last executing test programs: 3.826258647s ago: executing program 4 (id=103): open_by_handle_at(0xffffffffffffffff, &(0x7f0000000000), 0x0) 3.740682631s ago: executing program 4 (id=106): unlink(&(0x7f0000000000)) 3.676348688s ago: executing program 4 (id=109): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/damon/mk_contexts', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/damon/mk_contexts', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/damon/mk_contexts', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/damon/mk_contexts', 0x800, 0x0) 3.55327386s ago: executing program 4 (id=114): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi0', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi0', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/comedi0', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/comedi0', 0x800, 0x0) 3.412209572s ago: executing program 4 (id=119): rt_sigreturn() 545.12959ms ago: executing program 2 (id=236): getpid() 544.802288ms ago: executing program 1 (id=238): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cdrom', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cdrom', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cdrom', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cdrom', 0x800, 0x0) 511.942473ms ago: executing program 0 (id=239): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/current', 0x2, 0x0) 506.000223ms ago: executing program 3 (id=240): dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 440.734471ms ago: executing program 2 (id=241): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/commit_pending_bools', 0x1, 0x0) 440.444736ms ago: executing program 1 (id=242): socket$inet_udp(0x2, 0x2, 0x0) 423.328979ms ago: executing program 2 (id=243): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/fb0', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/fb0', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/fb0', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fb0', 0x800, 0x0) 406.992137ms ago: executing program 0 (id=244): fchmodat(0xffffffffffffffff, &(0x7f0000000000), 0x0) 352.811695ms ago: executing program 3 (id=245): openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/transparent_hugepage/khugepaged/scan_sleep_millisecs', 0x1, 0x0) 352.482662ms ago: executing program 0 (id=246): mkdir(&(0x7f0000000000), 0x0) 322.200139ms ago: executing program 1 (id=247): tgkill(0x0, 0x0, 0x0) 306.205702ms ago: executing program 2 (id=248): syz_open_dev$ircomm(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$ircomm(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$ircomm(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$ircomm(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$ircomm(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$ircomm(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$ircomm(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$ircomm(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$ircomm(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$ircomm(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$ircomm(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$ircomm(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$ircomm(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$ircomm(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$ircomm(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$ircomm(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$ircomm(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$ircomm(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$ircomm(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$ircomm(&(0x7f0000000500), 0x4, 0x800) 232.156899ms ago: executing program 0 (id=249): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyprintk', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyprintk', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ttyprintk', 0x800, 0x0) 231.888507ms ago: executing program 4 (id=250): sync_file_range(0xffffffffffffffff, 0x0, 0x0, 0x0) 231.781694ms ago: executing program 3 (id=251): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/smackfs/cipso', 0x2, 0x0) 214.472218ms ago: executing program 1 (id=252): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/trusty-ipc-dev0', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/trusty-ipc-dev0', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/trusty-ipc-dev0', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/trusty-ipc-dev0', 0x800, 0x0) 190.698517ms ago: executing program 0 (id=253): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs', 0x800, 0x0) 124.711468ms ago: executing program 3 (id=254): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bsg/0:0:0:0', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/bsg/0:0:0:0', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg/0:0:0:0', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/bsg/0:0:0:0', 0x800, 0x0) 124.354346ms ago: executing program 2 (id=255): socket$vsock_dgram(0x28, 0x2, 0x0) 124.100626ms ago: executing program 1 (id=256): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/class/mac80211_hwsim/', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/sys/class/mac80211_hwsim/', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/class/mac80211_hwsim/', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/sys/class/mac80211_hwsim/', 0x800, 0x0) 95.778111ms ago: executing program 2 (id=257): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptmx', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx', 0x800, 0x0) 88.560056ms ago: executing program 3 (id=258): readahead(0xffffffffffffffff, 0x0, 0x0) 260.32µs ago: executing program 0 (id=259): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vhost-net', 0x2, 0x0) 61.819µs ago: executing program 1 (id=260): waitid(0x0, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 3 (id=261): socket$key(0xf, 0x3, 0x2) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.30' (ED25519) to the list of known hosts. [ 160.636208][ T5791] cgroup: Unknown subsys name 'net' [ 160.782026][ T5791] cgroup: Unknown subsys name 'cpuset' [ 160.797723][ T5791] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 166.247549][ T5791] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 171.528989][ T5915] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 175.546163][ T6081] Oops: general protection fault, probably for non-canonical address 0x1ffec557ffe33e8: 0000 [#1] SMP PTI [ 175.557902][ T6081] CPU: 1 UID: 0 PID: 6081 Comm: syz.0.259 Not tainted 6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(none) [ 175.569692][ T6081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 175.580084][ T6081] RIP: 0010:kfree+0xf2/0xec0 [ 175.584945][ T6081] Code: ef 0c 48 3d 00 10 00 00 41 0f 42 f6 89 75 d0 4f 8d 3c bf 49 c1 e7 04 48 09 4d b0 48 8b 45 80 4a 8d 7c 38 08 0f 85 70 05 00 00 <4c> 8b 27 e8 06 61 14 00 4c 8b 28 44 8b 32 44 89 e8 83 e0 01 44 89 [ 175.604869][ T6081] RSP: 0018:ffff88812d55ba38 EFLAGS: 00010246 [ 175.611173][ T6081] RAX: ffffea0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.619409][ T6081] RDX: ffff88821ff13408 RSI: 0000000000000000 RDI: 01ffec557ffe33e8 [ 175.627658][ T6081] RBP: ffff88812d55bae0 R08: ffffea000000000f R09: 0000000000000000 [ 175.635812][ T6081] R10: ffff88811494ac20 R11: 0000000000000000 R12: 0000000000000000 [ 175.644042][ T6081] R13: 0000000000000000 R14: 0000000000000000 R15: 020002557ffe33e0 [ 175.652280][ T6081] FS: 0000000000000000(0000) GS:ffff8881aa79a000(0000) knlGS:0000000000000000 [ 175.661507][ T6081] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 175.668273][ T6081] CR2: 00000000f72c0b38 CR3: 0000000125254000 CR4: 00000000003526f0 [ 175.676448][ T6081] Call Trace: [ 175.679893][ T6081] [ 175.683126][ T6081] ? vhost_dev_cleanup+0x74d/0xf20 [ 175.688481][ T6081] ? kmsan_get_metadata+0xfb/0x160 [ 175.693926][ T6081] vhost_dev_cleanup+0x74d/0xf20 [ 175.699066][ T6081] ? __pfx_vhost_net_release+0x10/0x10 [ 175.704729][ T6081] vhost_net_release+0x18f/0x930 [ 175.709870][ T6081] ? __pfx_vhost_net_release+0x10/0x10 [ 175.715606][ T6081] __fput+0x60b/0x1040 [ 175.719883][ T6081] ? __pfx_____fput+0x10/0x10 [ 175.724733][ T6081] ____fput+0x25/0x30 [ 175.728872][ T6081] task_work_run+0x209/0x2b0 [ 175.733662][ T6081] do_exit+0x99d/0x3d50 [ 175.738006][ T6081] ? kmsan_get_metadata+0xfb/0x160 [ 175.743330][ T6081] do_group_exit+0x259/0x390 [ 175.748130][ T6081] __ia32_sys_exit_group+0x35/0x40 [ 175.753451][ T6081] ia32_sys_call+0x4302/0x4310 [ 175.758382][ T6081] __do_fast_syscall_32+0xb0/0x150 [ 175.763682][ T6081] ? irqentry_exit_to_user_mode+0x82/0xa0 [ 175.769723][ T6081] do_fast_syscall_32+0x38/0x80 [ 175.774794][ T6081] do_SYSENTER_32+0x1f/0x30 [ 175.779505][ T6081] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 175.786057][ T6081] RIP: 0023:0xf70ae539 [ 175.790290][ T6081] Code: Unable to access opcode bytes at 0xf70ae50f. [ 175.797072][ T6081] RSP: 002b:00000000ffbe5b0c EFLAGS: 00000206 ORIG_RAX: 00000000000000fc [ 175.805856][ T6081] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000000 [ 175.813990][ T6081] RDX: 0000000000000000 RSI: 00000000ffffff9c RDI: 00000000f7414ff4 [ 175.822102][ T6081] RBP: 000000000000002c R08: 0000000000000000 R09: 0000000000000000 [ 175.830301][ T6081] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 175.838583][ T6081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 175.846732][ T6081] [ 175.849868][ T6081] Modules linked in: [ 175.854590][ T6081] ---[ end trace 0000000000000000 ]--- [ 175.860201][ T6081] RIP: 0010:kfree+0xf2/0xec0 [ 175.866915][ T6081] Code: ef 0c 48 3d 00 10 00 00 41 0f 42 f6 89 75 d0 4f 8d 3c bf 49 c1 e7 04 48 09 4d b0 48 8b 45 80 4a 8d 7c 38 08 0f 85 70 05 00 00 <4c> 8b 27 e8 06 61 14 00 4c 8b 28 44 8b 32 44 89 e8 83 e0 01 44 89 [ 175.886914][ T6081] RSP: 0018:ffff88812d55ba38 EFLAGS: 00010246 [ 175.893277][ T6081] RAX: ffffea0000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 175.901424][ T6081] RDX: ffff88821ff13408 RSI: 0000000000000000 RDI: 01ffec557ffe33e8 [ 175.909824][ T6081] RBP: ffff88812d55bae0 R08: ffffea000000000f R09: 0000000000000000 [ 175.918179][ T6081] R10: ffff88811494ac20 R11: 0000000000000000 R12: 0000000000000000 [ 175.926497][ T6081] R13: 0000000000000000 R14: 0000000000000000 R15: 020002557ffe33e0 [ 175.934821][ T6081] FS: 0000000000000000(0000) GS:ffff8881aa79a000(0000) knlGS:0000000000000000 [ 175.944320][ T6081] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 175.951383][ T6081] CR2: 00000000f72c0b38 CR3: 0000000125254000 CR4: 00000000003526f0 [ 175.959666][ T6081] Kernel panic - not syncing: Fatal exception [ 175.966705][ T6081] Kernel Offset: disabled [ 175.971213][ T6081] Rebooting in 86400 seconds..