_address+0x94/0x1a0 [ 1632.460115][T28971] ? kernel_text_address+0x8d/0x100 [ 1632.460151][T28971] ? widen_string+0xdc/0x2d0 [ 1632.460179][T28971] ? __kernel_text_address+0xd/0x40 [ 1632.460201][T28971] ? unwind_get_return_address+0x59/0xa0 [ 1632.460229][T28971] ? arch_stack_walk+0xa6/0x100 [ 1632.460264][T28971] ? stack_trace_save+0x8e/0xc0 [ 1632.460291][T28971] ? __pfx_stack_trace_save+0x10/0x10 [ 1632.460317][T28971] ? stack_depot_save_flags+0x29/0x9c0 [ 1632.460352][T28971] ? __lock_acquire+0xb8a/0x1c90 [ 1632.460398][T28971] ? kasan_save_stack+0x42/0x60 [ 1632.460426][T28971] ? kasan_save_stack+0x33/0x60 [ 1632.460451][T28971] ? kasan_save_track+0x14/0x30 [ 1632.460474][T28971] ? __kasan_save_free_info+0x3b/0x60 [ 1632.460496][T28971] ? __kasan_slab_free+0x5f/0x80 [ 1632.460529][T28971] ? kfree+0x2b8/0x6d0 [ 1632.460548][T28971] ? tomoyo_path_number_perm+0x470/0x580 [ 1632.460590][T28971] kvm_vm_ioctl+0x1a91/0x3fd0 [ 1632.460631][T28971] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1632.460679][T28971] ? kasan_quarantine_put+0x10a/0x240 [ 1632.460708][T28971] ? lockdep_hardirqs_on+0x7c/0x110 [ 1632.460739][T28971] ? find_held_lock+0x2b/0x80 [ 1632.460765][T28971] ? tomoyo_path_number_perm+0x295/0x580 [ 1632.460807][T28971] ? tomoyo_path_number_perm+0x18d/0x580 [ 1632.460849][T28971] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1632.460901][T28971] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1632.460943][T28971] ? do_vfs_ioctl+0x128/0x14f0 [ 1632.460978][T28971] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1632.461024][T28971] ? find_held_lock+0x2b/0x80 [ 1632.461049][T28971] ? hook_file_ioctl_common+0x145/0x410 [ 1632.461085][T28971] ? __fget_files+0x20e/0x3c0 [ 1632.461117][T28971] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 1632.461147][T28971] __x64_sys_ioctl+0x18e/0x210 [ 1632.461185][T28971] do_syscall_64+0xcd/0xfa0 [ 1632.461217][T28971] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1632.461245][T28971] RIP: 0033:0x7fb43c98efc9 [ 1632.461268][T28971] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1632.461292][T28971] RSP: 002b:00007fb43d74a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1632.461318][T28971] RAX: ffffffffffffffda RBX: 00007fb43cbe5fa0 RCX: 00007fb43c98efc9 [ 1632.461337][T28971] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 1632.461354][T28971] RBP: 00007fb43ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1632.461382][T28971] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1632.461399][T28971] R13: 00007fb43cbe6038 R14: 00007fb43cbe5fa0 R15: 00007fff1928ddc8 [ 1632.461439][T28971] [ 1633.156945][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1633.173551][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1633.289439][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1633.312887][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1633.948079][T28997] i2c i2c-0: delete_device: Can't find device in list [ 1635.213496][T27713] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1635.224291][T27713] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1635.234016][T27713] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1635.242104][T27713] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1635.250348][T27713] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1635.813027][T19852] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1635.918644][T19852] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1636.135174][T19852] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1636.359117][T19852] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1636.406373][T29016] chnl_net:caif_netlink_parms(): no params data found [ 1636.820763][T29016] bridge0: port 1(bridge_slave_0) entered blocking state [ 1636.832836][T29016] bridge0: port 1(bridge_slave_0) entered disabled state [ 1636.852667][T29016] bridge_slave_0: entered allmulticast mode [ 1636.870146][T29016] bridge_slave_0: entered promiscuous mode [ 1636.903650][T29016] bridge0: port 2(bridge_slave_1) entered blocking state [ 1636.910751][T29016] bridge0: port 2(bridge_slave_1) entered disabled state [ 1636.978617][T29016] bridge_slave_1: entered allmulticast mode [ 1636.990577][T29016] bridge_slave_1: entered promiscuous mode [ 1637.272720][T19852] bridge_slave_1: left allmulticast mode [ 1637.278409][T19852] bridge_slave_1: left promiscuous mode [ 1637.302670][ T5147] Bluetooth: hci1: command tx timeout [ 1637.343842][T19852] bridge0: port 2(bridge_slave_1) entered disabled state [ 1637.365162][T19852] bridge_slave_0: left allmulticast mode [ 1637.370820][T19852] bridge_slave_0: left promiscuous mode [ 1637.391365][T19852] bridge0: port 1(bridge_slave_0) entered disabled state [ 1638.749479][T29062] i2c i2c-0: delete_device: Can't find device in list [ 1639.104239][T19852] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1639.132451][T19852] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1639.149409][T19852] bond0 (unregistering): Released all slaves [ 1639.165501][T29016] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1639.196175][T29016] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1639.377764][T29016] team0: Port device team_slave_0 added [ 1639.383828][ T5147] Bluetooth: hci1: command tx timeout [ 1639.444198][T29016] team0: Port device team_slave_1 added [ 1639.745036][T29016] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1639.752134][T29016] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1639.780982][T29016] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1639.794814][T29016] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1639.801774][T29016] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1639.830186][T29016] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1640.269900][T19852] hsr_slave_0: left promiscuous mode [ 1640.285825][T19852] hsr_slave_1: left promiscuous mode [ 1640.315050][T19852] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1640.322470][T19852] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1640.371949][T19852] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1640.380382][T19852] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1640.490324][T19852] veth1_macvtap: left promiscuous mode [ 1640.548849][T19852] veth0_macvtap: left promiscuous mode [ 1640.555389][T19852] veth1_vlan: left promiscuous mode [ 1640.560747][T19852] veth0_vlan: left promiscuous mode [ 1640.571308][ T30] audit: type=1800 audit(4294985742.344:9): pid=29098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4901" name="dbroot" dev="configfs" ino=151483 res=0 errno=0 [ 1640.957380][T29094] zswap: compressor not available [ 1641.009531][T29101] db_root: cannot open: [ 1641.472572][ T5147] Bluetooth: hci1: command tx timeout [ 1642.322207][T19852] team0 (unregistering): Port device team_slave_1 removed [ 1642.369869][T19852] team0 (unregistering): Port device team_slave_0 removed [ 1642.894740][T29016] hsr_slave_0: entered promiscuous mode [ 1642.905372][T29016] hsr_slave_1: entered promiscuous mode [ 1643.542618][ T5147] Bluetooth: hci1: command tx timeout [ 1643.674217][T29127] bond0: option all_slaves_active: invalid value () [ 1643.691416][T29128] i2c i2c-0: delete_device: Can't find device in list [ 1643.919319][T29133] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1644.192929][T29140] zswap: compressor not available [ 1644.393767][T29016] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1644.447856][T29016] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1644.502126][T29016] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1644.567894][T29016] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1645.570636][T29016] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1645.615370][T29165] zswap: compressor not available [ 1645.974880][T29016] 8021q: adding VLAN 0 to HW filter on device team0 [ 1646.018275][T19859] bridge0: port 1(bridge_slave_0) entered blocking state [ 1646.025495][T19859] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1646.056779][T19862] bridge0: port 2(bridge_slave_1) entered blocking state [ 1646.063971][T19862] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1646.211013][T29016] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1646.799682][T29016] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1647.161753][T29016] veth0_vlan: entered promiscuous mode [ 1647.258989][T29016] veth1_vlan: entered promiscuous mode [ 1647.336073][T29016] veth0_macvtap: entered promiscuous mode [ 1647.359722][T29016] veth1_macvtap: entered promiscuous mode [ 1647.440116][T29016] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1647.512901][T29016] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1647.529697][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1647.594707][ T12] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1647.622054][ T12] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1647.638763][T29228] i2c i2c-0: delete_device: Can't find device in list [ 1647.646790][ T12] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1647.828167][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1647.874109][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1647.954136][T29238] netlink: 5 bytes leftover after parsing attributes in process `syz.1.4919'. [ 1647.970514][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1647.985706][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1648.606439][T29249] FAULT_INJECTION: forcing a failure. [ 1648.606439][T29249] name failslab, interval 1, probability 0, space 0, times 0 [ 1648.619262][T29249] CPU: 0 UID: 0 PID: 29249 Comm: syz.3.4887 Not tainted syzkaller #0 PREEMPT(full) [ 1648.619286][T29249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1648.619296][T29249] Call Trace: [ 1648.619301][T29249] [ 1648.619308][T29249] dump_stack_lvl+0x16c/0x1f0 [ 1648.619329][T29249] should_fail_ex+0x512/0x640 [ 1648.619351][T29249] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 1648.619370][T29249] should_failslab+0xc2/0x120 [ 1648.619389][T29249] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 1648.619405][T29249] ? __pfx_inode_set_ctime_current+0x10/0x10 [ 1648.619423][T29249] ? __d_alloc+0x32/0xae0 [ 1648.619442][T29249] ? __d_alloc+0x32/0xae0 [ 1648.619457][T29249] __d_alloc+0x32/0xae0 [ 1648.619474][T29249] path_from_stashed+0x427/0x750 [ 1648.619495][T29249] open_namespace+0x8e/0x190 [ 1648.619509][T29249] ? __pfx_open_namespace+0x10/0x10 [ 1648.619526][T29249] ? bpf_lsm_capable+0x9/0x10 [ 1648.619547][T29249] open_related_ns+0x41/0x70 [ 1648.619561][T29249] __tun_chr_ioctl+0x1fae/0x4880 [ 1648.619576][T29249] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 1648.619599][T29249] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 1648.619615][T29249] ? hook_file_ioctl_common+0x145/0x410 [ 1648.619634][T29249] ? __fget_files+0x20e/0x3c0 [ 1648.619650][T29249] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 1648.619665][T29249] __x64_sys_ioctl+0x18e/0x210 [ 1648.619687][T29249] do_syscall_64+0xcd/0xfa0 [ 1648.619704][T29249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1648.619719][T29249] RIP: 0033:0x7fc41b78efc9 [ 1648.619740][T29249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1648.619756][T29249] RSP: 002b:00007fc41c6a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1648.619777][T29249] RAX: ffffffffffffffda RBX: 00007fc41b9e5fa0 RCX: 00007fc41b78efc9 [ 1648.619787][T29249] RDX: 0000000000005c8d RSI: 00000000000054e3 RDI: 00000000000000c8 [ 1648.619797][T29249] RBP: 00007fc41b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1648.619806][T29249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1648.619815][T29249] R13: 00007fc41b9e6038 R14: 00007fc41b9e5fa0 R15: 00007ffd53f50428 [ 1648.619836][T29249] [ 1649.848287][T29269] zswap: compressor not available [ 1650.399698][T29291] i2c i2c-0: delete_device: Can't find device in list [ 1650.498197][T29290] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1650.963412][T29290] zswap: compressor not available [ 1651.031292][T27713] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1651.045073][T27713] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1651.055022][T27713] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1651.063606][T27713] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1651.071347][T27713] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1651.429099][T29304] zswap: compressor not available [ 1651.530237][ T6039] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1651.701851][ T6039] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1651.820884][ T6039] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1651.994360][ T6039] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1652.419102][T29305] chnl_net:caif_netlink_parms(): no params data found [ 1652.685806][T29305] bridge0: port 1(bridge_slave_0) entered blocking state [ 1652.700107][T29305] bridge0: port 1(bridge_slave_0) entered disabled state [ 1652.716156][T29305] bridge_slave_0: entered allmulticast mode [ 1652.740864][T29305] bridge_slave_0: entered promiscuous mode [ 1652.752824][ T6039] bridge_slave_1: left allmulticast mode [ 1652.759740][ T6039] bridge_slave_1: left promiscuous mode [ 1652.771200][ T6039] bridge0: port 2(bridge_slave_1) entered disabled state [ 1652.804335][ T6039] bridge_slave_0: left allmulticast mode [ 1652.817755][ T6039] bridge_slave_0: left promiscuous mode [ 1652.839402][ T6039] bridge0: port 1(bridge_slave_0) entered disabled state [ 1653.143424][ T5147] Bluetooth: hci0: command tx timeout [ 1654.377319][ T6039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1654.396648][ T6039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1654.407162][ T6039] bond0 (unregistering): Released all slaves [ 1654.620837][T29305] bridge0: port 2(bridge_slave_1) entered blocking state [ 1654.658670][T29305] bridge0: port 2(bridge_slave_1) entered disabled state [ 1654.725946][T29305] bridge_slave_1: entered allmulticast mode [ 1654.733852][T29305] bridge_slave_1: entered promiscuous mode [ 1655.040022][T29305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1655.224259][ T5147] Bluetooth: hci0: command tx timeout [ 1655.274768][T29350] i2c i2c-0: delete_device: Can't find device in list [ 1655.331524][T29305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1655.457064][T29305] team0: Port device team_slave_0 added [ 1655.488242][T29305] team0: Port device team_slave_1 added [ 1655.674848][T29305] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1655.690870][T29305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1655.742545][T29305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1655.764156][T29305] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1655.771133][T29305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1655.805974][T29305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1656.255914][T29380] __vm_enough_memory: pid: 29380, comm: syz.3.4938, bytes: 4398046511104 not enough memory for the allocation [ 1656.643935][T29305] hsr_slave_0: entered promiscuous mode [ 1656.660808][T29305] hsr_slave_1: entered promiscuous mode [ 1656.676828][T29305] debugfs: 'hsr0' already exists in 'hsr' [ 1656.734437][T29305] Cannot create hsr debugfs directory [ 1657.141967][ T6039] hsr_slave_0: left promiscuous mode [ 1657.160894][ T6039] hsr_slave_1: left promiscuous mode [ 1657.177589][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1657.191619][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1657.201406][ T6039] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1657.211986][ T6039] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1657.255944][ T6039] veth1_macvtap: left promiscuous mode [ 1657.272304][ T6039] veth0_macvtap: left promiscuous mode [ 1657.278090][ T6039] veth1_vlan: left promiscuous mode [ 1657.284015][ T6039] veth0_vlan: left promiscuous mode [ 1657.302690][ T5147] Bluetooth: hci0: command tx timeout [ 1657.722906][T29405] zswap: compressor not available [ 1658.138968][ T6039] team0 (unregistering): Port device team_slave_1 removed [ 1658.183168][ T6039] team0 (unregistering): Port device team_slave_0 removed [ 1658.964002][T29421] bond0: invalid ARP target specified [ 1659.385661][ T5147] Bluetooth: hci0: command tx timeout [ 1659.982116][T29305] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1660.008702][T29305] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1660.020959][T29443] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1660.050578][T29305] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1660.220750][T29305] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1660.508152][T29443] zswap: compressor not available [ 1661.105635][T29305] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1661.120599][T29305] 8021q: adding VLAN 0 to HW filter on device team0 [ 1661.180699][ T6039] bridge0: port 1(bridge_slave_0) entered blocking state [ 1661.187833][ T6039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1661.214554][ T6039] bridge0: port 2(bridge_slave_1) entered blocking state [ 1661.221786][ T6039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1661.709319][T29471] FAULT_INJECTION: forcing a failure. [ 1661.709319][T29471] name failslab, interval 1, probability 0, space 0, times 0 [ 1661.740012][T29474] FAULT_INJECTION: forcing a failure. [ 1661.740012][T29474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1661.780446][T29474] CPU: 0 UID: 0 PID: 29474 Comm: syz.0.4950 Not tainted syzkaller #0 PREEMPT(full) [ 1661.780490][T29474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1661.780506][T29474] Call Trace: [ 1661.780516][T29474] [ 1661.780526][T29474] dump_stack_lvl+0x16c/0x1f0 [ 1661.780550][T29474] should_fail_ex+0x512/0x640 [ 1661.780575][T29474] _copy_to_user+0x32/0xd0 [ 1661.780598][T29474] __do_sys_newuname+0x11a/0x270 [ 1661.780612][T29474] ? __pfx___do_sys_newuname+0x10/0x10 [ 1661.780655][T29474] ? xfd_validate_state+0x61/0x180 [ 1661.780678][T29474] ? rcu_is_watching+0x12/0xc0 [ 1661.780695][T29474] do_syscall_64+0xcd/0xfa0 [ 1661.780711][T29474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1661.780728][T29474] RIP: 0033:0x7f400c18efc9 [ 1661.780741][T29474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1661.780756][T29474] RSP: 002b:00007f400d012038 EFLAGS: 00000246 ORIG_RAX: 000000000000003f [ 1661.780770][T29474] RAX: ffffffffffffffda RBX: 00007f400c3e6090 RCX: 00007f400c18efc9 [ 1661.780780][T29474] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1661.780788][T29474] RBP: 00007f400c211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1661.780797][T29474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1661.780805][T29474] R13: 00007f400c3e6128 R14: 00007f400c3e6090 R15: 00007ffc979a3618 [ 1661.780824][T29474] [ 1661.927475][T29471] CPU: 0 UID: 0 PID: 29471 Comm: syz.3.4949 Not tainted syzkaller #0 PREEMPT(full) [ 1661.927511][T29471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1661.927528][T29471] Call Trace: [ 1661.927538][T29471] [ 1661.927549][T29471] dump_stack_lvl+0x16c/0x1f0 [ 1661.927584][T29471] should_fail_ex+0x512/0x640 [ 1661.927621][T29471] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1661.927656][T29471] should_failslab+0xc2/0x120 [ 1661.927688][T29471] __kvmalloc_node_noprof+0x141/0x9c0 [ 1661.927717][T29471] ? trace_kmalloc+0x2b/0xd0 [ 1661.927746][T29471] ? __kvmalloc_node_noprof+0x3c0/0x9c0 [ 1661.927774][T29471] ? io_alloc_cache_init+0x38/0x170 [ 1661.927816][T29471] ? io_alloc_cache_init+0x38/0x170 [ 1661.927848][T29471] io_alloc_cache_init+0x38/0x170 [ 1661.927884][T29471] io_rsrc_cache_init+0x40/0x50 [ 1661.927917][T29471] io_uring_setup+0x68e/0x20e0 [ 1661.927950][T29471] ? __pfx_io_uring_setup+0x10/0x10 [ 1661.927978][T29471] ? do_futex+0x122/0x350 [ 1661.928013][T29471] ? __pfx_do_futex+0x10/0x10 [ 1661.928047][T29471] ? find_held_lock+0x2b/0x80 [ 1661.928088][T29471] ? xfd_validate_state+0x61/0x180 [ 1661.928130][T29471] __x64_sys_io_uring_setup+0xc2/0x170 [ 1661.928161][T29471] do_syscall_64+0xcd/0xfa0 [ 1661.928192][T29471] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1661.928218][T29471] RIP: 0033:0x7fc41b78efc9 [ 1661.928239][T29471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1661.928265][T29471] RSP: 002b:00007fc41c6a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1661.928290][T29471] RAX: ffffffffffffffda RBX: 00007fc41b9e5fa0 RCX: 00007fc41b78efc9 [ 1661.928308][T29471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1661.928324][T29471] RBP: 00007fc41b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1661.928340][T29471] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1661.928355][T29471] R13: 00007fc41b9e6038 R14: 00007fc41b9e5fa0 R15: 00007ffd53f50428 [ 1661.928391][T29471] [ 1662.380973][T29471] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.9), cmd(9) [ 1662.703368][T29305] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1662.852026][T29305] veth0_vlan: entered promiscuous mode [ 1662.899252][T29305] veth1_vlan: entered promiscuous mode [ 1663.013987][T29305] veth0_macvtap: entered promiscuous mode [ 1663.067769][T29305] veth1_macvtap: entered promiscuous mode [ 1663.229512][T29305] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1663.306818][T29305] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1663.371600][T19862] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1663.391909][T19862] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1663.466563][T19862] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1663.515481][T19862] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1664.047895][T29528] ecryptfs_miscdev_write: memdup_user returned error [-14] [ 1664.076988][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1664.100165][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1664.353535][ T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1664.396753][ T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1664.838456][T29540] zswap: compressor not available [ 1665.114397][T29559] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1666.818885][T29578] vhci_hcd: default hub control req: b903 v001c i0005 l8 [ 1667.468860][T29602] i2c i2c-0: delete_device: Can't find device in list [ 1667.791566][T29610] bond0: invalid ARP target specified [ 1667.915758][T29611] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1668.557774][T29621] usb usb16: usbfs: process 29621 (syz.3.4969) did not claim interface 0 before use [ 1668.618527][T29621] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 1669.324445][T29637] FAULT_INJECTION: forcing a failure. [ 1669.324445][T29637] name failslab, interval 1, probability 0, space 0, times 0 [ 1669.436315][T29637] CPU: 0 UID: 0 PID: 29637 Comm: syz.0.4972 Not tainted syzkaller #0 PREEMPT(full) [ 1669.436352][T29637] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1669.436367][T29637] Call Trace: [ 1669.436377][T29637] [ 1669.436387][T29637] dump_stack_lvl+0x16c/0x1f0 [ 1669.436419][T29637] should_fail_ex+0x512/0x640 [ 1669.436453][T29637] ? __kmalloc_noprof+0xca/0x880 [ 1669.436493][T29637] should_failslab+0xc2/0x120 [ 1669.436526][T29637] __kmalloc_noprof+0xdd/0x880 [ 1669.436562][T29637] ? __lock_acquire+0xb8a/0x1c90 [ 1669.436592][T29637] ? trace_parser_get_init+0x30/0xc0 [ 1669.436625][T29637] ? trace_parser_get_init+0x30/0xc0 [ 1669.436649][T29637] trace_parser_get_init+0x30/0xc0 [ 1669.436682][T29637] ftrace_event_write+0x177/0x2c0 [ 1669.436712][T29637] ? __pfx_ftrace_event_write+0x10/0x10 [ 1669.436754][T29637] ? __pfx_ftrace_event_write+0x10/0x10 [ 1669.436781][T29637] vfs_write+0x2a0/0x11d0 [ 1669.436814][T29637] ? __pfx___mutex_lock+0x10/0x10 [ 1669.436843][T29637] ? __pfx_vfs_write+0x10/0x10 [ 1669.436876][T29637] ? __fget_files+0x20e/0x3c0 [ 1669.436911][T29637] ksys_write+0x12a/0x250 [ 1669.436938][T29637] ? __pfx_ksys_write+0x10/0x10 [ 1669.436974][T29637] do_syscall_64+0xcd/0xfa0 [ 1669.437003][T29637] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1669.437029][T29637] RIP: 0033:0x7f400c18efc9 [ 1669.437050][T29637] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1669.437074][T29637] RSP: 002b:00007f400cff1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1669.437098][T29637] RAX: ffffffffffffffda RBX: 00007f400c3e6180 RCX: 00007f400c18efc9 [ 1669.437115][T29637] RDX: 0000000000000004 RSI: 0000000000000000 RDI: 0000000000000008 [ 1669.437130][T29637] RBP: 00007f400cff1090 R08: 0000000000000000 R09: 0000000000000000 [ 1669.437145][T29637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1669.437159][T29637] R13: 00007f400c3e6218 R14: 00007f400c3e6180 R15: 00007ffc979a3618 [ 1669.437196][T29637] [ 1669.979918][T29643] i2c i2c-0: delete_device: Can't find device in list [ 1670.514277][T29653] usb usb36: usbfs: process 29653 (syz.3.4977) did not claim interface 0 before use [ 1671.861040][T29671] FAULT_INJECTION: forcing a failure. [ 1671.861040][T29671] name failslab, interval 1, probability 0, space 0, times 0 [ 1671.912195][T29671] CPU: 1 UID: 0 PID: 29671 Comm: syz.2.4980 Not tainted syzkaller #0 PREEMPT(full) [ 1671.912230][T29671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1671.912245][T29671] Call Trace: [ 1671.912255][T29671] [ 1671.912265][T29671] dump_stack_lvl+0x16c/0x1f0 [ 1671.912296][T29671] should_fail_ex+0x512/0x640 [ 1671.912330][T29671] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1671.912378][T29671] should_failslab+0xc2/0x120 [ 1671.912414][T29671] __kmalloc_cache_noprof+0x72/0x780 [ 1671.912451][T29671] ? j1939_session_new+0x7a/0x4e0 [ 1671.912490][T29671] ? j1939_session_new+0x7a/0x4e0 [ 1671.912519][T29671] j1939_session_new+0x7a/0x4e0 [ 1671.912550][T29671] j1939_tp_send+0x1fd/0x860 [ 1671.912585][T29671] j1939_sk_sendmsg+0xaf8/0x13d0 [ 1671.912619][T29671] ? __pfx_aa_sk_perm+0x10/0x10 [ 1671.912641][T29671] ? iovec_from_user+0xbb/0x140 [ 1671.912668][T29671] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 1671.912698][T29671] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1671.912737][T29671] ____sys_sendmsg+0xa98/0xc70 [ 1671.912768][T29671] ? copy_msghdr_from_user+0x10a/0x160 [ 1671.912791][T29671] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1671.912825][T29671] ? kfree+0x252/0x6d0 [ 1671.912844][T29671] ? __pfx__kstrtoull+0x10/0x10 [ 1671.912879][T29671] ___sys_sendmsg+0x134/0x1d0 [ 1671.912906][T29671] ? __pfx____sys_sendmsg+0x10/0x10 [ 1671.912964][T29671] ? __pfx___might_resched+0x10/0x10 [ 1671.912998][T29671] __sys_sendmmsg+0x200/0x420 [ 1671.913026][T29671] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1671.913062][T29671] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1671.913106][T29671] ? fput+0x9b/0xd0 [ 1671.913138][T29671] ? ksys_write+0x1ac/0x250 [ 1671.913163][T29671] ? __pfx_ksys_write+0x10/0x10 [ 1671.913196][T29671] __x64_sys_sendmmsg+0x9c/0x100 [ 1671.913219][T29671] ? lockdep_hardirqs_on+0x7c/0x110 [ 1671.913245][T29671] do_syscall_64+0xcd/0xfa0 [ 1671.913274][T29671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1671.913299][T29671] RIP: 0033:0x7fb43c98efc9 [ 1671.913319][T29671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1671.913342][T29671] RSP: 002b:00007fb43d74a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1671.913367][T29671] RAX: ffffffffffffffda RBX: 00007fb43cbe5fa0 RCX: 00007fb43c98efc9 [ 1671.913384][T29671] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 1671.913405][T29671] RBP: 00007fb43d74a090 R08: 0000000000000000 R09: 0000000000000000 [ 1671.913420][T29671] R10: 0000000007000000 R11: 0000000000000246 R12: 0000000000000001 [ 1671.913436][T29671] R13: 00007fb43cbe6038 R14: 00007fb43cbe5fa0 R15: 00007fff1928ddc8 [ 1671.913474][T29671] [ 1672.893614][T29679] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1673.050100][T29679] FAULT_INJECTION: forcing a failure. [ 1673.050100][T29679] name failslab, interval 1, probability 0, space 0, times 0 [ 1673.067669][T29679] CPU: 0 UID: 0 PID: 29679 Comm: syz.1.4981 Not tainted syzkaller #0 PREEMPT(full) [ 1673.067700][T29679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1673.067715][T29679] Call Trace: [ 1673.067723][T29679] [ 1673.067732][T29679] dump_stack_lvl+0x16c/0x1f0 [ 1673.067763][T29679] should_fail_ex+0x512/0x640 [ 1673.067797][T29679] ? __kmalloc_noprof+0xca/0x880 [ 1673.067833][T29679] should_failslab+0xc2/0x120 [ 1673.067864][T29679] __kmalloc_noprof+0xdd/0x880 [ 1673.067899][T29679] ? iter_file_splice_write+0x1cc/0x12e0 [ 1673.067927][T29679] ? iter_file_splice_write+0x1cc/0x12e0 [ 1673.067948][T29679] iter_file_splice_write+0x1cc/0x12e0 [ 1673.067978][T29679] ? kfree+0x2b8/0x6d0 [ 1673.067995][T29679] ? copy_splice_read+0x897/0xc20 [ 1673.068021][T29679] ? copy_splice_read+0x897/0xc20 [ 1673.068041][T29679] ? copy_splice_read+0x89c/0xc20 [ 1673.068062][T29679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1673.068092][T29679] ? __pfx_copy_splice_read+0x10/0x10 [ 1673.068130][T29679] ? look_up_lock_class+0x6b/0x150 [ 1673.068169][T29679] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 1673.068195][T29679] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1673.068221][T29679] direct_splice_actor+0x192/0x6c0 [ 1673.068248][T29679] splice_direct_to_actor+0x345/0xa30 [ 1673.068273][T29679] ? __pfx_direct_splice_actor+0x10/0x10 [ 1673.068302][T29679] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1673.068323][T29679] ? get_pid_task+0xfc/0x250 [ 1673.068361][T29679] do_splice_direct+0x174/0x240 [ 1673.068385][T29679] ? __pfx_do_splice_direct+0x10/0x10 [ 1673.068408][T29679] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1673.068444][T29679] ? bpf_lsm_file_permission+0x9/0x10 [ 1673.068470][T29679] ? security_file_permission+0x71/0x210 [ 1673.068496][T29679] ? rw_verify_area+0xcf/0x6c0 [ 1673.068521][T29679] do_sendfile+0xb06/0xe50 [ 1673.068550][T29679] ? __pfx_do_sendfile+0x10/0x10 [ 1673.068581][T29679] ? __fget_files+0x20e/0x3c0 [ 1673.068612][T29679] __x64_sys_sendfile64+0x1d8/0x220 [ 1673.068640][T29679] ? ksys_write+0x1ac/0x250 [ 1673.068664][T29679] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1673.068703][T29679] do_syscall_64+0xcd/0xfa0 [ 1673.068731][T29679] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1673.068755][T29679] RIP: 0033:0x7fa7b118efc9 [ 1673.068774][T29679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1673.068796][T29679] RSP: 002b:00007fa7b20e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1673.068820][T29679] RAX: ffffffffffffffda RBX: 00007fa7b13e6090 RCX: 00007fa7b118efc9 [ 1673.068836][T29679] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 1673.068850][T29679] RBP: 00007fa7b20e6090 R08: 0000000000000000 R09: 0000000000000000 [ 1673.068864][T29679] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1673.068879][T29679] R13: 00007fa7b13e6128 R14: 00007fa7b13e6090 R15: 00007ffef37a8b58 [ 1673.068911][T29679] [ 1673.874672][T29698] FAULT_INJECTION: forcing a failure. [ 1673.874672][T29698] name failslab, interval 1, probability 0, space 0, times 0 [ 1673.891718][T29698] CPU: 1 UID: 0 PID: 29698 Comm: syz.2.4987 Not tainted syzkaller #0 PREEMPT(full) [ 1673.891753][T29698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1673.891768][T29698] Call Trace: [ 1673.891776][T29698] [ 1673.891786][T29698] dump_stack_lvl+0x16c/0x1f0 [ 1673.891819][T29698] should_fail_ex+0x512/0x640 [ 1673.891852][T29698] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1673.891882][T29698] should_failslab+0xc2/0x120 [ 1673.891914][T29698] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1673.891939][T29698] ? __alloc_skb+0x2b2/0x380 [ 1673.891970][T29698] ? __lock_acquire+0x622/0x1c90 [ 1673.892009][T29698] ? __alloc_skb+0x2b2/0x380 [ 1673.892040][T29698] __alloc_skb+0x2b2/0x380 [ 1673.892073][T29698] ? __pfx___alloc_skb+0x10/0x10 [ 1673.892122][T29698] inet6_netconf_notify_devconf+0x87/0x180 [ 1673.892156][T29698] addrconf_sysctl_forward+0x766/0x880 [ 1673.892192][T29698] ? __pfx_addrconf_sysctl_forward+0x10/0x10 [ 1673.892232][T29698] ? rcu_is_watching+0x12/0xc0 [ 1673.892259][T29698] ? __pfx_addrconf_sysctl_forward+0x10/0x10 [ 1673.892291][T29698] ? proc_sys_call_handler+0x286/0x570 [ 1673.892323][T29698] ? ns_capable_noaudit+0x1/0x110 [ 1673.892357][T29698] proc_sys_call_handler+0x445/0x570 [ 1673.892393][T29698] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 1673.892427][T29698] ? splice_from_pipe_next+0x1f7/0x5d0 [ 1673.892460][T29698] iter_file_splice_write+0xa24/0x12e0 [ 1673.892507][T29698] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1673.892539][T29698] ? __pfx_copy_splice_read+0x10/0x10 [ 1673.892592][T29698] ? __pfx_iter_file_splice_write+0x10/0x10 [ 1673.892621][T29698] direct_splice_actor+0x192/0x6c0 [ 1673.892651][T29698] splice_direct_to_actor+0x345/0xa30 [ 1673.892679][T29698] ? __pfx_direct_splice_actor+0x10/0x10 [ 1673.892711][T29698] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1673.892734][T29698] ? get_pid_task+0xfc/0x250 [ 1673.892776][T29698] do_splice_direct+0x174/0x240 [ 1673.892801][T29698] ? __pfx_do_splice_direct+0x10/0x10 [ 1673.892827][T29698] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1673.892870][T29698] ? rw_verify_area+0xcf/0x6c0 [ 1673.892896][T29698] do_sendfile+0xb06/0xe50 [ 1673.892930][T29698] ? __pfx_do_sendfile+0x10/0x10 [ 1673.892956][T29698] ? __fget_files+0x20e/0x3c0 [ 1673.892991][T29698] __x64_sys_sendfile64+0x1d8/0x220 [ 1673.893020][T29698] ? ksys_write+0x1ac/0x250 [ 1673.893045][T29698] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1673.893088][T29698] do_syscall_64+0xcd/0xfa0 [ 1673.893118][T29698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1673.893143][T29698] RIP: 0033:0x7fb43c98efc9 [ 1673.893164][T29698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1673.893187][T29698] RSP: 002b:00007fb43abb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1673.893219][T29698] RAX: ffffffffffffffda RBX: 00007fb43cbe6270 RCX: 00007fb43c98efc9 [ 1673.893236][T29698] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000000000000008 [ 1673.893250][T29698] RBP: 00007fb43abb4090 R08: 0000000000000000 R09: 0000000000000000 [ 1673.893266][T29698] R10: 0000000001000200 R11: 0000000000000246 R12: 0000000000000001 [ 1673.893281][T29698] R13: 00007fb43cbe6308 R14: 00007fb43cbe6270 R15: 00007fff1928ddc8 [ 1673.893319][T29698] [ 1674.376243][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 1674.384338][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 1674.474187][T29688] FAULT_INJECTION: forcing a failure. [ 1674.474187][T29688] name failslab, interval 1, probability 0, space 0, times 0 [ 1674.546875][T29688] CPU: 1 UID: 0 PID: 29688 Comm: syz.3.4985 Not tainted syzkaller #0 PREEMPT(full) [ 1674.546912][T29688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1674.546928][T29688] Call Trace: [ 1674.546937][T29688] [ 1674.546947][T29688] dump_stack_lvl+0x16c/0x1f0 [ 1674.546981][T29688] should_fail_ex+0x512/0x640 [ 1674.547018][T29688] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1674.547053][T29688] should_failslab+0xc2/0x120 [ 1674.547087][T29688] __kvmalloc_node_noprof+0x141/0x9c0 [ 1674.547115][T29688] ? trace_kmalloc+0x2b/0xd0 [ 1674.547145][T29688] ? io_alloc_cache_init+0x38/0x170 [ 1674.547185][T29688] ? io_alloc_cache_init+0x38/0x170 [ 1674.547216][T29688] io_alloc_cache_init+0x38/0x170 [ 1674.547253][T29688] io_rsrc_cache_init+0x40/0x50 [ 1674.547285][T29688] io_uring_setup+0x68e/0x20e0 [ 1674.547319][T29688] ? __pfx_io_uring_setup+0x10/0x10 [ 1674.547348][T29688] ? do_futex+0x122/0x350 [ 1674.547383][T29688] ? __pfx_do_futex+0x10/0x10 [ 1674.547425][T29688] ? find_held_lock+0x2b/0x80 [ 1674.547468][T29688] ? xfd_validate_state+0x61/0x180 [ 1674.547508][T29688] __x64_sys_io_uring_setup+0xc2/0x170 [ 1674.547539][T29688] do_syscall_64+0xcd/0xfa0 [ 1674.547569][T29688] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1674.547594][T29688] RIP: 0033:0x7fc41b78efc9 [ 1674.547616][T29688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1674.547640][T29688] RSP: 002b:00007fc41c6a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 1674.547666][T29688] RAX: ffffffffffffffda RBX: 00007fc41b9e5fa0 RCX: 00007fc41b78efc9 [ 1674.547684][T29688] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1674.547699][T29688] RBP: 00007fc41b811f91 R08: 0000000000000000 R09: 0000000000000000 [ 1674.547715][T29688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1674.547731][T29688] R13: 00007fc41b9e6038 R14: 00007fc41b9e5fa0 R15: 00007ffd53f50428 [ 1674.547768][T29688] [ 1675.656792][T29709] bond0: option all_slaves_active: invalid value () [ 1675.733470][T29703] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1675.803033][T29703] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1675.847923][T29703] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1675.906104][T29703] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1675.939713][T29703] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1676.004449][T29703] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1676.021245][T29703] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1676.035414][T29703] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1676.046397][T29703] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1676.068660][T29703] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1676.095765][T29703] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1676.162307][T29703] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1677.383782][ T5147] Bluetooth: hci3: command 0x0c1a tx timeout [ 1677.944743][ T5147] Bluetooth: hci4: command 0x0c1a tx timeout [ 1678.105561][ T5147] Bluetooth: hci0: command 0x0c1a tx timeout [ 1678.113453][T27713] Bluetooth: hci1: command 0x0c1a tx timeout [ 1678.146039][T29749] ================================================================== [ 1678.146059][T29749] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 1678.146098][T29749] Write of size 8 at addr ffffc90003aa9fc0 by task syz.1.5000/29749 [ 1678.146122][T29749] [ 1678.146135][T29749] CPU: 1 UID: 0 PID: 29749 Comm: syz.1.5000 Not tainted syzkaller #0 PREEMPT(full) [ 1678.146167][T29749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1678.146183][T29749] Call Trace: [ 1678.146192][T29749] [ 1678.146203][T29749] dump_stack_lvl+0x116/0x1f0 [ 1678.146233][T29749] print_report+0xcd/0x630 [ 1678.146265][T29749] ? __virt_addr_valid+0x81/0x610 [ 1678.146300][T29749] ? sys_imageblit+0x1a6f/0x1e60 [ 1678.146326][T29749] kasan_report+0xe0/0x110 [ 1678.146357][T29749] ? sys_imageblit+0x1a6f/0x1e60 [ 1678.146388][T29749] sys_imageblit+0x1a6f/0x1e60 [ 1678.146418][T29749] ? __asan_memcpy+0x3c/0x60 [ 1678.146444][T29749] ? __pfx_sys_imageblit+0x10/0x10 [ 1678.146472][T29749] ? panic_on_this_cpu+0x32/0x40 [ 1678.146504][T29749] ? _prb_read_valid+0x73c/0x890 [ 1678.146541][T29749] ? __pfx__prb_read_valid+0x10/0x10 [ 1678.146571][T29749] ? find_held_lock+0x2b/0x80 [ 1678.146596][T29749] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1678.146622][T29749] cw_putcs+0x917/0xbb0 [ 1678.146651][T29749] ? __pfx_cw_putcs+0x10/0x10 [ 1678.146675][T29749] ? fb_get_color_depth+0x120/0x250 [ 1678.146705][T29749] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1678.146750][T29749] ? __pfx_cw_putcs+0x10/0x10 [ 1678.146772][T29749] fbcon_putcs+0x387/0x450 [ 1678.146803][T29749] do_update_region+0x2e9/0x3f0 [ 1678.146836][T29749] do_con_write+0x1e2c/0x8290 [ 1678.146861][T29749] ? srcu_gp_start_if_needed+0x840/0xe70 [ 1678.146901][T29749] ? __pfx___mutex_lock+0x10/0x10 [ 1678.146928][T29749] ? __pfx_do_con_write+0x10/0x10 [ 1678.146952][T29749] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1678.146984][T29749] con_write+0x23/0xb0 [ 1678.147007][T29749] n_tty_write+0x41e/0x11e0 [ 1678.147042][T29749] ? __pfx_n_tty_write+0x10/0x10 [ 1678.147070][T29749] ? trace_kmalloc+0x2b/0xd0 [ 1678.147096][T29749] ? __pfx_woken_wake_function+0x10/0x10 [ 1678.147131][T29749] ? kfree+0x252/0x6d0 [ 1678.147151][T29749] ? __pfx_n_tty_write+0x10/0x10 [ 1678.147180][T29749] file_tty_write.constprop.0+0x503/0x9b0 [ 1678.147209][T29749] vfs_write+0x7d3/0x11d0 [ 1678.147234][T29749] ? __pfx_tty_write+0x10/0x10 [ 1678.147260][T29749] ? __pfx_vfs_write+0x10/0x10 [ 1678.147284][T29749] ? find_held_lock+0x2b/0x80 [ 1678.147316][T29749] ksys_write+0x12a/0x250 [ 1678.147341][T29749] ? __pfx_ksys_write+0x10/0x10 [ 1678.147370][T29749] do_syscall_64+0xcd/0xfa0 [ 1678.147395][T29749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1678.147420][T29749] RIP: 0033:0x7fa7b118efc9 [ 1678.147439][T29749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1678.147464][T29749] RSP: 002b:00007fa7b2107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1678.147488][T29749] RAX: ffffffffffffffda RBX: 00007fa7b13e5fa0 RCX: 00007fa7b118efc9 [ 1678.147506][T29749] RDX: 0000000000000060 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1678.147522][T29749] RBP: 00007fa7b1211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1678.147537][T29749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1678.147552][T29749] R13: 00007fa7b13e6038 R14: 00007fa7b13e5fa0 R15: 00007ffef37a8b58 [ 1678.147579][T29749] [ 1678.147588][T29749] [ 1678.147596][T29749] The buggy address belongs to a vmalloc virtual mapping [ 1678.147615][T29749] Memory state around the buggy address: [ 1678.147632][T29749] ffffc90003aa9e80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1678.147652][T29749] ffffc90003aa9f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1678.147671][T29749] >ffffc90003aa9f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1678.147686][T29749] ^ [ 1678.147702][T29749] ffffc90003aaa000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1678.147722][T29749] ffffc90003aaa080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 1678.147737][T29749] ================================================================== [ 1678.147760][T29749] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1678.147778][T29749] CPU: 1 UID: 0 PID: 29749 Comm: syz.1.5000 Not tainted syzkaller #0 PREEMPT(full) [ 1678.147811][T29749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1678.147829][T29749] Call Trace: [ 1678.147838][T29749] [ 1678.147849][T29749] dump_stack_lvl+0x3d/0x1f0 [ 1678.147877][T29749] vpanic+0x640/0x6f0 [ 1678.147914][T29749] panic+0xca/0xd0 [ 1678.147947][T29749] ? __pfx_panic+0x10/0x10 [ 1678.147987][T29749] check_panic_on_warn+0xab/0xb0 [ 1678.148024][T29749] end_report+0x107/0x170 [ 1678.148055][T29749] kasan_report+0xee/0x110 [ 1678.148087][T29749] ? sys_imageblit+0x1a6f/0x1e60 [ 1678.148120][T29749] sys_imageblit+0x1a6f/0x1e60 [ 1678.148152][T29749] ? __asan_memcpy+0x3c/0x60 [ 1678.148178][T29749] ? __pfx_sys_imageblit+0x10/0x10 [ 1678.148207][T29749] ? panic_on_this_cpu+0x32/0x40 [ 1678.148240][T29749] ? _prb_read_valid+0x73c/0x890 [ 1678.148280][T29749] ? __pfx__prb_read_valid+0x10/0x10 [ 1678.148314][T29749] ? find_held_lock+0x2b/0x80 [ 1678.148342][T29749] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 1678.148372][T29749] cw_putcs+0x917/0xbb0 [ 1678.148405][T29749] ? __pfx_cw_putcs+0x10/0x10 [ 1678.148433][T29749] ? fb_get_color_depth+0x120/0x250 [ 1678.148467][T29749] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1678.148509][T29749] ? __pfx_cw_putcs+0x10/0x10 [ 1678.148533][T29749] fbcon_putcs+0x387/0x450 [ 1678.148567][T29749] do_update_region+0x2e9/0x3f0 [ 1678.148604][T29749] do_con_write+0x1e2c/0x8290 [ 1678.148633][T29749] ? srcu_gp_start_if_needed+0x840/0xe70 [ 1678.148679][T29749] ? __pfx___mutex_lock+0x10/0x10 [ 1678.148707][T29749] ? __pfx_do_con_write+0x10/0x10 [ 1678.148736][T29749] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1678.148781][T29749] con_write+0x23/0xb0 [ 1678.148808][T29749] n_tty_write+0x41e/0x11e0 [ 1678.148847][T29749] ? __pfx_n_tty_write+0x10/0x10 [ 1678.148879][T29749] ? trace_kmalloc+0x2b/0xd0 [ 1678.148909][T29749] ? __pfx_woken_wake_function+0x10/0x10 [ 1678.148948][T29749] ? kfree+0x252/0x6d0 [ 1678.148972][T29749] ? __pfx_n_tty_write+0x10/0x10 [ 1678.149003][T29749] file_tty_write.constprop.0+0x503/0x9b0 [ 1678.149037][T29749] vfs_write+0x7d3/0x11d0 [ 1678.149064][T29749] ? __pfx_tty_write+0x10/0x10 [ 1678.149092][T29749] ? __pfx_vfs_write+0x10/0x10 [ 1678.149118][T29749] ? find_held_lock+0x2b/0x80 [ 1678.149153][T29749] ksys_write+0x12a/0x250 [ 1678.149180][T29749] ? __pfx_ksys_write+0x10/0x10 [ 1678.149212][T29749] do_syscall_64+0xcd/0xfa0 [ 1678.149241][T29749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1678.149267][T29749] RIP: 0033:0x7fa7b118efc9 [ 1678.149287][T29749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1678.149314][T29749] RSP: 002b:00007fa7b2107038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1678.149339][T29749] RAX: ffffffffffffffda RBX: 00007fa7b13e5fa0 RCX: 00007fa7b118efc9 [ 1678.149359][T29749] RDX: 0000000000000060 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1678.149377][T29749] RBP: 00007fa7b1211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1678.149395][T29749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1678.149412][T29749] R13: 00007fa7b13e6038 R14: 00007fa7b13e5fa0 R15: 00007ffef37a8b58 [ 1678.149440][T29749] [ 1678.149720][T29749] Kernel Offset: disabled