last executing test programs: 39.036753301s ago: executing program 3 (id=2253): r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000400)='/proc/self/attr/apparmor/current\x00', 0x200040, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/fib_multipath_hash_seed\x00', 0x202, 0x0) pwrite64$auto(r1, &(0x7f0000000000)='/proc/sys/user/max_fanotify_groups\x00', 0x8, 0xf) socket(0x2, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x341102, 0x0) close_range$auto(0x2, r3, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0x8004ae98, 0x0) close_range$auto(r2, 0x8, 0x0) r5 = socketcall$auto(0x8000, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) ioctl$auto_SNDCTL_SEQ_CTRLRATE(r5, 0xc0045103, &(0x7f00000001c0)="2277aba98515c1003e9ddc3c33cb29aca86a3596ade9e253005cbf3091de08cea93238f6215c32e3617a9132d4fa33d5269ef5632e1b753273a9fdebd481c45ea4bbadb2780c1f1d700c19be1283868bf9c23bdd5bc7e65e50a43b60c0a4535fba9977423decf7427909b6f010abf4600700005ff2bccf9d8d2b7c2f488fc148") ioctl$auto(0x3, 0xae60, 0x10000000000402) r7 = socket(0xa, 0x2, 0x4) setsockopt$auto(r7, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x110) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r8 = gettid() rt_tgsigqueueinfo$auto(0x0, r8, 0x1f, 0x0) setsockopt$auto(r0, 0x7f, 0x3, 0x0, 0x3) ioctl$auto(0x3, 0xae41, r5) ioctl$auto(0x3, 0x40a0ae49, 0x38) 38.974941548s ago: executing program 3 (id=2257): syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r0, 0x5501, 0x0) writev$auto(r0, &(0x7f0000000340)={&(0x7f00000002c0), 0xda7e}, 0x9) (fail_nth: 8) 38.895722602s ago: executing program 3 (id=2260): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_FS_IOC_SETFLAGS(r0, 0x40086602, 0x9) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) mmap$auto(0x0, 0x8, 0x1, 0x9b72, r0, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x90040, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) read$auto(0x3, 0x0, 0x7ffffffff000) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/pid_for_children\x00') openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) sendmsg$auto_TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="00010000", @ANYRES16=0x0, @ANYBLOB="000326bd7000fcdbdf2503000000790008805b4f2525b2dc3a73ec37e7122e6f0d55382854d419b883b7ed64bd3c7b9fb15273e787030718751e0a22cc6cabcae114aa6448d0356183e1ca7c01536c5c6f37915b26a3e75515ab02807fe932b8a415a581dcdc7800f91e231c001d800400d3800c002000f3000000002b3c0c7e9b"], 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x42) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1000"], 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r1, 0x4001af84, &(0x7f0000000000)={0x6}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40402, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, 0x0, 0x40cc) read$auto(r2, 0x0, 0x1ff) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) sendmsg$auto_NL80211_CMD_NOTIFY_RADAR(0xffffffffffffffff, 0x0, 0x4) openat$auto_page_owner_stack_operations_page_owner(0xffffffffffffff9c, 0x0, 0x509080, 0x0) 38.815779831s ago: executing program 3 (id=2262): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) (async) madvise$auto(0x4, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) shmat$auto(0x0, 0x0, 0xfffffffc) (async) r0 = epoll_create$auto(0x4) (async) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video48\x00', 0x18a041, 0x0) (async) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async) r1 = socketpair$auto(0x8001, 0x2, 0x8001, 0x0) close_range$auto(0x2, 0x8, 0x0) (async) r2 = open(0x0, 0x22240, 0x155) (async) r3 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r3, 0x11, 0x67, 0x0, 0x8) (async) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto(r1, &(0x7f00000004c0)={&(0x7f0000000200)="14494d0763ed77634b1da3f9289ade95f0611a5539a5dda9aab4e3f5fcdb973296859758ae0af5c8c6e2ba0350525a094e77f0fb1622216c0f4b5f546e1ed391dbe6e6c1005b7d9ba366a0a4b87680cbb97fe55bac16032e4b425e233d30c22b942e1d985f69c061ccce9dbcd9774e0ca239a6a5e82e1779ab47614d8b728d467cf0617861ab82fd60a9531c397df35271825382874a2ab267034320a13b2b5eb1cf1e57e5d589534a76a986dc524dc4ee0d5474eacdf981936f7e16690b6a2fbda56bd9fe70f8cc", 0x0, &(0x7f0000000400)={&(0x7f0000000300)="218cdc08d7f1407d9aacd1e82a1b07f2a320bee4f350ea8a2ebdcaa9b6fc701d1b74fec0f4bb9af6f7bd9054bfbdd97273c6a3e899a323664ccbd726ef6a94a0444cdc5b255dac326809cd5cd4eed2161a1e6e5127288bda74145334533391da84672d8abc12c76b88a2a4ae5eee13f02e41c19959e3c4e2e1f58e2f451b65bb373625ad46010887ca21e82219dd3f0b24bd78a93d926847817ed81ecbf6bf931720159103820b3fe4e0bbc80cc5be269b1a54ed40a0c8b8efe7b6467bf611a25fe9f52b921a8cd1b0431a01ba6ef4f4db703f45cada6e2ebb1f97a8bd23259f6272eb9943ee770387baba8ea7c407a6800d", 0x6}, 0x0, &(0x7f0000000440)="ad3f26dea514cdce98e07fbaee908bae72f74059749b3cbd1bb6ccf7d9e44cec6806756fd5ce501d37338581b4933fa939839cb6ffd9c9bca0b7cdd47af73d36624d657d9e47c1a6f1402fd2033725d9d54c5d93453fb6809edcfdd2", 0x9}, 0x7) (async) sendmsg$auto_NL80211_CMD_SET_WIPHY(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x20, r4, 0x13, 0x70bd2e, 0x25dfdbdd, {}, [@NL80211_ATTR_IFINDEX={0x8, 0x3, r6}, @NL80211_ATTR_WIPHY_DYN_ACK={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x4c0d4}, 0x20040894) (async) setsockopt$auto(r2, 0x1001, 0x3e, 0x0, 0x7ff) connect$auto(0x3, &(0x7f0000000180)=@in={0x2, 0x0, @multicast1}, 0x55) (async) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) (async) r7 = syz_genetlink_get_family_id$auto_net_shaper(&(0x7f0000000040), r0) sendmsg$auto_NET_SHAPER_CMD_CAP_GET2(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x1c, r7, 0x200, 0x70bd27, 0x25dfdbfd, {}, [@NET_SHAPER_A_CAPS_IFINDEX={0x8, 0x1, r6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000001}, 0x44000) 21.05283372s ago: executing program 2 (id=2936): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x801, 0x1106) setsockopt$auto(r0, 0x6, 0x2, 0x0, 0x9e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x10, 0x2, 0x0) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/irq/25/smp_affinity_list\x00', 0x402, 0x0) write$auto(r2, 0x0, 0x7) socket(0x2, 0x3, 0x2) socket(0x25, 0x3, 0x5) r3 = socket(0x28, 0x805, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x1, 0x0, 0x100000000001, 0x0, 0x3, 0x9}, 0x7}, 0x81, 0x400) bind$auto(r3, &(0x7f0000000080)=@in={0x28, 0x0, @rand_addr=0xffffffff}, 0x68) socket$nl_generic(0x10, 0x3, 0x10) r4 = socketpair$auto(0x2, 0x10005, 0x4, 0x0) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r1) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(r4, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x48, r5, 0x2, 0x70bd2b, 0x25dfdbfd, {}, [@NL80211_ATTR_WIPHY_TX_POWER_SETTING={0x8, 0x61, 0x2}, @NL80211_ATTR_VHT_CAPABILITY={0x19, 0x9d, "7f7ba53f495638391b894b5d33c4c40d2842df055d"}, @NL80211_ATTR_WIPHY_NAME={0x6, 0x2, '\\\x00'}, @NL80211_ATTR_TDLS_OPERATION={0x5, 0x8a, 0x62}]}, 0x48}, 0x1, 0x0, 0x0, 0x4040}, 0x20008800) setsockopt$auto(0x3, 0x0, 0x13, 0x0, 0xb) bind$auto(0x3, 0x0, 0x6b) openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim1/health/break_health\x00', 0xc000, 0x0) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0x1d, 0x2, 0x2) io_uring_setup$auto(0x6, 0x0) 20.959597592s ago: executing program 2 (id=2939): openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000140), 0x1c3c01, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/asound/seq/clients\x00', 0x280, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/zswap/parameters/compressor\x00', 0xc0002, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/nfs/parameters/nfs_idmap_cache_timeout\x00', 0xc2902, 0x0) mmap$auto(0x0, 0x400008, 0x36, 0x1009b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x80, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x0) r3 = socket(0x1e, 0x805, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/security/tomoyo/version\x00', 0x40, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x802, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB, @ANYRES32=r7], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) setfsgid$auto(0xee01) sendmsg$auto_TIPC_NL_ADDR_LEGACY_GET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000007a00)={0x14, 0x0, 0x1, 0x70bd29, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x24044081}, 0x24000800) sendmsg$auto_TIPC_NL_NAME_TABLE_GET(r3, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000002c0)={&(0x7f0000001180)=ANY=[@ANYBLOB="870d0000", @ANYRES16=0x0, @ANYBLOB="04002abd7000fedbdf251000000060100780080040000010000008006f00e00000014c101d80040050800c001200feffffffffffffff0c0087005d2b5b2f242c40000400130004002b8014004600000000000000000000000000000000008282d2d2ad12790043b6bb82c645f728e5b57b3bed0a5fd21ce8b9d035f461d86a0777d958e50a2fd32d4ef5db382e2262a9c7d15fa66acae190d121a42276d42ed6d6fcbbb4bcc3c72d86c923bd2920b9e5761180c453a0c514c4e02e10f3e4cbeb3fa5a9748a4b7c35f305a2edce6f6d9e760dae878b22777da9a82c887281e28d2f83607931cb2ce9e730f5c7c36d83cc63f946a967ef2f321586c8afb4a6f86a0a2de07d3c165f9d692a83346b0b9bd9ef3d093011c33f6fe827bd367e5055a57b7ece429a99dd66f23f26e326ff6c8403e6c3ccf438ddefd3ba81cd78c1468a0f19e553f586892ab6d3692842dd29ebb038a391f1d418fe43ced33ad337cbf979cb4e71ec583bc5afb45e6287c392ec662c44114c0f5a48d7d8158e19d4d3a18dc3077df674cbc79336b177299213a422707964099fde1d240c5eb4f1aa7da7153cec4539524dea45ffc0f45a2140ed2ea6bfdaeb4562b9430b4206c4d79f3b19cfe45d2962ffc5a8ec6313873300370610e17028ac918ef305dbc207743f7ddd45e50e6aa9d20cb96cdfd6fcd79b79220da9c2eb9511659db6b187fab5aab6fe962fb18acf6e0e40f76de66156c87071564b9639a934a83232b3890f70750347bc6205d509be281fea937a406d42b1c7c92d15c506dbbd0fc59337552aced638dc5d8d18bc4f39db2b78bb0cdd16970184bef2e7215ef423de0c697bd0755105d86749f41f1fde57806e239919c29d999af61de31d3f8dd8660421d770531ef13972a280c73f884229642e62a87b1bbc538a707cca741a66c67d1812213794622c1c85e2acbc3c8d72f871ad97d89556d8095245c05a3cde462ceebcdda312c0dcb839da2ffb1e3b09503a2faa8c1b7706da432f454ab895dee1c5ecf13b78115ff5eca0fcd9df83cf3d0ae4691e074e3dec50d84b3aa42d5e8e56ab2aae7176ddc16586b3c3972fc174daa7b39a21c77e5a825150e433ee6e0861ca2d4107161bcbd6e1b6de27aed42082f97d0fec10f643ee284c8668d14b7305fc22fb713428425ee0f1f0c3ee048c56a4d8f732cf7e86c47c47ef65c0a3db2c62054721c5e202fa0946bfc71ea712777517aa658e0f08790d338e070615b7ed74efbe3e1b67dd90b6c08432cdff492b2044f55604b50666db5db61242c3f7dcefa8328b34a2a780f705f52aedcfefbff53b0de7cd06be0d5afaaa000b61adcca979905260a44af6aa818509f13da9b4b14ec90a3e05ed05483578d3f651976a0e024b19de7e84d1b8fb0ddeef46550b57ff965de98ac3ff8b7f1afdece1842eb4611033433b8225a325357fa4ed52e978eb18dd1836b8adabe96d06a272c839b147efb4f0abdc84e450158d1f52818f94cb644817f78bf4827244d12d8a9728f639fbec31f605ad97fa5840d4b1226fdd979c1d7edeea2ef4f2578d799f8c870b4f8ef5c8ff2f1094eb552f5c2e893d822a75b87810783ca33deff2fad23122e8eb1af122f115de82cc5cadf29990f75bb6a18507497da297927d94f760369e55ef1a2d3361431f232a97913ebb7f04b90640340ff3948ea255f91908f9396a8f6b8c13bf3450b22c79d902807a8446e56b162aed56c22d14ea0e5e70f65e8024046dbb44b0a76ecc87bdbafd5a7ff9128a1d086d69ef009c2c1573a56c5f672c8e94f98a0510a6ab48bca770e55331c68df7670c4d8ec8e5fd6214c6d0db0fc61cfdd8b9d06f93dda707a90ff3acf7e33e6266bbcbef0cca2f09ab6b00186e81d04475a70de42cf05c52c7a16b957b91144049291d47ddf9d29f869e6307cd9a8b0912fb404370e1b889864fed79343aa670567423818161781e449e648f546ac4318bd344e759f282649dc71b542aa0f7d72be866df3d2a09342ef9659f8c195627d6ae49a75e9487556c9884b6db774c21eaabb926c0661390583519e7e1090128051612ee9dd4621d18c01b71af8239d01b22c8ae5de6bb80df183767f936a3aa3192cae779ed981cdc5db9217fc4195b71714a1783cc829a007ef4376fa2451552aa15eae70691560343942c54a23a75610049126aa05648c7081db1fdab57e0580c564338496b0753516f858d5e90263cdda7d5b7c8557afdfaa75dbbfa2e5841e53f9ca807d70ef8f1c00b6f6d172d2d006b0d6fab0a5a3ea9259a4adda2488485ab43ea032f514374f14d7fb8b2682148b3eeef5a4ebe2bf817262b7b295b610250a766d176053d9720f42420ce0d48835f3869cb365492285e434a639be30922ed147738834909df1bd57c24b573a6b499779c50eb15cf0b250bc22a0642e9e9dbcabaabbc42ec87bf566a0b7fbaa0168f4e91dac45418eaf23e599a9d2bf30d37a6302943697379a82ec2afd729b17a0f6c7f0b6b2c133c9457766edf478fd3b46a3aae6314d8bbfdf9f175e27a24453ea38c3dffaa5ffc7dffbcbf2f4d359650fb3fe37a59c8418d649669c182cdaece83572358ca7749b0f0aa92cb4b6aed8515a13f860f77587aa070461737c6aad54038d41d4ab365502838fe0211b8321011b9b767b2ca23fd5660d7d40a54d1137329e8654318145001149bb68b22f2b847cb9661f7ce1fa50e0a69de90172df25c7196db21713eaf8e75f56444b556678b29c51dfef5fdbdd9d55fa4e50d266acb0d49d70ae86ce6e86f082ec86ee7f80a5955d97164bd855946699b5cb70d6b5d2b33ca01e1511714c12f3c0a8ee4fde841143f621b333e1cdf5171c91459ed75d13a5d7162d919344818d7aed7fb226d010661d7c598f36fcfc390c9f348fa74d04e3ebc49f2a3de02f29de8913734dc78ee5b186b7b6d2c81f5904b70fe44ade2fb645a7100a9879b3a13f31497964871f03f3428316a2fb5c4ed3dbcb50408e124d9878e6c8fe942b55b6ae1db94bc46c92b208e4791a5cb7274631101457ab20f002fbbe8d4fa01b8b72c16ab154cbd95f0b995889add5fa4c2f368c9c76f0f20105ff2757c610838c11f7657c99a6449a4d413324a1efc8d2291442063d737341f5ca81a9807b777a8286bb86a54ce3c9b1b7edaba66a122704f1122d5e764a71304697ce4b0d470c5fd5f07b5d22ea239089801463c348f3d858eed1d67b47868d18a797689807a357aeb026d64ad558366507eae9659fd8c7d627173bfbdec1b31e3eaa3b69ad5067ab3ce13b4208d912b4309490eea82ad3dfe2085c6b73c4273025dbac7c61e218358a7a575d72564d7d4192f6b367363c56e24041554dd1d5370bc89e19e940b7c11701f3fb64538b2428b66805e252f80b0207e21f946748b1c0b464d64fbc0aafa61fc845e2d69c970494d6b64c33a85dbe52e6d6f155f67024579446f2bf02ce0eede69af953088b76c16eda7207088ca4b97016f81945739645a821dfe9edbc455321c8f9ee7ea7fa671f9df8b82fdfa7f2c933d337fb430cedbce0258ad9241c969a17dc59fe2240f8aee1ab300dc2a5264266909c3aa464790bb3199d3f2dbf579462dd2775dcf47524be9246042a156cd7aae855f6cd337661e9e87c6fb655a7bcc14975d80ee6844ea1f3632bd871f2b3ee8ea8e727c5a1d0a3d268c3b22fc09c6daf69e5ea7417a991838e736dc451d77af3496c7b1ed4e77840d213bc09192051cb5b5e3eb642c58a52f5efec50be5f08df50182a4e66a6973fb0dc1b7e4fcf610545fdf078a37c743f54630a83e0fde7fc287dac919d0e8a577b64f1d722da05eaf4987996d752e095d68ade2e5f7c08d881dbef4475558a3028b51635f07decb9aa1229ecb0926f59162afdc09d0e42c8fcda2d354a173b196b898a80fcbe9282dec153dcaac3a73c44b165c093979c18e249157a0709327dcd27733f4ecc8700dded6dc90668c49542b18133fcdb07b4d2e1f77674e09c3914dcbfb0baa9bb74aa1dd478e9d08410fd7d71d3a42df74289cc7fcd318185ae43491c53df25ae121f22774c296529a7aac1a294063bd3e42c828d71dcbfa144eb3d23849aacbcc329be7456083a775108b84ac345050f138e798ce8f1ac72dabaa12cdd8c0057d1e20458beef454eb20390ce13daab33352c8613dc152fee565789fd84eb3e604e49a5bf3f985065c093c25742188817e7c02ba44224f13c314da791e0124ad06c63b5f4a5bc7b47ed3833b71e18001254026be2ee4186e21b63b5c11d98e2e1195583eeb20bf0536ec1c947dd77d3bfe8895ef5ab60e1c6663f12c043b72e80ff216dbfe6d8e17b497649dc2cbf55c4a0465173b3713848ae82ff06e455c5c4f6237aec6e8602d95458e474a279fe7cf37fed1ac225ca060efa219a087dbbfa4140bc0d687c132cc5bc15fe429645b64a4cc396e047ec7ec6e6d8710a2879090b59f98702a69b41f7490542905c459502b9f6f1fab7f212e3b0bf0de280165e74fb8d50112793afe60683132f917a8ef0c919d9fa9f8317b775b5c08ea0484aad1b06fa3b75b6b37cc9b55e4f5c5621b9bab4b48427109147d45fdb60627a437335fed1e717bf44321139f8503f2b2a30748e046b5c43baf8b943a1f6ed8905584202d4966ac5c6468e6e49b21b80df199702257bb09647ced3b3907ab77dbea47102e5dcfe41779ce10d311fbfb00702cb00b2253c6311a3fe9c7fcc9a9c1f6ec2704e3455d0915ec980bf93e2a88ec1c050b03675c12c44ede36561611c815bc4c3c9b585dd064ac05fe22d9009d4dc8a66261471ae90e9ed2f453d0f2d469427ba8cad590c81b178780c7de5302ddbfd517ffbe342c466c408b60d3a17ba3f209e6fdbcb4c0300613292b2107768e8417b5a9192bd31f32f12d6f2453f8cae233056036fb93ac2792849c6ba843c773fa888d6eb26fb9ea9fd49e8fc09195b683f0abcce9e619a001f231075719dc1ecc2e7d3938a89fed34e078450870d1c34cd4ce3a0aaf5be9987578ca220be31de65def9b6491c2dc07bf324e07bcf18bf4631bddc2656eb912af5b8f2df657ec025451ace3a72c54482ed535a901c7ac8cfb66ea0845049d7a5aa97dcacf021dab55e9fbb37fbf5149a9e5886d3c1e455bf02cc26d92fee0e35c0dd3521050aaaca6f2aa75c33455d80a3995c20f8f64a4a4d0ef5ecf80733b94bf492d3dd8ce5ab6e0dd591bb04b07f5c6233ba265156d9c0060ecc972d5b38bb300bb71b2a2c3b5095a5d15afd31fb3b007e0ab8a9944ee3c6a4cf72ee091d657d37fb89d961ba209defde70119afa32723fc38f8670b6ab2f622d1e3493fc8da63e811bd3525a29c2bed18222591e01a336d3f6895f4cd40f6733708081f66d990eef87c6260ec7dc76c8526b746a0607c4fccdd948d89144a069b5e5d31ecb5f7b122589cd73da68de6d7e3b3b6c9b68234642ab7da20c6cca026c93ff3cd32c7e84c09108cd2b02a25b8d198d89ac9810d2053224bf4bb955817e7a535e4ca9d955ed68e67b3ac3527ea80391aeb0785af3c5861d80976d7c2ee924529e9063596323b406fc7f89720790e693a385e690a232900d23dfb3de66f0748570133f1ac27bf6a2171045c72b018500c0aa2c5c9d02dffde5f0e662ac1c2b5d1418db0a52e7430fca53557545b9601d4e4a64aa7e9fb193fe5779aa719ff889a77817a26daf7ce7e0b29e623693e24d59f9c7cde8b03c61b225e50eb1e1e354ebd0121a9fbc3804a9de76bca9369fa358e8a2d89b8daaf67c122795a18adb93ce20b09bf163fd81c1af7c7babf85fd32d07b758947d9db8d83098f740077e5a5e8d00d9b1183f6e55759ff754014fe206c133b37b91056e45a0dbad981a1690e5165eb8df13e3a7f3a9020261af4ee640b00de002d402c282f29000004003c00"], 0x1074}, 0x1, 0x0, 0x0, 0x4000000}, 0x844) read$auto(r1, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000880)='/sys/devices/virtual/block/nbd15/removable\x00', 0x0, 0x0) r9 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/bluetooth/hci4/hci4:201\x00', 0x90000, 0x0) ioctl$auto_XFS_IOC_FSGEOMETRY(r9, 0x8100587e, &(0x7f0000000180)={0x7, 0xc, 0x4, 0x10001, 0x8, 0xcc, 0x1, 0x5, 0x6, 0x6, 0x4, 0x6, "e135c3d2309777fb1a3c05391b27f862", 0xb, 0x4, 0x8, 0x6, 0x7, 0x4, 0x0, 0x5a, 0x8, 0xfffffffa, 0x5, 0xff, 0x8, 0xcb, [0x40, 0x3ff, 0x3f, 0x43, 0x2e87, 0x80000000, 0xe365, 0x200, 0xffff, 0x4, 0x2, 0x9, 0xa3ec, 0x9]}) read$auto(r8, &(0x7f00000008c0)='/dev/rfkill\x00', 0x6) mseal$auto(0x0, 0x7dda, 0x0) madvise$auto(0x0, 0x401000, 0xe) pread64$auto(r0, 0x0, 0x8, 0x8) 20.844057165s ago: executing program 2 (id=2942): mmap$auto(0x100000000, 0x2000d, 0x1, 0xeb1, 0xffffffffffffffff, 0x100000000) sysfs$auto(0x2, 0x5, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) semget$auto(0x0, 0x13c, 0x1ff) recvmmsg$auto(0xffffffffffffffff, &(0x7f00000001c0)={{0x0, 0x5, 0x0, 0x9, 0x0, 0x800000000005, 0x7ffffffd}, 0x8}, 0x3, 0x1, 0x0) semtimedop$auto(0x0, &(0x7f0000000140)={0x7, 0x81, 0x70}, 0x1f4, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x422800, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) ioctl$auto_SNDCTL_SEQ_GETINCOUNT(r1, 0x80045105, 0x0) r2 = socket(0x2c, 0x801, 0x0) mmap$auto(0x0, 0x400408, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptye9\x00', 0x101e81, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x2c402, 0x0) r4 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000980)='/dev/ttye9\x00', 0x102, 0x0) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x0, 0x6, 0xffffffff, 0x2}, 0x8000, 0x0, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = prctl$auto(0x16, 0x1, 0x6, 0xfffffffffffffffe, 0x4) sendfile$auto(r4, r3, 0x0, 0x10000) close_range$auto(r5, r2, 0x5) semctl$auto_GETNCNT(0x0, 0x4, 0xe, 0x4) write$auto_tty_fops_tty_io(r0, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(r0, 0xffffffffffffffff, 0x8) io_uring_setup$auto(0x2, 0x0) pipe2$auto(&(0x7f00000000c0), 0x1) socket(0x2, 0x1, 0x0) socket(0x2, 0x5, 0x0) epoll_create$auto(0x7) r6 = socket$nl_generic(0x10, 0x3, 0x10) epoll_ctl$auto(0x5, 0x1, r6, 0x0) 20.828489338s ago: executing program 2 (id=2945): sendmsg$auto_OVS_CT_LIMIT_CMD_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002480)={0x614, 0x0, 0x1, 0x51bd2e, 0x25dfcbfb, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x600, 0x1, 0x0, 0x1, [@nested={0x5fc, 0x4, 0x0, 0x1, [@nested={0x5f8, 0x122, 0x0, 0x1, [@nested={0x5f4, 0x8b, 0x0, 0x1, [@typed={0x5ed, 0x26, 0x0, 0x0, @binary="f6e23947e333e9e932b8d2abf03148f70065bf93a04e3db47ebe1024e3589f7d3160a6a97f8149909a1514f029281cedf8901efb33ce6628ea375a5894d40d570b864983ab5702c0395d11b68e6a14c61c2965f7aaeb8340055f4e584a5645f36417ccf65e5af29e80ec805f4fdf6a4ea6254a57cef4092c0153649b5e884983377aee07504235a32c6cac22ec1c3ed09f50d96feb9d654dba590a7d83a4efad2703a63b080d0a07f2cc3bb6a9f616679f162d935d1de2f8916c6a590059e2d053176b4c6cc9f93fd8efdb02de4e96eb9943a51690188b7d97224b1b5939e1fd82a5ddd3ad20a23d0ff5167447774a6e705095a84ce9098448070aa779009a609516b9b8a6306a85b4e9991875e5923dbc363c078f753f001ba0d62f36ed0d0d87d18f8f99107f8cac4c5874bfcdd1e8ad83a01b2a9307ae92ef5d2c1f6e73304d2631806496ec87c5c8d7c01acdf324009137967fd7c87d10803a8222c8d9f787e5286374a0a41660b1c377ff67b3f26132ec9b770130800bdc1b1154b745d069489d895ea4745c95a1f3f80c13ae34455b7a3a11f334d76b8dfe4db166f4241ba7c2f8a063b1641fa2721b404068e2af5c6d8927b23798a13fcc10e8795135268cb8abee72c1be523a4420a681be2a20bb4b0fca74b11550db4b6159ed72b632dd4be5b1b1678463c5621190d3ff3afcf84891e2cc06b97fa483af43cd6809bca2b27a124a29234b7e88ee32f48ccc2abc5ebbdb0d6b5d23c3ba96d5188b07e0d4716a4ecd2ba43c98063354d0805c1cac9ea006474e61ce0bbc8920e2d349982ca3448ded8b06b445975dec56725112319ceea6fef0d5a85db0fa928d1be9063ad81aca69c1fa35e22b2ab36bbfd95d4679c9b1b25423d571d5a7cf9fe5e55207dc6c1cc192ca951fcd453a70a43e608843d157c4cd5f93f0fa87cc196bbaba8edf259113b36d347d438cb8c62d104d809e6ce324a4b7c46efabc718534cdf97c52cbe41950b784229e1bef53c8f85b71e4879ff79fc312b6d5a2a8ef04f6a50ec39c520017dd82fdfd377d98be11060b4d378316ff21dd6e43e6b67f80263ea234509eecd3f985bb5a2da559350820e9351098f543ba8fb5d8894814c5e0e39609ca85d54d434dffc599e56b04244b85ea0282da4bc3c787b45f6c35cd0201fa804bc0a8845d57e57f03006b51439a2ed4f02e9771d40ebeed105e87b60767cbea421e1083a4bf417525e025cbd71f4341688f0969dc9a0b126117c17947abecd513d9303e00702ee59575a1879268f22307ff246f25baf34cecb3ada0f2649108a768444c92276bb11455c03d6b4bf1255efd5991c4ed6fff665491bdb4f575e3130d883a046988e5fa23257795ffe517cacd15995c94a034f3d335233240f9fa422c1453346505afe2b657234a521f49d59086d7836a804aaf9e71bcd9b8c803ed9a347a1fc44f8983261e613083ab2c5b03d684753851cb43a7f78f5b94d994238359b495f4d3d67e0a063fe59b2fa5d33f36ea9e1e98601f8657213602966b9bb4e95eae89299845336c70cafa4a8b6218c7610402da94c3d069750de54da8e73a58babc5396ad2005ea53e1c4c587c550896ea76879d74a3e6b2dabab91ad9035bbaea675a03f6631981e96f4498cdc5a27920c0b2cb7067848eb1fbf0c37b1f48b2b246a5150394326ffb324017faea6591af4efd86544a270a944a5240befc8bf53c6a6199ab3d1136a1bfb6f3e95c561ab10753e30b59a080bc99cdc51348b5fe02e7c61e56e64787383bb84ca5207f973e7255f8d7cfb2111ddd93145dae843f40c00ae0c0375cb81095a5735e6123eec3f8dbf0cfb085aeb5bacd6771174548d0897d76dbb9770efeacd7960341b221dc64cca767e6d0ffde5f45fccf7d457136c9b1ccfdeb7446828424fceeeb2b40b3c1dcc0f4ec4b393ae6c2f9b2a4eecc1e7bf5d083a1c057196f71b5d40dc7e124a722b1ff535caca3777cd8f0d9a9ecdbba72d13bcb6428f78319694306a807e752d2a00ac9cff9a209074954d84df84e9f28b2fb872c98c854d94fc6648666039e35861aec0fa2d667f0e439ebf2afdd93665fe45696d48c888e78d9bf9319ceed2b97ab1744b5b1607d18218c503611b3e"}]}]}]}]}]}, 0x614}, 0x1, 0x0, 0x0, 0x40}, 0x4) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b28399b4b", 0xfdef) 20.719866685s ago: executing program 2 (id=2947): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x3000) fcntl$auto(0x8000000000000001, 0x24, 0x8) 20.666092769s ago: executing program 2 (id=2950): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = socket(0xa, 0x5, 0x0) r1 = setfsuid$auto(0xee00) setreuid$auto(r1, 0x0) prctl$auto(0x34, 0x17, 0x0, 0x4, 0x0) msgctl$auto_MSG_INFO(0x875, 0xc, &(0x7f0000000180)={{0x2, 0xee00, 0x0, 0x9, 0x401, 0x0, 0x1}, 0x0, 0x0, 0x9, 0x7, 0x4, 0x5, 0x9, 0x200, 0x8, 0x5, @inferred=0xffffffffffffffff, @raw=0xcb}) fchown$auto(r0, r1, r2) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/mac80211_hwsim/hwsim1/net/wlan1/statistics/rx_crc_errors\x00', 0x0, 0x0) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_USER_PVERSION2(r3, 0x40044104, &(0x7f0000000040)=0x5) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000140), 0x602040, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_INFO(r3, 0x81204101, &(0x7f0000001200)={0x9, 0xfff, 0x3ff, 0x6, "d0b5e9742783bed89b6be52b58b0063615e565f7cad9c6697b568081594847026c814f659db07c04e8577a4f403ae6cab4e6f041d1f2ed3d9e1819156154c517", "93b1aedaeb445ff30f58aaad5478af4c6d9ad70a17ecfd21718b009d7adb70d1e951f08c80f08cec162d15ee328b172a02e064ed033af95c0683c38e04ec0b0ef7df8784aa475e46afe24ea064e8cd7d", "05520fce609f945404e368d0a8a5a69c913a8d984960cd95866bf6a9a26b88b1", 0x5, 0x8000, 0x7, 0x8, '\x00', "a034bcc3c3a10b3e5c43308211ff20245bfd61dd50b36c76475bff2a84759105fea989c4d001c8d3cfb61e63ab866d361b908f304c2df5c4ccfa72cdff4e877f"}) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) write$auto(0xca, &(0x7f0000000040)='\x04\xff\x7f\x00\x00\x00\x00\x00\x00\xc8\xbe\x94\xf3\xa2\x00\x00', 0x3) close_range$auto(0x0, 0xfffffffffffff001, 0x2) socketpair$auto(0x8, 0x1, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vbi0\x00', 0x80382, 0x0) mmap$auto(0x0, 0x25c, 0x8000000000df, 0x9b72, 0xffffffffffffffff, 0x808000) r4 = io_uring_setup$auto(0x401, 0x0) io_uring_register$auto_IORING_UNREGISTER_IOWQ_AFF(r4, 0x12, &(0x7f0000000000), 0x8a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 20.607643457s ago: executing program 3 (id=2266): read$auto(0xc8, 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0xb22, 0x7, 0x1, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) write$auto(r0, 0x0, 0x85) r1 = openat$auto_rng_chrdev_ops_core(0xffffffffffffff9c, 0x0, 0x48a42, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) request_key$auto(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)='keyring\x00', &(0x7f0000000140)='\x00', 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x5, 0x1, 0x9d, 0x13, r1, 0xfffffffffffffffd) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) sysfs$auto(0x2, 0x22, 0x0) r3 = socket(0x15, 0x5, 0x0) r4 = getsockopt$auto(r3, 0x114, 0x2716, 0xfffffffffffffffc, 0x0) write$auto(0x3, 0x0, 0xfffffdef) timer_settime$auto(0x0, 0x3, 0x0, 0x0) close_range$auto(r4, r2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x801, 0x106) ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r2, 0x40045702, &(0x7f0000000180)=0x1fffc00) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) r5 = openat$auto_stat_fops_per_vm_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/kvm/max_mmu_rmap_size\x00', 0x10080, 0x0) write$auto_stat_fops_per_vm_kvm_main(r5, &(0x7f0000000200)="758f0c26c450f834839dc8a53b7f6e76e49d62551a8c3756bb0273bae4410623764223e60a1e36c3dcabcce5c2cb1021afbe3788ab9992c109919062e7f5d3d2decb6948f973b0436700eb46e9d4b326c68785b8eedf47591daa78ca50f3ed4328a5a5cd54cc2e29b6ae187b61f9f7300ff23c7c3b167bcda2fb96d525cb83e0b27e655b56be8fda1910e9c2919f524f0ced37e5b188f2ae69be043a5abcff8b8e9fd2f38251c853f512072c4ab487dd5ec84ff5", 0xb4) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, &(0x7f0000000080), 0x1002, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x8) 19.608101027s ago: executing program 3 (id=2977): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) r1 = semctl$auto(0x7, 0x2, 0x13, 0x5) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r2, &(0x7f0000000080)=')@-!\x00', 0x1e1) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r3, 0x8001af85, &(0x7f0000000000)={0x6}) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r4, 0x540a, 0x0) unshare$auto(0x40000080) unshare$auto(0x6) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x800, 0x0) link$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') prctl$auto(0x3e, 0x1, r1, 0x1, 0x0) socket(0xa, 0x5, 0x84) init_module$auto(0x0, 0xffff9, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xba\b\x1c\xc7k', 0x1000) r5 = waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x3, 0x0) prctl$auto(0x7, 0x3f7, r5, 0xffffffffffffffff, 0x6) write$auto(0x3, 0x0, 0x100082) close_range$auto(0x2, 0xa, 0x0) 4.110733166s ago: executing program 32 (id=2977): mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) r1 = semctl$auto(0x7, 0x2, 0x13, 0x5) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, 0x0, 0x40, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_nsim_dev_health_break_fops_health(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/netdevsim/netdevsim2/health/break_health\x00', 0x48081, 0x0) write$auto(r2, &(0x7f0000000080)=')@-!\x00', 0x1e1) openat$auto_uprobe_events_ops_trace_uprobe(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x2584, 0x0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000140), r0) r3 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_MEM_TABLE(r3, 0x8001af85, &(0x7f0000000000)={0x6}) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x242e40, 0x0) r4 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r4, 0x540a, 0x0) unshare$auto(0x40000080) unshare$auto(0x6) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy1/statistics/dot11RTSSuccessCount\x00', 0x800, 0x0) link$auto(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file0\x00') prctl$auto(0x3e, 0x1, r1, 0x1, 0x0) socket(0xa, 0x5, 0x84) init_module$auto(0x0, 0xffff9, 0x0) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000280)='/proc/thread-self/fail-nth\x00', 0x2, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xba\b\x1c\xc7k', 0x1000) r5 = waitid$auto_P_PGID(0x2, 0x0, 0x0, 0x3, 0x0) prctl$auto(0x7, 0x3f7, r5, 0xffffffffffffffff, 0x6) write$auto(0x3, 0x0, 0x100082) close_range$auto(0x2, 0xa, 0x0) 263.596176ms ago: executing program 0 (id=3752): io_uring_setup$auto(0x1, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/scroll\x00', 0x2062, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/fs/ext4/sda1/reserved_clusters\x00', 0x2101, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000000)="6ab449351f8005", 0x7) write$auto(r0, &(0x7f00000001c0)='1\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) 223.499371ms ago: executing program 1 (id=3754): unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) ioctl$auto_TCFLSH2(r0, 0x540b, &(0x7f0000000280)="e66f1612ed9e5f18851108e312066b1a162c3c2ed83616414fafb47fcb8ac1eb1cd47838eb088ca2b9e392811d1219c7d31dc73f36be66856d8db0f8da2da66a4c2b88f66257e3cd093a") madvise$auto(0x0, 0x2003f2, 0x15) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b44, 0x7) socket(0x2, 0x5, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x76, 0x8004, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) socket(0x1e, 0x80000, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r3, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_MON_IOCQ_RING_SIZE(r2, 0x9205, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001080)=""/98, 0x62) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/ext4/sda1/first_error_errcode\x00', 0x400, 0x0) 187.10562ms ago: executing program 1 (id=3755): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x5, 0x0) socket(0xa, 0x801, 0x84) openat2$auto(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)={0x8, 0x7f, 0x400000000000000a}, 0x80000002) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x4) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r0, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x826, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4009}, 0x4000) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) shmctl$auto_IPC_SET(0xc, 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/nullb0/queue/virt_boundary_mask\x00', 0x101000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000003c0)=""/251, 0xfb) socket(0xb, 0xa, 0xd9) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(r3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) epoll_ctl$auto_EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f00000000c0)={0x4, 0x3}) write$auto(0x3, 0x0, 0xfdef) listen$auto(0x3, 0x81) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 186.591546ms ago: executing program 0 (id=3761): unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) ioctl$auto_TCFLSH2(r0, 0x540b, &(0x7f0000000280)="e66f1612ed9e5f18851108e312066b1a162c3c2ed83616414fafb47fcb8ac1eb1cd47838eb088ca2b9e392811d1219c7d31dc73f36be66856d8db0f8da2da66a4c2b88f66257e3cd093a49aa7052526e26494f177d232ae741ff32b642c8ac04916db84a14b8a1da71193c89e72271") madvise$auto(0x0, 0x2003f2, 0x15) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b44, 0x7) socket(0x2, 0x5, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x76, 0x8004, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) socket(0x1e, 0x80000, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r3, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_MON_IOCQ_RING_SIZE(r2, 0x9205, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001080)=""/98, 0x62) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/ext4/sda1/first_error_errcode\x00', 0x400, 0x0) 123.978031ms ago: executing program 0 (id=3756): syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x24}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x6) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001b80), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x20401, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(r1, 0x4068aea3, &(0x7f0000000040)={0x81, 0x0, [{0x3, 0x0, 0x8}]}) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x5, 0xfffff05e, 0x0, 0x0, 0x80000001) gettid() mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) r2 = socket(0x2, 0x1, 0x0) bind$auto(r2, &(0x7f0000000040)=@in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xfffffff4}, 0x800008}, 0x1, 0x4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c00, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x5}, 0x3, 0x0) 123.743088ms ago: executing program 0 (id=3757): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram4\x00', 0x200, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000002180), 0x0, 0x0) ioctl$auto_TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000021c0)=0xfffffff5) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x100008000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/mtdblock0\x00', 0x14fe02, 0x0) setsockopt$auto_SO_NO_CHECK(r1, 0x3dd, 0xb, &(0x7f0000000080)='\x00', 0x5) ioctl$auto_MEMGETINFO(0xffffffffffffffff, 0x80204d01, 0x0) mmap$auto(0x0, 0x402000b, 0x4af, 0xeb1, 0x401, 0x8000) read$auto(0x3, 0x0, 0xfffffdef) getsockopt$auto_SO_SNDBUF(0xffffffffffffffff, 0x73, 0x7, 0x0, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r2 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48442, 0x0) read$auto(r2, 0x0, 0x1f40) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) sysfs$auto(0x2, 0x8, 0x4) r3 = fsopen$auto(0x0, 0x0) bpf$auto_BPF_MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)=@batch={0x4, 0x6, 0xd, 0x27, 0x9, r1, 0x4, 0x9}, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x10000, 0x14) fsconfig$auto(r3, 0x6, 0x0, 0x0, 0x0) 120.210052ms ago: executing program 1 (id=3758): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x1004, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) clone$auto(0x4, 0x6, 0x0, 0x0, 0x7) setreuid$auto(0x0, 0x0) ioctl$auto_RTC_SET_TIME(r0, 0x4024700a, &(0x7f0000000000)={0x9, 0x6, 0x4, 0x21, 0x5, 0xa, 0x7fff, 0x34e, 0x5}) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000180)={0x0, 0x1002}, 0x1, &(0x7f0000000280)={0x0, 0x401}, 0x6, 0x0) 93.187516ms ago: executing program 1 (id=3759): madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x8, 0x5, 0xffff0054, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0) ioctl$auto_IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, 0x6) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(0xffffffffffffffff, 0x7af, 0x0) io_uring_setup$auto(0x6, 0x0) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r0, 0x7af, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000040)='\xe8\x9d\xf2\x00\xad\xa8]\xaa\xc2\x06\a\xf2\b\x81$\xa9\aKz\xc0\xcaf\xf3\xad c\x8a\xc6\x1f\x10\a\x00S\xc7R\xd0\xf3_\xa3\x15\xf59\x14\xb1t', 0x100000001) getrlimit$auto(0x3, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r2, 0x127f, 0x0) add_key$auto_KEY_SPEC_USER_SESSION_KEYRING(0x0, 0x0, 0x0, 0x74, 0xfffffffffffffffb) mremap$auto(0x200000000000, 0x40000000004, 0x4, 0x3, 0x100000000) mmap$auto(0x0, 0x20009, 0x6, 0xeb1, 0x7f, 0x8000) io_setup$auto(0x1, 0x0) socket(0xf, 0x2, 0x3ec4) mmap$auto(0x0, 0x2020009, 0x2, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r3 = open(&(0x7f0000000000)='&&\x00', 0x595082, 0x0) write$auto(r3, 0x0, 0xfffffdf4) linkat$auto(r3, 0x0, 0xffffffffffffff9c, &(0x7f0000000080)='&&\x00', 0x1000) fsetxattr$auto(r3, &(0x7f0000000180)=':\xbf+<\x8a}\x00\xeb\xfa\xe6\x8d\x02\\VD\x04\x00\x00\x00*\x80\xa4\xf4vql\xa9\x05o\xf7\x9e\xfd\xf7\x00\x00\x00\x00H_/Z>n\xf5F\xbf\xd3\xefi\x91\x88\x1daIu7\xef!\xd0\x04\xdes\xfe`\xf5e;4\xbek\xf9\xec%\xbc\xd4\xfc`\xb9\n\xb5\xa5V\x98\x14]\x8a\x03\xd9', 0x0, 0x8, 0x0) ioctl$auto_USBDEVFS_GETDRIVER(0xffffffffffffffff, 0x41045508, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) 90.051821ms ago: executing program 0 (id=3760): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) ptrace$auto(0x10, 0x0, 0x4, 0x7) ptrace$auto_PTRACE_SETREGSET(0x4205, 0x0, 0x1, 0x9) process_vm_readv$auto(0x0, 0x0, 0x800000001, 0x0, 0x6, 0x4) socket(0x2c, 0x80000, 0x6d) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) getpgrp(0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r0, 0x0, 0x1ff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/firmware/dmi/tables/smbios_entry_point\x00', 0x10100, 0x0) ioctl$auto(0x3, 0x4030ae7b, r4) ioctl$auto_KVM_GET_MSRS(r2, 0x4018aee1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100), 0xc, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) io_uring_setup$auto(0xa, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) mbind$auto(0xf000, 0x8000000000000002, 0x100000000, 0x0, 0x6, 0x2) socket(0x25, 0xa, 0x0) 3.980379ms ago: executing program 0 (id=3762): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_smc_gen_netlink(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(r0, &(0x7f00000003c0)={0x0, 0xfffc, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r1, 0x1, 0x70bd28, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4040840}, 0x80) 3.694937ms ago: executing program 1 (id=3763): unshare$auto(0x40000080) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) madvise$auto(0x0, 0x240007, 0x19) ioctl$auto_TCFLSH2(r0, 0x540b, &(0x7f0000000280)="e66f1612ed9e5f18851108e312066b1a162c3c2ed83616414fafb47fcb8ac1eb1cd47838eb088ca2b9e392811d1219c7d31dc73f36be66856d8db0f8da2da66a4c2b88f66257e3cd093a49aa7052526e26494f177d232ae741ff32b642c8ac04916db84a14b8a1da71193c89e72271") madvise$auto(0x0, 0x2003f2, 0x15) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0}}, 0x24048084) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) capset$auto(&(0x7f0000000180)={0x19980330}, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b44, 0x7) socket(0x2, 0x5, 0x0) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mincore$auto(0x76, 0x8004, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x72, 0x0, 0xc) socket(0x1e, 0x80000, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000240)='/dev/usbmon32\x00', 0x80440, 0x0) r3 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) preadv2$auto(r3, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_MON_IOCQ_RING_SIZE(r2, 0x9205, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/032/001\x00', 0x8202, 0x0) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, &(0x7f0000001080)=""/98, 0x62) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/ext4/sda1/first_error_errcode\x00', 0x400, 0x0) 0s ago: executing program 1 (id=3764): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) read$auto_mon_fops_text_t_mon_text(r1, &(0x7f0000000040)=""/153, 0x99) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_fb_fops_fb_chrdev(0xffffffffffffff9c, &(0x7f0000002940)='/dev/fb0\x00', 0x841, 0x0) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x7fba80, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0xffffffffffffffff, 0x15f4da07, 0x6, 0x10, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0x8]}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HWSIM_CMD_NEW_RADIO(0xffffffffffffffff, 0x0, 0x0) kernel console output (not intermixed with test programs): /0x4b0 [ 576.727290][T13086] alloc_super+0x91e/0xd20 [ 576.727321][T13086] ? __pfx_bpf_fill_super+0x10/0x10 [ 576.727347][T13086] sget_fc+0x117/0xc70 [ 576.727370][T13086] ? __pfx_set_anon_super_fc+0x10/0x10 [ 576.727394][T13086] ? __pfx_bpf_fill_super+0x10/0x10 [ 576.727416][T13086] get_tree_nodev+0x28/0x190 [ 576.727443][T13086] vfs_get_tree+0x92/0x320 [ 576.727466][T13086] vfs_cmd_create+0xd7/0x2a0 [ 576.727500][T13086] __do_sys_fsconfig+0x70e/0xde0 [ 576.727535][T13086] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 576.727567][T13086] ? fput+0x79/0x100 [ 576.727619][T13086] do_syscall_64+0xc9/0xf80 [ 576.727651][T13086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.727675][T13086] RIP: 0033:0x7fa13259aeb9 [ 576.727695][T13086] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 576.727719][T13086] RSP: 002b:00007fa133435028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 576.727744][T13086] RAX: ffffffffffffffda RBX: 00007fa132816090 RCX: 00007fa13259aeb9 [ 576.727760][T13086] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000004 [ 576.727774][T13086] RBP: 00007fa133435090 R08: 0000000000000000 R09: 0000000000000000 [ 576.727789][T13086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.727804][T13086] R13: 00007fa132816128 R14: 00007fa132816090 R15: 00007ffe06163328 [ 576.727839][T13086] [ 577.720776][T13093] zswap: compressor not available [ 577.958465][ T30] audit: type=1800 audit(1770586904.598:9): pid=13109 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1658" name="features" dev="configfs" ino=51024 res=0 errno=0 [ 579.227676][T13128] FAULT_INJECTION: forcing a failure. [ 579.227676][T13128] name failslab, interval 1, probability 0, space 0, times 0 [ 579.446060][T13128] CPU: 1 UID: 0 PID: 13128 Comm: syz.3.1662 Not tainted syzkaller #0 PREEMPT(full) [ 579.446096][T13128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 579.446117][T13128] Call Trace: [ 579.446126][T13128] [ 579.446136][T13128] dump_stack_lvl+0x100/0x190 [ 579.446174][T13128] should_fail_ex.cold+0x5/0xa [ 579.446215][T13128] should_failslab+0xc2/0x120 [ 579.446252][T13128] ? ops_init+0x77/0x5f0 [ 579.446290][T13128] __kmalloc_noprof+0xf6/0x9c0 [ 579.446318][T13128] ? lockdep_init_map_type+0x5c/0x250 [ 579.446362][T13128] ? ops_init+0x77/0x5f0 [ 579.446393][T13128] ops_init+0x77/0x5f0 [ 579.446437][T13128] setup_net+0x118/0x3a0 [ 579.446462][T13128] ? __pfx_setup_net+0x10/0x10 [ 579.446485][T13128] ? lockdep_init_map_type+0x5c/0x250 [ 579.446521][T13128] ? mutex_init_lockep+0x110/0x150 [ 579.446564][T13128] copy_net_ns+0x46f/0x7c0 [ 579.446596][T13128] create_new_namespaces+0x3ea/0xab0 [ 579.446634][T13128] copy_namespaces+0x468/0x5e0 [ 579.446667][T13128] copy_process+0x32d5/0x7890 [ 579.446718][T13128] ? __pfx_copy_process+0x10/0x10 [ 579.446771][T13128] kernel_clone+0xfc/0x930 [ 579.446804][T13128] ? __pfx_futex_wait+0x10/0x10 [ 579.446832][T13128] ? __pfx_kernel_clone+0x10/0x10 [ 579.446886][T13128] __do_sys_clone+0xd9/0x120 [ 579.446923][T13128] ? __pfx___do_sys_clone+0x10/0x10 [ 579.446954][T13128] ? __fget_files+0x21f/0x3d0 [ 579.446991][T13128] ? xfd_validate_state+0x129/0x190 [ 579.447043][T13128] do_syscall_64+0xc9/0xf80 [ 579.447080][T13128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 579.447120][T13128] RIP: 0033:0x7fa13259aeb9 [ 579.447144][T13128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 579.447173][T13128] RSP: 002b:00007fa133455fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 579.447200][T13128] RAX: ffffffffffffffda RBX: 00007fa132815fa0 RCX: 00007fa13259aeb9 [ 579.447220][T13128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 579.447237][T13128] RBP: 00007fa132608c1f R08: 0000000000000000 R09: 0000000000000000 [ 579.447254][T13128] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 579.447270][T13128] R13: 00007fa132816038 R14: 00007fa132815fa0 R15: 00007ffe06163328 [ 579.447309][T13128] [ 580.048283][T13139] udc dummy_udc.0: soft-connect without a gadget driver [ 580.111493][T13139] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 580.124768][T13139] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 580.365672][T13145] FAULT_INJECTION: forcing a failure. [ 580.365672][T13145] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 580.414160][T13145] CPU: 0 UID: 0 PID: 13145 Comm: syz.2.1669 Not tainted syzkaller #0 PREEMPT(full) [ 580.414193][T13145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 580.414207][T13145] Call Trace: [ 580.414216][T13145] [ 580.414225][T13145] dump_stack_lvl+0x100/0x190 [ 580.414262][T13145] should_fail_ex.cold+0x5/0xa [ 580.414311][T13145] _copy_to_user+0x32/0xd0 [ 580.414351][T13145] do_pages_stat+0x559/0x7f0 [ 580.414400][T13145] ? __pfx_do_pages_stat+0x10/0x10 [ 580.414469][T13145] ? do_raw_spin_unlock+0x145/0x1e0 [ 580.414514][T13145] kernel_move_pages+0xecf/0x13f0 [ 580.414545][T13145] ? __fget_files+0x215/0x3d0 [ 580.414576][T13145] ? __pfx_kernel_move_pages+0x10/0x10 [ 580.414616][T13145] ? __fget_files+0x21f/0x3d0 [ 580.414650][T13145] ? fput+0x79/0x100 [ 580.414684][T13145] ? ksys_write+0x1ac/0x250 [ 580.414712][T13145] ? __pfx_ksys_write+0x10/0x10 [ 580.414745][T13145] __x64_sys_move_pages+0xe0/0x1c0 [ 580.414768][T13145] ? do_syscall_64+0x94/0xf80 [ 580.414798][T13145] ? lockdep_hardirqs_on+0x78/0x100 [ 580.414828][T13145] do_syscall_64+0xc9/0xf80 [ 580.414861][T13145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.414887][T13145] RIP: 0033:0x7efdc679aeb9 [ 580.414907][T13145] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.414931][T13145] RSP: 002b:00007efdc7618028 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 580.414955][T13145] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 580.414971][T13145] RDX: 0000000000000000 RSI: 0000000000000f54 RDI: 0000000000000001 [ 580.414986][T13145] RBP: 00007efdc7618090 R08: 0000000000000000 R09: 8000000000000000 [ 580.415001][T13145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 580.415016][T13145] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 580.415049][T13145] [ 580.731020][T13143] sp0: Synchronizing with TNC [ 580.866326][T13153] FAULT_INJECTION: forcing a failure. [ 580.866326][T13153] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 580.992171][T13153] CPU: 0 UID: 0 PID: 13153 Comm: syz.2.1671 Not tainted syzkaller #0 PREEMPT(full) [ 580.992207][T13153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 580.992222][T13153] Call Trace: [ 580.992229][T13153] [ 580.992239][T13153] dump_stack_lvl+0x100/0x190 [ 580.992274][T13153] should_fail_ex.cold+0x5/0xa [ 580.992315][T13153] _copy_from_user+0x2e/0xd0 [ 580.992354][T13153] vmci_host_do_alloc_queuepair.constprop.0+0x297/0x3f0 [ 580.992389][T13153] ? __pfx_vmci_host_do_alloc_queuepair.constprop.0+0x10/0x10 [ 580.992424][T13153] ? lockdep_hardirqs_on+0x78/0x100 [ 580.992460][T13153] ? find_held_lock+0x2b/0x80 [ 580.992485][T13153] ? tomoyo_path_number_perm+0x28f/0x580 [ 580.992520][T13153] ? tomoyo_path_number_perm+0x28f/0x580 [ 580.992562][T13153] ? tomoyo_path_number_perm+0x188/0x580 [ 580.992604][T13153] vmci_host_unlocked_ioctl+0x697/0x2070 [ 580.992637][T13153] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 580.992668][T13153] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 580.992698][T13153] ? do_vfs_ioctl+0x226/0x13e0 [ 580.992737][T13153] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 580.992786][T13153] ? find_held_lock+0x2b/0x80 [ 580.992809][T13153] ? hook_file_ioctl_common+0x146/0x410 [ 580.992853][T13153] ? __fget_files+0x21f/0x3d0 [ 580.992886][T13153] ? __pfx_vmci_host_unlocked_ioctl+0x10/0x10 [ 580.992918][T13153] __x64_sys_ioctl+0x18e/0x210 [ 580.992959][T13153] do_syscall_64+0xc9/0xf80 [ 580.992999][T13153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 580.993024][T13153] RIP: 0033:0x7efdc679aeb9 [ 580.993043][T13153] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 580.993068][T13153] RSP: 002b:00007efdc7618028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 580.993091][T13153] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 580.993109][T13153] RDX: 0000000000000000 RSI: 00000000000007a8 RDI: 0000000000000002 [ 580.993124][T13153] RBP: 00007efdc7618090 R08: 0000000000000000 R09: 0000000000000000 [ 580.993138][T13153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 580.993153][T13153] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 580.993188][T13153] [ 581.396646][T13150] FAULT_INJECTION: forcing a failure. [ 581.396646][T13150] name failslab, interval 1, probability 0, space 0, times 0 [ 581.480138][T13150] CPU: 0 UID: 0 PID: 13150 Comm: syz.3.1670 Not tainted syzkaller #0 PREEMPT(full) [ 581.480179][T13150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 581.480195][T13150] Call Trace: [ 581.480205][T13150] [ 581.480216][T13150] dump_stack_lvl+0x100/0x190 [ 581.480257][T13150] should_fail_ex.cold+0x5/0xa [ 581.480302][T13150] should_failslab+0xc2/0x120 [ 581.480342][T13150] __kmalloc_node_track_caller_noprof+0xf9/0x9d0 [ 581.480382][T13150] ? cache_create_net+0x2b/0x220 [ 581.480424][T13150] ? __pfx_nfsd_net_init+0x10/0x10 [ 581.480465][T13150] ? kmemdup_noprof+0x29/0x60 [ 581.480499][T13150] kmemdup_noprof+0x29/0x60 [ 581.480534][T13150] cache_create_net+0x2b/0x220 [ 581.480572][T13150] ? __pfx_nfsd_net_init+0x10/0x10 [ 581.480612][T13150] nfsd_idmap_init+0x62/0x250 [ 581.480643][T13150] ? __pfx_nfsd_net_init+0x10/0x10 [ 581.480682][T13150] nfsd_net_init+0x69/0x3d0 [ 581.480723][T13150] ? __pfx_nfsd_net_init+0x10/0x10 [ 581.480763][T13150] ops_init+0x1e2/0x5f0 [ 581.480809][T13150] setup_net+0x118/0x3a0 [ 581.480835][T13150] ? __pfx_setup_net+0x10/0x10 [ 581.480857][T13150] ? lockdep_init_map_type+0x5c/0x250 [ 581.480895][T13150] ? mutex_init_lockep+0x110/0x150 [ 581.480947][T13150] copy_net_ns+0x46f/0x7c0 [ 581.480980][T13150] create_new_namespaces+0x3ea/0xab0 [ 581.481023][T13150] copy_namespaces+0x468/0x5e0 [ 581.481057][T13150] copy_process+0x32d5/0x7890 [ 581.481111][T13150] ? __pfx_copy_process+0x10/0x10 [ 581.481155][T13150] ? find_held_lock+0x2b/0x80 [ 581.481198][T13150] kernel_clone+0xfc/0x930 [ 581.481233][T13150] ? __pfx_futex_wait+0x10/0x10 [ 581.481261][T13150] ? __pfx_kernel_clone+0x10/0x10 [ 581.481317][T13150] __do_sys_clone+0xd9/0x120 [ 581.481355][T13150] ? __pfx___do_sys_clone+0x10/0x10 [ 581.481391][T13150] ? __fget_files+0x21f/0x3d0 [ 581.481433][T13150] ? xfd_validate_state+0x129/0x190 [ 581.481489][T13150] do_syscall_64+0xc9/0xf80 [ 581.481526][T13150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.481554][T13150] RIP: 0033:0x7fa13259aeb9 [ 581.481577][T13150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 581.481604][T13150] RSP: 002b:00007fa133455fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 581.481633][T13150] RAX: ffffffffffffffda RBX: 00007fa132815fa0 RCX: 00007fa13259aeb9 [ 581.481653][T13150] RDX: 0000000000000000 RSI: 0000000000000700 RDI: 0000000040180211 [ 581.481671][T13150] RBP: 00007fa132608c1f R08: 0000000000000000 R09: 0000000000000000 [ 581.481689][T13150] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 581.481705][T13150] R13: 00007fa132816038 R14: 00007fa132815fa0 R15: 00007ffe06163328 [ 581.481743][T13150] [ 583.673629][T13194] random: crng reseeded on system resumption [ 584.440461][T13205] FAULT_INJECTION: forcing a failure. [ 584.440461][T13205] name failslab, interval 1, probability 0, space 0, times 0 [ 584.594227][T13205] CPU: 0 UID: 0 PID: 13205 Comm: syz.0.1683 Not tainted syzkaller #0 PREEMPT(full) [ 584.594265][T13205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 584.594281][T13205] Call Trace: [ 584.594290][T13205] [ 584.594300][T13205] dump_stack_lvl+0x100/0x190 [ 584.594338][T13205] should_fail_ex.cold+0x5/0xa [ 584.594385][T13205] should_failslab+0xc2/0x120 [ 584.594426][T13205] kmem_cache_alloc_noprof+0x83/0x780 [ 584.594461][T13205] ? __proc_create+0xc2/0x8c0 [ 584.594499][T13205] ? __proc_create+0x2cb/0x8c0 [ 584.594547][T13205] ? __proc_create+0x2cb/0x8c0 [ 584.594590][T13205] __proc_create+0x2cb/0x8c0 [ 584.594629][T13205] ? __pfx___proc_create+0x10/0x10 [ 584.594673][T13205] ? _raw_write_unlock+0x28/0x50 [ 584.594704][T13205] ? proc_register+0x559/0x8a0 [ 584.594733][T13205] proc_create_reg+0x75/0x170 [ 584.594761][T13205] proc_create_data+0x86/0x110 [ 584.594788][T13205] ? __pfx_proc_create_data+0x10/0x10 [ 584.594816][T13205] ? cache_register_net+0x137/0x5e0 [ 584.594855][T13205] ? cache_register_net+0x137/0x5e0 [ 584.594902][T13205] cache_register_net+0x25a/0x5e0 [ 584.594959][T13205] nfsd_export_init+0x16e/0x250 [ 584.595004][T13205] ? __pfx_nfsd_net_init+0x10/0x10 [ 584.595044][T13205] nfsd_net_init+0x33/0x3d0 [ 584.595085][T13205] ? __pfx_nfsd_net_init+0x10/0x10 [ 584.595125][T13205] ops_init+0x1e2/0x5f0 [ 584.595172][T13205] setup_net+0x118/0x3a0 [ 584.595199][T13205] ? __pfx_setup_net+0x10/0x10 [ 584.595220][T13205] ? lockdep_init_map_type+0x5c/0x250 [ 584.595260][T13205] ? mutex_init_lockep+0x110/0x150 [ 584.595304][T13205] copy_net_ns+0x46f/0x7c0 [ 584.595336][T13205] create_new_namespaces+0x3ea/0xab0 [ 584.595376][T13205] copy_namespaces+0x468/0x5e0 [ 584.595410][T13205] copy_process+0x32d5/0x7890 [ 584.595463][T13205] ? __pfx_copy_process+0x10/0x10 [ 584.595518][T13205] kernel_clone+0xfc/0x930 [ 584.595555][T13205] ? __pfx_futex_wait+0x10/0x10 [ 584.595585][T13205] ? __pfx_kernel_clone+0x10/0x10 [ 584.595643][T13205] __do_sys_clone+0xd9/0x120 [ 584.595680][T13205] ? __pfx___do_sys_clone+0x10/0x10 [ 584.595717][T13205] ? __fget_files+0x21f/0x3d0 [ 584.595761][T13205] ? xfd_validate_state+0x129/0x190 [ 584.595818][T13205] do_syscall_64+0xc9/0xf80 [ 584.595852][T13205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.595880][T13205] RIP: 0033:0x7f975359aeb9 [ 584.595904][T13205] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 584.595940][T13205] RSP: 002b:00007f97543fbfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 584.595967][T13205] RAX: ffffffffffffffda RBX: 00007f9753816090 RCX: 00007f975359aeb9 [ 584.595986][T13205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 584.596003][T13205] RBP: 00007f9753608c1f R08: 0000000000000000 R09: 0000000000000000 [ 584.596019][T13205] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 584.596036][T13205] R13: 00007f9753816128 R14: 00007f9753816090 R15: 00007ffe9663a9e8 [ 584.596070][T13205] [ 586.940659][T13246] FAULT_INJECTION: forcing a failure. [ 586.940659][T13246] name failslab, interval 1, probability 0, space 0, times 0 [ 586.990325][T13246] CPU: 0 UID: 0 PID: 13246 Comm: syz.1.1693 Not tainted syzkaller #0 PREEMPT(full) [ 586.990364][T13246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 586.990379][T13246] Call Trace: [ 586.990387][T13246] [ 586.990397][T13246] dump_stack_lvl+0x100/0x190 [ 586.990433][T13246] should_fail_ex.cold+0x5/0xa [ 586.990482][T13246] should_failslab+0xc2/0x120 [ 586.990517][T13246] ? tomoyo_realpath_from_path+0xb6/0x690 [ 586.990544][T13246] __kmalloc_noprof+0xf6/0x9c0 [ 586.990580][T13246] ? tomoyo_realpath_from_path+0xb6/0x690 [ 586.990605][T13246] tomoyo_realpath_from_path+0xb6/0x690 [ 586.990640][T13246] tomoyo_path_number_perm+0x23c/0x580 [ 586.990675][T13246] ? tomoyo_path_number_perm+0x22e/0x580 [ 586.990712][T13246] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 586.990784][T13246] ? find_held_lock+0x2b/0x80 [ 586.990809][T13246] ? hook_file_ioctl_common+0x146/0x410 [ 586.990845][T13246] ? __fget_files+0x215/0x3d0 [ 586.990879][T13246] ? __fget_files+0x21f/0x3d0 [ 586.990912][T13246] security_file_ioctl+0xd3/0x230 [ 586.990949][T13246] __x64_sys_ioctl+0xb7/0x210 [ 586.990991][T13246] do_syscall_64+0xc9/0xf80 [ 586.991024][T13246] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.991050][T13246] RIP: 0033:0x7f742d39aeb9 [ 586.991069][T13246] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 586.991094][T13246] RSP: 002b:00007f742e1a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 586.991118][T13246] RAX: ffffffffffffffda RBX: 00007f742d615fa0 RCX: 00007f742d39aeb9 [ 586.991135][T13246] RDX: 0000000000000009 RSI: 000000000000560a RDI: 000000000000000a [ 586.991151][T13246] RBP: 00007f742e1a0090 R08: 0000000000000000 R09: 0000000000000000 [ 586.991167][T13246] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 586.991182][T13246] R13: 00007f742d616038 R14: 00007f742d615fa0 R15: 00007ffdccdf6a38 [ 586.991218][T13246] [ 586.991390][T13246] ERROR: Out of memory at tomoyo_realpath_from_path. [ 587.297287][ T53] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 588.050573][T13267] random: crng reseeded on system resumption [ 589.577158][T13292] binder: 13291:13292 ioctl c018620c 0 returned -1 [ 589.599358][T13292] FAULT_INJECTION: forcing a failure. [ 589.599358][T13292] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 589.633941][T13292] CPU: 1 UID: 0 PID: 13292 Comm: syz.0.1705 Not tainted syzkaller #0 PREEMPT(full) [ 589.633977][T13292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 589.633990][T13292] Call Trace: [ 589.633997][T13292] [ 589.634007][T13292] dump_stack_lvl+0x100/0x190 [ 589.634042][T13292] should_fail_ex.cold+0x5/0xa [ 589.634081][T13292] _copy_from_user+0x2e/0xd0 [ 589.634120][T13292] copy_msghdr_from_user+0x9f/0x4f0 [ 589.634151][T13292] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 589.634187][T13292] ? _kstrtoull+0x13c/0x1f0 [ 589.634214][T13292] ? __pfx__kstrtoull+0x10/0x10 [ 589.634248][T13292] ___sys_sendmsg+0x106/0x1e0 [ 589.634295][T13292] ? __pfx____sys_sendmsg+0x10/0x10 [ 589.634358][T13292] ? __pfx___might_resched+0x10/0x10 [ 589.634403][T13292] __sys_sendmmsg+0x205/0x430 [ 589.634445][T13292] ? __pfx___sys_sendmmsg+0x10/0x10 [ 589.634491][T13292] ? __fget_files+0x215/0x3d0 [ 589.634517][T13292] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 589.634565][T13292] ? fput+0x79/0x100 [ 589.634598][T13292] ? ksys_write+0x1ac/0x250 [ 589.634624][T13292] ? __pfx_ksys_write+0x10/0x10 [ 589.634659][T13292] __x64_sys_sendmmsg+0x9c/0x100 [ 589.634695][T13292] ? lockdep_hardirqs_on+0x78/0x100 [ 589.634724][T13292] do_syscall_64+0xc9/0xf80 [ 589.634759][T13292] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.634783][T13292] RIP: 0033:0x7f975359aeb9 [ 589.634803][T13292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 589.634824][T13292] RSP: 002b:00007f975441d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 589.634847][T13292] RAX: ffffffffffffffda RBX: 00007f9753815fa0 RCX: 00007f975359aeb9 [ 589.634862][T13292] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000008 [ 589.634876][T13292] RBP: 00007f975441d090 R08: 0000000000000000 R09: 0000000000000000 [ 589.634892][T13292] R10: 000000000000400c R11: 0000000000000246 R12: 0000000000000001 [ 589.634907][T13292] R13: 00007f9753816038 R14: 00007f9753815fa0 R15: 00007ffe9663a9e8 [ 589.634943][T13292] [ 590.285080][T13304] random: crng reseeded on system resumption [ 590.985608][T13323] NFSD: Failed to start, no listeners configured. [ 591.267511][T13327] FAULT_INJECTION: forcing a failure. [ 591.267511][T13327] name failslab, interval 1, probability 0, space 0, times 0 [ 591.317397][T13327] CPU: 0 UID: 0 PID: 13327 Comm: syz.1.1712 Not tainted syzkaller #0 PREEMPT(full) [ 591.317431][T13327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 591.317440][T13327] Call Trace: [ 591.317445][T13327] [ 591.317451][T13327] dump_stack_lvl+0x100/0x190 [ 591.317474][T13327] should_fail_ex.cold+0x5/0xa [ 591.317497][T13327] should_failslab+0xc2/0x120 [ 591.317516][T13327] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 591.317536][T13327] ? __alloc_skb+0x156/0x410 [ 591.317558][T13327] ? __alloc_skb+0x156/0x410 [ 591.317573][T13327] __alloc_skb+0x156/0x410 [ 591.317590][T13327] ? __alloc_skb+0x35d/0x410 [ 591.317607][T13327] ? __pfx___alloc_skb+0x10/0x10 [ 591.317627][T13327] ? idr_get_next+0xec/0x150 [ 591.317643][T13327] ? __pfx_idr_get_next+0x10/0x10 [ 591.317660][T13327] ctrl_build_family_msg+0x36/0xa0 [ 591.317678][T13327] ctrl_getfamily+0x361/0x550 [ 591.317694][T13327] ? __pfx_ctrl_getfamily+0x10/0x10 [ 591.317709][T13327] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 591.317725][T13327] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 591.317744][T13327] genl_family_rcv_msg_doit+0x214/0x300 [ 591.317761][T13327] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 591.317775][T13327] ? genl_get_cmd+0x3ef/0x720 [ 591.317794][T13327] ? __dev_queue_xmit+0x7fd/0x46f0 [ 591.317810][T13327] ? __radix_tree_lookup+0x217/0x2b0 [ 591.317828][T13327] genl_rcv_msg+0x560/0x800 [ 591.317845][T13327] ? __pfx_genl_rcv_msg+0x10/0x10 [ 591.317860][T13327] ? __pfx_ctrl_getfamily+0x10/0x10 [ 591.317881][T13327] netlink_rcv_skb+0x159/0x420 [ 591.317894][T13327] ? __pfx_genl_rcv_msg+0x10/0x10 [ 591.317909][T13327] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 591.317929][T13327] ? netlink_deliver_tap+0x1ae/0xcc0 [ 591.317952][T13327] genl_rcv+0x28/0x40 [ 591.317964][T13327] netlink_unicast+0x5aa/0x870 [ 591.317987][T13327] ? __pfx_netlink_unicast+0x10/0x10 [ 591.318015][T13327] netlink_sendmsg+0x8b0/0xda0 [ 591.318038][T13327] ? __pfx_netlink_sendmsg+0x10/0x10 [ 591.318061][T13327] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 591.318082][T13327] __sys_sendto+0x4aa/0x520 [ 591.318101][T13327] ? __pfx___sys_sendto+0x10/0x10 [ 591.318133][T13327] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 591.318166][T13327] __x64_sys_sendto+0xe0/0x1c0 [ 591.318183][T13327] ? do_syscall_64+0x94/0xf80 [ 591.318199][T13327] ? lockdep_hardirqs_on+0x78/0x100 [ 591.318215][T13327] do_syscall_64+0xc9/0xf80 [ 591.318232][T13327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.318246][T13327] RIP: 0033:0x7f742d35b78e [ 591.318258][T13327] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 591.318271][T13327] RSP: 002b:00007f742e19ee88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 591.318286][T13327] RAX: ffffffffffffffda RBX: 00007f742e1a06c0 RCX: 00007f742d35b78e [ 591.318295][T13327] RDX: 0000000000000028 RSI: 00007f742e19f000 RDI: 0000000000000005 [ 591.318303][T13327] RBP: 0000000000000000 R08: 00007f742e19ef04 R09: 000000000000000c [ 591.318312][T13327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 591.318320][T13327] R13: 00007f742e19ef58 R14: 00007f742e19f000 R15: 0000000000000000 [ 591.318339][T13327] [ 592.795997][T13348] binder: 13345:13348 ioctl c018620c 0 returned -1 [ 593.979282][T13363] random: crng reseeded on system resumption [ 594.756335][T13385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1724'. [ 598.129406][T13445] binder: 13444:13445 ioctl c018620c 0 returned -1 [ 598.174764][T13445] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1741'. [ 599.059674][T13463] FAULT_INJECTION: forcing a failure. [ 599.059674][T13463] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 599.132291][T13463] CPU: 0 UID: 0 PID: 13463 Comm: syz.3.1744 Not tainted syzkaller #0 PREEMPT(full) [ 599.132326][T13463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 599.132339][T13463] Call Trace: [ 599.132347][T13463] [ 599.132356][T13463] dump_stack_lvl+0x100/0x190 [ 599.132390][T13463] should_fail_ex.cold+0x5/0xa [ 599.132431][T13463] _copy_from_user+0x2e/0xd0 [ 599.132480][T13463] copy_msghdr_from_user+0x9f/0x4f0 [ 599.132513][T13463] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 599.132547][T13463] ? _kstrtoull+0x13c/0x1f0 [ 599.132569][T13463] ? __pfx__kstrtoull+0x10/0x10 [ 599.132598][T13463] ___sys_sendmsg+0x106/0x1e0 [ 599.132628][T13463] ? __pfx____sys_sendmsg+0x10/0x10 [ 599.132697][T13463] __sys_sendmmsg+0x205/0x430 [ 599.132733][T13463] ? __pfx___sys_sendmmsg+0x10/0x10 [ 599.132789][T13463] ? __fget_files+0x215/0x3d0 [ 599.132815][T13463] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 599.132863][T13463] ? fput+0x79/0x100 [ 599.132896][T13463] ? ksys_write+0x1ac/0x250 [ 599.132923][T13463] ? __pfx_ksys_write+0x10/0x10 [ 599.132958][T13463] __x64_sys_sendmmsg+0x9c/0x100 [ 599.132995][T13463] ? lockdep_hardirqs_on+0x78/0x100 [ 599.133023][T13463] do_syscall_64+0xc9/0xf80 [ 599.133055][T13463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.133079][T13463] RIP: 0033:0x7fa13259aeb9 [ 599.133097][T13463] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 599.133124][T13463] RSP: 002b:00007fa133456028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 599.133147][T13463] RAX: ffffffffffffffda RBX: 00007fa132815fa0 RCX: 00007fa13259aeb9 [ 599.133163][T13463] RDX: 0000000000000400 RSI: 0000000000000000 RDI: 0000000000000004 [ 599.133178][T13463] RBP: 00007fa133456090 R08: 0000000000000000 R09: 0000000000000000 [ 599.133192][T13463] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 599.133211][T13463] R13: 00007fa132816038 R14: 00007fa132815fa0 R15: 00007ffe06163328 [ 599.133244][T13463] [ 599.749369][T13478] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1748'. [ 600.787373][T13498] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1752'. [ 600.817153][T13499] FAULT_INJECTION: forcing a failure. [ 600.817153][T13499] name failslab, interval 1, probability 0, space 0, times 0 [ 600.874163][T13499] CPU: 1 UID: 0 PID: 13499 Comm: syz.1.1753 Not tainted syzkaller #0 PREEMPT(full) [ 600.874197][T13499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 600.874212][T13499] Call Trace: [ 600.874221][T13499] [ 600.874231][T13499] dump_stack_lvl+0x100/0x190 [ 600.874268][T13499] should_fail_ex.cold+0x5/0xa [ 600.874310][T13499] should_failslab+0xc2/0x120 [ 600.874358][T13499] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 600.874394][T13499] ? alloc_inode+0x183/0x250 [ 600.874437][T13499] ? alloc_inode+0x183/0x250 [ 600.874471][T13499] alloc_inode+0x183/0x250 [ 600.874507][T13499] new_inode+0x22/0x1c0 [ 600.874541][T13499] ? kasan_save_track+0x14/0x30 [ 600.874575][T13499] binderfs_fill_super+0x775/0x13d0 [ 600.874617][T13499] ? __pfx_binderfs_fill_super+0x10/0x10 [ 600.874684][T13499] ? shrinker_register+0x1db/0x240 [ 600.874721][T13499] ? sget_fc+0x801/0xc70 [ 600.874748][T13499] ? __pfx_set_anon_super_fc+0x10/0x10 [ 600.874775][T13499] ? __pfx_binderfs_fill_super+0x10/0x10 [ 600.874808][T13499] get_tree_nodev+0xdd/0x190 [ 600.874838][T13499] vfs_get_tree+0x92/0x320 [ 600.874863][T13499] vfs_cmd_create+0xd7/0x2a0 [ 600.874902][T13499] __do_sys_fsconfig+0x70e/0xde0 [ 600.874943][T13499] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 600.874978][T13499] ? fput+0x79/0x100 [ 600.875028][T13499] do_syscall_64+0xc9/0xf80 [ 600.875062][T13499] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 600.875088][T13499] RIP: 0033:0x7f742d39aeb9 [ 600.875108][T13499] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 600.875133][T13499] RSP: 002b:00007f742e17f028 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 600.875157][T13499] RAX: ffffffffffffffda RBX: 00007f742d616090 RCX: 00007f742d39aeb9 [ 600.875174][T13499] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000004 [ 600.875189][T13499] RBP: 00007f742e17f090 R08: 0000000000000000 R09: 0000000000000000 [ 600.875204][T13499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 600.875219][T13499] R13: 00007f742d616128 R14: 00007f742d616090 R15: 00007ffdccdf6a38 [ 600.875256][T13499] [ 600.893232][T13494] FAULT_INJECTION: forcing a failure. [ 600.893232][T13494] name failslab, interval 1, probability 0, space 0, times 0 [ 601.202376][T13494] CPU: 1 UID: 0 PID: 13494 Comm: syz.0.1752 Not tainted syzkaller #0 PREEMPT(full) [ 601.202415][T13494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 601.202437][T13494] Call Trace: [ 601.202448][T13494] [ 601.202458][T13494] dump_stack_lvl+0x100/0x190 [ 601.202498][T13494] should_fail_ex.cold+0x5/0xa [ 601.202544][T13494] should_failslab+0xc2/0x120 [ 601.202592][T13494] kmem_cache_alloc_noprof+0x83/0x780 [ 601.202630][T13494] ? __proc_create+0xc2/0x8c0 [ 601.202671][T13494] ? __proc_create+0x2cb/0x8c0 [ 601.202724][T13494] ? __proc_create+0x2cb/0x8c0 [ 601.202764][T13494] __proc_create+0x2cb/0x8c0 [ 601.202807][T13494] ? __pfx___proc_create+0x10/0x10 [ 601.202868][T13494] ? _raw_write_unlock+0x28/0x50 [ 601.202905][T13494] proc_create_reg+0x75/0x170 [ 601.202936][T13494] proc_create_data+0x86/0x110 [ 601.202962][T13494] ? __pfx_proc_create_data+0x10/0x10 [ 601.202991][T13494] ? cache_register_net+0x137/0x5e0 [ 601.203032][T13494] ? cache_register_net+0x137/0x5e0 [ 601.203081][T13494] cache_register_net+0x1e0/0x5e0 [ 601.203125][T13494] nfsd_export_init+0xb6/0x250 [ 601.203169][T13494] ? __pfx_nfsd_net_init+0x10/0x10 [ 601.203208][T13494] nfsd_net_init+0x33/0x3d0 [ 601.203249][T13494] ? __pfx_nfsd_net_init+0x10/0x10 [ 601.203289][T13494] ops_init+0x1e2/0x5f0 [ 601.203335][T13494] setup_net+0x118/0x3a0 [ 601.203361][T13494] ? __pfx_setup_net+0x10/0x10 [ 601.203384][T13494] ? lockdep_init_map_type+0x5c/0x250 [ 601.203424][T13494] ? mutex_init_lockep+0x110/0x150 [ 601.203468][T13494] copy_net_ns+0x46f/0x7c0 [ 601.203501][T13494] create_new_namespaces+0x3ea/0xab0 [ 601.203542][T13494] copy_namespaces+0x468/0x5e0 [ 601.203584][T13494] copy_process+0x32d5/0x7890 [ 601.203640][T13494] ? __pfx_copy_process+0x10/0x10 [ 601.203697][T13494] kernel_clone+0xfc/0x930 [ 601.203734][T13494] ? __pfx_futex_wait+0x10/0x10 [ 601.203764][T13494] ? __pfx_kernel_clone+0x10/0x10 [ 601.203823][T13494] __do_sys_clone+0xd9/0x120 [ 601.203861][T13494] ? __pfx___do_sys_clone+0x10/0x10 [ 601.203933][T13494] ? __fget_files+0x21f/0x3d0 [ 601.203980][T13494] ? xfd_validate_state+0x129/0x190 [ 601.204027][T13494] do_syscall_64+0xc9/0xf80 [ 601.204063][T13494] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.204091][T13494] RIP: 0033:0x7f975359aeb9 [ 601.204115][T13494] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 601.204142][T13494] RSP: 002b:00007f97543fbfd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 601.204169][T13494] RAX: ffffffffffffffda RBX: 00007f9753816090 RCX: 00007f975359aeb9 [ 601.204188][T13494] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 601.204205][T13494] RBP: 00007f9753608c1f R08: 0000000000000000 R09: 0000000000000000 [ 601.204222][T13494] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 601.204238][T13494] R13: 00007f9753816128 R14: 00007f9753816090 R15: 00007ffe9663a9e8 [ 601.204276][T13494] [ 601.842841][T13519] FAULT_INJECTION: forcing a failure. [ 601.842841][T13519] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 601.857548][T13519] CPU: 1 UID: 0 PID: 13519 Comm: syz.2.1757 Not tainted syzkaller #0 PREEMPT(full) [ 601.857583][T13519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 601.857597][T13519] Call Trace: [ 601.857606][T13519] [ 601.857615][T13519] dump_stack_lvl+0x100/0x190 [ 601.857652][T13519] should_fail_ex.cold+0x5/0xa [ 601.857694][T13519] _copy_from_user+0x2e/0xd0 [ 601.857733][T13519] core_sys_select+0x472/0xbb0 [ 601.857769][T13519] ? __pfx_core_sys_select+0x10/0x10 [ 601.857795][T13519] ? get_pid_task+0xfc/0x250 [ 601.857835][T13519] ? get_pid_task+0x106/0x250 [ 601.857889][T13519] ? __mutex_unlock_slowpath+0x15c/0x790 [ 601.857920][T13519] ? __fget_files+0x215/0x3d0 [ 601.857943][T13519] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 601.857977][T13519] kern_select+0x20c/0x270 [ 601.858004][T13519] ? __pfx_kern_select+0x10/0x10 [ 601.858034][T13519] ? __pfx_ksys_write+0x10/0x10 [ 601.858064][T13519] __x64_sys_select+0xbd/0x160 [ 601.858089][T13519] ? do_syscall_64+0x94/0xf80 [ 601.858118][T13519] ? lockdep_hardirqs_on+0x78/0x100 [ 601.858147][T13519] do_syscall_64+0xc9/0xf80 [ 601.858180][T13519] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 601.858206][T13519] RIP: 0033:0x7efdc679aeb9 [ 601.858228][T13519] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 601.858251][T13519] RSP: 002b:00007efdc75d6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 601.858276][T13519] RAX: ffffffffffffffda RBX: 00007efdc6a16180 RCX: 00007efdc679aeb9 [ 601.858293][T13519] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 601.858308][T13519] RBP: 00007efdc75d6090 R08: 0000000000000000 R09: 0000000000000000 [ 601.858323][T13519] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 601.858338][T13519] R13: 00007efdc6a16218 R14: 00007efdc6a16180 R15: 00007ffc5f74ab38 [ 601.858374][T13519] [ 602.446893][T13529] random: crng reseeded on system resumption [ 603.471171][T12819] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 605.172926][T13560] FAULT_INJECTION: forcing a failure. [ 605.172926][T13560] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 605.224051][T13560] CPU: 1 UID: 0 PID: 13560 Comm: syz.0.1766 Not tainted syzkaller #0 PREEMPT(full) [ 605.224081][T13560] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 605.224093][T13560] Call Trace: [ 605.224100][T13560] [ 605.224107][T13560] dump_stack_lvl+0x100/0x190 [ 605.224139][T13560] should_fail_ex.cold+0x5/0xa [ 605.224174][T13560] _copy_to_user+0x32/0xd0 [ 605.224217][T13560] simple_read_from_buffer+0xcb/0x170 [ 605.224245][T13560] proc_fail_nth_read+0x1af/0x230 [ 605.224275][T13560] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 605.224303][T13560] ? rw_verify_area+0xce/0x6d0 [ 605.224325][T13560] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 605.224351][T13560] vfs_read+0x1e4/0xb30 [ 605.224383][T13560] ? __pfx_vfs_read+0x10/0x10 [ 605.224405][T13560] ? find_held_lock+0x2b/0x80 [ 605.224430][T13560] ? __fget_files+0x215/0x3d0 [ 605.224463][T13560] ? __fget_files+0x21f/0x3d0 [ 605.224497][T13560] ksys_read+0x12a/0x250 [ 605.224525][T13560] ? __pfx_ksys_read+0x10/0x10 [ 605.224551][T13560] ? fput+0x79/0x100 [ 605.224587][T13560] do_syscall_64+0xc9/0xf80 [ 605.224618][T13560] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 605.224642][T13560] RIP: 0033:0x7f975355b78e [ 605.224661][T13560] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 605.224681][T13560] RSP: 002b:00007f975441cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 605.224701][T13560] RAX: ffffffffffffffda RBX: 00007f975441d6c0 RCX: 00007f975355b78e [ 605.224710][T13560] RDX: 000000000000000f RSI: 00007f975441d0a0 RDI: 0000000000000005 [ 605.224718][T13560] RBP: 00007f975441d090 R08: 0000000000000000 R09: 0000000000000000 [ 605.224727][T13560] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 605.224735][T13560] R13: 00007f9753816038 R14: 00007f9753815fa0 R15: 00007ffe9663a9e8 [ 605.224753][T13560] [ 608.513306][T13610] NFSD: Failed to start, no listeners configured. [ 611.677481][T13666] futex_wake_op: syz.0.1794 tries to shift op by -2048; fix this program [ 611.726833][T13666] futex_wake_op: syz.0.1794 tries to shift op by -2048; fix this program [ 611.812284][T13666] 0x000000000001-0x000000020000 : "" [ 611.873290][T13666] ftl_cs: FTL header corrupt! [ 617.809385][T13768] random: crng reseeded on system resumption [ 620.567226][T13811] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1816'. [ 621.745138][T13823] usbip-vudc usbip-vudc.0: gadget not bound [ 625.558598][T13876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1828'. [ 629.693835][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 629.700462][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 629.954354][T13932] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1839'. [ 630.059294][T13938] netlink: 'syz.1.1837': attribute type 17 has an invalid length. [ 630.067418][T13938] netlink: 326 bytes leftover after parsing attributes in process `syz.1.1837'. [ 633.650020][T13981] ptp ptp0: only physical clock in use now [ 633.689591][T13983] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1849'. [ 634.140084][T14001] zram0: detected capacity change from 8 to 0 [ 635.857076][T14028] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1860'. [ 636.072999][ T30] audit: type=1326 audit(1770586962.748:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14029 comm="syz.2.1861" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efdc679aeb9 code=0x0 [ 637.201831][T14043] FAULT_INJECTION: forcing a failure. [ 637.201831][T14043] name failslab, interval 1, probability 0, space 0, times 0 [ 637.235658][T14043] CPU: 1 UID: 0 PID: 14043 Comm: syz.1.1864 Not tainted syzkaller #0 PREEMPT(full) [ 637.235692][T14043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 637.235702][T14043] Call Trace: [ 637.235708][T14043] [ 637.235714][T14043] dump_stack_lvl+0x100/0x190 [ 637.235736][T14043] should_fail_ex.cold+0x5/0xa [ 637.235759][T14043] should_failslab+0xc2/0x120 [ 637.235778][T14043] ? constrain_params_by_rules+0x175/0xcc0 [ 637.235797][T14043] __kmalloc_noprof+0xf6/0x9c0 [ 637.235811][T14043] ? kernel_text_address+0x8d/0x100 [ 637.235832][T14043] ? __kernel_text_address+0xd/0x30 [ 637.235856][T14043] ? constrain_params_by_rules+0x175/0xcc0 [ 637.235873][T14043] constrain_params_by_rules+0x175/0xcc0 [ 637.235896][T14043] ? stack_trace_save+0x8e/0xc0 [ 637.235913][T14043] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 637.235932][T14043] ? put_cpu_partial+0xfc/0x310 [ 637.235948][T14043] ? __kasan_kmalloc+0xaa/0xb0 [ 637.235964][T14043] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 637.235981][T14043] ? snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 637.235997][T14043] ? snd_pcm_oss_ioctl+0x1c08/0x3720 [ 637.236020][T14043] ? snd_interval_refine+0x2d0/0x580 [ 637.236034][T14043] snd_pcm_hw_refine+0x7e7/0xad0 [ 637.236056][T14043] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 637.236083][T14043] ? snd_interval_refine+0x2d0/0x580 [ 637.236098][T14043] snd_pcm_oss_change_params_locked+0xdb3/0x39f0 [ 637.236123][T14043] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 637.236139][T14043] ? __pfx___mutex_lock+0x10/0x10 [ 637.236156][T14043] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 637.236185][T14043] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 637.236205][T14043] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 637.236223][T14043] ? hook_file_ioctl_common+0x146/0x410 [ 637.236244][T14043] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 637.236263][T14043] ? __fget_files+0x21f/0x3d0 [ 637.236282][T14043] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 637.236300][T14043] __x64_sys_ioctl+0x18e/0x210 [ 637.236323][T14043] do_syscall_64+0xc9/0xf80 [ 637.236341][T14043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 637.236357][T14043] RIP: 0033:0x7f742d39aeb9 [ 637.236369][T14043] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 637.236382][T14043] RSP: 002b:00007f742e1a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 637.236397][T14043] RAX: ffffffffffffffda RBX: 00007f742d615fa0 RCX: 00007f742d39aeb9 [ 637.236406][T14043] RDX: 0000200000000200 RSI: 00000000c0045002 RDI: 0000000000000002 [ 637.236415][T14043] RBP: 00007f742e1a0090 R08: 0000000000000000 R09: 0000000000000000 [ 637.236423][T14043] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 637.236431][T14043] R13: 00007f742d616038 R14: 00007f742d615fa0 R15: 00007ffdccdf6a38 [ 637.236450][T14043] [ 639.292332][T14070] FAULT_INJECTION: forcing a failure. [ 639.292332][T14070] name failslab, interval 1, probability 0, space 0, times 0 [ 639.342639][T14070] CPU: 1 UID: 0 PID: 14070 Comm: syz.1.1871 Not tainted syzkaller #0 PREEMPT(full) [ 639.342676][T14070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 639.342692][T14070] Call Trace: [ 639.342701][T14070] [ 639.342711][T14070] dump_stack_lvl+0x100/0x190 [ 639.342750][T14070] should_fail_ex.cold+0x5/0xa [ 639.342794][T14070] should_failslab+0xc2/0x120 [ 639.342832][T14070] ? snd_pcm_plugin_build+0x434/0x650 [ 639.342868][T14070] __kmalloc_noprof+0xf6/0x9c0 [ 639.342908][T14070] ? snd_pcm_plugin_build+0x434/0x650 [ 639.342954][T14070] snd_pcm_plugin_build+0x434/0x650 [ 639.342991][T14070] ? snd_pcm_plugin_build+0x4b7/0x650 [ 639.343032][T14070] snd_pcm_plugin_build_rate+0x27c/0x760 [ 639.343076][T14070] ? __pfx_snd_pcm_plugin_build_rate+0x10/0x10 [ 639.343138][T14070] ? snd_pcm_hw_params+0x262/0x1cb0 [ 639.343187][T14070] snd_pcm_plug_format_plugins+0x788/0x1430 [ 639.343229][T14070] ? __pfx_snd_pcm_plug_format_plugins+0x10/0x10 [ 639.343274][T14070] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 639.343322][T14070] snd_pcm_oss_change_params_locked+0x2e3c/0x39f0 [ 639.343378][T14070] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 639.343415][T14070] ? __pfx___mutex_lock+0x10/0x10 [ 639.343450][T14070] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 639.343512][T14070] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 639.343556][T14070] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 639.343594][T14070] ? hook_file_ioctl_common+0x146/0x410 [ 639.343637][T14070] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 639.343675][T14070] ? __fget_files+0x21f/0x3d0 [ 639.343708][T14070] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 639.343746][T14070] __x64_sys_ioctl+0x18e/0x210 [ 639.343792][T14070] do_syscall_64+0xc9/0xf80 [ 639.343830][T14070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 639.343859][T14070] RIP: 0033:0x7f742d39aeb9 [ 639.343881][T14070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 639.343908][T14070] RSP: 002b:00007f742e1a0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 639.343936][T14070] RAX: ffffffffffffffda RBX: 00007f742d615fa0 RCX: 00007f742d39aeb9 [ 639.343955][T14070] RDX: 0000200000000200 RSI: 00000000c0045002 RDI: 0000000000000002 [ 639.343972][T14070] RBP: 00007f742d408c1f R08: 0000000000000000 R09: 0000000000000000 [ 639.343987][T14070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 639.344000][T14070] R13: 00007f742d616038 R14: 00007f742d615fa0 R15: 00007ffdccdf6a38 [ 639.344034][T14070] [ 642.435681][T14120] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1882'. [ 642.661720][T14124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1884'. [ 643.366757][T14122] FAULT_INJECTION: forcing a failure. [ 643.366757][T14122] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 643.380985][T14122] CPU: 0 UID: 0 PID: 14122 Comm: syz.1.1883 Not tainted syzkaller #0 PREEMPT(full) [ 643.381024][T14122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 643.381041][T14122] Call Trace: [ 643.381050][T14122] [ 643.381060][T14122] dump_stack_lvl+0x100/0x190 [ 643.381102][T14122] should_fail_ex.cold+0x5/0xa [ 643.381142][T14122] ? prepare_alloc_pages+0x16d/0x5f0 [ 643.381187][T14122] should_fail_alloc_page+0xeb/0x140 [ 643.381229][T14122] prepare_alloc_pages+0x1f0/0x5f0 [ 643.381270][T14122] ? kasan_save_track+0x14/0x30 [ 643.381309][T14122] __alloc_frozen_pages_noprof+0x193/0x2410 [ 643.381346][T14122] ? __lock_acquire+0x4a5/0x2630 [ 643.381391][T14122] ? __lock_acquire+0x4a5/0x2630 [ 643.381430][T14122] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 643.381479][T14122] ? find_held_lock+0x2b/0x80 [ 643.381505][T14122] ? is_bpf_text_address+0x8a/0x1a0 [ 643.381529][T14122] ? is_bpf_text_address+0x8a/0x1a0 [ 643.381555][T14122] ? bpf_ksym_find+0x124/0x1c0 [ 643.381589][T14122] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 643.381620][T14122] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 643.381653][T14122] ? policy_nodemask+0xed/0x4f0 [ 643.381694][T14122] alloc_pages_mpol+0x1fb/0x550 [ 643.381735][T14122] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 643.381785][T14122] alloc_pages_noprof+0x131/0x390 [ 643.381836][T14122] __pud_alloc+0x3b/0x760 [ 643.381870][T14122] copy_page_range+0x3fcf/0x6ba0 [ 643.381888][T14122] ? __lock_acquire+0x4a5/0x2630 [ 643.381910][T14122] ? __lock_acquire+0x4a5/0x2630 [ 643.381936][T14122] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 643.381954][T14122] ? __pfx_copy_page_range+0x10/0x10 [ 643.381975][T14122] ? mas_store+0x666/0xac0 [ 643.381997][T14122] ? __pfx_mas_store+0x10/0x10 [ 643.382026][T14122] dup_mmap+0xbea/0x1e20 [ 643.382049][T14122] ? __pfx_dup_mmap+0x10/0x10 [ 643.382075][T14122] copy_process+0x7451/0x7890 [ 643.382103][T14122] ? __pfx_copy_process+0x10/0x10 [ 643.382131][T14122] kernel_clone+0xfc/0x930 [ 643.382148][T14122] ? __pfx_futex_wait+0x10/0x10 [ 643.382161][T14122] ? lockdep_hardirqs_on+0x78/0x100 [ 643.382179][T14122] ? __pfx_kernel_clone+0x10/0x10 [ 643.382208][T14122] __do_sys_clone+0xd9/0x120 [ 643.382227][T14122] ? __pfx___do_sys_clone+0x10/0x10 [ 643.382245][T14122] ? find_held_lock+0x2b/0x80 [ 643.382266][T14122] ? xfd_validate_state+0x129/0x190 [ 643.382295][T14122] do_syscall_64+0xc9/0xf80 [ 643.382314][T14122] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.382329][T14122] RIP: 0033:0x7f742d39aeb9 [ 643.382341][T14122] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.382356][T14122] RSP: 002b:00007f742e19ffd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 643.382371][T14122] RAX: ffffffffffffffda RBX: 00007f742d615fa0 RCX: 00007f742d39aeb9 [ 643.382382][T14122] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 643.382392][T14122] RBP: 00007f742d408c1f R08: 0000000000000000 R09: 0000000000000000 [ 643.382401][T14122] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 643.382410][T14122] R13: 00007f742d616038 R14: 00007f742d615fa0 R15: 00007ffdccdf6a38 [ 643.382430][T14122] [ 643.429914][T14129] FAULT_INJECTION: forcing a failure. [ 643.429914][T14129] name failslab, interval 1, probability 0, space 0, times 0 [ 643.811932][T14129] CPU: 1 UID: 0 PID: 14129 Comm: syz.3.1885 Not tainted syzkaller #0 PREEMPT(full) [ 643.811966][T14129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 643.811975][T14129] Call Trace: [ 643.811981][T14129] [ 643.811987][T14129] dump_stack_lvl+0x100/0x190 [ 643.812012][T14129] should_fail_ex.cold+0x5/0xa [ 643.812036][T14129] should_failslab+0xc2/0x120 [ 643.812057][T14129] kmem_cache_alloc_noprof+0x83/0x780 [ 643.812076][T14129] ? __kernfs_new_node+0xd2/0x960 [ 643.812104][T14129] ? __kernfs_new_node+0xd2/0x960 [ 643.812122][T14129] __kernfs_new_node+0xd2/0x960 [ 643.812148][T14129] ? __pfx___kernfs_new_node+0x10/0x10 [ 643.812171][T14129] ? find_held_lock+0x2b/0x80 [ 643.812186][T14129] ? kernfs_root+0xee/0x2a0 [ 643.812204][T14129] ? kernfs_root+0xee/0x2a0 [ 643.812226][T14129] kernfs_new_node+0x11b/0x1a0 [ 643.812250][T14129] __kernfs_create_file+0x53/0x350 [ 643.812269][T14129] sysfs_add_file_mode_ns+0x207/0x3c0 [ 643.812291][T14129] internal_create_group+0x593/0xf40 [ 643.812316][T14129] ? __pfx_internal_create_group+0x10/0x10 [ 643.812339][T14129] ? kernfs_create_link+0x1bd/0x240 [ 643.812358][T14129] internal_create_groups+0x9d/0x150 [ 643.812379][T14129] device_add+0x71a/0x1950 [ 643.812400][T14129] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 643.812416][T14129] ? __pfx_device_add+0x10/0x10 [ 643.812435][T14129] ? lockdep_init_map_type+0x5c/0x250 [ 643.812455][T14129] ? __init_waitqueue_head+0xca/0x150 [ 643.812481][T14129] netdev_register_kobject+0x1a9/0x3d0 [ 643.812500][T14129] register_netdevice+0x12b3/0x21d0 [ 643.812518][T14129] ? __pfx_register_netdevice+0x10/0x10 [ 643.812537][T14129] __tun_chr_ioctl+0x1ded/0x47c0 [ 643.812558][T14129] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 643.812584][T14129] ? __pfx___tun_chr_ioctl+0x10/0x10 [ 643.812605][T14129] ? find_held_lock+0x2b/0x80 [ 643.812618][T14129] ? hook_file_ioctl_common+0x146/0x410 [ 643.812644][T14129] ? __fget_files+0x21f/0x3d0 [ 643.812670][T14129] ? __pfx_tun_chr_ioctl+0x10/0x10 [ 643.812709][T14129] __x64_sys_ioctl+0x18e/0x210 [ 643.812751][T14129] do_syscall_64+0xc9/0xf80 [ 643.812787][T14129] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 643.812815][T14129] RIP: 0033:0x7fa13259aeb9 [ 643.812837][T14129] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 643.812863][T14129] RSP: 002b:00007fa133456028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 643.812883][T14129] RAX: ffffffffffffffda RBX: 00007fa132815fa0 RCX: 00007fa13259aeb9 [ 643.812901][T14129] RDX: 0000000000000038 RSI: 00000000400454ca RDI: 0000000000000006 [ 643.812919][T14129] RBP: 00007fa132608c1f R08: 0000000000000000 R09: 0000000000000000 [ 643.812936][T14129] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 643.812952][T14129] R13: 00007fa132816038 R14: 00007fa132815fa0 R15: 00007ffe06163328 [ 643.812988][T14129] [ 645.290001][T14155] bond0: option all_slaves_active: invalid value () [ 646.635604][T14184] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 647.352940][T14199] vivid-007: ================= START STATUS ================= [ 647.360986][T14199] vivid-007: Generate PTS: true [ 647.415101][T14199] vivid-007: Generate SCR: true [ 647.420965][T14199] tpg source WxH: 320x240 (Y'CbCr) [ 647.431347][T14199] tpg field: 1 [ 647.435378][T14199] tpg crop: (0,0)/320x240 [ 647.439800][T14199] tpg compose: (0,0)/320x240 [ 647.494161][T14199] tpg colorspace: 8 [ 647.501522][T14199] tpg transfer function: 0/0 [ 647.543776][T14199] tpg Y'CbCr encoding: 0/0 [ 647.556862][T14199] tpg quantization: 0/0 [ 647.574099][T14199] tpg RGB range: 0/2 [ 647.610426][T14199] vivid-007: ================== END STATUS ================== [ 649.395737][T14231] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1912'. [ 652.607667][T14285] FAULT_INJECTION: forcing a failure. [ 652.607667][T14285] name failslab, interval 1, probability 0, space 0, times 0 [ 652.675360][T14285] CPU: 0 UID: 0 PID: 14285 Comm: syz.0.1922 Not tainted syzkaller #0 PREEMPT(full) [ 652.675382][T14285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 652.675391][T14285] Call Trace: [ 652.675397][T14285] [ 652.675403][T14285] dump_stack_lvl+0x100/0x190 [ 652.675425][T14285] should_fail_ex.cold+0x5/0xa [ 652.675448][T14285] should_failslab+0xc2/0x120 [ 652.675467][T14285] __kmalloc_cache_noprof+0x80/0x810 [ 652.675483][T14285] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 652.675504][T14285] ? snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 652.675521][T14285] snd_pcm_hw_param_near.constprop.0+0xbc/0x850 [ 652.675547][T14285] ? __pfx_snd_pcm_hw_param_near.constprop.0+0x10/0x10 [ 652.675570][T14285] snd_pcm_oss_change_params_locked+0xa40/0x39f0 [ 652.675595][T14285] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 652.675612][T14285] ? __pfx___mutex_lock+0x10/0x10 [ 652.675628][T14285] ? snd_pcm_oss_ioctl+0x1bbb/0x3720 [ 652.675658][T14285] snd_pcm_oss_get_active_substream+0x175/0x1d0 [ 652.675678][T14285] snd_pcm_oss_ioctl+0x1c08/0x3720 [ 652.675696][T14285] ? hook_file_ioctl_common+0x146/0x410 [ 652.675718][T14285] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 652.675736][T14285] ? __fget_files+0x21f/0x3d0 [ 652.675754][T14285] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 652.675772][T14285] __x64_sys_ioctl+0x18e/0x210 [ 652.675795][T14285] do_syscall_64+0xc9/0xf80 [ 652.675813][T14285] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 652.675828][T14285] RIP: 0033:0x7f975359aeb9 [ 652.675840][T14285] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 652.675854][T14285] RSP: 002b:00007f97543fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 652.675868][T14285] RAX: ffffffffffffffda RBX: 00007f9753816090 RCX: 00007f975359aeb9 [ 652.675877][T14285] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000005 [ 652.675885][T14285] RBP: 00007f97543fc090 R08: 0000000000000000 R09: 0000000000000000 [ 652.675894][T14285] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 652.675902][T14285] R13: 00007f9753816128 R14: 00007f9753816090 R15: 00007ffe9663a9e8 [ 652.675921][T14285] [ 654.841309][T14316] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1929'. [ 657.962879][T14360] Invalid ELF header magic: != ELF [ 661.691543][T14407] block nbd2: not configured, cannot reconfigure [ 663.418319][T14454] FAULT_INJECTION: forcing a failure. [ 663.418319][T14454] name failslab, interval 1, probability 0, space 0, times 0 [ 663.431383][T14454] CPU: 1 UID: 0 PID: 14454 Comm: syz.2.1963 Not tainted syzkaller #0 PREEMPT(full) [ 663.431420][T14454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 663.431436][T14454] Call Trace: [ 663.431445][T14454] [ 663.431455][T14454] dump_stack_lvl+0x100/0x190 [ 663.431497][T14454] should_fail_ex.cold+0x5/0xa [ 663.431557][T14454] should_failslab+0xc2/0x120 [ 663.431600][T14454] kmem_cache_alloc_noprof+0x83/0x780 [ 663.431635][T14454] ? __proc_create+0xc2/0x8c0 [ 663.431675][T14454] ? __proc_create+0x2cb/0x8c0 [ 663.431723][T14454] ? __proc_create+0x2cb/0x8c0 [ 663.431764][T14454] __proc_create+0x2cb/0x8c0 [ 663.431807][T14454] ? __pfx___proc_create+0x10/0x10 [ 663.431855][T14454] ? _raw_write_unlock+0x28/0x50 [ 663.431895][T14454] ? proc_register+0x559/0x8a0 [ 663.431926][T14454] proc_create_reg+0x75/0x170 [ 663.431956][T14454] proc_create_data+0x86/0x110 [ 663.431983][T14454] ? __pfx_proc_create_data+0x10/0x10 [ 663.432010][T14454] ? cache_register_net+0x137/0x5e0 [ 663.432051][T14454] ? cache_register_net+0x137/0x5e0 [ 663.432108][T14454] cache_register_net+0x25a/0x5e0 [ 663.432155][T14454] nfsd_idmap_init+0xb6/0x250 [ 663.432187][T14454] ? __pfx_nfsd_net_init+0x10/0x10 [ 663.432227][T14454] nfsd_net_init+0x69/0x3d0 [ 663.432277][T14454] ? __pfx_nfsd_net_init+0x10/0x10 [ 663.432314][T14454] ops_init+0x1e2/0x5f0 [ 663.432358][T14454] setup_net+0x118/0x3a0 [ 663.432382][T14454] ? __pfx_setup_net+0x10/0x10 [ 663.432402][T14454] ? lockdep_init_map_type+0x5c/0x250 [ 663.432439][T14454] ? mutex_init_lockep+0x110/0x150 [ 663.432481][T14454] copy_net_ns+0x46f/0x7c0 [ 663.432509][T14454] create_new_namespaces+0x3ea/0xab0 [ 663.432548][T14454] copy_namespaces+0x468/0x5e0 [ 663.432580][T14454] copy_process+0x32d5/0x7890 [ 663.432631][T14454] ? __pfx_copy_process+0x10/0x10 [ 663.432681][T14454] kernel_clone+0xfc/0x930 [ 663.432712][T14454] ? __pfx_futex_wait+0x10/0x10 [ 663.432740][T14454] ? __pfx_kernel_clone+0x10/0x10 [ 663.432796][T14454] __do_sys_clone+0xd9/0x120 [ 663.432834][T14454] ? __pfx___do_sys_clone+0x10/0x10 [ 663.432871][T14454] ? __fget_files+0x21f/0x3d0 [ 663.432915][T14454] ? xfd_validate_state+0x129/0x190 [ 663.432965][T14454] do_syscall_64+0xc9/0xf80 [ 663.433002][T14454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 663.433030][T14454] RIP: 0033:0x7efdc679aeb9 [ 663.433053][T14454] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 663.433080][T14454] RSP: 002b:00007efdc7617fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 663.433119][T14454] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 663.433137][T14454] RDX: 0000000000000000 RSI: 0000000000000900 RDI: 0000000040180211 [ 663.433153][T14454] RBP: 00007efdc6808c1f R08: 0000000000000000 R09: 0000000000000000 [ 663.433169][T14454] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 663.433185][T14454] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 663.433221][T14454] [ 664.333401][T14469] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1968'. [ 665.082549][T14481] random: crng reseeded on system resumption [ 667.701387][T14511] zswap: compressor not available [ 668.364459][T14526] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1979'. [ 668.864392][ T30] audit: type=1804 audit(1770586995.548:11): pid=14533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1981" name="/newroot/sys/kernel/debug/tracing/set_event" dev="tracefs" ino=1065 res=1 errno=0 [ 673.060528][T14584] hub 1-0:1.0: USB hub found [ 673.093671][T14584] hub 1-0:1.0: 1 port detected [ 673.396751][T14590] FAULT_INJECTION: forcing a failure. [ 673.396751][T14590] name failslab, interval 1, probability 0, space 0, times 0 [ 673.430709][T14590] CPU: 0 UID: 0 PID: 14590 Comm: syz.2.1991 Not tainted syzkaller #0 PREEMPT(full) [ 673.430748][T14590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 673.430764][T14590] Call Trace: [ 673.430773][T14590] [ 673.430784][T14590] dump_stack_lvl+0x100/0x190 [ 673.430827][T14590] should_fail_ex.cold+0x5/0xa [ 673.430881][T14590] should_failslab+0xc2/0x120 [ 673.430922][T14590] kmem_cache_alloc_noprof+0x83/0x780 [ 673.430960][T14590] ? __proc_create+0xc2/0x8c0 [ 673.431002][T14590] ? __proc_create+0x2cb/0x8c0 [ 673.431050][T14590] ? __proc_create+0x2cb/0x8c0 [ 673.431091][T14590] __proc_create+0x2cb/0x8c0 [ 673.431148][T14590] ? __pfx___proc_create+0x10/0x10 [ 673.431197][T14590] ? _raw_write_unlock+0x28/0x50 [ 673.431228][T14590] ? proc_register+0x559/0x8a0 [ 673.431258][T14590] proc_create_reg+0x75/0x170 [ 673.431294][T14590] proc_create_data+0x86/0x110 [ 673.431321][T14590] ? __pfx_proc_create_data+0x10/0x10 [ 673.431349][T14590] ? cache_register_net+0x137/0x5e0 [ 673.431393][T14590] ? cache_register_net+0x137/0x5e0 [ 673.431443][T14590] cache_register_net+0x25a/0x5e0 [ 673.431489][T14590] nfsd_idmap_init+0xb6/0x250 [ 673.431520][T14590] ? __pfx_nfsd_net_init+0x10/0x10 [ 673.431559][T14590] nfsd_net_init+0x69/0x3d0 [ 673.431601][T14590] ? __pfx_nfsd_net_init+0x10/0x10 [ 673.431638][T14590] ops_init+0x1e2/0x5f0 [ 673.431680][T14590] setup_net+0x118/0x3a0 [ 673.431702][T14590] ? __pfx_setup_net+0x10/0x10 [ 673.431722][T14590] ? lockdep_init_map_type+0x5c/0x250 [ 673.431765][T14590] ? mutex_init_lockep+0x110/0x150 [ 673.431811][T14590] copy_net_ns+0x46f/0x7c0 [ 673.431844][T14590] create_new_namespaces+0x3ea/0xab0 [ 673.431884][T14590] copy_namespaces+0x468/0x5e0 [ 673.431919][T14590] copy_process+0x32d5/0x7890 [ 673.431972][T14590] ? __pfx_copy_process+0x10/0x10 [ 673.432026][T14590] kernel_clone+0xfc/0x930 [ 673.432061][T14590] ? __pfx_futex_wait+0x10/0x10 [ 673.432090][T14590] ? __pfx_kernel_clone+0x10/0x10 [ 673.432146][T14590] __do_sys_clone+0xd9/0x120 [ 673.432183][T14590] ? __pfx___do_sys_clone+0x10/0x10 [ 673.432220][T14590] ? __fget_files+0x21f/0x3d0 [ 673.432263][T14590] ? xfd_validate_state+0x129/0x190 [ 673.432330][T14590] do_syscall_64+0xc9/0xf80 [ 673.432369][T14590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 673.432398][T14590] RIP: 0033:0x7efdc679aeb9 [ 673.432421][T14590] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 673.432448][T14590] RSP: 002b:00007efdc75f6fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 673.432476][T14590] RAX: ffffffffffffffda RBX: 00007efdc6a16090 RCX: 00007efdc679aeb9 [ 673.432495][T14590] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 673.432511][T14590] RBP: 00007efdc6808c1f R08: 0000000000000000 R09: 0000000000000000 [ 673.432527][T14590] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 673.432543][T14590] R13: 00007efdc6a16128 R14: 00007efdc6a16090 R15: 00007ffc5f74ab38 [ 673.432581][T14590] [ 675.103247][T14609] NFSD: Failed to start, no listeners configured. [ 675.892241][T14613] sp0: Synchronizing with TNC [ 676.649111][T14628] random: crng reseeded on system resumption [ 679.201091][T14668] binder: 14667:14668 ioctl c018620c 0 returned -1 [ 679.233123][T14668] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2008'. [ 679.998124][T14674] sp0: Synchronizing with TNC [ 681.220395][ T30] audit: type=1804 audit(1770587007.898:12): pid=14699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.2017" name="/newroot/sys/kernel/tracing/set_event" dev="tracefs" ino=1065 res=1 errno=0 [ 681.280021][T14699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2017'. [ 681.734272][T14708] vhci_hcd vhci_hcd.2: invalid port number 16 [ 681.756287][T14708] vhci_hcd vhci_hcd.2: invalid port number 16 [ 683.036207][T14728] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2022'. [ 684.964492][T14757] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2029'. [ 687.208826][T14790] FAULT_INJECTION: forcing a failure. [ 687.208826][T14790] name failslab, interval 1, probability 0, space 0, times 0 [ 687.221629][T14790] CPU: 1 UID: 0 PID: 14790 Comm: syz.0.2034 Not tainted syzkaller #0 PREEMPT(full) [ 687.221663][T14790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 687.221677][T14790] Call Trace: [ 687.221685][T14790] [ 687.221694][T14790] dump_stack_lvl+0x100/0x190 [ 687.221730][T14790] should_fail_ex.cold+0x5/0xa [ 687.221772][T14790] should_failslab+0xc2/0x120 [ 687.221808][T14790] __kmalloc_cache_noprof+0x80/0x810 [ 687.221836][T14790] ? __thp_vma_allowable_orders+0x1c8/0xcd0 [ 687.221873][T14790] ? madvise_collapse+0x1a9/0xa30 [ 687.221917][T14790] ? madvise_collapse+0x1a9/0xa30 [ 687.221953][T14790] madvise_collapse+0x1a9/0xa30 [ 687.221993][T14790] ? is_bpf_text_address+0x8a/0x1a0 [ 687.222016][T14790] ? is_bpf_text_address+0x8a/0x1a0 [ 687.222039][T14790] ? __pfx_madvise_collapse+0x10/0x10 [ 687.222083][T14790] ? mtree_range_walk+0x6ce/0xcd0 [ 687.222109][T14790] madvise_vma_behavior+0x14f7/0x2a40 [ 687.222147][T14790] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 687.222189][T14790] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 687.222225][T14790] ? mas_prev+0x9b/0xf0 [ 687.222255][T14790] ? __pfx_mas_prev+0x10/0x10 [ 687.222295][T14790] ? find_vma_prev+0xd8/0x150 [ 687.222332][T14790] ? __pfx_find_vma_prev+0x10/0x10 [ 687.222367][T14790] ? __pfx__kstrtoull+0x10/0x10 [ 687.222414][T14790] madvise_walk_vmas+0x2fe/0xa90 [ 687.222458][T14790] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 687.222507][T14790] madvise_do_behavior+0x1ea/0x510 [ 687.222548][T14790] ? __pfx_madvise_do_behavior+0x10/0x10 [ 687.222589][T14790] ? down_read+0x13b/0x460 [ 687.222639][T14790] do_madvise+0x195/0x240 [ 687.222677][T14790] ? __pfx_do_madvise+0x10/0x10 [ 687.222712][T14790] ? __mutex_unlock_slowpath+0x15c/0x790 [ 687.222768][T14790] ? ksys_write+0x1ac/0x250 [ 687.222797][T14790] ? __pfx_ksys_write+0x10/0x10 [ 687.222825][T14790] ? do_user_addr_fault+0x8d6/0x12f0 [ 687.222858][T14790] __x64_sys_madvise+0xa9/0x110 [ 687.222896][T14790] ? lockdep_hardirqs_on+0x78/0x100 [ 687.222926][T14790] do_syscall_64+0xc9/0xf80 [ 687.222959][T14790] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.222984][T14790] RIP: 0033:0x7f975359aeb9 [ 687.223005][T14790] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 687.223029][T14790] RSP: 002b:00007f97543ba028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 687.223054][T14790] RAX: ffffffffffffffda RBX: 00007f9753816270 RCX: 00007f975359aeb9 [ 687.223071][T14790] RDX: 0000000000000019 RSI: 0000000000200007 RDI: 0000000000000000 [ 687.223085][T14790] RBP: 00007f97543ba090 R08: 0000000000000000 R09: 0000000000000000 [ 687.223101][T14790] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 687.223116][T14790] R13: 00007f9753816308 R14: 00007f9753816270 R15: 00007ffe9663a9e8 [ 687.223158][T14790] [ 687.920670][T14801] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2037'. [ 689.639009][T14823] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input23 [ 690.688446][T14820] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 691.132109][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.144445][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 691.882344][T14862] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2049'. [ 693.072163][T14874] sp0: Synchronizing with TNC [ 694.111656][T14892] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2055'. [ 695.058954][T14906] FAULT_INJECTION: forcing a failure. [ 695.058954][T14906] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 695.106685][T14906] CPU: 1 UID: 0 PID: 14906 Comm: syz.0.2059 Not tainted syzkaller #0 PREEMPT(full) [ 695.106719][T14906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 695.106734][T14906] Call Trace: [ 695.106742][T14906] [ 695.106759][T14906] dump_stack_lvl+0x100/0x190 [ 695.106795][T14906] should_fail_ex.cold+0x5/0xa [ 695.106830][T14906] ? prepare_alloc_pages+0x16d/0x5f0 [ 695.106871][T14906] should_fail_alloc_page+0xeb/0x140 [ 695.106909][T14906] prepare_alloc_pages+0x1f0/0x5f0 [ 695.106945][T14906] ? rcu_is_watching+0x12/0xc0 [ 695.106975][T14906] __alloc_frozen_pages_noprof+0x193/0x2410 [ 695.107007][T14906] ? kasan_save_track+0x14/0x30 [ 695.107043][T14906] ? kasan_save_stack+0x3f/0x50 [ 695.107084][T14906] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 695.107119][T14906] ? look_up_lock_class+0x64/0x120 [ 695.107159][T14906] ? lock_acquire+0x17c/0x330 [ 695.107193][T14906] ? find_held_lock+0x2b/0x80 [ 695.107217][T14906] ? page_table_check_set+0x49a/0xa10 [ 695.107247][T14906] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 695.107278][T14906] ? policy_nodemask+0xed/0x4f0 [ 695.107317][T14906] alloc_pages_mpol+0x1fb/0x550 [ 695.107353][T14906] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 695.107386][T14906] ? __page_table_check_ptes_set+0x1b5/0x4e0 [ 695.107427][T14906] folio_alloc_mpol_noprof+0x36/0x340 [ 695.107469][T14906] vma_alloc_folio_noprof+0xed/0x1d0 [ 695.107508][T14906] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 695.107558][T14906] do_anonymous_page+0xb10/0x1f40 [ 695.107599][T14906] __handle_mm_fault+0x1d3a/0x2b50 [ 695.107637][T14906] ? __pfx___handle_mm_fault+0x10/0x10 [ 695.107668][T14906] ? __pte_offset_map_lock+0x174/0x320 [ 695.107707][T14906] ? find_held_lock+0x2b/0x80 [ 695.107745][T14906] ? follow_page_pte+0x5b4/0x1410 [ 695.107796][T14906] handle_mm_fault+0x36d/0xa20 [ 695.107831][T14906] __get_user_pages+0xf9c/0x34d0 [ 695.107883][T14906] ? __pfx___get_user_pages+0x10/0x10 [ 695.107931][T14906] populate_vma_page_range+0x267/0x3f0 [ 695.107972][T14906] ? __pfx_populate_vma_page_range+0x10/0x10 [ 695.108011][T14906] ? __pfx_find_vma_intersection+0x10/0x10 [ 695.108048][T14906] ? do_mmap+0x93f/0x12f0 [ 695.108089][T14906] __mm_populate+0x107/0x3a0 [ 695.108111][T14906] ? __pfx___mm_populate+0x10/0x10 [ 695.108149][T14906] ? up_write+0x290/0x4f0 [ 695.108186][T14906] vm_mmap_pgoff+0x37f/0x470 [ 695.108227][T14906] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 695.108267][T14906] ? __fget_files+0x21f/0x3d0 [ 695.108306][T14906] ksys_mmap_pgoff+0x7d/0x5b0 [ 695.108341][T14906] ? __pfx_ksys_write+0x10/0x10 [ 695.108374][T14906] __x64_sys_mmap+0x125/0x190 [ 695.108404][T14906] do_syscall_64+0xc9/0xf80 [ 695.108438][T14906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 695.108464][T14906] RIP: 0033:0x7f975359aeb9 [ 695.108485][T14906] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 695.108508][T14906] RSP: 002b:00007f975441d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 695.108533][T14906] RAX: ffffffffffffffda RBX: 00007f9753815fa0 RCX: 00007f975359aeb9 [ 695.108551][T14906] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 695.108565][T14906] RBP: 00007f975441d090 R08: 0000000000000002 R09: 0000000000008000 [ 695.108579][T14906] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000002 [ 695.108591][T14906] R13: 00007f9753816038 R14: 00007f9753815fa0 R15: 00007ffe9663a9e8 [ 695.108623][T14906] [ 696.330470][T14918] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2062'. [ 696.339626][ T30] audit: type=1800 audit(1770587023.008:13): pid=14918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2062" name="dbroot" dev="configfs" ino=67089 res=0 errno=0 [ 696.448727][T14918] team0: Port device team_slave_1 removed [ 696.847965][T14935] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2068'. [ 697.999851][T14964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2073'. [ 698.300101][T14963] FAULT_INJECTION: forcing a failure. [ 698.300101][T14963] name failslab, interval 1, probability 0, space 0, times 0 [ 698.353858][T14963] CPU: 1 UID: 0 PID: 14963 Comm: syz.2.2074 Not tainted syzkaller #0 PREEMPT(full) [ 698.353895][T14963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 698.353910][T14963] Call Trace: [ 698.353918][T14963] [ 698.353927][T14963] dump_stack_lvl+0x100/0x190 [ 698.353964][T14963] should_fail_ex.cold+0x5/0xa [ 698.354010][T14963] should_failslab+0xc2/0x120 [ 698.354047][T14963] __kmalloc_cache_noprof+0x80/0x810 [ 698.354077][T14963] ? lockdep_hardirqs_on+0x78/0x100 [ 698.354109][T14963] ? nfs_netns_sysfs_setup+0x55/0x200 [ 698.354153][T14963] ? nfs_netns_sysfs_setup+0x55/0x200 [ 698.354190][T14963] nfs_netns_sysfs_setup+0x55/0x200 [ 698.354254][T14963] nfs_net_init+0x10a/0x340 [ 698.354291][T14963] ? __pfx_nfs_net_init+0x10/0x10 [ 698.354324][T14963] ops_init+0x1e2/0x5f0 [ 698.354371][T14963] setup_net+0x118/0x3a0 [ 698.354398][T14963] ? __pfx_setup_net+0x10/0x10 [ 698.354420][T14963] ? lockdep_init_map_type+0x5c/0x250 [ 698.354459][T14963] ? mutex_init_lockep+0x110/0x150 [ 698.354503][T14963] copy_net_ns+0x46f/0x7c0 [ 698.354535][T14963] create_new_namespaces+0x3ea/0xab0 [ 698.354575][T14963] copy_namespaces+0x468/0x5e0 [ 698.354608][T14963] copy_process+0x32d5/0x7890 [ 698.354661][T14963] ? __pfx_copy_process+0x10/0x10 [ 698.354699][T14963] ? find_held_lock+0x2b/0x80 [ 698.354742][T14963] kernel_clone+0xfc/0x930 [ 698.354777][T14963] ? __pfx_futex_wait+0x10/0x10 [ 698.354806][T14963] ? __pfx_kernel_clone+0x10/0x10 [ 698.354857][T14963] __do_sys_clone+0xd9/0x120 [ 698.354895][T14963] ? __pfx___do_sys_clone+0x10/0x10 [ 698.354933][T14963] ? __fget_files+0x21f/0x3d0 [ 698.354976][T14963] ? xfd_validate_state+0x129/0x190 [ 698.355033][T14963] do_syscall_64+0xc9/0xf80 [ 698.355070][T14963] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 698.355099][T14963] RIP: 0033:0x7efdc679aeb9 [ 698.355122][T14963] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 698.355149][T14963] RSP: 002b:00007efdc7617fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 698.355178][T14963] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 698.355206][T14963] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040180211 [ 698.355224][T14963] RBP: 00007efdc6808c1f R08: 0000000000000000 R09: 0000000000000000 [ 698.355242][T14963] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 698.355259][T14963] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 698.355299][T14963] [ 698.725219][T14975] netlink: set zone limit has 8 unknown bytes [ 700.678895][T11181] smpboot: CPU 1 is now offline [ 701.355505][T15014] cgroup: fork rejected by pids controller in /syz1 [ 701.611451][T15054] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2088'. [ 702.985615][T15074] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input25 [ 703.037397][T15074] FAULT_INJECTION: forcing a failure. [ 703.037397][T15074] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 703.087251][T15074] CPU: 0 UID: 0 PID: 15074 Comm: syz.3.2093 Not tainted syzkaller #0 PREEMPT(full) [ 703.087274][T15074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 703.087286][T15074] Call Trace: [ 703.087291][T15074] [ 703.087297][T15074] dump_stack_lvl+0x100/0x190 [ 703.087319][T15074] should_fail_ex.cold+0x5/0xa [ 703.087345][T15074] _copy_from_user+0x2e/0xd0 [ 703.087366][T15074] input_event_from_user+0xb9/0x290 [ 703.087403][T15074] ? __pfx_input_event_from_user+0x10/0x10 [ 703.087422][T15074] ? __pfx___might_resched+0x10/0x10 [ 703.087443][T15074] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 703.087459][T15074] ? input_event+0xbb/0xd0 [ 703.087477][T15074] uinput_write+0xb9f/0xf60 [ 703.087500][T15074] ? common_file_perm+0x1ab/0x4f0 [ 703.087521][T15074] ? __pfx_uinput_write+0x10/0x10 [ 703.087542][T15074] ? bpf_lsm_file_permission+0x9/0x10 [ 703.087561][T15074] ? security_file_permission+0x76/0x210 [ 703.087583][T15074] ? rw_verify_area+0xce/0x6d0 [ 703.087597][T15074] ? __pfx_uinput_write+0x10/0x10 [ 703.087616][T15074] vfs_writev+0x5ea/0xe10 [ 703.087629][T15074] ? get_pid_task+0x106/0x250 [ 703.087651][T15074] ? __pfx_vfs_writev+0x10/0x10 [ 703.087666][T15074] ? find_held_lock+0x2b/0x80 [ 703.087691][T15074] ? __fget_files+0x21f/0x3d0 [ 703.087711][T15074] ? do_writev+0x28a/0x340 [ 703.087723][T15074] do_writev+0x28a/0x340 [ 703.087738][T15074] ? __pfx_do_writev+0x10/0x10 [ 703.087757][T15074] do_syscall_64+0xc9/0xf80 [ 703.087776][T15074] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.087790][T15074] RIP: 0033:0x7fa13259aeb9 [ 703.087801][T15074] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 703.087816][T15074] RSP: 002b:00007fa133456028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 703.087833][T15074] RAX: ffffffffffffffda RBX: 00007fa132815fa0 RCX: 00007fa13259aeb9 [ 703.087842][T15074] RDX: 0000000000000009 RSI: 0000200000000340 RDI: 0000000000000003 [ 703.087916][T15074] RBP: 00007fa133456090 R08: 0000000000000000 R09: 0000000000000000 [ 703.087924][T15074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 703.087932][T15074] R13: 00007fa132816038 R14: 00007fa132815fa0 R15: 00007ffe06163328 [ 703.087951][T15074] [ 707.822766][T15108] netlink: 472 bytes leftover after parsing attributes in process `syz.2.2100'. [ 708.370595][T15108] FAULT_INJECTION: forcing a failure. [ 708.370595][T15108] name failslab, interval 1, probability 0, space 0, times 0 [ 708.404274][T15108] CPU: 0 UID: 0 PID: 15108 Comm: syz.2.2100 Not tainted syzkaller #0 PREEMPT(full) [ 708.404295][T15108] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 708.404304][T15108] Call Trace: [ 708.404309][T15108] [ 708.404315][T15108] dump_stack_lvl+0x100/0x190 [ 708.404336][T15108] should_fail_ex.cold+0x5/0xa [ 708.404356][T15108] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 708.404372][T15108] should_failslab+0xc2/0x120 [ 708.404391][T15108] kmem_cache_alloc_noprof+0x83/0x780 [ 708.404409][T15108] ? skb_clone+0x190/0x400 [ 708.404432][T15108] ? skb_clone+0x190/0x400 [ 708.404449][T15108] skb_clone+0x190/0x400 [ 708.404476][T15108] netlink_deliver_tap+0xaed/0xcc0 [ 708.404501][T15108] netlink_unicast+0x70c/0x870 [ 708.404525][T15108] ? __pfx_netlink_unicast+0x10/0x10 [ 708.404546][T15108] ? genl_rcv_msg+0x4be/0x800 [ 708.404565][T15108] netlink_ack+0x655/0xb80 [ 708.404583][T15108] netlink_rcv_skb+0x333/0x420 [ 708.404595][T15108] ? __pfx_genl_rcv_msg+0x10/0x10 [ 708.404611][T15108] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 708.404631][T15108] ? netlink_deliver_tap+0x1ae/0xcc0 [ 708.404654][T15108] genl_rcv+0x28/0x40 [ 708.404666][T15108] netlink_unicast+0x5aa/0x870 [ 708.404689][T15108] ? __pfx_netlink_unicast+0x10/0x10 [ 708.404709][T15108] ? __pfx___might_resched+0x10/0x10 [ 708.404730][T15108] ? __lock_acquire+0x4a5/0x2630 [ 708.404754][T15108] netlink_sendmsg+0x8b0/0xda0 [ 708.404777][T15108] ? __pfx_netlink_sendmsg+0x10/0x10 [ 708.404797][T15108] ? __import_iovec+0x1d2/0x640 [ 708.404819][T15108] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 708.404839][T15108] ____sys_sendmsg+0xa54/0xc30 [ 708.404857][T15108] ? __pfx_____sys_sendmsg+0x10/0x10 [ 708.404880][T15108] ___sys_sendmsg+0x190/0x1e0 [ 708.404897][T15108] ? __pfx____sys_sendmsg+0x10/0x10 [ 708.404922][T15108] ? find_held_lock+0x2b/0x80 [ 708.404947][T15108] __sys_sendmsg+0x170/0x220 [ 708.404968][T15108] ? __pfx___sys_sendmsg+0x10/0x10 [ 708.404999][T15108] do_syscall_64+0xc9/0xf80 [ 708.405018][T15108] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.405032][T15108] RIP: 0033:0x7efdc679aeb9 [ 708.405044][T15108] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 708.405058][T15108] RSP: 002b:00007efdc7618028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 708.405072][T15108] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 708.405081][T15108] RDX: 0000000020000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 708.405090][T15108] RBP: 00007efdc7618090 R08: 0000000000000000 R09: 0000000000000000 [ 708.405098][T15108] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 708.405106][T15108] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 708.405125][T15108] [ 711.062167][T15132] input: jJǸ-9%vJ86 as /devices/virtual/input/input26 [ 712.118165][T15146] FAULT_INJECTION: forcing a failure. [ 712.118165][T15146] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 712.167982][T15146] CPU: 0 UID: 0 PID: 15146 Comm: syz.0.2107 Not tainted syzkaller #0 PREEMPT(full) [ 712.168004][T15146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 712.168016][T15146] Call Trace: [ 712.168022][T15146] [ 712.168028][T15146] dump_stack_lvl+0x100/0x190 [ 712.168050][T15146] should_fail_ex.cold+0x5/0xa [ 712.168072][T15146] _copy_from_user+0x2e/0xd0 [ 712.168109][T15146] vt_ioctl+0x249f/0x31a0 [ 712.168128][T15146] ? __pfx_vt_ioctl+0x10/0x10 [ 712.168142][T15146] ? tomoyo_path_number_perm+0x28f/0x580 [ 712.168162][T15146] ? tomoyo_path_number_perm+0x28f/0x580 [ 712.168184][T15146] ? tomoyo_path_number_perm+0x188/0x580 [ 712.168204][T15146] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 712.168226][T15146] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 712.168243][T15146] ? tty_jobctrl_ioctl+0x152/0xce0 [ 712.168259][T15146] ? __pfx_vt_ioctl+0x10/0x10 [ 712.168274][T15146] tty_ioctl+0x26a/0x1690 [ 712.168295][T15146] ? __pfx_tty_ioctl+0x10/0x10 [ 712.168319][T15146] ? find_held_lock+0x2b/0x80 [ 712.168332][T15146] ? hook_file_ioctl_common+0x146/0x410 [ 712.168361][T15146] ? __fget_files+0x21f/0x3d0 [ 712.168379][T15146] ? __pfx_tty_ioctl+0x10/0x10 [ 712.168399][T15146] __x64_sys_ioctl+0x18e/0x210 [ 712.168421][T15146] do_syscall_64+0xc9/0xf80 [ 712.168441][T15146] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 712.168455][T15146] RIP: 0033:0x7f975359aeb9 [ 712.168466][T15146] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 712.168480][T15146] RSP: 002b:00007f975441d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 712.168494][T15146] RAX: ffffffffffffffda RBX: 00007f9753815fa0 RCX: 00007f975359aeb9 [ 712.168503][T15146] RDX: 0000000000000009 RSI: 000000000000560a RDI: 000000000000000a [ 712.168511][T15146] RBP: 00007f975441d090 R08: 0000000000000000 R09: 0000000000000000 [ 712.168519][T15146] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 712.168528][T15146] R13: 00007f9753816038 R14: 00007f9753815fa0 R15: 00007ffe9663a9e8 [ 712.168546][T15146] [ 714.039256][T15163] kvm: kvm [15162]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000012) [ 714.689022][T15171] NFSD: Failed to start, no listeners configured. [ 716.397349][T15186] random: crng reseeded on system resumption [ 717.944684][T15208] netlink: 'syz.0.2129': attribute type 1 has an invalid length. [ 719.533937][T15241] netlink: set zone limit has 8 unknown bytes [ 719.938035][T15244] zswap: compressor not available [ 719.951396][T15034] syz.1.2084 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 720.663032][T15034] CPU: 0 UID: 0 PID: 15034 Comm: syz.1.2084 Not tainted syzkaller #0 PREEMPT(full) [ 720.663054][T15034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 720.663062][T15034] Call Trace: [ 720.663067][T15034] [ 720.663074][T15034] dump_stack_lvl+0x100/0x190 [ 720.663096][T15034] dump_header+0xfb/0x606 [ 720.663111][T15034] oom_kill_process.cold+0xd/0x321 [ 720.663127][T15034] out_of_memory+0x340/0x14f0 [ 720.663149][T15034] ? __pfx_out_of_memory+0x10/0x10 [ 720.663171][T15034] mem_cgroup_out_of_memory+0xc6/0x130 [ 720.663187][T15034] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 720.663200][T15034] ? find_held_lock+0x2b/0x80 [ 720.663217][T15034] ? do_raw_spin_unlock+0x145/0x1e0 [ 720.663238][T15034] ? _raw_spin_unlock+0x28/0x50 [ 720.663254][T15034] try_charge_memcg+0x652/0xc90 [ 720.663277][T15034] ? __pfx_try_charge_memcg+0x10/0x10 [ 720.663295][T15034] ? find_held_lock+0x2b/0x80 [ 720.663308][T15034] ? rcu_read_unlock+0x17/0x60 [ 720.663326][T15034] ? rcu_read_unlock+0x17/0x60 [ 720.663351][T15034] charge_memcg+0xa6/0x280 [ 720.663378][T15034] __mem_cgroup_charge+0x2b/0x1e0 [ 720.663399][T15034] shmem_alloc_and_add_folio+0x451/0xd40 [ 720.663421][T15034] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 720.663440][T15034] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 720.663461][T15034] shmem_get_folio_gfp+0x6ab/0x1900 [ 720.663482][T15034] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 720.663504][T15034] shmem_write_begin+0x1a4/0x420 [ 720.663523][T15034] ? __pfx_shmem_write_begin+0x10/0x10 [ 720.663540][T15034] ? balance_dirty_pages_ratelimited_flags+0x91/0x1170 [ 720.663565][T15034] generic_perform_write+0x292/0xa40 [ 720.663582][T15034] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 720.663607][T15034] ? __pfx_generic_perform_write+0x10/0x10 [ 720.663626][T15034] ? file_update_time_flags+0x31f/0x510 [ 720.663648][T15034] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 720.663667][T15034] shmem_file_write_iter+0x10e/0x140 [ 720.663687][T15034] __kernel_write_iter+0x2ac/0x920 [ 720.663705][T15034] ? __pfx___kernel_write_iter+0x10/0x10 [ 720.663720][T15034] ? __up_read+0x2c5/0x700 [ 720.663742][T15034] ? dump_user_range+0x73b/0xb50 [ 720.663761][T15034] dump_user_range+0x3f9/0xb50 [ 720.663780][T15034] ? __pfx_dump_user_range+0x10/0x10 [ 720.663801][T15034] ? __pfx_writenote+0x10/0x10 [ 720.663822][T15034] elf_core_dump+0x2d16/0x3c60 [ 720.663849][T15034] ? __pfx_elf_core_dump+0x10/0x10 [ 720.663865][T15034] ? __pick_eevdf+0x14c/0x430 [ 720.663885][T15034] ? find_held_lock+0x2b/0x80 [ 720.663898][T15034] ? 0xffffffffff600000 [ 720.663911][T15034] ? rcu_is_watching+0x12/0xc0 [ 720.663924][T15034] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 720.663939][T15034] ? lockdep_hardirqs_on+0x78/0x100 [ 720.663985][T15034] ? vfs_coredump+0x276c/0x5530 [ 720.663999][T15034] vfs_coredump+0x276c/0x5530 [ 720.664021][T15034] ? __pfx_vfs_coredump+0x10/0x10 [ 720.664035][T15034] ? __lock_acquire+0x4a5/0x2630 [ 720.664062][T15034] ? __lock_acquire+0x4a5/0x2630 [ 720.664081][T15034] ? lock_acquire+0x17c/0x330 [ 720.664102][T15034] ? lock_acquire+0x17c/0x330 [ 720.664122][T15034] ? bpf_ksym_find+0x124/0x1c0 [ 720.664139][T15034] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 720.664161][T15034] ? arch_stack_walk+0xa6/0xf0 [ 720.664185][T15034] ? stack_trace_save+0x8e/0xc0 [ 720.664199][T15034] ? __pfx_stack_trace_save+0x10/0x10 [ 720.664214][T15034] ? stack_depot_save_flags+0x27/0x9c0 [ 720.664236][T15034] ? __lock_acquire+0x4a5/0x2630 [ 720.664286][T15034] ? proc_coredump_connector+0x2d3/0x4f0 [ 720.664300][T15034] ? __pfx_proc_coredump_connector+0x10/0x10 [ 720.664318][T15034] ? rcu_is_watching+0x12/0xc0 [ 720.664334][T15034] get_signal+0x1f2a/0x21e0 [ 720.664358][T15034] ? __pfx_get_signal+0x10/0x10 [ 720.664379][T15034] ? find_held_lock+0x2b/0x80 [ 720.664392][T15034] ? bad_area_access_error+0xab/0x1d0 [ 720.664406][T15034] ? fixup_vdso_exception+0x2d1/0x370 [ 720.664431][T15034] arch_do_signal_or_restart+0x91/0x770 [ 720.664451][T15034] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 720.664475][T15034] ? do_user_addr_fault+0x8d6/0x12f0 [ 720.664494][T15034] irqentry_exit+0x1f8/0x670 [ 720.664512][T15034] asm_exc_page_fault+0x26/0x30 [ 720.664526][T15034] RIP: 0033:0x0 [ 720.664535][T15034] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 720.664542][T15034] RSP: 002b:000000000000000a EFLAGS: 00010217 [ 720.664554][T15034] RAX: 0000000000000000 RBX: 00007f742d616090 RCX: 00007f742d39aeb9 [ 720.664563][T15034] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 720.664571][T15034] RBP: 00007f742d408c1f R08: 0000000000000002 R09: 0000000000000000 [ 720.664580][T15034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 720.664588][T15034] R13: 00007f742d616128 R14: 00007f742d616090 R15: 00007ffdccdf6a38 [ 720.664607][T15034] [ 722.349876][T15261] futex_wake_op: syz.3.2136 tries to shift op by -2048; fix this program [ 722.394967][T15261] futex_wake_op: syz.3.2136 tries to shift op by -2048; fix this program [ 722.433431][T15261] 0x000000000001-0x000000020000 : "" [ 722.619040][T15261] ftl_cs: FTL header corrupt! [ 723.686221][T15283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2142'. [ 724.909186][T15305] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input27 [ 724.970006][T15307] FAULT_INJECTION: forcing a failure. [ 724.970006][T15307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 725.074687][T15307] CPU: 0 UID: 0 PID: 15307 Comm: syz.0.2146 Not tainted syzkaller #0 PREEMPT(full) [ 725.074710][T15307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 725.074719][T15307] Call Trace: [ 725.074724][T15307] [ 725.074731][T15307] dump_stack_lvl+0x100/0x190 [ 725.074752][T15307] should_fail_ex.cold+0x5/0xa [ 725.074775][T15307] _copy_from_user+0x2e/0xd0 [ 725.074797][T15307] input_event_from_user+0xb9/0x290 [ 725.074817][T15307] ? __pfx_input_event_from_user+0x10/0x10 [ 725.074835][T15307] ? __pfx___might_resched+0x10/0x10 [ 725.074856][T15307] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 725.074872][T15307] ? input_event+0xbb/0xd0 [ 725.074889][T15307] uinput_write+0xb9f/0xf60 [ 725.074912][T15307] ? common_file_perm+0x1ab/0x4f0 [ 725.074933][T15307] ? __pfx_uinput_write+0x10/0x10 [ 725.074954][T15307] ? bpf_lsm_file_permission+0x9/0x10 [ 725.074973][T15307] ? security_file_permission+0x76/0x210 [ 725.074994][T15307] ? rw_verify_area+0xce/0x6d0 [ 725.075016][T15307] ? __pfx_uinput_write+0x10/0x10 [ 725.075035][T15307] vfs_writev+0x5ea/0xe10 [ 725.075048][T15307] ? get_pid_task+0x106/0x250 [ 725.075070][T15307] ? __pfx_vfs_writev+0x10/0x10 [ 725.075085][T15307] ? find_held_lock+0x2b/0x80 [ 725.075109][T15307] ? __fget_files+0x21f/0x3d0 [ 725.075129][T15307] ? do_writev+0x28a/0x340 [ 725.075142][T15307] do_writev+0x28a/0x340 [ 725.075156][T15307] ? __pfx_do_writev+0x10/0x10 [ 725.075170][T15307] ? do_user_addr_fault+0x8d6/0x12f0 [ 725.075190][T15307] do_syscall_64+0xc9/0xf80 [ 725.075208][T15307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 725.075223][T15307] RIP: 0033:0x7f975359aeb9 [ 725.075234][T15307] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 725.075248][T15307] RSP: 002b:00007f97543fc028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 725.075262][T15307] RAX: ffffffffffffffda RBX: 00007f9753816090 RCX: 00007f975359aeb9 [ 725.075271][T15307] RDX: 0000000000000009 RSI: 0000200000000340 RDI: 0000000000000003 [ 725.075279][T15307] RBP: 00007f97543fc090 R08: 0000000000000000 R09: 0000000000000000 [ 725.075287][T15307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 725.075295][T15307] R13: 00007f9753816128 R14: 00007f9753816090 R15: 00007ffe9663a9e8 [ 725.075314][T15307] [ 726.832230][T15034] memory: usage 307200kB, limit 307200kB, failcnt 29651 [ 726.905276][T15034] memory+swap: usage 432180kB, limit 9007199254740988kB, failcnt 0 [ 727.037072][T15034] kmem: usage 4380kB, limit 9007199254740988kB, failcnt 0 [ 727.067005][T15333] random: crng reseeded on system resumption [ 727.084323][T15034] Memory cgroup stats for /syz1: [ 727.084558][T15034] cache 309583872 [ 727.131191][T15034] rss 475136 [ 727.154185][T15034] rss_huge 0 [ 727.157421][T15034] shmem 309583872 [ 727.161037][T15034] mapped_file 0 [ 727.273118][T15034] dirty 0 [ 727.291286][T15334] Invalid ELF header magic: != ELF [ 727.320717][T15034] writeback 0 [ 727.342936][T15034] workingset_refault_anon 17640 [ 727.389420][T15034] workingset_refault_file 409 [ 727.500450][T15034] swap 127979520 [ 727.539732][T15034] swapcached 16384 [ 727.543471][T15034] pgpgin 584064 [ 727.598456][T15034] pgpgout 527789 [ 727.602042][T15034] pgfault 752388 [ 727.703705][T15034] pgmajfault 2498 [ 727.713800][T15034] inactive_anon 154980352 [ 727.777957][T15034] active_anon 154963968 [ 727.782262][T15034] inactive_file 0 [ 727.884124][T15034] active_file 0 [ 727.934095][T15034] unevictable 0 [ 727.937924][T15034] hierarchical_memory_limit 314572800 [ 728.090897][T15034] hierarchical_memsw_limit 9223372036854771712 [ 728.135429][T15034] total_cache 309583872 [ 728.189469][T15034] total_rss 475136 [ 728.193231][T15034] total_rss_huge 0 [ 728.264228][T15034] total_shmem 309583872 [ 728.310898][T15034] total_mapped_file 0 [ 728.354953][T15346] Invalid ELF header magic: != ELF [ 728.399609][T15034] total_dirty 0 [ 728.403094][T15034] total_writeback 0 [ 728.489882][T15034] total_workingset_refault_anon 17640 [ 728.514686][T15034] total_workingset_refault_file 409 [ 728.584127][T15034] total_swap 127979520 [ 728.588241][T15034] total_swapcached 16384 [ 728.671999][T15034] total_pgpgin 584064 [ 728.705752][T15034] total_pgpgout 527789 [ 728.784125][T15034] total_pgfault 752388 [ 728.846608][T15034] total_pgmajfault 2498 [ 728.850817][T15034] total_inactive_anon 154980352 [ 728.942633][T15034] total_active_anon 154963968 [ 728.971092][T15034] total_inactive_file 0 [ 728.986497][T15034] total_active_file 0 [ 728.990608][T15034] total_unevictable 0 [ 729.042410][T15034] anon_cost 12124 [ 729.056015][T15034] file_cost 4 [ 729.083673][T15034] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2084,pid=15050,uid=0 [ 729.177018][T15034] Memory cgroup out of memory: Killed process 15050 (syz.1.2084) total-vm:131932kB, anon-rss:1352kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:212kB oom_score_adj:1000 [ 729.684122][T15360] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2160'. [ 731.548003][ T32] oom_reaper: reaped process 15050 (syz.1.2084), now anon-rss:0kB, file-rss:3200kB, shmem-rss:0kB [ 736.069586][T15407] netlink: 472 bytes leftover after parsing attributes in process `syz.2.2169'. [ 736.135243][T15407] FAULT_INJECTION: forcing a failure. [ 736.135243][T15407] name failslab, interval 1, probability 0, space 0, times 0 [ 736.205249][T15407] CPU: 0 UID: 0 PID: 15407 Comm: syz.2.2169 Not tainted syzkaller #0 PREEMPT(full) [ 736.205271][T15407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 736.205280][T15407] Call Trace: [ 736.205285][T15407] [ 736.205291][T15407] dump_stack_lvl+0x100/0x190 [ 736.205313][T15407] should_fail_ex.cold+0x5/0xa [ 736.205336][T15407] should_failslab+0xc2/0x120 [ 736.205356][T15407] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 736.205375][T15407] ? __alloc_skb+0x156/0x410 [ 736.205397][T15407] ? __alloc_skb+0x156/0x410 [ 736.205413][T15407] __alloc_skb+0x156/0x410 [ 736.205429][T15407] ? __alloc_skb+0x35d/0x410 [ 736.205446][T15407] ? __pfx___alloc_skb+0x10/0x10 [ 736.205464][T15407] ? genl_rcv_msg+0x4b0/0x800 [ 736.205477][T15407] ? genl_rcv_msg+0x4be/0x800 [ 736.205496][T15407] netlink_ack+0x117/0xb80 [ 736.205514][T15407] netlink_rcv_skb+0x333/0x420 [ 736.205527][T15407] ? __pfx_genl_rcv_msg+0x10/0x10 [ 736.205543][T15407] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 736.205563][T15407] ? netlink_deliver_tap+0x1ae/0xcc0 [ 736.205585][T15407] genl_rcv+0x28/0x40 [ 736.205598][T15407] netlink_unicast+0x5aa/0x870 [ 736.205621][T15407] ? __pfx_netlink_unicast+0x10/0x10 [ 736.205641][T15407] ? __pfx___might_resched+0x10/0x10 [ 736.205661][T15407] ? __lock_acquire+0x4a5/0x2630 [ 736.205685][T15407] netlink_sendmsg+0x8b0/0xda0 [ 736.205708][T15407] ? __pfx_netlink_sendmsg+0x10/0x10 [ 736.205727][T15407] ? __import_iovec+0x1d2/0x640 [ 736.205750][T15407] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 736.205770][T15407] ____sys_sendmsg+0xa54/0xc30 [ 736.205788][T15407] ? __pfx_____sys_sendmsg+0x10/0x10 [ 736.205811][T15407] ___sys_sendmsg+0x190/0x1e0 [ 736.205829][T15407] ? __pfx____sys_sendmsg+0x10/0x10 [ 736.205853][T15407] ? find_held_lock+0x2b/0x80 [ 736.205878][T15407] __sys_sendmsg+0x170/0x220 [ 736.205898][T15407] ? __pfx___sys_sendmsg+0x10/0x10 [ 736.205929][T15407] do_syscall_64+0xc9/0xf80 [ 736.205947][T15407] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.205962][T15407] RIP: 0033:0x7efdc679aeb9 [ 736.205973][T15407] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 736.205986][T15407] RSP: 002b:00007efdc7618028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 736.206000][T15407] RAX: ffffffffffffffda RBX: 00007efdc6a15fa0 RCX: 00007efdc679aeb9 [ 736.206010][T15407] RDX: 0000000020000000 RSI: 00002000000002c0 RDI: 0000000000000003 [ 736.206018][T15407] RBP: 00007efdc7618090 R08: 0000000000000000 R09: 0000000000000000 [ 736.206026][T15407] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 736.206034][T15407] R13: 00007efdc6a16038 R14: 00007efdc6a15fa0 R15: 00007ffc5f74ab38 [ 736.206053][T15407] [ 736.917256][T15409] FAULT_INJECTION: forcing a failure. [ 736.917256][T15409] name failslab, interval 1, probability 0, space 0, times 0 [ 736.955410][T15409] CPU: 0 UID: 0 PID: 15409 Comm: syz.2.2170 Not tainted syzkaller #0 PREEMPT(full) [ 736.955431][T15409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 736.955440][T15409] Call Trace: [ 736.955445][T15409] [ 736.955451][T15409] dump_stack_lvl+0x100/0x190 [ 736.955472][T15409] should_fail_ex.cold+0x5/0xa [ 736.955492][T15409] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 736.955508][T15409] should_failslab+0xc2/0x120 [ 736.955528][T15409] kmem_cache_alloc_noprof+0x83/0x780 [ 736.955545][T15409] ? skb_clone+0x190/0x400 [ 736.955568][T15409] ? skb_clone+0x190/0x400 [ 736.955586][T15409] skb_clone+0x190/0x400 [ 736.955606][T15409] netlink_deliver_tap+0xaed/0xcc0 [ 736.955631][T15409] netlink_unicast+0x70c/0x870 [ 736.955654][T15409] ? __pfx_netlink_unicast+0x10/0x10 [ 736.955674][T15409] ? idr_get_next+0xec/0x150 [ 736.955697][T15409] ctrl_getfamily+0x417/0x550 [ 736.955713][T15409] ? __pfx_ctrl_getfamily+0x10/0x10 [ 736.955729][T15409] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 736.955745][T15409] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 736.955764][T15409] genl_family_rcv_msg_doit+0x214/0x300 [ 736.955780][T15409] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 736.955795][T15409] ? genl_get_cmd+0x3ef/0x720 [ 736.955814][T15409] ? __dev_queue_xmit+0x7fd/0x46f0 [ 736.955830][T15409] ? __radix_tree_lookup+0x217/0x2b0 [ 736.955847][T15409] genl_rcv_msg+0x560/0x800 [ 736.955865][T15409] ? __pfx_genl_rcv_msg+0x10/0x10 [ 736.955880][T15409] ? __pfx_ctrl_getfamily+0x10/0x10 [ 736.955902][T15409] netlink_rcv_skb+0x159/0x420 [ 736.955914][T15409] ? __pfx_genl_rcv_msg+0x10/0x10 [ 736.955930][T15409] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 736.955950][T15409] ? netlink_deliver_tap+0x1ae/0xcc0 [ 736.955972][T15409] genl_rcv+0x28/0x40 [ 736.955985][T15409] netlink_unicast+0x5aa/0x870 [ 736.956008][T15409] ? __pfx_netlink_unicast+0x10/0x10 [ 736.956035][T15409] netlink_sendmsg+0x8b0/0xda0 [ 736.956066][T15409] ? __pfx_netlink_sendmsg+0x10/0x10 [ 736.956089][T15409] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 736.956110][T15409] __sys_sendto+0x4aa/0x520 [ 736.956130][T15409] ? __pfx___sys_sendto+0x10/0x10 [ 736.956154][T15409] ? count_memcg_events_mm.constprop.0+0xfa/0x2a0 [ 736.956187][T15409] __x64_sys_sendto+0xe0/0x1c0 [ 736.956205][T15409] ? do_syscall_64+0x94/0xf80 [ 736.956221][T15409] ? lockdep_hardirqs_on+0x78/0x100 [ 736.956236][T15409] do_syscall_64+0xc9/0xf80 [ 736.956254][T15409] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.956268][T15409] RIP: 0033:0x7efdc675b78e [ 736.956280][T15409] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 736.956294][T15409] RSP: 002b:00007efdc7616e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 736.956308][T15409] RAX: ffffffffffffffda RBX: 00007efdc76186c0 RCX: 00007efdc675b78e [ 736.956317][T15409] RDX: 0000000000000028 RSI: 00007efdc7617000 RDI: 0000000000000005 [ 736.956326][T15409] RBP: 0000000000000000 R08: 00007efdc7616f04 R09: 000000000000000c [ 736.956334][T15409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000005 [ 736.956342][T15409] R13: 00007efdc7616f58 R14: 00007efdc7617000 R15: 0000000000000000 [ 736.956361][T15409] [ 737.350309][T15413] openvswitch: netlink: ERSPAN option length err (len 256, max 255). [ 737.664702][T15426] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2177'. [ 739.273335][T15449] input: 9%vJ,6 as /devices/virtual/input/input28 [ 739.913088][T15459] FAULT_INJECTION: forcing a failure. [ 739.913088][T15459] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 740.097146][T15459] CPU: 0 UID: 0 PID: 15459 Comm: syz.0.2184 Not tainted syzkaller #0 PREEMPT(full) [ 740.097168][T15459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 740.097177][T15459] Call Trace: [ 740.097183][T15459] [ 740.097189][T15459] dump_stack_lvl+0x100/0x190 [ 740.097211][T15459] should_fail_ex.cold+0x5/0xa [ 740.097234][T15459] _copy_from_iter+0x1f4/0x1690 [ 740.097259][T15459] ? __pfx__copy_from_iter+0x10/0x10 [ 740.097282][T15459] ? __pfx___might_resched+0x10/0x10 [ 740.097308][T15459] file_tty_write.isra.0+0x45b/0x890 [ 740.097334][T15459] redirected_tty_write+0xd4/0x120 [ 740.097354][T15459] vfs_write+0x6ac/0x1070 [ 740.097371][T15459] ? __pfx_redirected_tty_write+0x10/0x10 [ 740.097393][T15459] ? __pfx_vfs_write+0x10/0x10 [ 740.097406][T15459] ? find_held_lock+0x2b/0x80 [ 740.097432][T15459] ksys_write+0x12a/0x250 [ 740.097447][T15459] ? __pfx_ksys_write+0x10/0x10 [ 740.097468][T15459] do_syscall_64+0xc9/0xf80 [ 740.097486][T15459] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 740.097501][T15459] RIP: 0033:0x7f975359aeb9 [ 740.097513][T15459] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 740.097526][T15459] RSP: 002b:00007f975441d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 740.097540][T15459] RAX: ffffffffffffffda RBX: 00007f9753815fa0 RCX: 00007f975359aeb9 [ 740.097550][T15459] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 740.097558][T15459] RBP: 00007f975441d090 R08: 0000000000000000 R09: 0000000000000000 [ 740.097567][T15459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 740.097575][T15459] R13: 00007f9753816038 R14: 00007f9753815fa0 R15: 00007ffe9663a9e8 [ 740.097594][T15459] [ 742.270671][T15492] NFSD: Failed to start, no listeners configured. [ 746.777669][ T5827] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 746.786999][ T5827] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 746.795787][ T5827] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 746.807251][ T5827] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 746.814766][ T5827] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 747.947394][T15613] chnl_net:caif_netlink_parms(): no params data found [ 748.348075][T12818] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.739726][T12818] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 748.884888][ T5827] Bluetooth: hci4: command tx timeout [ 749.034244][T15613] bridge0: port 1(bridge_slave_0) entered blocking state [ 749.041476][T15613] bridge0: port 1(bridge_slave_0) entered disabled state [ 749.089326][T15613] bridge_slave_0: entered allmulticast mode [ 749.145177][T15613] bridge_slave_0: entered promiscuous mode [ 749.275896][T12818] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 749.387372][T15613] bridge0: port 2(bridge_slave_1) entered blocking state [ 749.445040][T15613] bridge0: port 2(bridge_slave_1) entered disabled state [ 749.452302][T15613] bridge_slave_1: entered allmulticast mode [ 749.520642][T15613] bridge_slave_1: entered promiscuous mode [ 749.893713][T12818] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 750.077867][T15613] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 750.155461][T15613] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 750.300942][T15613] team0: Port device team_slave_0 added [ 750.385105][T15613] team0: Port device team_slave_1 added [ 750.576322][T15613] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 750.583304][T15613] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 750.754129][T15613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 750.847144][T15613] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 750.898562][T15613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 750.967163][ T5827] Bluetooth: hci4: command tx timeout [ 751.064611][T15613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 751.367460][T12818] bridge_slave_1: left allmulticast mode [ 751.403193][T12818] bridge_slave_1: left promiscuous mode [ 751.438932][T12818] bridge0: port 2(bridge_slave_1) entered disabled state [ 751.546653][T12818] bridge_slave_0: left allmulticast mode [ 751.552346][T12818] bridge_slave_0: left promiscuous mode [ 751.610233][T12818] bridge0: port 1(bridge_slave_0) entered disabled state [ 752.567064][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.573401][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 753.046114][ T5827] Bluetooth: hci4: command tx timeout [ 753.572960][T12818] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 753.644411][T12818] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 753.688293][T12818] bond0 (unregistering): Released all slaves [ 753.784553][T15613] hsr_slave_0: entered promiscuous mode [ 753.813306][T15613] hsr_slave_1: entered promiscuous mode [ 753.863531][T15613] debugfs: 'hsr0' already exists in 'hsr' [ 753.892103][T15613] Cannot create hsr debugfs directory [ 754.997457][T12818] hsr_slave_0: left promiscuous mode [ 755.041734][T12818] hsr_slave_1: left promiscuous mode [ 755.066856][T12818] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 755.109913][T12818] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 755.125820][ T5827] Bluetooth: hci4: command tx timeout [ 755.187092][T12818] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 755.243671][T12818] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 755.421734][T12818] veth1_macvtap: left promiscuous mode [ 755.461738][T12818] veth0_macvtap: left promiscuous mode [ 755.490511][T12818] veth1_vlan: left promiscuous mode [ 755.517698][T12818] veth0_vlan: left promiscuous mode [ 758.133293][T12818] team0 (unregistering): Port device team_slave_0 removed [ 761.155954][T15613] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 761.217363][T15613] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 761.300526][T15613] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 761.349577][T15613] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 761.697728][T15613] 8021q: adding VLAN 0 to HW filter on device bond0 [ 761.793462][T15613] 8021q: adding VLAN 0 to HW filter on device team0 [ 761.879268][ T7238] bridge0: port 1(bridge_slave_0) entered blocking state [ 761.886451][ T7238] bridge0: port 1(bridge_slave_0) entered forwarding state [ 761.953648][ T7238] bridge0: port 2(bridge_slave_1) entered blocking state [ 761.960830][ T7238] bridge0: port 2(bridge_slave_1) entered forwarding state [ 762.824925][T15613] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 763.019806][T15613] veth0_vlan: entered promiscuous mode [ 763.069275][T15613] veth1_vlan: entered promiscuous mode [ 763.266029][T15613] veth0_macvtap: entered promiscuous mode [ 763.326257][T15613] veth1_macvtap: entered promiscuous mode [ 763.445802][T15613] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 763.505997][T15613] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 763.675707][ T7241] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.725682][ T7241] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.873340][ T7241] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 763.935128][ T7241] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 764.056036][ T7238] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.063893][ T7238] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.224821][T12817] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 764.252241][T12817] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 764.952340][T13252] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 764.977032][T13252] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 764.985692][T13252] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 764.993652][T13252] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 765.002536][T13252] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 765.477445][ T7241] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 765.801013][ T7241] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.003512][ T7241] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.171845][ T7241] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.410891][ T7241] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 766.476915][T16386] chnl_net:caif_netlink_parms(): no params data found [ 766.789445][T16386] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.828906][T16386] bridge0: port 1(bridge_slave_0) entered disabled state [ 766.860188][T16386] bridge_slave_0: entered allmulticast mode [ 766.885367][T16386] bridge_slave_0: entered promiscuous mode [ 766.928417][T16386] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.961185][T16386] bridge0: port 2(bridge_slave_1) entered disabled state [ 766.996170][T16386] bridge_slave_1: entered allmulticast mode [ 767.032209][T16386] bridge_slave_1: entered promiscuous mode [ 767.045463][T13252] Bluetooth: hci2: command tx timeout [ 767.165111][T16386] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 767.207025][T16386] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 767.331541][T16386] team0: Port device team_slave_0 added [ 767.381398][T16386] team0: Port device team_slave_1 added [ 767.476774][T16386] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 767.483860][T16386] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 767.618582][T16386] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 767.693168][T16386] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 767.725454][T16386] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 767.859201][T16386] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 768.041058][T16386] hsr_slave_0: entered promiscuous mode [ 768.076560][T16386] hsr_slave_1: entered promiscuous mode [ 768.104992][T16386] debugfs: 'hsr0' already exists in 'hsr' [ 768.133354][T16386] Cannot create hsr debugfs directory [ 769.124961][T13252] Bluetooth: hci2: command tx timeout [ 771.206076][T13252] Bluetooth: hci2: command tx timeout [ 773.286093][T13252] Bluetooth: hci2: command tx timeout [ 781.071392][ T5827] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 781.081742][ T5827] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 781.090204][ T5827] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 781.098792][ T5827] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 781.108430][ T5827] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 781.353768][T17122] chnl_net:caif_netlink_parms(): no params data found [ 781.497079][T17122] bridge0: port 1(bridge_slave_0) entered blocking state [ 781.506143][T17122] bridge0: port 1(bridge_slave_0) entered disabled state [ 781.513362][T17122] bridge_slave_0: entered allmulticast mode [ 781.547389][T17122] bridge_slave_0: entered promiscuous mode [ 781.555914][T17122] bridge0: port 2(bridge_slave_1) entered blocking state [ 781.574165][T17122] bridge0: port 2(bridge_slave_1) entered disabled state [ 781.581367][T17122] bridge_slave_1: entered allmulticast mode [ 781.615504][T17122] bridge_slave_1: entered promiscuous mode [ 781.663486][T17122] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 781.696426][T17122] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 781.751221][T17122] team0: Port device team_slave_0 added [ 781.775951][T17122] team0: Port device team_slave_1 added [ 781.827809][T17122] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 781.845604][T17122] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 781.906666][T17122] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 781.943292][T17122] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 781.978019][T17122] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 782.098964][T17122] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 782.272655][T17122] hsr_slave_0: entered promiscuous mode [ 782.300899][T17122] hsr_slave_1: entered promiscuous mode [ 782.339498][T17122] debugfs: 'hsr0' already exists in 'hsr' [ 782.372284][T17122] Cannot create hsr debugfs directory [ 783.125859][ T5827] Bluetooth: hci0: command tx timeout [ 785.205395][ T5827] Bluetooth: hci0: command tx timeout [ 787.284287][ T5827] Bluetooth: hci0: command tx timeout [ 789.364229][ T5827] Bluetooth: hci0: command tx timeout [ 814.008005][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.014464][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 824.702881][T13252] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 824.715498][T13252] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 824.734312][T13252] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 824.752315][T13252] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 824.759882][T13252] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 825.007659][T17282] chnl_net:caif_netlink_parms(): no params data found [ 825.136656][T17282] bridge0: port 1(bridge_slave_0) entered blocking state [ 825.155279][T17282] bridge0: port 1(bridge_slave_0) entered disabled state [ 825.162544][T17282] bridge_slave_0: entered allmulticast mode [ 825.186870][T17282] bridge_slave_0: entered promiscuous mode [ 825.197296][T17282] bridge0: port 2(bridge_slave_1) entered blocking state [ 825.214226][T17282] bridge0: port 2(bridge_slave_1) entered disabled state [ 825.221438][T17282] bridge_slave_1: entered allmulticast mode [ 825.248496][T17282] bridge_slave_1: entered promiscuous mode [ 825.306868][T17282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 825.327601][T17282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 825.394230][T17282] team0: Port device team_slave_0 added [ 825.416078][T17282] team0: Port device team_slave_1 added [ 825.461218][T17282] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 825.475484][T17282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 825.535912][T17282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 825.565747][T17282] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 825.572752][T17282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 825.645149][T17282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 825.720140][T17282] hsr_slave_0: entered promiscuous mode [ 825.744752][T17282] hsr_slave_1: entered promiscuous mode [ 825.750948][T17282] debugfs: 'hsr0' already exists in 'hsr' [ 825.764081][T17282] Cannot create hsr debugfs directory [ 826.804579][ T5827] Bluetooth: hci5: command tx timeout [ 828.884252][ T5827] Bluetooth: hci5: command tx timeout [ 830.964266][ T5827] Bluetooth: hci5: command tx timeout [ 833.044242][ T5827] Bluetooth: hci5: command tx timeout [ 841.132433][T13252] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 841.143063][T13252] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 841.152997][T13252] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 841.162826][T13252] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 841.170932][T13252] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 841.431571][T17294] chnl_net:caif_netlink_parms(): no params data found [ 841.566862][T17294] bridge0: port 1(bridge_slave_0) entered blocking state [ 841.595125][T17294] bridge0: port 1(bridge_slave_0) entered disabled state [ 841.602356][T17294] bridge_slave_0: entered allmulticast mode [ 841.626829][T17294] bridge_slave_0: entered promiscuous mode [ 841.636707][T17294] bridge0: port 2(bridge_slave_1) entered blocking state [ 841.654187][T17294] bridge0: port 2(bridge_slave_1) entered disabled state [ 841.661518][T17294] bridge_slave_1: entered allmulticast mode [ 841.685141][T17294] bridge_slave_1: entered promiscuous mode [ 841.731982][T17294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 841.766330][T17294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 841.821699][T17294] team0: Port device team_slave_0 added [ 841.846336][T17294] team0: Port device team_slave_1 added [ 841.895939][T17294] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 841.902898][T17294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 841.965450][T17294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 841.995468][T17294] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 842.002456][T17294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 842.076689][T17294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 842.155248][T17294] hsr_slave_0: entered promiscuous mode [ 842.175442][T17294] hsr_slave_1: entered promiscuous mode [ 842.181594][T17294] debugfs: 'hsr0' already exists in 'hsr' [ 842.204116][T17294] Cannot create hsr debugfs directory [ 843.205399][T13252] Bluetooth: hci6: command tx timeout [ 845.286305][T13252] Bluetooth: hci6: command tx timeout [ 847.364270][T13252] Bluetooth: hci6: command tx timeout [ 849.444239][T13252] Bluetooth: hci6: command tx timeout [ 872.409529][ T5827] Bluetooth: hci4: command 0x0406 tx timeout [ 875.451331][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.458578][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 884.686334][T13252] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1 [ 884.696074][T13252] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9 [ 884.704481][T13252] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9 [ 884.712140][T13252] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4 [ 884.720004][T13252] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2 [ 884.977745][T17303] chnl_net:caif_netlink_parms(): no params data found [ 885.110791][T17303] bridge0: port 1(bridge_slave_0) entered blocking state [ 885.135318][T17303] bridge0: port 1(bridge_slave_0) entered disabled state [ 885.142596][T17303] bridge_slave_0: entered allmulticast mode [ 885.166129][T17303] bridge_slave_0: entered promiscuous mode [ 885.188101][T17303] bridge0: port 2(bridge_slave_1) entered blocking state [ 885.205534][T17303] bridge0: port 2(bridge_slave_1) entered disabled state [ 885.225310][T17303] bridge_slave_1: entered allmulticast mode [ 885.232402][T17303] bridge_slave_1: entered promiscuous mode [ 885.290073][T17303] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 885.325252][T17303] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 885.378098][T17303] team0: Port device team_slave_0 added [ 885.399001][T17303] team0: Port device team_slave_1 added [ 885.447835][T17303] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 885.464132][T17303] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 885.526193][T17303] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 885.555471][T17303] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 885.562460][T17303] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 885.626023][T17303] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 885.736563][T17303] hsr_slave_0: entered promiscuous mode [ 885.765819][T17303] hsr_slave_1: entered promiscuous mode [ 885.794413][T17303] debugfs: 'hsr0' already exists in 'hsr' [ 885.800147][T17303] Cannot create hsr debugfs directory [ 886.804408][ T5827] Bluetooth: hci7: command tx timeout [ 887.767206][ T5827] Bluetooth: hci2: command 0x0406 tx timeout [ 888.884332][T13252] Bluetooth: hci7: command tx timeout [ 890.964232][T13252] Bluetooth: hci7: command tx timeout [ 893.044287][T13252] Bluetooth: hci7: command tx timeout [ 901.231942][ T5827] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1 [ 901.243061][ T5827] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9 [ 901.252208][ T5827] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9 [ 901.260995][ T5827] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4 [ 901.270870][ T5827] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2 [ 901.521831][T17318] chnl_net:caif_netlink_parms(): no params data found [ 901.656339][T17318] bridge0: port 1(bridge_slave_0) entered blocking state [ 901.663542][T17318] bridge0: port 1(bridge_slave_0) entered disabled state [ 901.686108][T17318] bridge_slave_0: entered allmulticast mode [ 901.704501][T17318] bridge_slave_0: entered promiscuous mode [ 901.716582][T17318] bridge0: port 2(bridge_slave_1) entered blocking state [ 901.723753][T17318] bridge0: port 2(bridge_slave_1) entered disabled state [ 901.756166][T17318] bridge_slave_1: entered allmulticast mode [ 901.763345][T17318] bridge_slave_1: entered promiscuous mode [ 901.826521][T17318] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 901.855816][T17318] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 901.907668][T17318] team0: Port device team_slave_0 added [ 901.928176][T17318] team0: Port device team_slave_1 added [ 901.979912][T17318] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 902.004553][T17318] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 902.054253][T17318] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 902.089592][T17318] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 902.104793][T17318] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 902.165283][T17318] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 902.252348][T17318] hsr_slave_0: entered promiscuous mode [ 902.266328][T17318] hsr_slave_1: entered promiscuous mode [ 902.284729][T17318] debugfs: 'hsr0' already exists in 'hsr' [ 902.290500][T17318] Cannot create hsr debugfs directory [ 903.284324][T13252] Bluetooth: hci8: command tx timeout [ 905.364767][T13252] Bluetooth: hci8: command tx timeout [ 907.444330][ T5827] Bluetooth: hci8: command tx timeout [ 908.246496][ T5827] Bluetooth: hci0: command 0x0406 tx timeout [ 909.524250][T13252] Bluetooth: hci8: command tx timeout [ 918.326009][ T31] INFO: task kworker/u8:30:7241 blocked for more than 143 seconds. [ 918.333923][ T31] Not tainted syzkaller #0 [ 918.354163][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 918.362873][ T31] task:kworker/u8:30 state:D stack:23464 pid:7241 tgid:7241 ppid:2 task_flags:0x4208160 flags:0x00080000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 918.405119][ T31] Workqueue: netns cleanup_net [ 918.414741][ T31] Call Trace: [ 918.418047][ T31] [ 918.420969][ T31] ? __schedule+0xf67/0x5fa0 [ 918.454317][ T31] __schedule+0xfe6/0x5fa0 [ 918.458787][ T31] ? __lock_acquire+0x4a5/0x2630 [ 918.463724][ T31] ? __pfx___schedule+0x10/0x10 [ 918.494616][ T31] ? find_held_lock+0x2b/0x80 [ 918.499350][ T31] ? schedule+0x2bf/0x390 [ 918.503687][ T31] schedule+0xdd/0x390 [ 918.544197][ T31] schedule_timeout+0x1b2/0x280 [ 918.549084][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 918.575035][ T31] ? mark_held_locks+0x40/0x70 [ 918.579832][ T31] __wait_for_common+0x2e7/0x4c0 [ 918.605111][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 918.610546][ T31] ? __pfx___wait_for_common+0x10/0x10 [ 918.639387][ T31] remove_one+0x312/0x420 [ 918.643750][ T31] ? find_next_child+0x18f/0x280 [ 918.674081][ T31] __simple_recursive_removal+0x148/0x5c0 [ 918.684282][ T31] ? __pfx_remove_one+0x10/0x10 [ 918.689152][ T31] debugfs_remove+0x5d/0x80 [ 918.693674][ T31] nsim_dev_health_exit+0x3b/0xe0 [ 918.781352][ T31] nsim_dev_reload_destroy+0x144/0x4a0 [ 918.814172][ T31] nsim_dev_reload_down+0x66/0xd0 [ 918.819234][ T31] devlink_reload+0x173/0x7b0 [ 918.823938][ T31] ? __pfx_devlink_reload+0x10/0x10 [ 918.847492][ T31] devlink_pernet_pre_exit+0x222/0x330 [ 918.852992][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 918.874367][ T31] ? kobject_put+0xb9/0x640 [ 918.878903][ T31] ? __pfx_devlink_pernet_pre_exit+0x10/0x10 [ 918.904068][ T31] ops_undo_list+0x187/0xab0 [ 918.908719][ T31] ? __pfx_ops_undo_list+0x10/0x10 [ 918.913813][ T31] ? cleanup_net+0x345/0x830 [ 918.934142][ T31] ? cleanup_net+0x345/0x830 [ 918.938764][ T31] ? idr_destroy+0x62/0x2e0 [ 918.943295][ T31] cleanup_net+0x419/0x830 [ 918.967921][ T31] ? __pfx_cleanup_net+0x10/0x10 [ 918.973070][ T31] ? rcu_is_watching+0x12/0xc0 [ 918.984682][ T31] process_one_work+0x9c2/0x1840 [ 918.989691][ T31] ? __pfx_process_one_work+0x10/0x10 [ 919.004393][ T31] ? assign_work+0x19c/0x250 [ 919.009054][ T31] worker_thread+0x5da/0xe40 [ 919.013649][ T31] ? kthread+0x17d/0x730 [ 919.034146][ T31] ? __pfx_worker_thread+0x10/0x10 [ 919.039323][ T31] kthread+0x3b3/0x730 [ 919.043404][ T31] ? __pfx_kthread+0x10/0x10 [ 919.064089][ T31] ? ret_from_fork+0x79/0xaf0 [ 919.068794][ T31] ? ret_from_fork+0x79/0xaf0 [ 919.073492][ T31] ? rcu_is_watching+0x12/0xc0 [ 919.094129][ T31] ? __pfx_kthread+0x10/0x10 [ 919.098754][ T31] ret_from_fork+0x754/0xaf0 [ 919.103343][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 919.124333][ T31] ? __switch_to+0x7b9/0x10c0 [ 919.129054][ T31] ? __pfx_kthread+0x10/0x10 [ 919.133640][ T31] ret_from_fork_asm+0x1a/0x30 [ 919.154343][ T31] [ 919.165225][ T31] INFO: task syz-executor:16386 blocked for more than 144 seconds. [ 919.173203][ T31] Not tainted syzkaller #0 [ 919.274762][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 919.283443][ T31] task:syz-executor state:D stack:24024 pid:16386 tgid:16386 ppid:1 task_flags:0x400140 flags:0x00080002 [ 919.344194][ T31] Call Trace: [ 919.347594][ T31] [ 919.350527][ T31] ? __schedule+0xf67/0x5fa0 [ 919.393905][ T31] __schedule+0xfe6/0x5fa0 [ 919.398706][ T31] ? __lock_acquire+0x4a5/0x2630 [ 919.403674][ T31] ? __pfx___schedule+0x10/0x10 [ 919.434131][ T31] ? find_held_lock+0x2b/0x80 [ 919.438832][ T31] ? schedule+0x2bf/0x390 [ 919.443181][ T31] schedule+0xdd/0x390 [ 919.484594][ T31] schedule_preempt_disabled+0x13/0x30 [ 919.504067][ T31] __mutex_lock+0xc9a/0x1b90 [ 919.508708][ T31] ? device_del+0xa0/0x9b0 [ 919.513118][ T31] ? xas_create+0x1f4/0x14e0 [ 919.544052][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 919.549116][ T31] ? mark_held_locks+0x40/0x70 [ 919.553900][ T31] ? device_del+0xa0/0x9b0 [ 919.594470][ T31] ? ida_free+0x201/0x2f0 [ 919.606927][ T31] device_del+0xa0/0x9b0 [ 919.611196][ T31] ? __pfx_ida_free+0x10/0x10 [ 919.624528][ T31] ? __pfx_device_del+0x10/0x10 [ 919.629400][ T31] ? __lock_acquire+0x4a5/0x2630 [ 919.644321][ T31] device_unregister+0x1d/0xe0 [ 919.649219][ T31] del_device_store+0x346/0x480 [ 919.664341][ T31] ? __pfx_del_device_store+0x10/0x10 [ 919.669739][ T31] ? find_held_lock+0x2b/0x80 [ 919.685571][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 919.690489][ T31] ? sysfs_file_kobj+0xe4/0x290 [ 919.714676][ T31] ? __pfx_del_device_store+0x10/0x10 [ 919.720096][ T31] bus_attr_store+0x74/0xb0 [ 919.734098][ T31] ? __pfx_bus_attr_store+0x10/0x10 [ 919.739347][ T31] sysfs_kf_write+0xf2/0x150 [ 919.743933][ T31] kernfs_fop_write_iter+0x3e0/0x5f0 [ 919.764666][ T31] ? __pfx_sysfs_kf_write+0x10/0x10 [ 919.771091][ T31] vfs_write+0x6ac/0x1070 [ 919.783261][ T31] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 919.795298][ T31] ? __pfx_vfs_write+0x10/0x10 [ 919.800102][ T31] ? __pfx_do_sys_openat2+0x10/0x10 [ 919.824697][ T31] ksys_write+0x12a/0x250 [ 919.829060][ T31] ? __pfx_ksys_write+0x10/0x10 [ 919.833907][ T31] do_syscall_64+0xc9/0xf80 [ 919.854233][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 919.860196][ T31] RIP: 0033:0x7fcfd355b78e [ 919.874102][ T31] RSP: 002b:00007ffe3027d898 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 919.882546][ T31] RAX: ffffffffffffffda RBX: 000055557da31500 RCX: 00007fcfd355b78e [ 919.907594][ T31] RDX: 0000000000000001 RSI: 00007ffe3027d920 RDI: 0000000000000005 [ 919.922635][ T31] RBP: 00007fcfd3608a88 R08: 0000000000000000 R09: 0000000000000000 [ 919.944125][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 919.952135][ T31] R13: 00007ffe3027d920 R14: 00007fcfd4344620 R15: 0000000000000003 [ 919.974203][ T31] [ 920.072216][ T31] INFO: task syz.3.2977:16404 blocked for more than 145 seconds. [ 920.106570][ T31] Not tainted syzkaller #0 [ 920.122621][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 920.164136][ T31] task:syz.3.2977 state:D stack:27512 pid:16404 tgid:16401 ppid:15613 task_flags:0x400140 flags:0x00080006 [ 920.204137][ T31] Call Trace: [ 920.207462][ T31] [ 920.210380][ T31] ? __schedule+0xf67/0x5fa0 [ 920.251026][ T31] __schedule+0xfe6/0x5fa0 [ 920.264302][ T31] ? __lock_acquire+0x4a5/0x2630 [ 920.269275][ T31] ? __pfx___schedule+0x10/0x10 [ 920.296033][ T31] ? find_held_lock+0x2b/0x80 [ 920.300739][ T31] ? schedule+0x2bf/0x390 [ 920.325534][ T31] schedule+0xdd/0x390 [ 920.329641][ T31] schedule_preempt_disabled+0x13/0x30 [ 920.359221][ T31] __mutex_lock+0xc9a/0x1b90 [ 920.363840][ T31] ? netlink_has_listeners+0x20f/0x430 [ 920.394203][ T31] ? devlink_health_report+0x62b/0xa80 [ 920.399730][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 920.425262][ T31] ? devlink_recover_notify.constprop.0+0x200/0x670 [ 920.431907][ T31] ? devlink_health_report+0x62b/0xa80 [ 920.454137][ T31] devlink_health_report+0x62b/0xa80 [ 920.459480][ T31] ? __pfx_devlink_health_report+0x10/0x10 [ 920.479247][ T31] ? _copy_from_user+0x59/0xd0 [ 920.494295][ T31] nsim_dev_health_break_write+0x166/0x210 [ 920.500692][ T31] ? __pfx_nsim_dev_health_break_write+0x10/0x10 [ 920.516533][ T31] full_proxy_write+0x135/0x1a0 [ 920.534316][ T31] vfs_write+0x2aa/0x1070 [ 920.538668][ T31] ? __pfx_full_proxy_write+0x10/0x10 [ 920.554228][ T31] ? __pfx_vfs_write+0x10/0x10 [ 920.559092][ T31] ? find_held_lock+0x2b/0x80 [ 920.563855][ T31] ? __fget_files+0x215/0x3d0 [ 920.584085][ T31] ? __fget_files+0x21f/0x3d0 [ 920.588810][ T31] ksys_write+0x12a/0x250 [ 920.593161][ T31] ? __pfx_ksys_write+0x10/0x10 [ 920.614204][ T31] do_syscall_64+0xc9/0xf80 [ 920.618741][ T31] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 920.634365][ T31] RIP: 0033:0x7fa0df79aeb9 [ 920.638797][ T31] RSP: 002b:00007fa0e06c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 920.664044][ T31] RAX: ffffffffffffffda RBX: 00007fa0dfa15fa0 RCX: 00007fa0df79aeb9 [ 920.672041][ T31] RDX: 00000000000001e1 RSI: 0000200000000080 RDI: 0000000000000002 [ 920.704078][ T31] RBP: 00007fa0df808c1f R08: 0000000000000000 R09: 0000000000000000 [ 920.712098][ T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 920.736106][ T31] R13: 00007fa0dfa16038 R14: 00007fa0dfa15fa0 R15: 00007ffe01d592d8 [ 920.754129][ T31] [ 920.770996][ T31] [ 920.770996][ T31] Showing all locks held in the system: [ 920.849993][ T31] 1 lock held by khungtaskd/31: [ 920.864109][ T31] #0: ffffffff8e5e3120 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x3d/0x184 [ 920.885399][ T31] 2 locks held by getty/5583: [ 920.890132][ T31] #0: ffff888031d8d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80 [ 920.914107][ T31] #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x419/0x1500 [ 920.934282][ T31] 1 lock held by syz-executor/5825: [ 920.939530][ T31] #0: ffffffff8e5ef7c0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x48/0x6d0 [ 920.974189][ T31] 6 locks held by kworker/u8:30/7241: [ 920.979603][ T31] #0: ffff88801c29f148 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 921.004127][ T31] #1: ffffc90004a77c98 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 921.024119][ T31] #2: ffffffff903dd430 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xab/0x830 [ 921.054101][ T31] #3: ffff8880774260e8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x185/0x330 [ 921.074112][ T31] #4: ffff888077427250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x18f/0x330 [ 921.094294][ T31] #5: ffff88807e7e9060 (&sb->s_type->i_mutex_key#9/2){+.+.}-{4:4}, at: __simple_recursive_removal+0xe0/0x5c0 [ 921.126920][ T31] 2 locks held by kworker/u8:0/12817: [ 921.132428][ T31] #0: ffff88801dba3948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_one_work+0x11ae/0x1840 [ 921.164284][ T31] #1: ffffc9000b347c98 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_one_work+0x927/0x1840 [ 921.189217][ T31] 2 locks held by syz.1.2000/14632: [ 921.204300][ T31] #0: ffffffff903f5d68 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x220 [ 921.213342][ T31] #1: ffffffff8e5ef8f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x27f/0x3c0 [ 921.244100][ T31] 5 locks held by syz-executor/16386: [ 921.249490][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.274135][ T31] #1: ffff88803340c088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.283915][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.314151][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.334323][ T31] #4: ffff8880774260e8 (&dev->mutex){....}-{4:4}, at: device_del+0xa0/0x9b0 [ 921.354176][ T31] 3 locks held by syz.3.2977/16404: [ 921.359418][ T31] #0: ffff888035015278 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2aa/0x380 [ 921.384278][ T31] #1: ffff888142298420 (sb_writers#8){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.393318][ T31] #2: ffff888077427250 (&devlink->lock_key#3){+.+.}-{4:4}, at: devlink_health_report+0x62b/0xa80 [ 921.434250][ T31] 4 locks held by syz-executor/17122: [ 921.439662][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.464063][ T31] #1: ffff88805d60a088 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.473858][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.504133][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.527397][ T31] 4 locks held by syz-executor/17282: [ 921.532783][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.555112][ T31] #1: ffff8880341e0488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.579626][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.605211][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.624234][ T31] 4 locks held by syz-executor/17294: [ 921.629611][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.654928][ T31] #1: ffff88805ede9488 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.674322][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.704199][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.724171][ T31] 4 locks held by syz-executor/17303: [ 921.729558][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.749101][ T31] #1: ffff88805ccd6888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.774245][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.794315][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.814420][ T31] 4 locks held by syz-executor/17318: [ 921.819803][ T31] #0: ffff888032fb2420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 921.844694][ T31] #1: ffff8880777ecc88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x2c2/0x5f0 [ 921.867007][ T31] #2: ffff888142f78c38 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x332/0x5f0 [ 921.894257][ T31] #3: ffffffff8f950288 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x480 [ 921.914181][ T31] [ 921.916530][ T31] ============================================= [ 921.916530][ T31] [ 922.058121][ T31] NMI backtrace for cpu 0 [ 922.058139][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 922.058157][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 922.058166][ T31] Call Trace: [ 922.058170][ T31] [ 922.058176][ T31] dump_stack_lvl+0x100/0x190 [ 922.058197][ T31] nmi_cpu_backtrace.cold+0x12d/0x151 [ 922.058215][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 922.058238][ T31] nmi_trigger_cpumask_backtrace+0x1d7/0x230 [ 922.058305][ T31] sys_info+0x141/0x190 [ 922.058323][ T31] watchdog+0xcc3/0xfe0 [ 922.058342][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.058357][ T31] ? __kthread_parkme+0x18c/0x230 [ 922.058374][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.058389][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.058401][ T31] kthread+0x3b3/0x730 [ 922.058420][ T31] ? __pfx_kthread+0x10/0x10 [ 922.058437][ T31] ? ret_from_fork+0x79/0xaf0 [ 922.058450][ T31] ? ret_from_fork+0x79/0xaf0 [ 922.058463][ T31] ? rcu_is_watching+0x12/0xc0 [ 922.058476][ T31] ? __pfx_kthread+0x10/0x10 [ 922.058495][ T31] ret_from_fork+0x754/0xaf0 [ 922.058512][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 922.058526][ T31] ? __switch_to+0x7b9/0x10c0 [ 922.058544][ T31] ? __pfx_kthread+0x10/0x10 [ 922.058562][ T31] ret_from_fork_asm+0x1a/0x30 [ 922.058590][ T31] [ 922.454459][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 922.461329][ T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) [ 922.470423][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 922.480461][ T31] Call Trace: [ 922.483737][ T31] [ 922.486662][ T31] dump_stack_lvl+0x100/0x190 [ 922.491343][ T31] vpanic+0x20d/0x630 [ 922.495326][ T31] panic+0xd1/0xd1 [ 922.499039][ T31] ? __pfx_panic+0x10/0x10 [ 922.503439][ T31] ? nmi_trigger_cpumask_backtrace+0x1b5/0x230 [ 922.509603][ T31] ? nmi_trigger_cpumask_backtrace+0x1f6/0x230 [ 922.515864][ T31] ? nmi_trigger_cpumask_backtrace+0x200/0x230 [ 922.522009][ T31] ? watchdog.cold+0x198/0x1ca [ 922.526825][ T31] ? watchdog+0xcd3/0xfe0 [ 922.531156][ T31] watchdog.cold+0x1a9/0x1ca [ 922.535738][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.540395][ T31] ? __kthread_parkme+0x18c/0x230 [ 922.545405][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.550066][ T31] ? __pfx_watchdog+0x10/0x10 [ 922.554724][ T31] kthread+0x3b3/0x730 [ 922.558782][ T31] ? __pfx_kthread+0x10/0x10 [ 922.563359][ T31] ? ret_from_fork+0x79/0xaf0 [ 922.568018][ T31] ? ret_from_fork+0x79/0xaf0 [ 922.572676][ T31] ? rcu_is_watching+0x12/0xc0 [ 922.577435][ T31] ? __pfx_kthread+0x10/0x10 [ 922.582007][ T31] ret_from_fork+0x754/0xaf0 [ 922.586578][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 922.591671][ T31] ? __switch_to+0x7b9/0x10c0 [ 922.596346][ T31] ? __pfx_kthread+0x10/0x10 [ 922.600924][ T31] ret_from_fork_asm+0x1a/0x30 [ 922.605686][ T31] [ 922.608749][ T31] Kernel Offset: disabled [ 922.613060][ T31] Rebooting in 86400 seconds..