last executing test programs: 4.332977491s ago: executing program 2 (id=2492): r0 = socket(0x3, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) syz_clone3(&(0x7f00000003c0)={0x80000, &(0x7f0000000100), &(0x7f0000000180)=0x0, &(0x7f00000001c0), {0x31}, &(0x7f0000000200)=""/112, 0x70, &(0x7f0000000280)=""/201, &(0x7f0000000380)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) prctl$auto(0x1316f661, 0x7, r1, 0x3, 0x8) r2 = io_uring_setup$auto(0x1, 0x0) write$auto_fops_init_pkru_pkeys(r2, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4) r3 = getpid() socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x5, 0x105, 0xc, 0xb, 0x800, 0xffffffffffffffff, 0x5, "d81ddef9d4e6d312212bab98f4060bd8", 0x0, 0xffffffffffffffff, 0x7fffffff, 0xa991, 0x7, 0x8001}, 0x7) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x18dd01, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x4ff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r4) sendmsg$auto_ILA_CMD_DEL(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r5, 0x1, 0x70bd26, 0x6, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) setns(0xffffffffffffffff, 0x2000000) quotactl_fd$auto(r2, 0x2, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {0x2, 0x0, 0x14}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x1}]}, 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084) 3.580130965s ago: executing program 2 (id=2495): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000001c0)=""/39, 0x27) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x42c901, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r2, 0x801c581f, 0xc60) r5 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0xffffffffffffffff, 0x0, 0xb) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000040), r5) close_range$auto(r4, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) copy_file_range$auto(r1, &(0x7f0000000080)=0x9, r3, &(0x7f0000000140)=0x4028, 0x9, 0x10) ioctl$auto(0x3, 0xae41, r6) close_range$auto(r6, r4, 0xbd) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000118, 0x402, 0xc0}]}) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/34, 0x22) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/protocol\x00', 0x181482, 0x0) r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r8, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x4b6a, 0x1) write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="01002abd7000fddbdf25040000230508110000005f1d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) 3.149397544s ago: executing program 3 (id=2496): socket(0xa, 0x1, 0x84) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(0x3, 0x10000000084, 0x10, 0x0, 0x8) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, 0x0) r0 = socket(0x25, 0x5, 0x2) r1 = socket(0x848000000015, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = setfsuid$auto(0xee00) clone$auto(0x20003b4a, 0x8, 0x0, 0x0, 0x2) bind$auto(0x3, &(0x7f0000000240)=@in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x23}}, 0x6b) connect$auto(0x3, &(0x7f00000002c0)=@generic={0xa, "5457c29004e0b991da88f70ef61b"}, 0x55) r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000002340), 0xffffffffffffffff) shmctl$auto_SHM_LOCK(0x4bc, 0xb, &(0x7f0000002240)={{0xf, r2, 0xee01, 0x9, 0x6, 0x10000, 0x2}, 0x8, 0x7, 0x5, 0x100, @raw=0x8, @raw=0x2f82, 0x4, 0x0, &(0x7f0000001200)="4e2d8a2911ad99a0c9ba11f7234c5ddd1b07e2d20b083b7c9251a738beed925c2e104a1a099285797ff7ecce0ec845aee1ed2345bc2f4359b17436c783c399ac79261681d73bded99ff2feef7d6aff20166bdd9146c0d1f11e403dd6675a73db90e6dafb3098719bd4d02ed0d9120d482f83f13dff9e99922d769f5e6b9cd85ad83428710c2834ab7d18ebdf8faaff0e5b997cf2e273676435bf654d22bb972ac598c5600d3b4315845052bea19d63919c2a4aec19b00dee352c67904fc72d91ae95e3f2a59229baed096d511fab955397e0d2bba23144b1f6598fad165676d7d39e8ab5ebcaa74630f84fa35f43f99b4135eb22c5d132252ea784ef085579cf2d61ce7007df6b591a638ecdfa253470969d01fa06c07e1738891d420058f6235b0df752b998c1435eae7564f96b64cdc7292540025e0a5a0cab5e86551355d9f8fef019b9a33f66d5274b658a0a1a077d8f1e3558b1ffd348a5d9d592652f37fcc4abf2ec0b342e7d266b0f48d51afb46d1f32917ba4f6168175aa710d2cb67b51d6ae3c8833ad657eb683520ffb6b51aa835cb7216dd80c0c476af6f0ab5df8bd7323f122324c231cd45a85d495afbea50d81bcf7133c219e0d4025852c89ea5ca2e5da5940dada982e3d3e41a2c7decb006db9e4fbbaa27f29e3cdb519671edf1e0bbc25651afc1ec55b863796180b69a90e479e53ec0b7aca8819b944cd566622ca1344eb3078fefaab7605f920a8f96c9ac1e6f398f4a792c1b70ee5b5a162ca36af56daaea3300a73e58f16f1fdee24dac719430422deae84bb4a64ce4e8e3d80a1055c47c0aa610519e3f8ef534326798ef4f7a8099892247f90590683507b92fe3f151c98e599cfc21ef424a3edf96b6fa2888c77f255f29fcdb32480b90ebfcbb9d34cf5954e569705680ad54d96227130bddeb4b8eb3ecf9b9ab2fdb30290c0751f07c73beb4f4196e2acc4a69697800e41542026ea4ac02d024eae1c54b09b3410d089347b0ae14659bf82297072dfc3e263b2349e14f6fbd7504b215221204d2fb39c313d22ee6db60f20b6ae4c22f29ba876e27397873faa326187bfb9e1fbcfbc211096a4a1efe26e9ffb14f4551423de934f780fa7e8df040a072886e3f472a2698b7cb4cc60641f23ae9e7459c3a1fa143c2aebe94cfc942bd6997397619da613b7c8e488fad418e19d3059edc437af3248e9518a6180ebb5602a26e775ba994e428571d6c2e7527063701bff061088a53ac9c9d5417139e583631504ebc6be675f589599461a9f97230d1ee5bc6f8417ab7db3b7dc52f78ac45f21cca5272b21397f33ef613c129bffa6681be072538224c93465949a62791f65b5584351293696e7ded821ccc6bbbd4ee63c303a2751fedefc180e0cc50158c7bd0b136157e278c7e014e26728face8e09429e153bbfe39c242389cbaebca3daaf7e553ebeb54b4cf96c1cdf68e77f197ca0f537e14a3e50bc39ce79dcbb32d0ef4da5fefe66c18cb6514ab0bddf1a64e26befaf1511937f3a69d5d772fe41ba4a99beee9e18d987a1137f64f7fdd4e4e101eb5d9910ee3fe29dddb82a8f146743aec904b0ae3cf46f57739239e5120afc0ddb0eaf30d1043c70bc7888c53a9a1f72d9a4c3b8afaeaf58fc436f280a6e2a3e47fff98d15e403effe14591dd4a3be2441f4302e78a08797a0bba63ab14dde26b44d30b3c36deed43877bf63079294a7310d0b392be49b4359b93e50628ac557d0cfc92b8c9987ac8b465d7fca7d1aa01f8d2fbca05575f17018e212978b38edc8e22610cda7878bbfa564ec0d6f4e8e6195ec679b22ddbb16269055533b6aadbfa96ee59f960d167e6b8d753c3fa4a0c1c5b115c5394202837e0bf62bb5b0a33019b132f4d673a2289afbdf213b952f9b934b564eb65da81fd4f8299c9ddd3d356755808c710ee0cdb1c68fad8ec6dcd1977eb9b792e1d2803c48159408cc67c29797f0264c9c583687ac310da8eee0708d783abd95c09ce4cbac3753aef3e324d3b90fe38b97fc45807f45b18df59bcbfe13a155fa6d0eb406f5f65e3e81725be1367917da3af9289c611664e82553d15d9b83393534b1bb8ae812e323819ac7b9a235f2f5c9dcb483aec1b3878fb12e9f3718742222ddb72add708cd962c70fa394db3a540d425467a3a671c947de14e4136f900186f8b7d2316482758b3ef0c5280120cf886255789fafbb0893ae0ee8eff5cd6e6e2ee335174ac4227be4dae927bff4c141401f588f64bde8c0c41487fc29fae4fb66195195ca6d3a8e2344c7532ee272e9d763ce919c043c0c327bf42ca0cd85ed2bc0269935992a3fbc14b2e1ad1a73cca05c5cf78af673467256c10e597cdc9de708e466b6a5f014ce9f959f1ba9f80fa66457b9ede1ae48b2c1b2ec929794af17514d7e443a928fe0e9651f01e148883ac6ee860a6d91dd5a770c9f637d7731be9b5271831160f60062808e7c8775a5e13a345022bd02966b4f9b6251e4a24eb62023bba92fddc5d7b1182c4cfc880210e21048b2243afda4cb3fc21d8bb1fbbdfe0aa254e45fe00c2b55a7d6cd8ed5bf70774548f7272ccc3c0c0e53f5bc12e22b93c9022a8060747dc8046c8f450af96540b4d1c7dec28b620aa5c8057ab2b169017b16eff6c689b64aa8c9c18260bb0b7e4da339bbb8ffc9213eee51c03df00df413e4d76ee9bbebdad9cc36daac6b874dabd5653dcaf181d5d8b6e65c86502e58432340a726868c07f3f33fe07eb671f4c387f23b1fa061daebedc1f7902f8b6c81567bceeb7e2a2743790396757cc927cd2bd3017f6178681ec694c31b18671f041a132a09afe21f0cb5b009cf684637837f2c0051768ddabb3c0258029abcd67bb3c1b0e5bb3f089b55ed8cae94469f796d27157991c5d4c982375986c617e81696e0b5ad5995f1b8e9f7b6bb144a6f21073d19a3c159b6d8e10c0230814a689a286c88c1e475ee41f149bf98d775ca557c99aa418f03a4e0888ea212c21442b131bb3a95d22f06e5e02c12bd17290ca7ece037d4eb7dc9ba38cb587b288d4cd2c018c4eab9b4f1326fbdea328368ada3cefd6b0ce8a4cbd0a73aa5098f909e986ff7d112a5eaa985dd7827ac95a8adbcf10c017b3b1e8831eee83b56981817cf20b2806e6477b509de60bbdf03ee2d0885928801576246d810fef0c235a3626d665612bd94146a05393a516367655e99fa9d699c5060e07879824df0c85cacfe296f40dee10c2ce6553401fe76e266c46d520a63b77e2b9b22ea8c940fd1c4d3a40fb7066306e4d6aacacf944da4adf27438ce1024562565266139755676bbe24268232a0641d8235056b1e37ab5aa8b572b02e4017fe83036a39875b8fb2173755a5f8202a72fe1ed0090c304e25cf4e56cb8df5111f12461a227c0bb21cb519c3cd033f031159077b79107fb9fc285d9e7358126b5b345281bc0cc5e1721bfce4f5ddf7ab0b9386ffc459e7ec05570504eca6c84b090619b483ae9059723c4ace7c28b2185b751f37158e6520655baf8dc7b703785b6a35b9e9eabed07f211eff47c43ed324c031eeb9b5c49835f37d29411044f69fd10eb85c0b181cfa871da91b3e0286864e3a86a00f462cd1024f0648ee130cbf81ab85cc42189e373cd402c4d889ddec194aec960096d27aef0b6b58f188ecb25ab7b6de5d7fb6ca8b805ae326df23352db15303091bb8dfa2b1e42c999b7d10d1425b8694c9041315e4d0810ce230a1b3e1db3422ccc48749eaa9ac3e147d760b229369756dafcf8e3e59b1a027552caeb1c285d4c0b1a42c29eb5d0919db709f6ac89f812525439faf252a929f704f7b48ee7b49842286cae497890ece32f9131c7021f07a2b181973b8ae4ac9b9b96709dadf54212124f10a4e4bcadf8fb3fe01d5bfc7173aee915c3bdc7253528c8165145c112048aabc10f4b0154e8b912e33db3e52afce81bcf3fb3b6c6fee8ffda891322566a3f8ca98ddc1cfefea0aa43cbe3b0990c8a8c30e770c2f368f5c5d67b643bd80fa6ec095fc82da4ead4b6d2839f8ba5accf950546c973133ce8d05ee5dcd15d3d59f6a3557f4a92dee2abdc5d532108fe588c239a6f21aaa5e4c7624837b6e03f07159eb0577bc84c4ea53e18aa47420e812c28ae619136e82cbe1b7ce8dae50b78ef7d1ca3ab3e689ab7f14c459db3b2b70c853ac1efe6e375ea5a4d5e6d62d7fcdf81160546baa9ef353e68276d7d9363abe1f8a8fa939413017e4257c513f9ffb666f3e46a45be8cb00812b57ea073dd73eb4d8528bcef1e8bb7a7be53e8114634c30d094eeddae86df02222022f39363a7a105d2a8c0591e172df734263fb42687c0e0a104b779f4a8b12b40c37fd8df4399140673e84a5f2adb514ca12af5235851d52f10a791f9921751a1018e001b8dbfddc0c1ad726e7c5ce2eebc5290c07679967ddb28d39f9cbd4a68e631ce5dbd145195f62fb33d654466e5793c60e8d7c88294052769dff8fbf1c5930c3a2d465cafdd009a70dd343f788a3a479ad71d2de2d8a1ff20dd8297962b0c641b430f52b4f01ad61cb65dd217ce75931bce22ad7f45b97b7f09a1012a6ab0db4094b2c9926c369c4b52d52e1aa4429c60802568ccc9a426af4c52ab4d9bea010e2e39c021df6df987967cc307ff179cab6a002a12e16b663e9053831afd0b63c4b312725b63345e2d2acfcd7e6ca445795d483e2a14a1daba6d3a884fe8af5257cd993f6e2a6bbd71e1fe83918061e4a3c9ea91e5dfe6029b4961ff9b1964dc198780942d47826234125ea67363c14a38bc2c826ff30f4c3ea0a2579b349d8bd44cb371b502ecc9b7d0482ef070ce892a98f59bd52185e13a587a237f6f7641e524f64fd5b1cb9484c747ae3fae468d7bfbc242df892caee5de066e3732e50740ea2c89c4140b708d26ccdf65abffe203857966465d1e0901da7c3204275d5b1cdd08c89f9aef17c8f52d247c986da14d9a7fb7404ff0fb869e345fd38fc42aae220a0b81df3827f191042038fbeba28f060004fbd4c5f6a406ab411ce23a430c74beac481050a2c5e435286af02a8a30bdc573c6c60dd252801051445545db7f387dd2cdd34de20ad1516005a1274e4dbe3dd88613865488716329da7c879fbbe27ec2e370add7eb56c4dde5d99a783f65b850281b2530e8131580c7965655aee05d315417b3696b56ce9a8cc17352b15b0d9413b9ba66be6082746eb4efa7696d310aa14809d0416434cc6f21996c643e75cc7ee5595d8d16de984f403d46a908ba9f03a0379e1c613ae85df48475c7b664c2079f3ddf1029e317474bddcd3fc199cafc3d8dd147661ee2177d64be43f3a68a5da5c159f7c0f11fea0fa5a8ce93f62f9541e961d8bbdeacea0ed75e02cc50ede323df580474299a4c455f06e69e58b4f416abe2ad01d9c20f927655112e223ef2028ccfab66e55f931acc6b1fe28658dffd62582427af2af586f1a65ba4a0499b72f9fd2f5c7d9efbefa2367d877f5eb7f30c0eea05346b28f2183309bc0d91a44fd7ec673ed9dedaf03c5f2c52d714b35c7a535ab8e194ec6cdbd0b3f61e8746f6f16ed6a5de1d823b13cb204a9b7cbf7e762b47bce313f5d099937154fe17ea874ba41aa363cfe5d4fdb2f4e4d2a31300488d70ecbd52fb118b7502d58a2a9212ed763fbfb9d51dfb7f59c27b2819c4f368f4af5957d48716d50766355c6eeb811fc82ac1899e528ebf4ae33a437c3c283945213e6f30ce309d20a391d5d6b9c1efce3fdf2915decf1517492e561401ef946c7ed1538e464c27638b5f059e", &(0x7f0000002200)="1fadbc2934ddea6ded93331af7c1d8e21a55c5"}) r5 = setfsgid$auto(0xee00) keyctl$auto(0x4, r2, r4, r5, 0x2000000000) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, &(0x7f0000002480)={0x0, 0x0, &(0x7f0000002440)={&(0x7f0000000300)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010025bd7000fedbdf2502000000080001009c6743cf057b6d1cf1c59edac106000000040002040800010005000000"], 0x28}, 0x1, 0x0, 0x0, 0x4c080}, 0x0) sendmsg$auto_OVS_METER_CMD_GET(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0xf4, r3, 0x100, 0x70bd28, 0x25dfdbfb, {}, [@OVS_METER_ATTR_MAX_BANDS={0x8, 0x8, 0x80000001}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x38000}, @OVS_METER_ATTR_BANDS={0xd0, 0x4, 0x0, 0x1, [@typed={0x4, 0x4c}, @nested={0xbd, 0x11, 0x0, 0x1, [@typed={0x8, 0x112, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @generic="d698ddcee9a7e9a720a56fa50b8c6015adfdb1b16de6703fe11763b5f2811a70f1420238db512a73556273980348dd10fb8be016d0d5e411b430859073e4ce6e9b2f880054977edafadb75dc70bee197e28a61b0165455572793e1c7ba8fe7991be07f1c1037e142f16a6b5b944e7eca22fafa655457fccf4d94bc3b700422893db37b5292e57df2561ef26061b92c259cc9494a0dec73e5f83561e6bc75cf2eaa14886b97786517246da9ee5fb6d00616"]}, @typed={0x8, 0xff, 0x0, 0x0, @u32=0xea73}]}]}, 0xf4}, 0x1, 0x0, 0x0, 0x4}, 0x24000011) sendmsg$auto_NL80211_CMD_GET_MPATH(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x20004000}, 0x100000) getsockopt$auto(0xffffffffffffffff, 0x11c, 0x3616, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) 2.803517831s ago: executing program 2 (id=2498): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mlockall$auto(0x7) mremap$auto(0x0, 0x6, 0x5, 0x49f, 0x100000000) mlockall$auto(0xfffffff9) rseq$auto(&(0x7f0000000300)={0xe, 0x401, 0x400000000, 0x6, 0xffffffff, 0x2}, 0x8000, 0x200000, 0x6) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) fcntl$auto_F_SETSIG(r0, 0xa, 0x3ff) mmap$auto(0x1, 0xffffffffffffffff, 0x1, 0x10, r0, 0xffffffff) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r1 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) statx$auto(r1, 0x0, 0x1003, 0x4005, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/vmcoreinfo\x00', 0x20000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000008c0)=""/61, 0x3d) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x101202, 0x0) r3 = openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) getpid() ioctl$auto(r3, 0x400454ca, 0x38) close_range$auto(0x2, 0xa, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto(r4, 0x8001af85, 0xffffffffffffffff) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/bus/serio/drivers/rainshadow-cec/bind_mode\x00', 0x182b02, 0x0) sendmmsg$auto(r1, &(0x7f0000001a00)={{&(0x7f0000000900)="a1c27865e39317d4db4020ed9aa0949329937250484af5b57bb4545b1266d3cc98b0098edd30bdbc7c5df7c03781ea7e90d1c4fe201c04fda79aad9cbc8e085b59a7d7414ae6e6101b691577ac6e1e036297038ecc87968041e59b213d17a9faf894bda1c6e37e5149dbd71c34a6c2d27be49b305209f26bb24ae5fb1465eec1e20aa67aa1daf18e481bc0c83ef5229ba00c700a52845897891db4a8a8e4f0fa61dfadf91074eb4f0231f401809cc047c0cb50de515992db7ec1ae0b9db3c71f3489f91a9d1d10a10f7ca2d5ac89d83965e542bfdf191c3ae8c8dda97d632a098502bb5c45648bb6ce73f517153e4862c26f199b5c7ef964f9358d1c084a60fc86f16cd4f1f7a3a171e8d93de2b921a7d106e75db4d03e32be666e8f7b3275a5bb247d07fd6c9180ec0843da019c317d42d6d65a6d77e791e0b955d84cf2c1c21a40ed01baf589b533694fbbc3dac25cac15e45eda3e56599e5c2ecd274cb545f3cd710409b3d464519219a755ee69b883efcdef90e00a550d339bfce4b6469f9be18fb44fc31cc5efb071e7fcde48cb0e7aa5d3bca46c300d97474706579b9bb977af63f2054513d52ee015523c57d97f6c214d3666447f5a1f07a9627b1a19aff5fb9cbac96912e4cef36acb314cd026eaed07060694b66aa4b22477e94e31baef4474b4b7b7fe0209ded5009bdcfe8f895aab9f166a3ff028f2c7d8460481dbcdc4cf4d0bd65a894f83ecc0ce0f1b11f61b0191647942f644b6d06bc7df5ef0eb3c63aefaed53fc3e63fa83b53c9f68d19e724f31fd84a51b29f9946c653c637eb915753a2a94c2028828e0599305d137bb263136a7c6ece1b2aad01a3f641e257bc7f2f1133299bf4ac96dbbe0dfd9651eb94ffe694f19a5ee2b0e29bb01698d7daa204d9d87b305f3d37dce35d67060e0b0d153c0c4609d4d2e75053aa272e6bbefb9a3b58799220ef4b6245afd33bc067bea898586f8704f1e2dfb374f6e3c0de731b5b78e5b313b3c4f254d95fe4b264ea5ad341c5cc9ca07cfbaf32fdacd648fe2f894ddd12a6df0199984ef3d2bfa97f90d4f401cb7b287baf1953ddd3d836a1f8b666c70e52a7264988ec54d2bab1629e0e6541b375b20a088ee44a50b10b81fa20689be9919635a4401444333ab1b7cca35d61bd9e7e05eaebfc2a1242de4d7dbe7ccf89b323f37ddce27ab7d1a15946e9e23c94f1e9072415619f63d0cad1dd4d719aec61e9464f1c2116a058230983123d198084ec5fbe3619b04566d1c26e07e56575d80f0c840a6fed83fe7ea2207de7d4108dd40c53e9050165e619ba55b09f42eaf5810093861e6b75645962e10fc54e4c8ef35416c6a4ecba4c10f2fbeedd7191218a50d96b3bb3e3c2c9ec83b0ac4c1f62e1ff395c4e9778d007511c27224cdceb1c6e5188502a980a021344e28a27419727347b4353d67ec8fec9d3e20256efdcd05c311ca15a9ff8abad0630ac08b788e8ced7eb23ebb49c865df93f2ca230fa22752ed58142e921317beb458702d71bd914ca876bc3488a75fd334c937dff9afe77c3aad4e4cfccfcdfa411bd8f4ea630b863c5faaf5704d67206ac927734c3cdf5f825d6810113f9e119717cd5d65968a5b434fb3fca668302a85842010fc02d27b3882c96da3c9bd4d236524728156155d2e7c0a7d91545d254c9ba180c930be9959446287d18493d14d21f6d5e05a282b489c7f0c331e3888424296132e915df1214c43b4ea5e100d990e077c073e26cec8981c48bce64ceb66c3bdc9b4c9aced296c354a583ed1c9d187d3c21afd26cb20bbf7e9656f59c4e9d6c2c4830e2997a2b269f96d687a7623c51996be1bfa00fb603951b7e7bb6f88f165f2c7b5deb13b13b08ae1976d1314af4f94ed1672e1461d33e19221f50f53912a9b9b62d62ad097b3e72e1fa06d2274e5ef928169d912778b8ccf66ee5860ae8cbe1f5dc7a41501add6a086764807bee45fcf6ddd684dc6027321ca5f401820d66677c8f1cf5c8893e6a8c2e5fb5f5ba0f9f7dd61803afa24ed9b87a09835ef5dc0a5c08ef22c56288797a7e9cbc37065f09f5aa300ef733a9f947ea268a866d0bcf474be1aee5907858e63b769ab13db9e62f48c4053bd509a210684f18cf06564fcf7076775c7715c2fa70953cae404c5a7f58feb7e798293acf3e42cd2c6b5831a2a065f2d07724e2efb9e6ac13dbb8ab4b94f9601f07e0dba7c983964fade2bae632891b4b69f757d55b0f77a4cb35c20e6a87476258b3e8a57a82f86387c1d45b4fc8a6648c6b381b3564337f606430d0eaa8b600dfea0761bbcdf8e48e3e3bc97447aa427218a168a375262213a044cab4a455754bcf69e0666093ad2e2f401f7c0cac161f5958638881399894e48240814994518bc1b8e089519c5973b9aa8df599b2d894720bd6882e2b30ee44823b147ca51d64b98d5ffc75394ebe3b12c7fb9265d57844cdf3290397f76c436537ed0026aa156adeebf8d3deecb24d7a1346fc4c31d2bf363de54a856b062e6ba125435e37f4402b18ccc55ef6b64cdf6658ee92fe00054173fc5314ec89b95dd43554ffbad13a66c6683e0ac5751e91b12ab71e245a5686ccb8931476b77e669d532f129d0ff5b5cca4016ba37166826cdd4d1e0ab6fe37d5c207ab759fb961b6c801d465e312c23db783f1af9bb8a5237a64c3dc9076c09f191e0a4a7dea1feb69840dadd78d872d2f9bf44c71301b92a5d865908de9d8d0c197ab98967cf0a74d806e7f54287b67b47dca5c324e9aafa33e431f900ea3b2f75b88eaa86ce1b11b86b13b9151687abc1e39040cc03a5ea555dcbfeadec1f4b47cf12794ab31f09e706ed60cba5163e72a85956dd3bfe444d2d8afd88ff6fd4bbed998ec51bb403b5aabfe70bc67a03778998b37008a74804818c0c07dca99a588fc5545c04289a657e5d6a8094d3b9a76e981f858f0a9c5e44a90233a20924d02ff487f6b3dea752fe2f32dfc66ff1bc1522accf73dd703ca7b89a2d2e02651e0bfbbefdbd5db6b8524a633f1bd76188f2406cdc16c121ccad24b9ac6027c245397dd5836f43a2cda83dbbd7c2e8a12af6da83d38c0526484cf77a53f62d22ca730cf72434e8629fd3abe44769f5363c9fb336a7ac8307fe3e4faea8c43b0dbf7fd2ac0732f8548693f230997706f80f0300718e4266608c5c9234442ca0bffe2304ca4419aff030adb187f54bf2855582a1f46d4caadfd4a868e2f551de9f520b31a79e014412de92464619170705ed8084d5286efa0e9ee3330608c82ffde52b987cfc94b9ee125657d7a4dcdb71eeec7aa9068883e1c1c2d6e1b65fc663f227e45c55d80edb9fc8e500b021629761befb185f97e74e6c161c5a2643a5c49913c685928a8532a62026fd9ddebbceba0d77608cf422ec9fe8324bb7575a9c93d7bbdc02ba591771c75a375f19c7aba3f290cfbf9f81ef13afede224438e72d3716151693d623817711df6d5afc16e3984ab225f4a02bc337f7f1ac8c4c515b0f3f8aecdc2190324459d81dacc9fb34dd9788d3659699ea1c45df99ca36898d8b4abde138cf9fea0673a0b0cb6fe9a7f42eb18ccfe430c768ab5902582570c000e0c08c478c083e6bc9eaa6aaccd257bf7cf569048fc77f7108b463154467cbd7c2b0aa34380b279b19c491d9074f1e0766b6480a17f0f4cde5504c4c42823400166c55d26926ae8ae23a186cd9e390c4c7dc298531c5b0829c56eff20f61d84fa4cc134149b9cf82bfe2821a1471c4e32c7368d3ad38ab3322c2ed94678145e7f62d364b48e886afc52b2e08a10020a2bf6406b0d56b85b1aca8ed9683d98db977a86829d46d4ed43e1cda994354b87f61d31c547ae9fdfd00c4a25d714df7a3543a8dfbd00ba0e7ee2be369f254e08f15fd5c48ee4e5b148fe49e1028fe5eccaaffcfd7afb3646df7f34bc8445928eb3377e6b19b2414b97e18d023ad9c80e8b3a104db460e3df216efcf91ab893acb344b3b5487fbfc2356b466fa5b98ca54ea4d688889d820be94025be384d5580bdedb94d0aa30c0f0ce6e075be507214e441af7d2f91afbcfd654a50b6497da5e2f6d31107066613509018f3656cf0443ef31cc3dc66fbee4e70de860625e49d09cf75302e22397f2c3206f1519e2d47e6aec3ca4729e6e00b0ad10ab5b86701d829695ce7964f4b41dd0912a7ee0329ef884c1879e8f580411a7aaf3bff9e57d7b0d91e6aebb3eb0a9d07114e58cf5e4e7bb0bc4b7a54bf06cda928e0a6cfedf195d09c02a99fa240ca9a15903bb825c4cd618f1ea655ad0c805d63a9ae32d77d9a6e9b7f690fe534c1a4784af61904ef04a1bbcd51cab3688db63cc3a8134db9ad9a5a4f7093625f3c37c0be306986a4611175cf4ba4045fb646130e5906661ddcda30f1273e4668e3ddc926d026092b9b0145470943734918f3977459cfb500fd0dadc13b0739728d8bcda8c3498cb1ebba4cd18aec23b1fbfac4c08ae8e813948465c0545d0b7a95a233cd83e260c91473b8b0e19ceb1c754f9765427ea3b24b2e65495675c43510ce9532d8f968679e8690ee527efe6ee364d6b0e0fb4fa7b1209f35d5f11f46b0199ba6598499a398e4eeb907e4dee932bfa8586ba601258508ea8fd52e87ec34a6f0a1f5044f50c5f9852b8a149cf5f3aa24269346e41b04386fe6d6016f789a5ac6a0428aca51041c0ce2545752c7026b38ad957e0f2221c9e8696c319abfb2b38e51a3224891628d575a097e12441d72d6e60c395ae67a26a05ab5fded02a99848a2f346d1161ad9552c286e1dc69d9f620eb95fd941a9061bf88954db54d61b2d703d675aef104ac20ea41b29a86f86a6853c6ffdd165a102cc904c218ef86aa07e4d30368cea1d0d024360474ba053db812303a04d82617d5bbdf1a9d1fceb0de7d85763e462c85ef6f913722a7f6185dfb07edb5e3baf8e965566ce8e86d6c942a1253943c375fd0630c44090253620c08af78d6818c91310f3871011f023104785b28dafe94f501375b63a92be3e5ba808f6dd78ba21e11b7bd5557afe0652132abc356c681db257dc57438af34a95c63f99617a2b2286f8953f61f0cf13ba917cf3cd8bd2dd1563be2c376869db9435219014de62ff9000faacbfdcdf3303119f32fd27480a4446af63096d5f0c42f7d4cbc36b84b559be3b0ea2df6b15e95928bd4fdde265d46dc33dbc690b12ded6848b2108896b9932a2077a65df3045d6efc2145fe3db704e7094acd8d40c78f984b34d12671a0f34418ac92a296a7aaba72c2f3b4fc8a9879f313ac1c5935f66b68d5860f2108a99fe338500b54c0949293c30c718878018827818c9894b97542a8a39cec7283552633c3ed5325803a3a3eac0a1dcd179f5addea38560878953c52965d8de4e99a68839eb4a60547134a1705e7bff4a10349a794439dfd5b7330e7a64e68d07538848fb9df3a38ef0ef4ad83cfa5f19dc8ddc742894b0786c25387d195293bd6ceb9145196c0e597c893970e1d9d8e72b1b1597a2b38703599658844e0160b7f01b481fdba3c725ac84819e1dc7879197ad168ed6a54ba4c27ed838df70a7cbcf409e5dfc6f1c9a6481f8cd1c8395e0c5a3b1b44c98d7b61652104aa98e858335264b5e9755701dae6c3f56c968ecbd4637a25f5166ca8b78330b806ed8426ac033db7a8610dcf2049dce117d68aab41e2eb528dcf4875bd245b8270d95681b541165a40711332acae484611724ecd42b79b3ab87df290dd926a7433842035a2c37e656b09f706e6f61aa280ec7a03c4593bafb646bace634", 0xfaec, &(0x7f0000001940)={&(0x7f0000001900)="ca10a917585948bd", 0x5}, 0x1ff, &(0x7f0000001980)="e6d84155c3732acf14ec8518b8c0bff1d8c52d02a2e4d1e2a1cbd7d7ab6a02847f17e99bfbba03a6f06b11a0b9da1783538df0b61f130ecc728ba9ceed5debec1de31948ea0e892ded787fa5b906353f72a5c3b14ebc2e8d6dd6c5664ab0cf85120dab7e8326e1c04f71912bcbdac8b6840d71f198cacae48954", 0x6, 0x100}, 0x101}, 0x7, 0x1) sendfile$auto(r5, r5, 0x0, 0x3) 2.438640059s ago: executing program 1 (id=2500): mmap$auto(0x0, 0x2000000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8010) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$auto(0x3, 0x0, 0xffffffff) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x504e03, 0x0) mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) socket(0x5, 0x3, 0x1000) prctl$auto(0x3e, 0x0, 0x0, 0x0, 0x0) 2.426111172s ago: executing program 2 (id=2501): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x22, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000640), r2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0) open(&(0x7f0000000100)='.\x00', 0x0, 0x408) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r4, r3) statx$auto(r1, &(0x7f0000000080)='./file0\x00', 0x2, 0x3, &(0x7f00000001c0)={0x3, 0xffffffff, 0x4000008a, 0xb, 0xffffffffffffffff, 0xee01, 0x5, 0x7, 0x900000000000000, 0x4, 0xa220, 0x7, {0xfff, 0x6}, {0x0, 0x3}, {0xffffffffffff0001, 0xe}, {0x5, 0xd}, 0x400, 0x3, 0x7fff, 0x7, 0xfff, 0x3, 0xfff, 0x5, 0x2, 0x8, 0xffffffff, 0x9, [0x9, 0x0, 0x4, 0xf5d, 0x1ff, 0x9, 0xb, 0x6, 0xfffffffffffff001]}) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, 0x0, 0x24040000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r5 = socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b7e, r5, 0x8000) r6 = io_uring_setup$auto(0x406, 0x0) io_uring_register$auto_IORING_REGISTER_PBUF_RING(r6, 0x16, 0x0, 0x7) clock_adjtime$auto(0x10, &(0x7f0000000640)={0xb7, 0x0, 0xfffffffffffffffa, 0xfffffffffffffffe, 0xfffffffffffffffb, 0x6, 0x3, 0x0, 0x7, 0x6, 0x8, {0x0, 0x5}, 0xfffffffffffffff8, 0x3, 0x5, 0x7fffffff, 0x0, 0x16, 0x1, 0xaac, 0x5, 0x2, 0x4}) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x3}, 0x7, 0x0, 0x5, 0x3cbb}, 0xfff}, 0x8, 0x311) r7 = pidfd_open$auto(0x1, 0x0) setns(r7, 0x60020000) umount2$auto(&(0x7f0000000000)='.\x00', 0x3) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) 2.335193713s ago: executing program 1 (id=2502): mmap$auto(0x0, 0x2020007, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x42, 0x8001, 0x0, 0x1, 0x4) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0) sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6) 2.286816862s ago: executing program 1 (id=2503): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20005, 0xa, 0x200eb1, 0x401, 0x8000) r2 = socket(0xa, 0x2, 0x0) getsockopt$auto(r2, 0x2c, 0x3, 0x0, 0x0) mmap$auto(0x0, 0xbcf, 0xdf, 0xeb1, 0x401, 0x7fffffff) socket(0x22, 0x3, 0x0) ioctl$auto(0xffffffffffffffff, 0x40104d01, 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000640), r3) r4 = setfsuid$auto(0xee00) r5 = setfsuid$auto(0xee01) setresuid$auto(r4, r5, r4) statx$auto(r1, &(0x7f0000000080)='./file0\x00', 0x2, 0x3, &(0x7f00000001c0)={0x3, 0xffffffff, 0x8a, 0xb, 0xffffffffffffffff, 0xee01, 0x5, 0x7, 0x6, 0x4, 0xa220, 0x7, {0xfff, 0x6}, {0x0, 0x5}, {0xffffffffffff0001, 0xe}, {0x8, 0xf}, 0x400, 0x3, 0x7fff, 0x7, 0xfff, 0x3, 0xfff, 0x5, 0x2, 0x8, 0xffffffff, 0x9, [0x9, 0x0, 0x4, 0x1, 0x1ff, 0x9, 0x40000000000b, 0x9, 0xfffffffffffff001]}) r6 = socket(0x18, 0x3, 0x2) r7 = syz_genetlink_get_family_id$auto_nfc(&(0x7f0000000100), r6) sendmsg$auto_NFC_CMD_FW_DOWNLOAD(r3, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="8598a440842e4fabda50cec8f1ae00"/30, @ANYRES16=r7, @ANYBLOB="03032cbd7000fedbdf2515000000080003008100000008001d00ffffff7f"], 0x24}, 0x1, 0x0, 0x0, 0x20004840}, 0x240080c1) sendmsg$auto_IPVS_CMD_GET_SERVICE(r0, 0x0, 0x24040000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20342, 0x0) readv$auto(0x3, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) setxattrat$auto(0xffffffffffffffff, 0x0, 0x1000, 0x0, 0x0, 0xa7) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2.150086583s ago: executing program 0 (id=2504): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0xd561, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x8000) timer_create$auto(0x2, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0xfffffffffffffc10, 0xffffffffffffffff, 0x800008000) r1 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r2 = fcntl$auto(r1, 0x400, 0x1) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) execve$auto(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) fcntl$auto(0x3, 0x4, 0xa553) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cpu.pressure\x00', 0x183042, 0x0) sendfile$auto(r2, r3, 0x0, 0xc01) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0xe6e43, 0x0) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) ioctl$auto_BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000f80)=[{0x3ff, 0x2, 0x8000000000000000}, {0x5, 0x5, 0x2}, {0xa6, 0x1, 0x2}]) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0x5) unshare$auto(0x40000080) mmap$auto(0x3, 0x9, 0x80000009, 0x50, 0x404, 0x10008004) write$auto_console_fops_tty_io(0xffffffffffffffff, &(0x7f0000000840), 0x0) write$auto(0x3, 0x0, 0xfffffdef) timer_settime$auto(0x0, 0x3, &(0x7f00000000c0)={{0x26b, 0x4}, {0x0, 0x83}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2.089379788s ago: executing program 3 (id=2505): openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000680)='/dev/v4l-subdev5\x00', 0x20281, 0x3f) 1.801450619s ago: executing program 3 (id=2506): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) unshare$auto(0x40000080) (async) mmap$auto(0x0, 0x20009, 0x4000000000db, 0x12, 0x400, 0x18002) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x7, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) getpriority$auto_PRIO_USER(0x2, 0x0) (async) mmap$auto(0x2000000000, 0x2020009, 0x6, 0xc51, 0xfffffffffffffffa, 0x8002) (async) r0 = socket(0x29, 0x2, 0x0) (async) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000100)={0x1ff, 0xfff, 0x1000}) (async) recvmmsg$auto(0xffffffffffffffff, 0x0, 0xfffffff9, 0xd, 0x0) (async) ioctl$auto(r0, 0x8971, 0x24) (async) mmap$auto(0x0, 0x400, 0xdf, 0xeb1, 0x1272, 0x8000) pipe2$auto(0x0, 0x80) (async) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) socket$nl_generic(0x10, 0x3, 0x10) r1 = io_uring_setup$auto(0x6, 0x0) io_uring_register$auto_IORING_REGISTER_FILE_ALLOC_RANGE(r1, 0x19, &(0x7f0000000440)="d24341eb36d4584308fa862947d2f1a13ab25857f3da1f77afa77e34e49fef1ab89cb7ce4b9838a273796fd3cddaa4a40cac5be3dac92b0066d896ea2100000000000083c84eed3abc5a1cdeef0cda18c4c2f4c2ca8ef49523f3d52990744e996686cacf0c30a1efccc331e022407bf9484444eaee3a0a64c47f26c0d34034b7836968ae42c01384c0c6ce5e2c63ac7140e1f1e189bb2f5a28d6581d93eab74963b812b341d515c2704f9e7b54f1764f7a0106c5470b97979bf351aaa67621ceed171a1b834dedae858b72400056d05736daae1967f97b241f7a85d81f7ce9cab44178ba9f18852738fb3b2d48831d5a0d75caf972bcc2ae1cf2c0cedf638e064c6dd08ed86c3059612c9022d63764a3854619", 0x2) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x4, 0x0, 0x1, 0x0) (async) write$auto(0xffffffffffffffff, 0x0, 0xfff) (async) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r3 = socket(0x28, 0x1, 0xf72b) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) (async) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) (async) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000100)='/dev/binderfs/binder1\x00', 0x0, 0x0) (async) mmap$auto(0x0, 0x8000, 0xdf, 0xeb1, 0x401, 0x8000) 1.629972806s ago: executing program 0 (id=2507): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000001c0)=""/39, 0x27) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x42c901, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r2, 0x801c581f, 0xc60) r5 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0xffffffffffffffff, 0x0, 0xb) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000040), r5) close_range$auto(r4, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) copy_file_range$auto(r1, &(0x7f0000000080)=0x9, r3, &(0x7f0000000140)=0x4028, 0x9, 0x10) ioctl$auto(0x3, 0xae41, r6) close_range$auto(r6, r4, 0xbd) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000118, 0x402, 0xc0}]}) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/34, 0x22) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/protocol\x00', 0x181482, 0x0) r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r8, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x4b6a, 0x1) write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="01002abd7000fddbdf25040000230508110000005f1d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) 1.48193442s ago: executing program 2 (id=2508): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) listen$auto(0x3, 0x81) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) r2 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x200000, 0x0) write$auto_proc_uid_map_operations_base(r2, 0x0, 0x0) clock_adjtime$auto(0x0, &(0x7f0000000040)={0xfbb, 0x0, 0x7f, 0xfffffffff7fffffe, 0x0, 0x8, 0x7, 0x0, 0x7, 0x8, 0x52, {0x3ff, 0x7}, 0xfffffffffffffffa, 0xa5, 0xa, 0x13c, 0x0, 0x4, 0x1000, 0x800000000000007, 0x1, 0x90, 0xfffffff5}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket(0x29, 0x80000, 0x88) getsockopt$auto(r5, 0x84, 0x1f, 0x0, &(0x7f0000000080)=0x49b) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000000, 0xe) 1.278511217s ago: executing program 0 (id=2509): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000001c0)=""/39, 0x27) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x42c901, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r2, 0x801c581f, 0xc60) r5 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0xffffffffffffffff, 0x0, 0xb) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000040), r5) close_range$auto(r4, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) copy_file_range$auto(r1, &(0x7f0000000080)=0x9, r3, &(0x7f0000000140)=0x4028, 0x9, 0x10) ioctl$auto(0x3, 0xae41, r6) close_range$auto(r6, r4, 0xbd) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000118, 0x402, 0xc0}]}) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/34, 0x22) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/protocol\x00', 0x181482, 0x0) r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r8, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x4b6a, 0x1) write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="01002abd7000fddbdf25040000230508110000005f1d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) 1.272302142s ago: executing program 1 (id=2510): openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x50400, 0x0) open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) r0 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x2, 0x88) socket(0x2, 0x1, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60008004}, 0x80) write$auto(r0, &(0x7f0000000000)='-\x00', 0xfdef) 1.183036371s ago: executing program 1 (id=2511): mmap$auto(0x0, 0x2000000002020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8010) openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$auto(0x3, 0x0, 0xffffffff) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000140), 0x504e03, 0x0) mmap$auto(0x4, 0x8004, 0x4000000000df, 0x100040eb5, 0x401, 0x300000000000) socket(0x5, 0x3, 0x1000) prctl$auto(0x3e, 0x0, 0x0, 0x0, 0x0) 992.088129ms ago: executing program 3 (id=2512): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/cpu.max\x00', 0x20b02, 0x0) sendfile$auto(r0, r0, &(0x7f0000000000)=0x3, 0xad6) 983.468902ms ago: executing program 0 (id=2513): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0009, 0x8) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x20499d, 0x9) madvise$auto(0x800, 0x4, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) execve$auto(&(0x7f00000000c0)='.\x00', &(0x7f0000000140)=0x0, &(0x7f00000001c0)=&(0x7f0000000180)=')\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x58) 982.276751ms ago: executing program 1 (id=2514): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) close_range$auto(0x2, 0x8, 0x0) openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/debug/tracing/saved_tgids\x00', 0x109100, 0x0) (fail_nth: 2) write$auto(0x3, 0x0, 0xfffffdef) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) madvise$auto(0x0, 0x20499d, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) execve$auto(&(0x7f00000000c0)='.\x00', &(0x7f0000000140)=0x0, &(0x7f00000001c0)=&(0x7f0000000180)=')\x00') mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, 0x0, 0x6a) connect$auto(0x3, 0x0, 0x58) 914.670867ms ago: executing program 3 (id=2515): unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) listen$auto(0x3, 0x81) madvise$auto(0x0, 0x2003f2, 0x15) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(0x0, 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000340), 0xffffffffffffffff) r2 = openat$auto_proc_uid_map_operations_base(0xffffffffffffff9c, &(0x7f00000013c0)='/proc/self/uid_map\x00', 0x200000, 0x0) write$auto_proc_uid_map_operations_base(r2, 0x0, 0x0) clock_adjtime$auto(0x0, &(0x7f0000000040)={0xfbb, 0x0, 0x7f, 0xfffffffff7fffffe, 0x0, 0x8, 0x7, 0x0, 0x7, 0x8, 0x52, {0x3ff, 0x7}, 0xfffffffffffffffa, 0xa5, 0xa, 0x13c, 0x0, 0x4, 0x1000, 0x800000000000007, 0x1, 0x90, 0xfffffff5}) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) r3 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r4}, 0x6a) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r5 = socket(0x29, 0x80000, 0x88) getsockopt$auto(r5, 0x84, 0x1f, 0x0, &(0x7f0000000080)=0x49b) sendmsg$auto_NFSD_CMD_THREADS_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB="a8000000", @ANYRES16=r1, @ANYBLOB="01002cbd7000fddbdf2502000000810004006e66736600d8efe42d132b72f30c54315aa74a5b8103cf2ddf901f8fc81365e252374483326ace7da356b7a16f5ce613bc0ce3aeb87ed3d22b4a27c3ecc90c70c861befe60a7a9414b446427a001f61379e8caf4519e032a5dda1e1174e2d575772b93fc046cd3a674866b80d91473ece248c03d28f9398a63a785998700000008000300850000000800010002000000"], 0xa8}}, 0x4000) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x404001, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2000040080000000, 0xe) 893.327824ms ago: executing program 2 (id=2516): mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) openat$auto_sco_debugfs_fops_(0xffffffffffffff9c, 0x0, 0x242, 0x0) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000040), 0x800, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_TREAD64(r1, 0x400454a4, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) capset$auto(&(0x7f0000000100)={0x20080522}, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/icmp/ratemask\x00', 0xa0202, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x6, 0xf8, 0xfffffffffffffffa, 0x8000) preadv2$auto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x80000003}, 0x6, 0xffffffffffffffff, 0x400, 0x2f) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) pread64$auto(r0, &(0x7f0000000200)='/proc/self/net/ip6_tables_targets\x00', 0x34b, 0x10000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) socket(0x2a, 0x2, 0x1) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 472.940194ms ago: executing program 0 (id=2517): r0 = socket(0x3, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) syz_clone3(&(0x7f00000003c0)={0x80000, &(0x7f0000000100), &(0x7f0000000180)=0x0, &(0x7f00000001c0), {0x31}, &(0x7f0000000200)=""/112, 0x70, &(0x7f0000000280)=""/201, &(0x7f0000000380)=[0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x6}, 0x58) prctl$auto(0x1316f661, 0x7, r1, 0x3, 0x8) r2 = io_uring_setup$auto(0x1, 0x0) write$auto_fops_init_pkru_pkeys(r2, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0xfffffff8, 0x8, 0xae85, 0xffffffffffffffff, 0x4, 0x7ff}, 0x6f4) r3 = getpid() socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x1, 0x0, 0x6, 0x0) bpf$auto(0x5, &(0x7f0000000000)=@bpf_attr_0={0x5, 0x105, 0xc, 0xb, 0x800, 0xffffffffffffffff, 0x5, "d81ddef9d4e6d312212bab98f4060bd8", 0x0, 0xffffffffffffffff, 0x7fffffff, 0xa991, 0x7, 0x8001}, 0x7) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x10000}, 0x7, 0x0, 0x5, 0xb}, 0xfff}, 0x8, 0x311) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x18dd01, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) recvmmsg$auto(0x3, 0x0, 0x10000, 0x4ff, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), r4) sendmsg$auto_ILA_CMD_DEL(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r5, 0x1, 0x70bd26, 0x6, {}, [@ILA_ATTR_CSUM_MODE={0x5, 0x7, 0x7}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0x4000000) setns(0xffffffffffffffff, 0x2000000) quotactl_fd$auto(r2, 0x2, 0x0, 0x0) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x24, 0x0, 0x1, 0x70bd29, 0x25dfdbfb, {0x2, 0x0, 0x14}, [@NL80211_ATTR_IFINDEX={0x8}, @NL80211_ATTR_WIPHY_FRAG_THRESHOLD={0x8, 0x3f, 0x1}]}, 0x24}, 0x1, 0x1400, 0x0, 0x80}, 0x20000084) 1.066665ms ago: executing program 3 (id=2518): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000001c0)=""/39, 0x27) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x42c901, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r2, 0x801c581f, 0xc60) r5 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0xffffffffffffffff, 0x0, 0xb) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000040), r5) close_range$auto(r4, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) copy_file_range$auto(r1, &(0x7f0000000080)=0x9, r3, &(0x7f0000000140)=0x4028, 0x9, 0x10) ioctl$auto(0x3, 0xae41, r6) close_range$auto(r6, r4, 0xbd) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000118, 0x402, 0xc0}]}) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/34, 0x22) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/protocol\x00', 0x181482, 0x0) r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r8, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x4b6a, 0x1) write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) r11 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000e40), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r11, @ANYBLOB="01002abd7000fddbdf25040000230508110000005f1d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) 0s ago: executing program 0 (id=2526): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/general_profit\x00', 0xa800, 0x0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/net/ip_tables_names\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f00000001c0)=""/39, 0x27) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x1e, 0x5, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x42c901, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_FS_IOC_FSGETXATTR(r2, 0x801c581f, 0xc60) r5 = prctl$auto_SECCOMP_MODE_FILTER(0x1, 0x2, 0xffffffffffffffff, 0x0, 0xb) syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000040), r5) close_range$auto(r4, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) copy_file_range$auto(r1, &(0x7f0000000080)=0x9, r3, &(0x7f0000000140)=0x4028, 0x9, 0x10) ioctl$auto(0x3, 0xae41, r6) close_range$auto(r6, r4, 0xbd) ioctl$auto_KVM_GET_MSRS(r4, 0x4008ae89, &(0x7f00000000c0)={0xdd, 0x0, [{0x40000118, 0x402, 0xc0}]}) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/34, 0x22) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/i8042/serio1/protocol\x00', 0x181482, 0x0) r8 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r8, &(0x7f0000000000)="c80d1b5d399b58", 0xfdef) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r9 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r9, 0x4b6a, 0x1) write$auto_ocfs2_control_fops_stack_user(r7, &(0x7f0000003900)='\t', 0x1) r10 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x8b) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r10, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000e80)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="01002abd7000fddbdf25040000230508110000005f1d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000084}, 0x10) kernel console output (not intermixed with test programs): 11319] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 394.557822][T11319] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 395.524951][T11338] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 395.537304][T11338] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 395.586769][T11338] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 395.596844][T11338] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 396.025040][T11350] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 396.033600][T11350] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 396.042704][T11350] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 396.052654][T11350] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 396.817907][T11358] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 396.837488][T11358] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 396.845030][T11358] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 396.896990][T11358] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 397.311885][T11374] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 397.361117][T11374] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 397.383637][T11374] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 397.408230][T11374] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 398.195613][T11391] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 398.286473][T11391] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 398.338704][T11391] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 398.372041][T11391] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 399.364943][T11410] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 399.373816][T11410] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 399.383302][T11410] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 399.392750][T11410] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 400.297411][T11435] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 400.304571][T11435] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 400.318457][T11435] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 400.326802][T11435] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 401.224900][T11445] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 401.232997][T11445] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 401.282941][T11445] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 401.294851][T11445] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 402.655651][T11471] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 402.666214][T11471] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 402.674880][T11471] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 402.704490][T11471] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 403.897743][T11491] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 403.925827][T11491] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 403.956442][T11491] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 404.004989][T11491] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 404.870504][T11518] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 404.897005][T11518] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 404.904073][T11518] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 404.939973][T11518] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 405.875744][T11530] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 405.884501][T11530] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 405.893599][T11530] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 405.902580][T11530] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 406.622700][T11546] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 406.631711][T11546] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 406.640513][T11546] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 406.655044][T11546] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 406.955312][T11549] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 406.974354][T11549] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 407.161397][T11549] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 407.429196][T11549] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 408.552931][T11565] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 408.563369][T11565] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 408.573479][T11565] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 408.585734][T11565] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.027507][T11581] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.037905][T11581] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.119031][T11581] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.146884][T11581] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 409.875555][T11600] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 409.902381][T11600] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 409.949077][T11600] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 409.971251][T11600] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 410.255504][T11611] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 410.264402][T11611] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 410.274760][T11611] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 410.373999][T11611] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 412.296086][ T5828] Bluetooth: hci0: command 0x0c1a tx timeout [ 412.297145][ T5826] Bluetooth: hci1: command 0x0c1a tx timeout [ 412.307221][ T5828] Bluetooth: hci2: command 0x0c1a tx timeout [ 412.375172][ T5826] Bluetooth: hci3: command 0x0c1a tx timeout [ 416.109229][T11685] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 416.117426][T11685] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 416.123866][T11685] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 416.137887][T11685] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 418.190900][T11711] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 418.199601][T11711] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 418.223552][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout [ 418.231377][T11711] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 418.310566][T11711] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 420.215341][ T5828] Bluetooth: hci1: command 0x0c1a tx timeout [ 420.296225][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout [ 420.303231][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout [ 420.310677][ T5828] Bluetooth: hci3: command 0x0c1a tx timeout [ 421.150750][T11761] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 446.187423][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 446.619328][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 446.627458][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 452.015638][T12134] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1174'. [ 452.030475][T12134] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1174'. [ 463.145301][T12250] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1208'. [ 463.158458][T12250] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1208'. [ 466.786199][T12285] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1218'. [ 466.804062][T12285] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1218'. [ 466.979750][T12287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1219'. [ 467.004820][T12287] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1219'. [ 467.143648][T12292] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1221'. [ 467.236915][T12292] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1221'. [ 469.160686][T12319] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 470.545902][T12331] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1231'. [ 470.744705][T12331] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1231'. [ 475.091090][T12377] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 485.736419][T12507] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 503.590018][T12754] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 506.071804][T12792] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 508.057940][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 508.066046][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 534.964827][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 540.262548][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 569.509971][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 569.518115][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 625.515549][T14539] random: crng reseeded on system resumption [ 627.204873][T14570] random: crng reseeded on system resumption [ 627.996016][T14586] random: crng reseeded on system resumption [ 630.150731][T14629] random: crng reseeded on system resumption [ 630.959546][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 630.959611][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.906985][T14699] random: crng reseeded on system resumption [ 634.386188][T14718] random: crng reseeded on system resumption [ 635.325256][T14752] random: crng reseeded on system resumption [ 636.203661][T14774] random: crng reseeded on system resumption [ 639.250029][T14838] random: crng reseeded on system resumption [ 639.633302][T14846] random: crng reseeded on system resumption [ 639.782184][T14851] random: crng reseeded on system resumption [ 640.284982][T14858] random: crng reseeded on system resumption [ 641.594675][T14886] random: crng reseeded on system resumption [ 642.371468][T14900] random: crng reseeded on system resumption [ 642.663506][T14908] random: crng reseeded on system resumption [ 645.575166][T14965] random: crng reseeded on system resumption [ 646.038462][T14975] random: crng reseeded on system resumption [ 646.868506][T14990] misc userio: Invalid payload size [ 647.179752][T14994] misc userio: Invalid payload size [ 647.235238][T15001] misc userio: Invalid payload size [ 650.902192][T15080] misc userio: Invalid payload size [ 652.031178][T15101] misc userio: Invalid payload size [ 660.635658][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 662.622503][T15326] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1846'. [ 662.829555][T15333] FAULT_INJECTION: forcing a failure. [ 662.829555][T15333] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 662.845141][T15333] CPU: 0 UID: 0 PID: 15333 Comm: syz.3.1849 Not tainted syzkaller #0 PREEMPT(full) [ 662.845176][T15333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 662.845198][T15333] Call Trace: [ 662.845208][T15333] [ 662.845221][T15333] dump_stack_lvl+0x100/0x190 [ 662.845282][T15333] should_fail_ex.cold+0x5/0xa [ 662.845315][T15333] _copy_to_user+0x32/0xd0 [ 662.845353][T15333] simple_read_from_buffer+0xcb/0x170 [ 662.845394][T15333] proc_fail_nth_read+0x1af/0x230 [ 662.845427][T15333] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 662.845464][T15333] ? rw_verify_area+0xce/0x6d0 [ 662.845501][T15333] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 662.845534][T15333] vfs_read+0x1e4/0xb30 [ 662.845563][T15333] ? __pfx_vfs_read+0x10/0x10 [ 662.845586][T15333] ? __fget_files+0x215/0x3d0 [ 662.845621][T15333] ? __fget_files+0x21f/0x3d0 [ 662.845659][T15333] ksys_read+0x12a/0x250 [ 662.845684][T15333] ? __pfx_ksys_read+0x10/0x10 [ 662.845720][T15333] do_syscall_64+0x106/0xf80 [ 662.845749][T15333] ? clear_bhb_loop+0x40/0x90 [ 662.845782][T15333] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 662.845810][T15333] RIP: 0033:0x7fae5335d04e [ 662.845838][T15333] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 662.845864][T15333] RSP: 002b:00007fae54181fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 662.845890][T15333] RAX: ffffffffffffffda RBX: 00007fae541826c0 RCX: 00007fae5335d04e [ 662.845909][T15333] RDX: 000000000000000f RSI: 00007fae541820a0 RDI: 0000000000000003 [ 662.845931][T15333] RBP: 00007fae54182090 R08: 0000000000000000 R09: 0000000000000000 [ 662.845952][T15333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 662.845968][T15333] R13: 00007fae53616038 R14: 00007fae53615fa0 R15: 00007ffd57598c18 [ 662.846005][T15333] [ 664.017920][T15352] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1855'. [ 664.029641][T15352] netlink: 'syz.1.1855': attribute type 1 has an invalid length. [ 664.038202][T15352] netlink: 'syz.1.1855': attribute type 6 has an invalid length. [ 664.247004][T15356] FAULT_INJECTION: forcing a failure. [ 664.247004][T15356] name failslab, interval 1, probability 0, space 0, times 1 [ 664.261669][T15356] CPU: 0 UID: 0 PID: 15356 Comm: syz.1.1856 Not tainted syzkaller #0 PREEMPT(full) [ 664.261704][T15356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 664.261718][T15356] Call Trace: [ 664.261725][T15356] [ 664.261733][T15356] dump_stack_lvl+0x100/0x190 [ 664.261774][T15356] should_fail_ex.cold+0x5/0xa [ 664.261804][T15356] should_failslab+0xc2/0x120 [ 664.261831][T15356] __kvmalloc_node_noprof+0xfa/0xa00 [ 664.261856][T15356] ? proc_sys_call_handler+0x2c7/0x5a0 [ 664.261888][T15356] proc_sys_call_handler+0x2c7/0x5a0 [ 664.261915][T15356] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 664.261950][T15356] vfs_write+0x6ac/0x1070 [ 664.261974][T15356] ? __pfx_proc_sys_write+0x10/0x10 [ 664.261999][T15356] ? __pfx_vfs_write+0x10/0x10 [ 664.262022][T15356] ? find_held_lock+0x2b/0x80 [ 664.262068][T15356] __x64_sys_pwrite64+0x1eb/0x250 [ 664.262097][T15356] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 664.262135][T15356] do_syscall_64+0x106/0xf80 [ 664.262162][T15356] ? clear_bhb_loop+0x40/0x90 [ 664.262194][T15356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.262220][T15356] RIP: 0033:0x7f907bb9c819 [ 664.262241][T15356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 664.262262][T15356] RSP: 002b:00007f9079df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 664.262286][T15356] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 664.262302][T15356] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000003 [ 664.262317][T15356] RBP: 00007f9079df6090 R08: 0000000000000000 R09: 0000000000000000 [ 664.262332][T15356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.262346][T15356] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 664.262381][T15356] [ 664.262974][T15357] FAULT_INJECTION: forcing a failure. [ 664.262974][T15357] name failslab, interval 1, probability 0, space 0, times 1 [ 664.500094][T15362] FAULT_INJECTION: forcing a failure. [ 664.500094][T15362] name failslab, interval 1, probability 0, space 0, times 0 [ 664.513987][T15362] CPU: 0 UID: 0 PID: 15362 Comm: syz.0.1859 Not tainted syzkaller #0 PREEMPT(full) [ 664.514008][T15362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 664.514018][T15362] Call Trace: [ 664.514024][T15362] [ 664.514031][T15362] dump_stack_lvl+0x100/0x190 [ 664.514059][T15362] should_fail_ex.cold+0x5/0xa [ 664.514079][T15362] should_failslab+0xc2/0x120 [ 664.514096][T15362] __kmalloc_cache_noprof+0x7a/0x6f0 [ 664.514116][T15362] ? tipc_service_create+0xb1/0x340 [ 664.514135][T15362] tipc_service_create+0xb1/0x340 [ 664.514151][T15362] ? tipc_service_find+0x161/0x1c0 [ 664.514168][T15362] tipc_nametbl_insert_publ+0xeca/0x1570 [ 664.514193][T15362] tipc_nametbl_publish+0x137/0x260 [ 664.514214][T15362] tipc_sk_publish+0x1d8/0x430 [ 664.514232][T15362] ? __pfx_tipc_sk_publish+0x10/0x10 [ 664.514252][T15362] ? __local_bh_enable_ip+0x9e/0x120 [ 664.514270][T15362] tipc_sk_bind+0x16f/0x380 [ 664.514289][T15362] tipc_bind+0x18d/0x280 [ 664.514308][T15362] __sys_bind+0x1a9/0x260 [ 664.514329][T15362] ? __pfx___sys_bind+0x10/0x10 [ 664.514360][T15362] __x64_sys_bind+0x72/0xb0 [ 664.514378][T15362] ? lockdep_hardirqs_on+0x78/0x100 [ 664.514395][T15362] do_syscall_64+0x106/0xf80 [ 664.514411][T15362] ? clear_bhb_loop+0x40/0x90 [ 664.514428][T15362] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.514444][T15362] RIP: 0033:0x7f199919c819 [ 664.514457][T15362] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 664.514471][T15362] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 664.514496][T15362] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 664.514514][T15362] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000003 [ 664.514528][T15362] RBP: 00007f1999232c91 R08: 0000000000000000 R09: 0000000000000000 [ 664.514543][T15362] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 664.514556][T15362] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 664.514598][T15362] [ 664.732576][T15362] tipc: Service creation failed, no memory [ 664.764980][T15357] CPU: 0 UID: 0 PID: 15357 Comm: syz.3.1858 Not tainted syzkaller #0 PREEMPT(full) [ 664.765019][T15357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 664.765034][T15357] Call Trace: [ 664.765043][T15357] [ 664.765053][T15357] dump_stack_lvl+0x100/0x190 [ 664.765094][T15357] should_fail_ex.cold+0x5/0xa [ 664.765124][T15357] ? tomoyo_realpath_from_path+0xb6/0x690 [ 664.765163][T15357] should_failslab+0xc2/0x120 [ 664.765194][T15357] __kmalloc_noprof+0xe0/0x850 [ 664.765243][T15357] tomoyo_realpath_from_path+0xb6/0x690 [ 664.765286][T15357] tomoyo_path_number_perm+0x23c/0x580 [ 664.765313][T15357] ? tomoyo_path_number_perm+0x22e/0x580 [ 664.765344][T15357] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 664.765403][T15357] ? find_held_lock+0x2b/0x80 [ 664.765426][T15357] ? __fget_files+0x215/0x3d0 [ 664.765449][T15357] ? hook_file_ioctl_common+0x146/0x410 [ 664.765487][T15357] ? __fget_files+0x21f/0x3d0 [ 664.765519][T15357] security_file_ioctl+0xd3/0x230 [ 664.765553][T15357] __x64_sys_ioctl+0xb7/0x210 [ 664.765592][T15357] do_syscall_64+0x106/0xf80 [ 664.765618][T15357] ? clear_bhb_loop+0x40/0x90 [ 664.765646][T15357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 664.765672][T15357] RIP: 0033:0x7fae5339c819 [ 664.765692][T15357] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 664.765718][T15357] RSP: 002b:00007fae54182028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 664.765744][T15357] RAX: ffffffffffffffda RBX: 00007fae53615fa0 RCX: 00007fae5339c819 [ 664.765762][T15357] RDX: 0000200000000000 RSI: 0000000000000001 RDI: 0000000000000003 [ 664.765778][T15357] RBP: 00007fae54182090 R08: 0000000000000000 R09: 0000000000000000 [ 664.765794][T15357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 664.765811][T15357] R13: 00007fae53616038 R14: 00007fae53615fa0 R15: 00007ffd57598c18 [ 664.765855][T15357] [ 664.765880][T15357] ERROR: Out of memory at tomoyo_realpath_from_path. [ 664.781893][T15364] program syz.1.1860 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 664.786992][T15357] program syz.3.1858 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 665.253997][T15376] FAULT_INJECTION: forcing a failure. [ 665.253997][T15376] name failslab, interval 1, probability 0, space 0, times 0 [ 665.254106][T15376] CPU: 1 UID: 0 PID: 15376 Comm: syz.1.1865 Not tainted syzkaller #0 PREEMPT(full) [ 665.254138][T15376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 665.254154][T15376] Call Trace: [ 665.254163][T15376] [ 665.254173][T15376] dump_stack_lvl+0x100/0x190 [ 665.254221][T15376] should_fail_ex.cold+0x5/0xa [ 665.254254][T15376] should_failslab+0xc2/0x120 [ 665.254284][T15376] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 665.254337][T15376] ? vm_area_alloc+0x1f/0x160 [ 665.254373][T15376] ? vma_merge_new_range+0x38b/0xa30 [ 665.254419][T15376] vm_area_alloc+0x1f/0x160 [ 665.254462][T15376] __mmap_region+0x118c/0x2a50 [ 665.254505][T15376] ? __pfx___mmap_region+0x10/0x10 [ 665.254540][T15376] ? process_measurement+0x1f4/0x2350 [ 665.254573][T15376] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 665.254606][T15376] ? tomoyo_check_open_permission+0x1db/0x3c0 [ 665.254691][T15376] ? is_bpf_text_address+0x94/0x1a0 [ 665.254735][T15376] ? kernel_text_address+0x8d/0x100 [ 665.254775][T15376] ? __kernel_text_address+0xd/0x30 [ 665.254859][T15376] ? rcu_is_watching+0x12/0xc0 [ 665.254902][T15376] ? cap_capable+0x107/0x460 [ 665.254935][T15376] mmap_region+0x180/0x3e0 [ 665.254981][T15376] do_mmap+0xc63/0x12f0 [ 665.255019][T15376] ? __pfx_do_mmap+0x10/0x10 [ 665.255049][T15376] ? __pfx_down_write_killable+0x10/0x10 [ 665.255091][T15376] vm_mmap_pgoff+0x29e/0x470 [ 665.255128][T15376] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 665.255157][T15376] ? __fget_files+0x215/0x3d0 [ 665.255190][T15376] ? __fget_files+0x21f/0x3d0 [ 665.255224][T15376] ksys_mmap_pgoff+0x3c8/0x650 [ 665.255258][T15376] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 665.255286][T15376] ? fput+0x79/0x100 [ 665.255317][T15376] ? ksys_write+0x1ac/0x250 [ 665.255343][T15376] ? __pfx_ksys_write+0x10/0x10 [ 665.255373][T15376] __x64_sys_mmap+0x125/0x190 [ 665.255417][T15376] do_syscall_64+0x106/0xf80 [ 665.255453][T15376] ? clear_bhb_loop+0x40/0x90 [ 665.255486][T15376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 665.255513][T15376] RIP: 0033:0x7f907bb9c819 [ 665.255536][T15376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 665.255563][T15376] RSP: 002b:00007f9079df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 665.255589][T15376] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 665.255607][T15376] RDX: fffffffffffffe01 RSI: 0000000000000005 RDI: 0000000000000000 [ 665.255624][T15376] RBP: 00007f9079df6090 R08: 0000000000000003 R09: 0000000000008000 [ 665.255641][T15376] R10: 0000000000008011 R11: 0000000000000246 R12: 0000000000000001 [ 665.255657][T15376] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 665.255693][T15376] [ 666.163973][T15388] FAULT_INJECTION: forcing a failure. [ 666.163973][T15388] name failslab, interval 1, probability 0, space 0, times 0 [ 666.164053][T15388] CPU: 0 UID: 0 PID: 15388 Comm: syz.0.1869 Not tainted syzkaller #0 PREEMPT(full) [ 666.164082][T15388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 666.164096][T15388] Call Trace: [ 666.164105][T15388] [ 666.164114][T15388] dump_stack_lvl+0x100/0x190 [ 666.164158][T15388] should_fail_ex.cold+0x5/0xa [ 666.164190][T15388] should_failslab+0xc2/0x120 [ 666.164219][T15388] __kvmalloc_node_noprof+0xfa/0xa00 [ 666.164242][T15388] ? seq_read_iter+0x819/0x1270 [ 666.164274][T15388] seq_read_iter+0x819/0x1270 [ 666.164310][T15388] kernfs_fop_read_iter+0x46c/0x610 [ 666.164345][T15388] ? rw_verify_area+0xce/0x6d0 [ 666.164377][T15388] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 666.164404][T15388] vfs_read+0x825/0xb30 [ 666.164428][T15388] ? __pfx_vfs_read+0x10/0x10 [ 666.164467][T15388] ksys_read+0x12a/0x250 [ 666.164491][T15388] ? __pfx_ksys_read+0x10/0x10 [ 666.164519][T15388] do_syscall_64+0x106/0xf80 [ 666.164542][T15388] ? clear_bhb_loop+0x40/0x90 [ 666.164570][T15388] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 666.164593][T15388] RIP: 0033:0x7f199919c819 [ 666.164621][T15388] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 666.164646][T15388] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 666.164671][T15388] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 666.164688][T15388] RDX: 0000000000000024 RSI: 0000200000000100 RDI: 0000000000000003 [ 666.164704][T15388] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 666.164720][T15388] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 666.164735][T15388] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 666.164771][T15388] [ 666.523539][ T30] audit: type=1804 audit(1775810428.476:2): pid=15395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1880" name="/newroot/474/file0" dev="tmpfs" ino=2393 res=1 errno=0 [ 667.007079][T15408] syz.0.1875 uses obsolete (PF_INET,SOCK_PACKET) [ 667.484043][T15416] FAULT_INJECTION: forcing a failure. [ 667.484043][T15416] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 667.500783][T15416] CPU: 0 UID: 0 PID: 15416 Comm: syz.2.1878 Not tainted syzkaller #0 PREEMPT(full) [ 667.500821][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 667.500836][T15416] Call Trace: [ 667.500845][T15416] [ 667.500855][T15416] dump_stack_lvl+0x100/0x190 [ 667.500901][T15416] should_fail_ex.cold+0x5/0xa [ 667.500935][T15416] _copy_from_user+0x2e/0xd0 [ 667.500970][T15416] __do_sys_adjtimex+0x94/0x140 [ 667.501002][T15416] ? __pfx___do_sys_adjtimex+0x10/0x10 [ 667.501033][T15416] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 667.501099][T15416] ? __pfx_ksys_write+0x10/0x10 [ 667.501141][T15416] do_syscall_64+0x106/0xf80 [ 667.501177][T15416] ? clear_bhb_loop+0x40/0x90 [ 667.501211][T15416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.501245][T15416] RIP: 0033:0x7f35a319c819 [ 667.501312][T15416] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 667.501343][T15416] RSP: 002b:00007f35a4116028 EFLAGS: 00000246 ORIG_RAX: 000000000000009f [ 667.501370][T15416] RAX: ffffffffffffffda RBX: 00007f35a3415fa0 RCX: 00007f35a319c819 [ 667.501414][T15416] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000540 [ 667.501557][T15416] RBP: 00007f35a4116090 R08: 0000000000000000 R09: 0000000000000000 [ 667.501574][T15416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 667.501591][T15416] R13: 00007f35a3416038 R14: 00007f35a3415fa0 R15: 00007ffc3321a5b8 [ 667.501628][T15416] [ 667.676378][T15418] FAULT_INJECTION: forcing a failure. [ 667.676378][T15418] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 667.691271][T15418] CPU: 0 UID: 0 PID: 15418 Comm: syz.0.1881 Not tainted syzkaller #0 PREEMPT(full) [ 667.691293][T15418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 667.691302][T15418] Call Trace: [ 667.691309][T15418] [ 667.691316][T15418] dump_stack_lvl+0x100/0x190 [ 667.691344][T15418] should_fail_ex.cold+0x5/0xa [ 667.691362][T15418] _copy_from_user+0x2e/0xd0 [ 667.691382][T15418] copy_msghdr_from_user+0x9f/0x4f0 [ 667.691403][T15418] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 667.691426][T15418] ? __pfx__kstrtoull+0x10/0x10 [ 667.691452][T15418] ___sys_sendmsg+0x106/0x1e0 [ 667.691472][T15418] ? __pfx____sys_sendmsg+0x10/0x10 [ 667.691573][T15418] ? find_held_lock+0x2b/0x80 [ 667.691601][T15418] __sys_sendmmsg+0x205/0x430 [ 667.691618][T15418] ? __pfx___sys_sendmmsg+0x10/0x10 [ 667.691639][T15418] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 667.691664][T15418] ? fput+0x79/0x100 [ 667.691682][T15418] ? ksys_write+0x1ac/0x250 [ 667.691696][T15418] ? __pfx_ksys_write+0x10/0x10 [ 667.691713][T15418] __x64_sys_sendmmsg+0x9c/0x100 [ 667.691727][T15418] ? lockdep_hardirqs_on+0x78/0x100 [ 667.691743][T15418] do_syscall_64+0x106/0xf80 [ 667.691759][T15418] ? clear_bhb_loop+0x40/0x90 [ 667.691777][T15418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 667.691792][T15418] RIP: 0033:0x7f199919c819 [ 667.691806][T15418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 667.691820][T15418] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 667.691834][T15418] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 667.691844][T15418] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 667.691852][T15418] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 667.691861][T15418] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 667.691869][T15418] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 667.691887][T15418] [ 668.549530][T15441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1889'. [ 668.639803][T15442] FAULT_INJECTION: forcing a failure. [ 668.639803][T15442] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 668.675861][T15442] CPU: 0 UID: 0 PID: 15442 Comm: syz.0.1888 Not tainted syzkaller #0 PREEMPT(full) [ 668.675900][T15442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 668.675915][T15442] Call Trace: [ 668.675925][T15442] [ 668.675936][T15442] dump_stack_lvl+0x100/0x190 [ 668.676010][T15442] should_fail_ex.cold+0x5/0xa [ 668.676043][T15442] _copy_to_user+0x32/0xd0 [ 668.676083][T15442] simple_read_from_buffer+0xcb/0x170 [ 668.676129][T15442] proc_fail_nth_read+0x1af/0x230 [ 668.676158][T15442] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 668.676187][T15442] ? rw_verify_area+0xce/0x6d0 [ 668.676218][T15442] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 668.676263][T15442] vfs_read+0x1e4/0xb30 [ 668.676356][T15442] ? __pfx_vfs_read+0x10/0x10 [ 668.676376][T15442] ? __fget_files+0x215/0x3d0 [ 668.676408][T15442] ? __fget_files+0x21f/0x3d0 [ 668.676445][T15442] ksys_read+0x12a/0x250 [ 668.676471][T15442] ? __pfx_ksys_read+0x10/0x10 [ 668.676517][T15442] do_syscall_64+0x106/0xf80 [ 668.676550][T15442] ? clear_bhb_loop+0x40/0x90 [ 668.676586][T15442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.676613][T15442] RIP: 0033:0x7f199915d04e [ 668.676636][T15442] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 668.676662][T15442] RSP: 002b:00007f1999fcdfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 668.676687][T15442] RAX: ffffffffffffffda RBX: 00007f1999fce6c0 RCX: 00007f199915d04e [ 668.676706][T15442] RDX: 000000000000000f RSI: 00007f1999fce0a0 RDI: 0000000000000003 [ 668.676723][T15442] RBP: 00007f1999fce090 R08: 0000000000000000 R09: 0000000000000000 [ 668.676740][T15442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 668.676755][T15442] R13: 00007f1999416128 R14: 00007f1999416090 R15: 00007fff9cf77538 [ 668.676799][T15442] [ 668.697040][T15446] FAULT_INJECTION: forcing a failure. [ 668.697040][T15446] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 668.911961][T15446] CPU: 1 UID: 0 PID: 15446 Comm: syz.1.1891 Not tainted syzkaller #0 PREEMPT(full) [ 668.911995][T15446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 668.912008][T15446] Call Trace: [ 668.912017][T15446] [ 668.912027][T15446] dump_stack_lvl+0x100/0x190 [ 668.912071][T15446] should_fail_ex.cold+0x5/0xa [ 668.912104][T15446] _copy_from_user+0x2e/0xd0 [ 668.912139][T15446] copy_msghdr_from_user+0x9f/0x4f0 [ 668.912177][T15446] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 668.912220][T15446] ? __pfx__kstrtoull+0x10/0x10 [ 668.912268][T15446] ___sys_sendmsg+0x106/0x1e0 [ 668.912306][T15446] ? __pfx____sys_sendmsg+0x10/0x10 [ 668.912365][T15446] ? find_held_lock+0x2b/0x80 [ 668.912414][T15446] __sys_sendmmsg+0x205/0x430 [ 668.912444][T15446] ? __pfx___sys_sendmmsg+0x10/0x10 [ 668.912483][T15446] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 668.912527][T15446] ? fput+0x79/0x100 [ 668.912560][T15446] ? ksys_write+0x1ac/0x250 [ 668.912591][T15446] ? __pfx_ksys_write+0x10/0x10 [ 668.912623][T15446] __x64_sys_sendmmsg+0x9c/0x100 [ 668.912648][T15446] ? lockdep_hardirqs_on+0x78/0x100 [ 668.912677][T15446] do_syscall_64+0x106/0xf80 [ 668.912705][T15446] ? clear_bhb_loop+0x40/0x90 [ 668.912738][T15446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 668.912766][T15446] RIP: 0033:0x7f907bb9c819 [ 668.912788][T15446] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 668.912811][T15446] RSP: 002b:00007f9079df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 668.912835][T15446] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 668.912853][T15446] RDX: 0000000000000002 RSI: 00002000000006c0 RDI: 0000000000000003 [ 668.912869][T15446] RBP: 00007f9079df6090 R08: 0000000000000000 R09: 0000000000000000 [ 668.912884][T15446] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 668.912898][T15446] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 668.912934][T15446] [ 669.407058][T15464] netlink: zone id is out of range [ 669.412633][T15464] netlink: zone id is out of range [ 669.419430][T15464] netlink: zone id is out of range [ 669.429907][T15464] netlink: zone id is out of range [ 669.435805][T15464] netlink: zone id is out of range [ 669.447585][T15464] netlink: zone id is out of range [ 669.453183][T15464] netlink: zone id is out of range [ 669.460620][T15464] netlink: zone id is out of range [ 669.467611][T15464] netlink: zone id is out of range [ 669.479708][T15464] netlink: zone id is out of range [ 669.845347][T15476] FAULT_INJECTION: forcing a failure. [ 669.845347][T15476] name failslab, interval 1, probability 0, space 0, times 0 [ 669.881729][T15476] CPU: 0 UID: 0 PID: 15476 Comm: syz.0.1899 Not tainted syzkaller #0 PREEMPT(full) [ 669.881766][T15476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 669.881780][T15476] Call Trace: [ 669.881789][T15476] [ 669.881799][T15476] dump_stack_lvl+0x100/0x190 [ 669.881844][T15476] should_fail_ex.cold+0x5/0xa [ 669.881876][T15476] should_failslab+0xc2/0x120 [ 669.881902][T15476] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 669.881926][T15476] ? do_fanotify_mark+0x2a8d/0x4010 [ 669.881952][T15476] do_fanotify_mark+0x2a8d/0x4010 [ 669.881990][T15476] ? __pfx_do_fanotify_mark+0x10/0x10 [ 669.882018][T15476] ? ksys_write+0x1ac/0x250 [ 669.882033][T15476] ? __pfx_ksys_write+0x10/0x10 [ 669.882050][T15476] __x64_sys_fanotify_mark+0xbd/0x160 [ 669.882073][T15476] ? do_syscall_64+0x95/0xf80 [ 669.882089][T15476] ? lockdep_hardirqs_on+0x78/0x100 [ 669.882104][T15476] do_syscall_64+0x106/0xf80 [ 669.882118][T15476] ? clear_bhb_loop+0x40/0x90 [ 669.882136][T15476] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 669.882151][T15476] RIP: 0033:0x7f199919c819 [ 669.882164][T15476] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 669.882178][T15476] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 669.882192][T15476] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 669.882202][T15476] RDX: 0000000000000f2b RSI: 0000000000000105 RDI: 0000400000000000 [ 669.882211][T15476] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 669.882221][T15476] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 669.882232][T15476] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 669.882251][T15476] [ 670.735184][T15496] FAULT_INJECTION: forcing a failure. [ 670.735184][T15496] name failslab, interval 1, probability 0, space 0, times 0 [ 670.759626][T15496] CPU: 1 UID: 0 PID: 15496 Comm: syz.0.1905 Not tainted syzkaller #0 PREEMPT(full) [ 670.759657][T15496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 670.759667][T15496] Call Trace: [ 670.759673][T15496] [ 670.759679][T15496] dump_stack_lvl+0x100/0x190 [ 670.759706][T15496] should_fail_ex.cold+0x5/0xa [ 670.759727][T15496] should_failslab+0xc2/0x120 [ 670.759746][T15496] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 670.759769][T15496] ? do_getname+0x35/0x390 [ 670.759791][T15496] do_getname+0x35/0x390 [ 670.759811][T15496] __x64_sys_rename+0x57/0xb0 [ 670.759830][T15496] do_syscall_64+0x106/0xf80 [ 670.759847][T15496] ? clear_bhb_loop+0x40/0x90 [ 670.759867][T15496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.759882][T15496] RIP: 0033:0x7f199919c819 [ 670.759894][T15496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 670.759909][T15496] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 670.759923][T15496] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 670.759932][T15496] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000200000000480 [ 670.759941][T15496] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 670.759950][T15496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 670.759958][T15496] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 670.759976][T15496] [ 671.312791][T15502] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1908'. [ 671.481938][T15504] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1906'. [ 671.504125][T15504] netlink: 'syz.3.1906': attribute type 1 has an invalid length. [ 671.552461][T15504] netlink: 51505 bytes leftover after parsing attributes in process `syz.3.1906'. [ 671.654703][T15508] FAULT_INJECTION: forcing a failure. [ 671.654703][T15508] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 671.705998][T15508] CPU: 0 UID: 0 PID: 15508 Comm: syz.0.1909 Not tainted syzkaller #0 PREEMPT(full) [ 671.706022][T15508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 671.706031][T15508] Call Trace: [ 671.706039][T15508] [ 671.706045][T15508] dump_stack_lvl+0x100/0x190 [ 671.706072][T15508] should_fail_ex.cold+0x5/0xa [ 671.706093][T15508] _copy_from_user+0x2e/0xd0 [ 671.706115][T15508] copy_msghdr_from_user+0x9f/0x4f0 [ 671.706135][T15508] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 671.706162][T15508] ? __pfx__kstrtoull+0x10/0x10 [ 671.706189][T15508] ___sys_sendmsg+0x106/0x1e0 [ 671.706209][T15508] ? __pfx____sys_sendmsg+0x10/0x10 [ 671.706239][T15508] ? find_held_lock+0x2b/0x80 [ 671.706271][T15508] __sys_sendmmsg+0x205/0x430 [ 671.706293][T15508] ? __pfx___sys_sendmmsg+0x10/0x10 [ 671.706313][T15508] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 671.706338][T15508] ? fput+0x79/0x100 [ 671.706356][T15508] ? ksys_write+0x1ac/0x250 [ 671.706369][T15508] ? __pfx_ksys_write+0x10/0x10 [ 671.706386][T15508] __x64_sys_sendmmsg+0x9c/0x100 [ 671.706405][T15508] ? lockdep_hardirqs_on+0x78/0x100 [ 671.706421][T15508] do_syscall_64+0x106/0xf80 [ 671.706436][T15508] ? clear_bhb_loop+0x40/0x90 [ 671.706454][T15508] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 671.706470][T15508] RIP: 0033:0x7f199919c819 [ 671.706482][T15508] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 671.706496][T15508] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 671.706511][T15508] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 671.706520][T15508] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 671.706529][T15508] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 671.706537][T15508] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 671.706546][T15508] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 671.706564][T15508] [ 672.089451][T15510] FAULT_INJECTION: forcing a failure. [ 672.089451][T15510] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 672.103735][T15510] CPU: 1 UID: 0 PID: 15510 Comm: syz.0.1910 Not tainted syzkaller #0 PREEMPT(full) [ 672.103771][T15510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 672.103786][T15510] Call Trace: [ 672.103795][T15510] [ 672.103805][T15510] dump_stack_lvl+0x100/0x190 [ 672.103855][T15510] should_fail_ex.cold+0x5/0xa [ 672.103888][T15510] _copy_from_user+0x2e/0xd0 [ 672.103929][T15510] kstrtoul_from_user+0xc6/0x1c0 [ 672.103956][T15510] ? __pfx_kstrtoul_from_user+0x10/0x10 [ 672.104001][T15510] ? __pfx___might_resched+0x10/0x10 [ 672.104046][T15510] ? lock_acquire+0x1cf/0x380 [ 672.104087][T15510] event_enable_write+0x90/0x360 [ 672.104120][T15510] ? __pfx_event_enable_write+0x10/0x10 [ 672.104194][T15510] vfs_write+0x2aa/0x1070 [ 672.104225][T15510] ? __pfx_event_enable_write+0x10/0x10 [ 672.104269][T15510] ? __pfx_vfs_write+0x10/0x10 [ 672.104295][T15510] ? __fget_files+0x215/0x3d0 [ 672.104334][T15510] ? __fget_files+0x21f/0x3d0 [ 672.104375][T15510] ksys_write+0x12a/0x250 [ 672.104403][T15510] ? __pfx_ksys_write+0x10/0x10 [ 672.104443][T15510] do_syscall_64+0x106/0xf80 [ 672.104478][T15510] ? clear_bhb_loop+0x40/0x90 [ 672.104506][T15510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 672.104533][T15510] RIP: 0033:0x7f199919c819 [ 672.104555][T15510] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 672.104585][T15510] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 672.104611][T15510] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 672.104629][T15510] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000003 [ 672.104649][T15510] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 672.104665][T15510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 672.104681][T15510] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 672.104722][T15510] [ 673.482537][T15537] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1917'. [ 674.025428][ T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!! [ 674.213494][T15546] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1919'. [ 675.133516][T15572] FAULT_INJECTION: forcing a failure. [ 675.133516][T15572] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 675.148513][T15572] CPU: 0 UID: 0 PID: 15572 Comm: syz.2.1928 Not tainted syzkaller #0 PREEMPT(full) [ 675.148547][T15572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 675.148561][T15572] Call Trace: [ 675.148570][T15572] [ 675.148578][T15572] dump_stack_lvl+0x100/0x190 [ 675.148622][T15572] should_fail_ex.cold+0x5/0xa [ 675.148640][T15572] _copy_to_user+0x32/0xd0 [ 675.148661][T15572] fs_name+0x144/0x220 [ 675.148680][T15572] __x64_sys_sysfs+0x14f/0x190 [ 675.148706][T15572] do_syscall_64+0x106/0xf80 [ 675.148723][T15572] ? clear_bhb_loop+0x40/0x90 [ 675.148740][T15572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 675.148755][T15572] RIP: 0033:0x7f35a319c819 [ 675.148768][T15572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 675.148783][T15572] RSP: 002b:00007f35a40f5028 EFLAGS: 00000246 ORIG_RAX: 000000000000008b [ 675.148797][T15572] RAX: ffffffffffffffda RBX: 00007f35a3416090 RCX: 00007f35a319c819 [ 675.148806][T15572] RDX: 0000000000000000 RSI: 000000000000004c RDI: 0000000000000002 [ 675.148815][T15572] RBP: 00007f35a40f5090 R08: 0000000000000000 R09: 0000000000000000 [ 675.148823][T15572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 675.148831][T15572] R13: 00007f35a3416128 R14: 00007f35a3416090 R15: 00007ffc3321a5b8 [ 675.148850][T15572] [ 676.435114][T15589] FAULT_INJECTION: forcing a failure. [ 676.435114][T15589] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 676.473476][T15593] FAULT_INJECTION: forcing a failure. [ 676.473476][T15593] name failslab, interval 1, probability 0, space 0, times 0 [ 676.488217][T15593] CPU: 1 UID: 0 PID: 15593 Comm: syz.1.1933 Not tainted syzkaller #0 PREEMPT(full) [ 676.488251][T15593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 676.488265][T15593] Call Trace: [ 676.488273][T15593] [ 676.488289][T15593] dump_stack_lvl+0x100/0x190 [ 676.488327][T15593] should_fail_ex.cold+0x5/0xa [ 676.488346][T15593] should_failslab+0xc2/0x120 [ 676.488362][T15593] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 676.488385][T15593] ? do_getname+0x35/0x390 [ 676.488403][T15593] ? find_held_lock+0x2b/0x80 [ 676.488421][T15593] do_getname+0x35/0x390 [ 676.488441][T15593] do_sys_openat2+0xc5/0x1e0 [ 676.488461][T15593] ? __pfx_do_sys_openat2+0x10/0x10 [ 676.488479][T15593] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 676.488499][T15593] ? __fget_files+0x21f/0x3d0 [ 676.488517][T15593] __x64_sys_openat+0x12d/0x210 [ 676.488540][T15593] ? __pfx___x64_sys_openat+0x10/0x10 [ 676.488559][T15593] ? ksys_write+0x1ac/0x250 [ 676.488580][T15593] do_syscall_64+0x106/0xf80 [ 676.488595][T15593] ? clear_bhb_loop+0x40/0x90 [ 676.488613][T15593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 676.488627][T15593] RIP: 0033:0x7f907bb9c819 [ 676.488640][T15593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 676.488655][T15593] RSP: 002b:00007f9079dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 676.488669][T15593] RAX: ffffffffffffffda RBX: 00007f907be16090 RCX: 00007f907bb9c819 [ 676.488679][T15593] RDX: 000000000002aa01 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 676.488688][T15593] RBP: 00007f9079dd5090 R08: 0000000000000000 R09: 0000000000000000 [ 676.488696][T15593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 676.488704][T15593] R13: 00007f907be16128 R14: 00007f907be16090 R15: 00007ffc6e2859e8 [ 676.488723][T15593] [ 676.821208][T15589] CPU: 1 UID: 0 PID: 15589 Comm: syz.2.1931 Not tainted syzkaller #0 PREEMPT(full) [ 676.821245][T15589] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 676.821258][T15589] Call Trace: [ 676.821266][T15589] [ 676.821276][T15589] dump_stack_lvl+0x100/0x190 [ 676.821315][T15589] should_fail_ex.cold+0x5/0xa [ 676.821339][T15589] ? prepare_alloc_pages+0x16d/0x5f0 [ 676.821377][T15589] should_fail_alloc_page+0xeb/0x140 [ 676.821405][T15589] prepare_alloc_pages+0x1f0/0x5f0 [ 676.821441][T15589] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 676.821483][T15589] ? rcu_is_watching+0x12/0xc0 [ 676.821529][T15589] ? trace_sched_exit_tp+0x13a/0x180 [ 676.821560][T15589] ? __schedule+0x1000/0x6120 [ 676.821588][T15589] ? find_held_lock+0x2b/0x80 [ 676.821618][T15589] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 676.821667][T15589] ? __pfx___schedule+0x10/0x10 [ 676.821694][T15589] ? xas_find+0x32c/0x8e0 [ 676.821724][T15589] ? preempt_schedule_thunk+0x16/0x30 [ 676.821761][T15589] ? preempt_schedule_common+0x42/0xc0 [ 676.821789][T15589] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 676.821821][T15589] ? policy_nodemask+0xed/0x4f0 [ 676.821855][T15589] alloc_pages_mpol+0x1fb/0x550 [ 676.821885][T15589] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 676.821924][T15589] folio_alloc_mpol_noprof+0x36/0x340 [ 676.821985][T15589] vma_alloc_folio_noprof+0xed/0x1d0 [ 676.822017][T15589] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 676.822059][T15589] do_anonymous_page+0xb3a/0x1fb0 [ 676.822146][T15589] __handle_mm_fault+0x1d48/0x2b60 [ 676.822186][T15589] ? reacquire_held_locks+0xce/0x1e0 [ 676.822222][T15589] ? __pfx___handle_mm_fault+0x10/0x10 [ 676.822286][T15589] ? lock_vma_under_rcu+0x17c/0x590 [ 676.822338][T15589] handle_mm_fault+0x36d/0xa20 [ 676.822388][T15589] do_user_addr_fault+0x5a3/0x12f0 [ 676.822422][T15589] exc_page_fault+0x6f/0xd0 [ 676.822450][T15589] asm_exc_page_fault+0x26/0x30 [ 676.822476][T15589] RIP: 0033:0x7f35a305dfcb [ 676.822505][T15589] Code: 00 00 00 48 8d 3d bd a6 1a 00 48 89 c1 31 c0 e8 5b 32 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 a6 1a 00 48 89 34 24 48 8b 14 24 48 8b [ 676.822528][T15589] RSP: 002b:00007f35a40f3fa0 EFLAGS: 00010206 [ 676.822548][T15589] RAX: 0000000000000000 RBX: 00007f35a3416090 RCX: 0000000000000000 [ 676.822563][T15589] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000200000000440 [ 676.822578][T15589] RBP: 00007f35a40f5090 R08: 0000000000000000 R09: 0000000000000000 [ 676.822592][T15589] R10: 0000200000000440 R11: 0000000000000000 R12: 0000000000000001 [ 676.822606][T15589] R13: 00007f35a3416128 R14: 00007f35a3416090 R15: 00007ffc3321a5b8 [ 676.822639][T15589] [ 676.822867][T15589] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 677.143858][T15591] forcing mempool usage for bio_alloc_bioset+0x392/0x850 [ 677.380658][T15599] FAULT_INJECTION: forcing a failure. [ 677.380658][T15599] name failslab, interval 1, probability 0, space 0, times 0 [ 677.432835][T15599] CPU: 0 UID: 0 PID: 15599 Comm: syz.1.1935 Not tainted syzkaller #0 PREEMPT(full) [ 677.432875][T15599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 677.432890][T15599] Call Trace: [ 677.432900][T15599] [ 677.432910][T15599] dump_stack_lvl+0x100/0x190 [ 677.432960][T15599] should_fail_ex.cold+0x5/0xa [ 677.432996][T15599] ? tracepoint_add_func+0x2c5/0xf30 [ 677.433023][T15599] should_failslab+0xc2/0x120 [ 677.433054][T15599] __kmalloc_noprof+0xe0/0x850 [ 677.433100][T15599] ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10 [ 677.433144][T15599] tracepoint_add_func+0x2c5/0xf30 [ 677.433170][T15599] ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10 [ 677.433219][T15599] ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10 [ 677.433269][T15599] tracepoint_probe_register+0xc4/0x110 [ 677.433302][T15599] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 677.433333][T15599] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 677.433363][T15599] ? __pfx_trace_event_raw_event_nfsd_cb_class+0x10/0x10 [ 677.433405][T15599] ? __pfx_probe_sched_switch+0x10/0x10 [ 677.433435][T15599] ? __lock_acquire+0x4a5/0x2630 [ 677.433476][T15599] trace_event_reg+0x209/0x350 [ 677.433519][T15599] __ftrace_event_enable_disable+0x211/0x6f0 [ 677.433557][T15599] __ftrace_set_clr_event_nolock+0x390/0xc30 [ 677.433603][T15599] ftrace_set_clr_event+0x16e/0x330 [ 677.433643][T15599] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 677.433678][T15599] ? trace_get_user+0x3ae/0xa70 [ 677.433718][T15599] ftrace_event_write+0x259/0x2c0 [ 677.433753][T15599] ? __pfx_ftrace_event_write+0x10/0x10 [ 677.433791][T15599] ? __pfx_ftrace_event_write+0x10/0x10 [ 677.433833][T15599] vfs_write+0x2aa/0x1070 [ 677.433861][T15599] ? __pfx_ftrace_event_write+0x10/0x10 [ 677.433901][T15599] ? __pfx_vfs_write+0x10/0x10 [ 677.433927][T15599] ? __fget_files+0x215/0x3d0 [ 677.433961][T15599] ? __fget_files+0x21f/0x3d0 [ 677.433998][T15599] ksys_write+0x12a/0x250 [ 677.434026][T15599] ? __pfx_ksys_write+0x10/0x10 [ 677.434062][T15599] do_syscall_64+0x106/0xf80 [ 677.434092][T15599] ? clear_bhb_loop+0x40/0x90 [ 677.434127][T15599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 677.434155][T15599] RIP: 0033:0x7f907bb9c819 [ 677.434177][T15599] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 677.434203][T15599] RSP: 002b:00007f9079df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 677.434238][T15599] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 677.434257][T15599] RDX: 0000000000000af0 RSI: 0000000000000000 RDI: 0000000000000006 [ 677.434274][T15599] RBP: 00007f907bc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 677.434291][T15599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 677.434307][T15599] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 677.434344][T15599] [ 677.434372][T15599] event trace: Could not enable event nfsd_cb_shutdown [ 678.591593][T15613] FAULT_INJECTION: forcing a failure. [ 678.591593][T15613] name failslab, interval 1, probability 0, space 0, times 0 [ 678.694706][T15613] CPU: 1 UID: 0 PID: 15613 Comm: syz.3.1938 Not tainted syzkaller #0 PREEMPT(full) [ 678.694746][T15613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 678.694762][T15613] Call Trace: [ 678.694772][T15613] [ 678.694781][T15613] dump_stack_lvl+0x100/0x190 [ 678.694827][T15613] should_fail_ex.cold+0x5/0xa [ 678.694859][T15613] should_failslab+0xc2/0x120 [ 678.694890][T15613] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 678.694932][T15613] ? ptlock_alloc+0x1f/0x70 [ 678.694974][T15613] ptlock_alloc+0x1f/0x70 [ 678.695032][T15613] pte_alloc_one+0x82/0x3d0 [ 678.695064][T15613] __pte_alloc+0x6d/0x3e0 [ 678.695093][T15613] ? __pfx___pte_alloc+0x10/0x10 [ 678.695123][T15613] ? find_held_lock+0x2b/0x80 [ 678.695150][T15613] ? find_held_lock+0x2b/0x80 [ 678.695178][T15613] ? walk_to_pmd+0x302/0x4c0 [ 678.695216][T15613] get_locked_pte+0xa1/0xc0 [ 678.695256][T15613] insert_page+0xcc/0x220 [ 678.695293][T15613] ? __pfx_insert_page+0x10/0x10 [ 678.695325][T15613] ? __pfx_down_read_trylock+0x10/0x10 [ 678.695416][T15613] vm_insert_page+0x2c0/0x400 [ 678.695460][T15613] kcov_mmap+0xca/0x130 [ 678.695491][T15613] __mmap_region+0x1503/0x2a50 [ 678.695577][T15613] ? __pfx___mmap_region+0x10/0x10 [ 678.695625][T15613] ? ima_match_policy+0x8c4/0x2350 [ 678.695702][T15613] ? find_held_lock+0x2b/0x80 [ 678.695729][T15613] ? process_measurement+0x4c8/0x2350 [ 678.695758][T15613] ? process_measurement+0x4c8/0x2350 [ 678.695803][T15613] ? process_measurement+0x1f4/0x2350 [ 678.695912][T15613] mmap_region+0x30a/0x3e0 [ 678.695963][T15613] do_mmap+0xc63/0x12f0 [ 678.696004][T15613] ? __pfx_do_mmap+0x10/0x10 [ 678.696037][T15613] ? __pfx_down_write_killable+0x10/0x10 [ 678.696116][T15613] vm_mmap_pgoff+0x29e/0x470 [ 678.696193][T15613] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 678.696225][T15613] ? __fget_files+0x215/0x3d0 [ 678.696262][T15613] ? __fget_files+0x21f/0x3d0 [ 678.696297][T15613] ksys_mmap_pgoff+0x3c8/0x650 [ 678.696340][T15613] ? __x64_sys_futex+0x34f/0x4d0 [ 678.696377][T15613] ? __x64_sys_futex+0x358/0x4d0 [ 678.696420][T15613] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 678.696453][T15613] ? xfd_validate_state+0x129/0x190 [ 678.696505][T15613] __x64_sys_mmap+0x125/0x190 [ 678.696557][T15613] do_syscall_64+0x106/0xf80 [ 678.696587][T15613] ? clear_bhb_loop+0x40/0x90 [ 678.696631][T15613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 678.696661][T15613] RIP: 0033:0x7fae5339c819 [ 678.696685][T15613] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 678.696716][T15613] RSP: 002b:00007fae54182028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 678.696743][T15613] RAX: ffffffffffffffda RBX: 00007fae53615fa0 RCX: 00007fae5339c819 [ 678.696761][T15613] RDX: 0000000000000007 RSI: 00000000003fffff RDI: 0000000000009000 [ 678.696779][T15613] RBP: 00007fae53432c91 R08: 00000000000000dd R09: 0000000000000000 [ 678.696800][T15613] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 678.696816][T15613] R13: 00007fae53616038 R14: 00007fae53615fa0 R15: 00007ffd57598c18 [ 678.696851][T15613] [ 678.696912][T15613] kcov: kcov: vm_insert_page() failed [ 680.559880][T15643] mmap: syz.2.1947 (15643) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 682.077355][T15662] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1952'. [ 683.606646][T15681] FAULT_INJECTION: forcing a failure. [ 683.606646][T15681] name failslab, interval 1, probability 0, space 0, times 0 [ 683.679137][T15681] CPU: 1 UID: 0 PID: 15681 Comm: syz.1.1958 Not tainted syzkaller #0 PREEMPT(full) [ 683.679175][T15681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 683.679191][T15681] Call Trace: [ 683.679200][T15681] [ 683.679210][T15681] dump_stack_lvl+0x100/0x190 [ 683.679260][T15681] should_fail_ex.cold+0x5/0xa [ 683.679295][T15681] should_failslab+0xc2/0x120 [ 683.679327][T15681] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 683.679370][T15681] ? vm_area_dup+0x27/0x8e0 [ 683.679407][T15681] ? __vma_start_write+0x17f/0x280 [ 683.679451][T15681] vm_area_dup+0x27/0x8e0 [ 683.679492][T15681] dup_mmap+0x6f6/0x2180 [ 683.679550][T15681] ? __pfx_dup_mmap+0x10/0x10 [ 683.679583][T15681] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 683.679647][T15681] ? __lock_acquire+0x4a5/0x2630 [ 683.679688][T15681] ? find_held_lock+0x2b/0x80 [ 683.679715][T15681] ? __percpu_counter_init_many+0x2bc/0x3b0 [ 683.679780][T15681] copy_process+0x7523/0x7a40 [ 683.679832][T15681] ? __pfx_copy_process+0x10/0x10 [ 683.679866][T15681] ? find_held_lock+0x2b/0x80 [ 683.679909][T15681] kernel_clone+0xfc/0x9a0 [ 683.679940][T15681] ? __pfx_futex_wait+0x10/0x10 [ 683.679986][T15681] ? __pfx_kernel_clone+0x10/0x10 [ 683.680040][T15681] __do_sys_clone+0xd9/0x120 [ 683.680071][T15681] ? __pfx___do_sys_clone+0x10/0x10 [ 683.680100][T15681] ? ns_capable+0x85/0xf0 [ 683.680154][T15681] do_syscall_64+0x106/0xf80 [ 683.680183][T15681] ? clear_bhb_loop+0x40/0x90 [ 683.680217][T15681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 683.680244][T15681] RIP: 0033:0x7f907bb9c819 [ 683.680268][T15681] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 683.680310][T15681] RSP: 002b:00007f9079df5fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 683.680337][T15681] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 683.680355][T15681] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 683.680372][T15681] RBP: 00007f907bc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 683.680389][T15681] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 683.680404][T15681] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 683.680442][T15681] [ 685.675149][T15717] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1967'. [ 685.722884][T15717] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1967'. [ 686.004715][ T0] NOHZ tick-stop error: local softirq work is pending, handler #242!!! [ 686.700265][T15727] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1971'. [ 687.369006][T15732] syz.1.1972: vmalloc error: size 18446744073709551615, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 687.434623][T15732] CPU: 0 UID: 0 PID: 15732 Comm: syz.1.1972 Not tainted syzkaller #0 PREEMPT(full) [ 687.434660][T15732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 687.434677][T15732] Call Trace: [ 687.434686][T15732] [ 687.434696][T15732] dump_stack_lvl+0x100/0x190 [ 687.434736][T15732] warn_alloc.cold+0x95/0x1c1 [ 687.434762][T15732] ? __pfx_warn_alloc+0x10/0x10 [ 687.434786][T15732] ? __lock_acquire+0x4a5/0x2630 [ 687.434815][T15732] __vmalloc_node_range_noprof+0x1252/0x1530 [ 687.434837][T15732] ? rcu_is_watching+0x12/0xc0 [ 687.434860][T15732] ? trace_contention_end+0x140/0x180 [ 687.434881][T15732] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 687.434899][T15732] ? dvb_dvr_do_ioctl+0x7e/0x270 [ 687.434915][T15732] ? tomoyo_path_number_perm+0x28f/0x580 [ 687.434934][T15732] ? tomoyo_path_number_perm+0x28f/0x580 [ 687.434953][T15732] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 687.434973][T15732] ? __pfx___mutex_lock+0x10/0x10 [ 687.434993][T15732] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 687.435010][T15732] ? futex_wait+0x125/0x380 [ 687.435034][T15732] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 687.435050][T15732] __vmalloc_node_noprof+0xad/0xf0 [ 687.435069][T15732] ? dvb_dvr_do_ioctl+0x15d/0x270 [ 687.435089][T15732] dvb_dvr_do_ioctl+0x15d/0x270 [ 687.435109][T15732] dvb_usercopy+0x167/0x340 [ 687.435124][T15732] ? __pfx_dvb_dvr_do_ioctl+0x10/0x10 [ 687.435142][T15732] ? __pfx_dvb_usercopy+0x10/0x10 [ 687.435174][T15732] ? __fget_files+0x21f/0x3d0 [ 687.435197][T15732] dvb_dvr_ioctl+0x29/0x40 [ 687.435213][T15732] ? __pfx_dvb_dvr_ioctl+0x10/0x10 [ 687.435230][T15732] __x64_sys_ioctl+0x18e/0x210 [ 687.435254][T15732] do_syscall_64+0x106/0xf80 [ 687.435269][T15732] ? clear_bhb_loop+0x40/0x90 [ 687.435287][T15732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 687.435301][T15732] RIP: 0033:0x7f907bb9c819 [ 687.435315][T15732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 687.435329][T15732] RSP: 002b:00007f9079dd5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 687.435344][T15732] RAX: ffffffffffffffda RBX: 00007f907be16090 RCX: 00007f907bb9c819 [ 687.435354][T15732] RDX: ffffffffffffffff RSI: 0000000000006f2d RDI: 0000000000000002 [ 687.435363][T15732] RBP: 00007f907bc32c91 R08: 0000000000000000 R09: 0000000000000000 [ 687.435372][T15732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 687.435381][T15732] R13: 00007f907be16128 R14: 00007f907be16090 R15: 00007ffc6e2859e8 [ 687.435401][T15732] [ 687.435556][T15732] Mem-Info: [ 687.720083][T15732] active_anon:16419 inactive_anon:0 isolated_anon:0 [ 687.720083][T15732] active_file:14937 inactive_file:40389 isolated_file:0 [ 687.720083][T15732] unevictable:768 dirty:727 writeback:0 [ 687.720083][T15732] slab_reclaimable:11086 slab_unreclaimable:92061 [ 687.720083][T15732] mapped:27926 shmem:11610 pagetables:1072 [ 687.720083][T15732] sec_pagetables:0 bounce:0 [ 687.720083][T15732] kernel_misc_reclaimable:0 [ 687.720083][T15732] free:1299007 free_pcp:29053 free_cma:0 [ 687.914106][T15738] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1975'. [ 687.948003][T15732] Node 0 active_anon:53876kB inactive_anon:0kB active_file:59748kB inactive_file:161356kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:115304kB dirty:3108kB writeback:0kB shmem:35104kB shmem_thp:2048kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:10992kB pagetables:4060kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 687.983208][T15738] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1975'. [ 687.994289][T15732] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:96kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 688.054460][T15732] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 688.205026][T15732] lowmem_reserve[]: 0 2477 2478 2478 2478 [ 688.228398][T15732] Node 0 DMA32 free:1303536kB boost:0kB min:34056kB low:42568kB high:51080kB reserved_highatomic:0KB free_highatomic:0KB active_anon:25376kB inactive_anon:0kB active_file:59748kB inactive_file:161356kB unevictable:1536kB writepending:3108kB zspages:0kB present:3129332kB managed:2537256kB mlocked:0kB bounce:0kB free_pcp:91264kB local_pcp:55220kB free_cma:0kB [ 688.314658][T15732] lowmem_reserve[]: 0 0 1 1 1 [ 688.319956][T15732] Node 0 Normal free:0kB boost:0kB min:12kB low:12kB high:12kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1052kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB [ 688.434639][T15732] lowmem_reserve[]: 0 0 0 0 0 [ 688.439752][T15732] Node 1 Normal free:3898120kB boost:0kB min:55832kB low:69788kB high:83744kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:200kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:44020kB local_pcp:14996kB free_cma:0kB [ 688.486805][T15732] lowmem_reserve[]: 0 0 0 0 0 [ 688.518845][T15732] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 688.561967][T15732] Node 0 DMA32: 3497*4kB (UME) 3978*8kB (UME) 2326*16kB (UME) 579*32kB (UME) 767*64kB (UME) 444*128kB (UME) 264*256kB (UME) 208*512kB (UME) 143*1024kB (UME) 9*2048kB (UM) 187*4096kB (UM) = 1312372kB [ 688.592853][T15732] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 688.609192][T15732] Node 1 Normal: 108*4kB (UM) 130*8kB (UM) 109*16kB (UM) 65*32kB (UM) 57*64kB (M) 31*128kB (UM) 7*256kB (M) 11*512kB (UM) 1*1024kB (M) 1*2048kB (U) 946*4096kB (UM) = 3898224kB [ 688.744783][T15732] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 688.755823][T15732] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 688.766361][T15732] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 688.780667][T15732] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 688.797407][T15732] 58670 total pagecache pages [ 688.834370][T15732] 0 pages in swap cache [ 688.909586][T15732] Free swap = 124996kB [ 688.915221][T15732] Total swap = 124996kB [ 688.934925][T15732] 2097051 pages RAM [ 688.940657][T15732] 0 pages HighMem/MovableOnly [ 688.945882][T15732] 430859 pages reserved [ 688.953401][T15732] 0 pages cma reserved [ 690.062299][T15779] FAULT_INJECTION: forcing a failure. [ 690.062299][T15779] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 690.084092][T15779] CPU: 0 UID: 0 PID: 15779 Comm: syz.0.1984 Not tainted syzkaller #0 PREEMPT(full) [ 690.084137][T15779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 690.084152][T15779] Call Trace: [ 690.084160][T15779] [ 690.084170][T15779] dump_stack_lvl+0x100/0x190 [ 690.084216][T15779] should_fail_ex.cold+0x5/0xa [ 690.084249][T15779] _copy_from_user+0x2e/0xd0 [ 690.084284][T15779] sg_write+0x2af/0xdb0 [ 690.084319][T15779] ? __pfx_sg_write+0x10/0x10 [ 690.084380][T15779] ? apparmor_file_permission+0x13f/0x1c0 [ 690.084412][T15779] ? bpf_lsm_file_permission+0x9/0x10 [ 690.084437][T15779] ? security_file_permission+0x76/0x210 [ 690.084476][T15779] ? rw_verify_area+0xce/0x6d0 [ 690.084513][T15779] vfs_write+0x2aa/0x1070 [ 690.084539][T15779] ? __pfx_sg_write+0x10/0x10 [ 690.084568][T15779] ? __pfx_vfs_write+0x10/0x10 [ 690.084589][T15779] ? find_held_lock+0x2b/0x80 [ 690.084613][T15779] ? __fget_files+0x215/0x3d0 [ 690.084637][T15779] ? __fget_files+0x215/0x3d0 [ 690.084666][T15779] ? __fget_files+0x21f/0x3d0 [ 690.084698][T15779] ksys_write+0x12a/0x250 [ 690.084722][T15779] ? __pfx_ksys_write+0x10/0x10 [ 690.084757][T15779] do_syscall_64+0x106/0xf80 [ 690.084784][T15779] ? clear_bhb_loop+0x40/0x90 [ 690.084817][T15779] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.084845][T15779] RIP: 0033:0x7f199919c819 [ 690.084866][T15779] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 690.084891][T15779] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 690.084916][T15779] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 690.084935][T15779] RDX: 0000000000008587 RSI: 0000200000000040 RDI: 0000000000000003 [ 690.084952][T15779] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 690.084969][T15779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 690.084985][T15779] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 690.085021][T15779] [ 690.448758][T15785] FAULT_INJECTION: forcing a failure. [ 690.448758][T15785] name failslab, interval 1, probability 0, space 0, times 0 [ 690.470549][T15785] CPU: 1 UID: 0 PID: 15785 Comm: syz.0.1986 Not tainted syzkaller #0 PREEMPT(full) [ 690.470581][T15785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 690.470595][T15785] Call Trace: [ 690.470603][T15785] [ 690.470612][T15785] dump_stack_lvl+0x100/0x190 [ 690.470655][T15785] should_fail_ex.cold+0x5/0xa [ 690.470688][T15785] should_failslab+0xc2/0x120 [ 690.470717][T15785] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 690.470758][T15785] ? sock_alloc_inode+0x25/0x1c0 [ 690.470790][T15785] ? __pfx_sock_alloc_inode+0x10/0x10 [ 690.470822][T15785] sock_alloc_inode+0x25/0x1c0 [ 690.470849][T15785] alloc_inode+0x68/0x250 [ 690.470884][T15785] sock_alloc+0x44/0x280 [ 690.470912][T15785] do_accept+0xf9/0x530 [ 690.470945][T15785] ? 0xffffffff81000000 [ 690.470963][T15785] ? do_raw_spin_lock+0x128/0x260 [ 690.471002][T15785] ? __pfx_do_accept+0x10/0x10 [ 690.471056][T15785] ? 0xffffffff81000000 [ 690.471074][T15785] __sys_accept4+0x108/0x200 [ 690.471109][T15785] ? __pfx___sys_accept4+0x10/0x10 [ 690.471142][T15785] ? ksys_write+0x1ac/0x250 [ 690.471176][T15785] ? __pfx_ksys_write+0x10/0x10 [ 690.471209][T15785] __x64_sys_accept+0x74/0xb0 [ 690.471245][T15785] ? lockdep_hardirqs_on+0x78/0x100 [ 690.471274][T15785] do_syscall_64+0x106/0xf80 [ 690.471301][T15785] ? clear_bhb_loop+0x40/0x90 [ 690.471333][T15785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.471359][T15785] RIP: 0033:0x7f199919c819 [ 690.471379][T15785] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 690.471404][T15785] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 000000000000002b [ 690.471429][T15785] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 690.471443][T15785] RDX: ffffffff81000000 RSI: ffffffffffffffff RDI: 0000000000000003 [ 690.471460][T15785] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 690.471476][T15785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 690.471491][T15785] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 690.471517][T15785] ? 0xffffffff81000000 [ 690.471543][T15785] [ 692.276830][T15817] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 692.380996][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 692.389340][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.592662][T15820] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1998'. [ 696.425456][T15895] FAULT_INJECTION: forcing a failure. [ 696.425456][T15895] name failslab, interval 1, probability 0, space 0, times 0 [ 696.482754][T15895] CPU: 0 UID: 0 PID: 15895 Comm: syz.1.2018 Not tainted syzkaller #0 PREEMPT(full) [ 696.482795][T15895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 696.482811][T15895] Call Trace: [ 696.482820][T15895] [ 696.482829][T15895] dump_stack_lvl+0x100/0x190 [ 696.482874][T15895] should_fail_ex.cold+0x5/0xa [ 696.482907][T15895] should_failslab+0xc2/0x120 [ 696.482938][T15895] __kmalloc_cache_noprof+0x7a/0x6f0 [ 696.482975][T15895] ? alloc_pipe_info+0x10e/0x590 [ 696.483004][T15895] ? find_held_lock+0x2b/0x80 [ 696.483036][T15895] alloc_pipe_info+0x10e/0x590 [ 696.483069][T15895] splice_direct_to_actor+0x78f/0xa30 [ 696.483100][T15895] ? __lock_acquire+0x4a5/0x2630 [ 696.483131][T15895] ? __pfx_direct_splice_actor+0x10/0x10 [ 696.483160][T15895] ? __pfx_aa_file_perm+0x10/0x10 [ 696.483215][T15895] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 696.483253][T15895] do_splice_direct+0x174/0x240 [ 696.483282][T15895] ? __pfx_do_splice_direct+0x10/0x10 [ 696.483311][T15895] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 696.483339][T15895] ? bpf_lsm_file_permission+0x9/0x10 [ 696.483365][T15895] ? security_file_permission+0x76/0x210 [ 696.483401][T15895] ? rw_verify_area+0xce/0x6d0 [ 696.483442][T15895] do_sendfile+0xadc/0xe20 [ 696.483473][T15895] ? __pfx_do_sendfile+0x10/0x10 [ 696.483514][T15895] ? __fget_files+0x21f/0x3d0 [ 696.483555][T15895] __x64_sys_sendfile64+0x1d8/0x220 [ 696.483586][T15895] ? ksys_write+0x1ac/0x250 [ 696.483612][T15895] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 696.483653][T15895] do_syscall_64+0x106/0xf80 [ 696.483681][T15895] ? clear_bhb_loop+0x40/0x90 [ 696.483714][T15895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.483741][T15895] RIP: 0033:0x7f907bb9c819 [ 696.483763][T15895] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 696.483789][T15895] RSP: 002b:00007f9079df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 696.483814][T15895] RAX: ffffffffffffffda RBX: 00007f907be15fa0 RCX: 00007f907bb9c819 [ 696.483832][T15895] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003 [ 696.483846][T15895] RBP: 00007f9079df6090 R08: 0000000000000000 R09: 0000000000000000 [ 696.483862][T15895] R10: 0000400000000006 R11: 0000000000000246 R12: 0000000000000001 [ 696.483878][T15895] R13: 00007f907be16038 R14: 00007f907be15fa0 R15: 00007ffc6e2859e8 [ 696.483914][T15895] [ 698.370451][T15925] netlink: 52 bytes leftover after parsing attributes in process `syz.3.2029'. [ 702.328286][T15979] can: request_module (can-proto-0) failed. [ 703.284412][T15995] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2045'. [ 705.158260][T16028] random: crng reseeded on system resumption [ 705.995749][T16059] FAULT_INJECTION: forcing a failure. [ 705.995749][T16059] name failslab, interval 1, probability 0, space 0, times 0 [ 706.091508][T16061] netlink: 'syz.3.2059': attribute type 11 has an invalid length. [ 706.112315][T16059] CPU: 0 UID: 0 PID: 16059 Comm: syz.0.2058 Not tainted syzkaller #0 PREEMPT(full) [ 706.112352][T16059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 706.112367][T16059] Call Trace: [ 706.112376][T16059] [ 706.112385][T16059] dump_stack_lvl+0x100/0x190 [ 706.112428][T16059] should_fail_ex.cold+0x5/0xa [ 706.112458][T16059] ? kernfs_fop_write_iter+0x26a/0x5f0 [ 706.112486][T16059] should_failslab+0xc2/0x120 [ 706.112517][T16059] __kmalloc_noprof+0xe0/0x850 [ 706.112564][T16059] kernfs_fop_write_iter+0x26a/0x5f0 [ 706.112601][T16059] vfs_write+0x6ac/0x1070 [ 706.112629][T16059] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 706.112666][T16059] ? __pfx_vfs_write+0x10/0x10 [ 706.112713][T16059] ksys_write+0x12a/0x250 [ 706.112738][T16059] ? __pfx_ksys_write+0x10/0x10 [ 706.112770][T16059] do_syscall_64+0x106/0xf80 [ 706.112797][T16059] ? clear_bhb_loop+0x40/0x90 [ 706.112827][T16059] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.112851][T16059] RIP: 0033:0x7f199919c819 [ 706.112870][T16059] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 706.112895][T16059] RSP: 002b:00007f1999fce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 706.112919][T16059] RAX: ffffffffffffffda RBX: 00007f1999416090 RCX: 00007f199919c819 [ 706.112936][T16059] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000009 [ 706.112952][T16059] RBP: 00007f1999fce090 R08: 0000000000000000 R09: 0000000000000000 [ 706.112968][T16059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 706.112984][T16059] R13: 00007f1999416128 R14: 00007f1999416090 R15: 00007fff9cf77538 [ 706.113021][T16059] [ 706.119140][T16061] netlink: 'syz.3.2059': attribute type 11 has an invalid length. [ 706.322382][T16061] netlink: 'syz.3.2059': attribute type 11 has an invalid length. [ 709.864530][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 711.054132][T16152] program syz.0.2082 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 711.308122][T16164] FAULT_INJECTION: forcing a failure. [ 711.308122][T16164] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 711.402710][T16164] CPU: 0 UID: 0 PID: 16164 Comm: syz.0.2087 Not tainted syzkaller #0 PREEMPT(full) [ 711.402741][T16164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 711.402753][T16164] Call Trace: [ 711.402760][T16164] [ 711.402768][T16164] dump_stack_lvl+0x100/0x190 [ 711.402805][T16164] should_fail_ex.cold+0x5/0xa [ 711.402831][T16164] _copy_from_user+0x2e/0xd0 [ 711.402864][T16164] memdup_user_nul+0x6c/0x120 [ 711.402893][T16164] cachefiles_daemon_write+0xda/0x4e0 [ 711.402932][T16164] vfs_write+0x2aa/0x1070 [ 711.402972][T16164] ? __pfx_cachefiles_daemon_write+0x10/0x10 [ 711.403009][T16164] ? __pfx_vfs_write+0x10/0x10 [ 711.403033][T16164] ? find_held_lock+0x2b/0x80 [ 711.403059][T16164] ? __fget_files+0x215/0x3d0 [ 711.403085][T16164] ? __fget_files+0x215/0x3d0 [ 711.403118][T16164] ? __fget_files+0x21f/0x3d0 [ 711.403154][T16164] ksys_write+0x12a/0x250 [ 711.403181][T16164] ? __pfx_ksys_write+0x10/0x10 [ 711.403217][T16164] do_syscall_64+0x106/0xf80 [ 711.403245][T16164] ? clear_bhb_loop+0x40/0x90 [ 711.403277][T16164] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 711.403305][T16164] RIP: 0033:0x7f199919c819 [ 711.403326][T16164] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 711.403351][T16164] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 711.403376][T16164] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 711.403394][T16164] RDX: 0000000000000076 RSI: 00002000000001c0 RDI: 0000000000000003 [ 711.403411][T16164] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 711.403427][T16164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 711.403443][T16164] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 711.403478][T16164] [ 711.642260][T16129] kexec: Could not allocate control_code_buffer [ 720.636920][T16342] FAULT_INJECTION: forcing a failure. [ 720.636920][T16342] name failslab, interval 1, probability 0, space 0, times 0 [ 720.650737][T16342] CPU: 1 UID: 0 PID: 16342 Comm: syz.0.2148 Not tainted syzkaller #0 PREEMPT(full) [ 720.650780][T16342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 720.650796][T16342] Call Trace: [ 720.650805][T16342] [ 720.650814][T16342] dump_stack_lvl+0x100/0x190 [ 720.650859][T16342] should_fail_ex.cold+0x5/0xa [ 720.650893][T16342] should_failslab+0xc2/0x120 [ 720.650923][T16342] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 720.650963][T16342] ? fsnotify_add_mark_locked+0x749/0x15f0 [ 720.651006][T16342] fsnotify_add_mark_locked+0x749/0x15f0 [ 720.651043][T16342] ? lockdep_init_map_type+0x5c/0x250 [ 720.651088][T16342] do_fanotify_mark+0x3033/0x4010 [ 720.651144][T16342] ? __pfx_do_fanotify_mark+0x10/0x10 [ 720.651196][T16342] ? ksys_write+0x1ac/0x250 [ 720.651222][T16342] ? __pfx_ksys_write+0x10/0x10 [ 720.651254][T16342] __x64_sys_fanotify_mark+0xbd/0x160 [ 720.651296][T16342] ? do_syscall_64+0x95/0xf80 [ 720.651323][T16342] ? lockdep_hardirqs_on+0x78/0x100 [ 720.651352][T16342] do_syscall_64+0x106/0xf80 [ 720.651378][T16342] ? clear_bhb_loop+0x40/0x90 [ 720.651411][T16342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 720.651439][T16342] RIP: 0033:0x7f199919c819 [ 720.651461][T16342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 720.651487][T16342] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 000000000000012d [ 720.651514][T16342] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 720.651532][T16342] RDX: 0000000000000f2b RSI: 0000000000000105 RDI: 0000400000000000 [ 720.651548][T16342] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 720.651564][T16342] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 720.651579][T16342] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 720.651616][T16342] [ 722.888105][T16365] kexec: Could not allocate control_code_buffer [ 725.258840][T16425] RDS: rds_bind could not find a transport for 7bc:c94c:4e37:70c4::, load rds_tcp or rds_rdma? [ 726.689913][T16457] bridge0: port 3(batadv0) entered blocking state [ 726.698603][T16457] bridge0: port 3(batadv0) entered disabled state [ 726.724921][T16457] batadv0: entered allmulticast mode [ 726.732951][T16457] batadv0: entered promiscuous mode [ 726.740227][T16457] bridge0: port 3(batadv0) entered blocking state [ 726.747478][T16457] bridge0: port 3(batadv0) entered forwarding state [ 726.824855][T16461] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 726.866562][T16461] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2177'. [ 726.994962][ T36] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled [ 727.006269][ T36] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled [ 727.083029][T16467] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2178'. [ 727.894387][T16482] can: request_module (can-proto-5) failed. [ 733.630051][T16586] can: request_module (can-proto-0) failed. [ 736.676812][T16673] FAULT_INJECTION: forcing a failure. [ 736.676812][T16673] name failslab, interval 1, probability 0, space 0, times 0 [ 736.692217][T16673] CPU: 0 UID: 0 PID: 16673 Comm: syz.0.2238 Not tainted syzkaller #0 PREEMPT(full) [ 736.692240][T16673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 736.692250][T16673] Call Trace: [ 736.692256][T16673] [ 736.692262][T16673] dump_stack_lvl+0x100/0x190 [ 736.692291][T16673] should_fail_ex.cold+0x5/0xa [ 736.692310][T16673] should_failslab+0xc2/0x120 [ 736.692327][T16673] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 736.692353][T16673] ? __kernfs_new_node+0xd2/0x960 [ 736.692378][T16673] __kernfs_new_node+0xd2/0x960 [ 736.692401][T16673] ? __pfx___kernfs_new_node+0x10/0x10 [ 736.692427][T16673] ? find_held_lock+0x2b/0x80 [ 736.692441][T16673] ? kernfs_root+0xee/0x2a0 [ 736.692461][T16673] ? kernfs_root+0xee/0x2a0 [ 736.692494][T16673] kernfs_new_node+0x11b/0x1a0 [ 736.692512][T16673] __kernfs_create_file+0x53/0x350 [ 736.692533][T16673] sysfs_add_file_mode_ns+0x207/0x3c0 [ 736.692558][T16673] internal_create_group+0x593/0xf40 [ 736.692586][T16673] ? __pfx_internal_create_group+0x10/0x10 [ 736.692611][T16673] ? kernfs_create_link+0x1bd/0x240 [ 736.692638][T16673] internal_create_groups+0x9d/0x150 [ 736.692663][T16673] device_add+0xf5b/0x1950 [ 736.692686][T16673] ? __pfx_device_add+0x10/0x10 [ 736.692707][T16673] ? lockdep_init_map_type+0x5c/0x250 [ 736.692726][T16673] ? __init_waitqueue_head+0xca/0x150 [ 736.692753][T16673] netdev_register_kobject+0x1a9/0x3d0 [ 736.692773][T16673] register_netdevice+0x12e0/0x2210 [ 736.692792][T16673] ? __pfx_register_netdevice+0x10/0x10 [ 736.692813][T16673] __ip_tunnel_create+0x52b/0x670 [ 736.692830][T16673] ? __pfx___ip_tunnel_create+0x10/0x10 [ 736.692845][T16673] ? net_generic+0xea/0x2a0 [ 736.692865][T16673] ip_tunnel_init_net+0x230/0x780 [ 736.692883][T16673] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 736.692907][T16673] ? __kmalloc_noprof+0x320/0x850 [ 736.692947][T16673] ? __pfx_ipgre_init_net+0x10/0x10 [ 736.692985][T16673] ops_init+0x1e2/0x5f0 [ 736.693016][T16673] setup_net+0x118/0x3a0 [ 736.693045][T16673] ? __pfx_setup_net+0x10/0x10 [ 736.693063][T16673] ? lockdep_init_map_type+0x5c/0x250 [ 736.693083][T16673] ? mutex_init_lockep+0x110/0x150 [ 736.693115][T16673] copy_net_ns+0x46f/0x7c0 [ 736.693141][T16673] create_new_namespaces+0x3ea/0xac0 [ 736.693163][T16673] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 736.693182][T16673] ksys_unshare+0x473/0xad0 [ 736.693203][T16673] ? __pfx_ksys_unshare+0x10/0x10 [ 736.693274][T16673] __x64_sys_unshare+0x31/0x40 [ 736.693292][T16673] do_syscall_64+0x106/0xf80 [ 736.693308][T16673] ? clear_bhb_loop+0x40/0x90 [ 736.693327][T16673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 736.693344][T16673] RIP: 0033:0x7f199919c819 [ 736.693359][T16673] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 736.693373][T16673] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 736.693389][T16673] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 736.693399][T16673] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 736.693408][T16673] RBP: 00007f1999232c91 R08: 0000000000000000 R09: 0000000000000000 [ 736.693417][T16673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 736.693426][T16673] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 736.693446][T16673] [ 738.571590][T16707] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2249'. [ 739.277479][T16719] can: request_module (can-proto-5) failed. [ 740.473725][T16726] kexec: Could not allocate control_code_buffer [ 744.184611][T16811] net_ratelimit: 12 callbacks suppressed [ 744.184628][T16811] netlink: ct family unspecified [ 744.494434][T16819] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2277'. [ 744.538973][T16819] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 744.594535][T16819] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 744.644909][T16819] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 744.690028][T16819] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 749.872260][T16909] FAULT_INJECTION: forcing a failure. [ 749.872260][T16909] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 749.984158][T16909] CPU: 1 UID: 0 PID: 16909 Comm: syz.0.2299 Not tainted syzkaller #0 PREEMPT(full) [ 749.984183][T16909] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 749.984192][T16909] Call Trace: [ 749.984197][T16909] [ 749.984203][T16909] dump_stack_lvl+0x100/0x190 [ 749.984230][T16909] should_fail_ex.cold+0x5/0xa [ 749.984248][T16909] _copy_to_user+0x32/0xd0 [ 749.984270][T16909] simple_read_from_buffer+0xcb/0x170 [ 749.984295][T16909] proc_fail_nth_read+0x1af/0x230 [ 749.984315][T16909] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 749.984335][T16909] ? rw_verify_area+0xce/0x6d0 [ 749.984357][T16909] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 749.984375][T16909] vfs_read+0x1e4/0xb30 [ 749.984392][T16909] ? __pfx_vfs_read+0x10/0x10 [ 749.984405][T16909] ? __fget_files+0x215/0x3d0 [ 749.984424][T16909] ? __fget_files+0x21f/0x3d0 [ 749.984443][T16909] ksys_read+0x12a/0x250 [ 749.984457][T16909] ? __pfx_ksys_read+0x10/0x10 [ 749.984476][T16909] do_syscall_64+0x106/0xf80 [ 749.984491][T16909] ? clear_bhb_loop+0x40/0x90 [ 749.984509][T16909] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.984524][T16909] RIP: 0033:0x7f199915d04e [ 749.984536][T16909] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 749.984550][T16909] RSP: 002b:00007f1999feefe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 749.984564][T16909] RAX: ffffffffffffffda RBX: 00007f1999fef6c0 RCX: 00007f199915d04e [ 749.984573][T16909] RDX: 000000000000000f RSI: 00007f1999fef0a0 RDI: 0000000000000004 [ 749.984582][T16909] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 749.984590][T16909] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 749.984598][T16909] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 749.984621][T16909] [ 750.590584][T16920] FAULT_INJECTION: forcing a failure. [ 750.590584][T16920] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 750.639822][T16920] CPU: 0 UID: 0 PID: 16920 Comm: syz.0.2300 Not tainted syzkaller #0 PREEMPT(full) [ 750.639860][T16920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 750.639873][T16920] Call Trace: [ 750.639880][T16920] [ 750.639889][T16920] dump_stack_lvl+0x100/0x190 [ 750.639932][T16920] should_fail_ex.cold+0x5/0xa [ 750.639961][T16920] _copy_to_user+0x32/0xd0 [ 750.639994][T16920] simple_read_from_buffer+0xcb/0x170 [ 750.640036][T16920] proc_fail_nth_read+0x1af/0x230 [ 750.640069][T16920] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 750.640105][T16920] ? rw_verify_area+0xce/0x6d0 [ 750.640143][T16920] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 750.640176][T16920] vfs_read+0x1e4/0xb30 [ 750.640207][T16920] ? __pfx_vfs_read+0x10/0x10 [ 750.640231][T16920] ? __fget_files+0x215/0x3d0 [ 750.640266][T16920] ? __fget_files+0x21f/0x3d0 [ 750.640302][T16920] ksys_read+0x12a/0x250 [ 750.640328][T16920] ? __pfx_ksys_read+0x10/0x10 [ 750.640363][T16920] do_syscall_64+0x106/0xf80 [ 750.640391][T16920] ? clear_bhb_loop+0x40/0x90 [ 750.640423][T16920] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 750.640451][T16920] RIP: 0033:0x7f199915d04e [ 750.640473][T16920] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 750.640498][T16920] RSP: 002b:00007f1999f8bfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 750.640523][T16920] RAX: ffffffffffffffda RBX: 00007f1999f8c6c0 RCX: 00007f199915d04e [ 750.640541][T16920] RDX: 000000000000000f RSI: 00007f1999f8c0a0 RDI: 0000000000000003 [ 750.640556][T16920] RBP: 00007f1999f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 750.640572][T16920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 750.640588][T16920] R13: 00007f1999416308 R14: 00007f1999416270 R15: 00007fff9cf77538 [ 750.640623][T16920] [ 753.624205][T16983] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2315'. [ 753.831051][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 753.840708][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.185904][T16994] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2319'. [ 754.447823][T17000] FAULT_INJECTION: forcing a failure. [ 754.447823][T17000] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 754.480234][T17000] CPU: 1 UID: 0 PID: 17000 Comm: syz.0.2321 Not tainted syzkaller #0 PREEMPT(full) [ 754.480260][T17000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 754.480269][T17000] Call Trace: [ 754.480275][T17000] [ 754.480281][T17000] dump_stack_lvl+0x100/0x190 [ 754.480310][T17000] should_fail_ex.cold+0x5/0xa [ 754.480328][T17000] _copy_from_iter+0x1f4/0x1690 [ 754.480352][T17000] ? __pfx__copy_from_iter+0x10/0x10 [ 754.480371][T17000] ? rcu_is_watching+0x12/0xc0 [ 754.480394][T17000] ? trace_kmalloc+0x101/0x130 [ 754.480410][T17000] ? __kasan_kmalloc+0xaa/0xb0 [ 754.480424][T17000] ? __kmalloc_noprof+0x320/0x850 [ 754.480451][T17000] kernfs_fop_write_iter+0x186/0x5f0 [ 754.480471][T17000] vfs_write+0x6ac/0x1070 [ 754.480486][T17000] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 754.480504][T17000] ? __pfx_vfs_write+0x10/0x10 [ 754.480530][T17000] ksys_write+0x12a/0x250 [ 754.480545][T17000] ? __pfx_ksys_write+0x10/0x10 [ 754.480564][T17000] do_syscall_64+0x106/0xf80 [ 754.480580][T17000] ? clear_bhb_loop+0x40/0x90 [ 754.480598][T17000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.480613][T17000] RIP: 0033:0x7f199919c819 [ 754.480626][T17000] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 754.480641][T17000] RSP: 002b:00007f1999fce028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 754.480655][T17000] RAX: ffffffffffffffda RBX: 00007f1999416090 RCX: 00007f199919c819 [ 754.480665][T17000] RDX: 0000000000000009 RSI: 0000200000000000 RDI: 0000000000000009 [ 754.480674][T17000] RBP: 00007f1999fce090 R08: 0000000000000000 R09: 0000000000000000 [ 754.480682][T17000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 754.480691][T17000] R13: 00007f1999416128 R14: 00007f1999416090 R15: 00007fff9cf77538 [ 754.480709][T17000] [ 755.498127][T16958] kexec: Could not allocate control_code_buffer [ 759.310994][T17082] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 759.323143][T17060] kexec: Could not allocate control_code_buffer [ 759.331023][T17082] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 759.343350][T17082] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 759.355153][T17082] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 759.363711][T17082] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 759.403241][T17083] FAULT_INJECTION: forcing a failure. [ 759.403241][T17083] name failslab, interval 1, probability 0, space 0, times 0 [ 759.478116][T17083] CPU: 0 UID: 0 PID: 17083 Comm: syz.0.2341 Not tainted syzkaller #0 PREEMPT(full) [ 759.478154][T17083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 759.478170][T17083] Call Trace: [ 759.478179][T17083] [ 759.478189][T17083] dump_stack_lvl+0x100/0x190 [ 759.478235][T17083] should_fail_ex.cold+0x5/0xa [ 759.478269][T17083] should_failslab+0xc2/0x120 [ 759.478298][T17083] __kmalloc_cache_noprof+0x7a/0x6f0 [ 759.478335][T17083] ? __request_module+0x2b7/0x6c0 [ 759.478371][T17083] ? lockdep_hardirqs_on+0x78/0x100 [ 759.478406][T17083] __request_module+0x2b7/0x6c0 [ 759.478443][T17083] ? __pfx___request_module+0x10/0x10 [ 759.478491][T17083] ? rcu_is_watching+0x12/0xc0 [ 759.478532][T17083] ? apparmor_capable+0x1d7/0x4d0 [ 759.478562][T17083] ? find_held_lock+0x2b/0x80 [ 759.478588][T17083] ? tcp_ca_find_autoload+0xec/0x2f0 [ 759.478630][T17083] ? tcp_ca_find_autoload+0xec/0x2f0 [ 759.478672][T17083] tcp_ca_find_autoload+0x10d/0x2f0 [ 759.478712][T17083] tcp_set_default_congestion_control+0x63/0x3b0 [ 759.478757][T17083] proc_tcp_congestion_control+0x19d/0x1c0 [ 759.478794][T17083] ? __pfx_proc_tcp_congestion_control+0x10/0x10 [ 759.478837][T17083] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 759.478874][T17083] proc_sys_call_handler+0x47f/0x5a0 [ 759.478905][T17083] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 759.478942][T17083] vfs_write+0x6ac/0x1070 [ 759.478981][T17083] ? __pfx_proc_sys_write+0x10/0x10 [ 759.479010][T17083] ? __pfx_vfs_write+0x10/0x10 [ 759.479034][T17083] ? find_held_lock+0x2b/0x80 [ 759.479081][T17083] __x64_sys_pwrite64+0x1eb/0x250 [ 759.479111][T17083] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 759.479155][T17083] do_syscall_64+0x106/0xf80 [ 759.479182][T17083] ? clear_bhb_loop+0x40/0x90 [ 759.479216][T17083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.479244][T17083] RIP: 0033:0x7f199919c819 [ 759.479266][T17083] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 759.479291][T17083] RSP: 002b:00007f1999fef028 EFLAGS: 00000246 ORIG_RAX: 0000000000000012 [ 759.479317][T17083] RAX: ffffffffffffffda RBX: 00007f1999415fa0 RCX: 00007f199919c819 [ 759.479335][T17083] RDX: 0000000000000004 RSI: 0000200000000040 RDI: 0000000000000003 [ 759.479351][T17083] RBP: 00007f1999fef090 R08: 0000000000000000 R09: 0000000000000000 [ 759.479367][T17083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 759.479383][T17083] R13: 00007f1999416038 R14: 00007f1999415fa0 R15: 00007fff9cf77538 [ 759.479419][T17083] [ 759.970893][T17079] chnl_net:caif_netlink_parms(): no params data found [ 760.211069][T17079] bridge0: port 1(bridge_slave_0) entered blocking state [ 760.248406][T17079] bridge0: port 1(bridge_slave_0) entered disabled state [ 760.256091][T17079] bridge_slave_0: entered allmulticast mode [ 760.315466][T17079] bridge_slave_0: entered promiscuous mode [ 760.350489][T17079] bridge0: port 2(bridge_slave_1) entered blocking state [ 760.358094][T17079] bridge0: port 2(bridge_slave_1) entered disabled state [ 760.396904][T17079] bridge_slave_1: entered allmulticast mode [ 760.420152][T17079] bridge_slave_1: entered promiscuous mode [ 760.531291][T16619] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 760.704330][T17079] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 760.754866][T16619] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 760.852671][T17079] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 760.864775][T17110] process 'syz.2.2348' launched './file0' with NULL argv: empty string added [ 761.012137][T16619] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.098064][T17079] team0: Port device team_slave_0 added [ 761.137428][T16619] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 761.175888][T17079] team0: Port device team_slave_1 added [ 761.240594][T17114] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2350'. [ 761.371317][T17079] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 761.379275][T17079] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 761.424660][T17079] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 761.428923][ T5828] Bluetooth: hci4: command tx timeout [ 761.463290][T17079] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 761.502255][T17079] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 761.619030][T17079] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 761.927200][T17079] hsr_slave_0: entered promiscuous mode [ 761.943020][T17079] hsr_slave_1: entered promiscuous mode [ 761.957124][T17079] debugfs: 'hsr0' already exists in 'hsr' [ 761.969118][T17079] Cannot create hsr debugfs directory [ 762.221093][T16619] bridge_slave_1: left allmulticast mode [ 762.227785][T16619] bridge_slave_1: left promiscuous mode [ 762.251396][T16619] bridge0: port 2(bridge_slave_1) entered disabled state [ 762.298940][T16619] bridge_slave_0: left allmulticast mode [ 762.311513][T16619] bridge_slave_0: left promiscuous mode [ 762.329533][T16619] bridge0: port 1(bridge_slave_0) entered disabled state [ 762.801205][T16619] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 762.828153][T16619] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 762.905490][T16619] bond0 (unregistering): Released all slaves [ 763.512413][ T5828] Bluetooth: hci4: command tx timeout [ 763.706192][T16619] hsr_slave_0: left promiscuous mode [ 763.735968][T16619] hsr_slave_1: left promiscuous mode [ 763.764892][T16619] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 763.780014][T16619] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 763.814018][T16619] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 763.849160][T16619] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 763.937603][T16619] veth1_macvtap: left promiscuous mode [ 763.944061][T16619] veth0_macvtap: left promiscuous mode [ 763.950843][T16619] veth1_vlan: left promiscuous mode [ 763.956911][T16619] veth0_vlan: left promiscuous mode [ 764.625677][T16619] team0 (unregistering): Port device team_slave_1 removed [ 764.757946][T16619] team0 (unregistering): Port device team_slave_0 removed [ 765.591661][ T5828] Bluetooth: hci4: command tx timeout [ 765.803953][T17079] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 765.848595][T17079] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 765.876986][T17079] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 765.898468][T17079] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 766.283047][T17221] ptrace attach of "./syz-executor exec"[5823] was attempted by "84\x0a`d\x0a:х^UEqQy?\x1bܠ̜#D p>6ԅg+>G0}9.|v+\x0c~a^$Ъ^@(C䮴`2v/hƪ>L9>~v&K!0$f9QύՎtmꌼ^NJ'Uj͐Am^\x22\x0cpx4qy\x0bT͆Y6f qO˲˫}\x0aXiJM9u`j:@ӗ\x07#1r,\x09ːj??i/\x0bdY^\x0c!1ڼU\x0cW8]-tarRYg)5Z:J7[?A(`;zM61Rw6O cu1@Ehbs*բcJJ%cxs^FCatAWk-ݤ\x0d]h98@I\x0cl8? \x0d\x0a9Èw$%1kgxf\x09O\x1b҄ #>HXyL2C/YCSSU.Ln=',F\x0d\x0dm=zl>qrH_2m;Htn9k'Ӷnt[}-U!w\x22:hb{[#9\x0dX3a.\x1bE?z$ך](\x07IfP+sCr,u@2PT\x0amLXc [ 766.327447][T17079] 8021q: adding VLAN 0 to HW filter on device bond0 [ 766.549852][T17079] 8021q: adding VLAN 0 to HW filter on device team0 [ 766.597086][T16618] bridge0: port 1(bridge_slave_0) entered blocking state [ 766.605014][T16618] bridge0: port 1(bridge_slave_0) entered forwarding state [ 766.666540][T16618] bridge0: port 2(bridge_slave_1) entered blocking state [ 766.674451][T16618] bridge0: port 2(bridge_slave_1) entered forwarding state [ 767.643298][T17079] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 767.672136][ T5828] Bluetooth: hci4: command tx timeout [ 767.804642][T17079] veth0_vlan: entered promiscuous mode [ 767.864315][T17079] veth1_vlan: entered promiscuous mode [ 768.018414][T17079] veth0_macvtap: entered promiscuous mode [ 768.123231][T17079] veth1_macvtap: entered promiscuous mode [ 768.200702][T17079] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 768.236975][T17079] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 768.456160][T16618] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.505095][T16618] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.569833][T16618] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.599295][T16618] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 768.845535][T16617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 768.867892][T16617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 768.969728][ T109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 769.004238][ T109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 769.539873][T17302] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 770.044180][T17082] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 770.054257][T17082] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 770.095024][T17082] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 770.109428][T17082] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 770.134674][T17082] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 770.782491][T17311] chnl_net:caif_netlink_parms(): no params data found [ 771.367149][T17311] bridge0: port 1(bridge_slave_0) entered blocking state [ 771.375141][T17311] bridge0: port 1(bridge_slave_0) entered disabled state [ 771.383467][T17311] bridge_slave_0: entered allmulticast mode [ 771.400053][T17311] bridge_slave_0: entered promiscuous mode [ 771.517912][ T109] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 771.638976][T17311] bridge0: port 2(bridge_slave_1) entered blocking state [ 771.647983][T17311] bridge0: port 2(bridge_slave_1) entered disabled state [ 771.666152][T17311] bridge_slave_1: entered allmulticast mode [ 771.693156][T17311] bridge_slave_1: entered promiscuous mode [ 772.002084][ T109] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 772.234947][ T5828] Bluetooth: hci0: command tx timeout [ 772.255260][T17311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 772.418924][ T109] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 772.543473][T17311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 772.716756][ T109] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 772.809043][T17311] team0: Port device team_slave_0 added [ 772.893827][T17311] team0: Port device team_slave_1 added [ 773.037302][T17311] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 773.047129][T17311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 773.084679][T17311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 773.106536][T17311] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 773.114210][T17311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 773.146331][T17311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 773.432593][ T109] batadv0: left allmulticast mode [ 773.444974][ T109] batadv0: left promiscuous mode [ 773.450206][ T109] bridge0: port 3(batadv0) entered disabled state [ 773.513500][ T109] bridge_slave_1: left allmulticast mode [ 773.524058][ T109] bridge_slave_1: left promiscuous mode [ 773.542724][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 773.596051][ T109] bridge_slave_0: left allmulticast mode [ 773.609832][ T109] bridge_slave_0: left promiscuous mode [ 773.625095][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 774.101844][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 774.210530][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 774.236593][ T109] bond0 (unregistering): Released all slaves [ 774.346748][ T5828] Bluetooth: hci0: command tx timeout [ 774.373482][T17311] hsr_slave_0: entered promiscuous mode [ 774.381515][T17311] hsr_slave_1: entered promiscuous mode [ 774.388648][T17311] debugfs: 'hsr0' already exists in 'hsr' [ 774.397221][T17311] Cannot create hsr debugfs directory [ 774.804231][T17382] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2390'. [ 775.391594][ T109] hsr_slave_0: left promiscuous mode [ 775.419815][ T109] hsr_slave_1: left promiscuous mode [ 775.452828][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 775.533614][ T109] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 775.669475][ T109] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 775.677679][ T109] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 775.840957][ T109] veth1_macvtap: left promiscuous mode [ 775.886031][ T109] veth0_macvtap: left promiscuous mode [ 775.941720][ T109] veth1_vlan: left promiscuous mode [ 775.967257][ T109] veth0_vlan: left promiscuous mode [ 776.408134][ T5828] Bluetooth: hci0: command tx timeout [ 776.518784][ T109] team0 (unregistering): Port device team_slave_1 removed [ 776.545154][ T109] team0 (unregistering): Port device team_slave_0 removed [ 776.806797][T17382] ieee80211 phy13: Failed to add default virtual iface [ 778.210062][T17431] netlink: 86 bytes leftover after parsing attributes in process `syz.0.2396'. [ 778.393792][T17425] NFSD: Failed to start, no listeners configured. [ 778.483285][ T5828] Bluetooth: hci0: command tx timeout [ 778.632930][T17311] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 778.671913][T17311] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 778.697710][T17311] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 778.731378][T17311] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 779.071598][T17311] 8021q: adding VLAN 0 to HW filter on device bond0 [ 779.133705][T17311] 8021q: adding VLAN 0 to HW filter on device team0 [ 779.168575][T16621] bridge0: port 1(bridge_slave_0) entered blocking state [ 779.176294][T16621] bridge0: port 1(bridge_slave_0) entered forwarding state [ 779.219392][T16621] bridge0: port 2(bridge_slave_1) entered blocking state [ 779.227262][T16621] bridge0: port 2(bridge_slave_1) entered forwarding state [ 779.317495][T17311] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 779.665900][ T5828] Bluetooth: hci1: unexpected subevent 0x0c length: 118 > 5 [ 779.993337][T17311] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 780.114265][T17311] veth0_vlan: entered promiscuous mode [ 780.134712][T17311] veth1_vlan: entered promiscuous mode [ 780.219687][T17311] veth0_macvtap: entered promiscuous mode [ 780.232081][T17311] veth1_macvtap: entered promiscuous mode [ 780.251526][T17476] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2402'. [ 780.313484][T17311] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 780.335359][T17311] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 780.461637][T16620] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 780.461714][T16620] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 780.461757][T16620] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 780.461805][T16620] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 780.864071][T16618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 780.864122][T16618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 780.964075][ T109] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 780.964094][ T109] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 781.893208][T17082] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 781.904463][T17082] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 781.914553][T17082] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 781.923829][T17082] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 781.933368][T17082] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 782.822718][ T109] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.009408][T17521] chnl_net:caif_netlink_parms(): no params data found [ 783.061869][ T109] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.722227][ T109] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 783.975262][ T109] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 784.012974][T17082] Bluetooth: hci2: command tx timeout [ 784.436094][T17521] bridge0: port 1(bridge_slave_0) entered blocking state [ 784.464402][T17521] bridge0: port 1(bridge_slave_0) entered disabled state [ 784.650771][T17521] bridge_slave_0: entered allmulticast mode [ 784.666853][T17521] bridge_slave_0: entered promiscuous mode [ 784.758741][T17521] bridge0: port 2(bridge_slave_1) entered blocking state [ 784.770981][T17521] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.784689][T17521] bridge_slave_1: entered allmulticast mode [ 784.797360][T17521] bridge_slave_1: entered promiscuous mode [ 784.903337][T17521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 784.934721][ T109] bridge_slave_1: left allmulticast mode [ 784.941264][ T109] bridge_slave_1: left promiscuous mode [ 784.947276][ T109] bridge0: port 2(bridge_slave_1) entered disabled state [ 784.967392][ T109] bridge_slave_0: left allmulticast mode [ 784.983368][ T109] bridge_slave_0: left promiscuous mode [ 784.996002][ T109] bridge0: port 1(bridge_slave_0) entered disabled state [ 785.322990][ T109] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 785.337401][ T109] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 785.349338][ T109] bond0 (unregistering): Released all slaves [ 785.366704][T17521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 785.546413][T17521] team0: Port device team_slave_0 added [ 785.562755][T17521] team0: Port device team_slave_1 added [ 785.728432][T17521] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 785.740642][T17521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 785.773549][T17521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 785.792186][ T109] hsr_slave_0: left promiscuous mode [ 785.799957][ T109] hsr_slave_1: left promiscuous mode [ 785.817533][ T109] veth1_macvtap: left promiscuous mode [ 785.824256][ T109] veth0_macvtap: left promiscuous mode [ 785.831630][ T109] veth1_vlan: left promiscuous mode [ 785.837358][ T109] veth0_vlan: left promiscuous mode [ 786.091439][T17082] Bluetooth: hci2: command tx timeout [ 786.108421][ T109] team0 (unregistering): Port device team_slave_1 removed [ 786.123138][ T109] team0 (unregistering): Port device team_slave_0 removed [ 786.315266][T17521] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 786.323376][T17521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 786.355096][T17521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 786.455521][T17521] hsr_slave_0: entered promiscuous mode [ 786.463250][T17521] hsr_slave_1: entered promiscuous mode [ 786.469642][T17521] debugfs: 'hsr0' already exists in 'hsr' [ 786.476328][T17521] Cannot create hsr debugfs directory [ 787.624863][T17521] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 787.684609][T17521] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 787.834491][T17521] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 787.880804][T17521] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 788.162510][T17082] Bluetooth: hci2: command tx timeout [ 788.481412][T17521] 8021q: adding VLAN 0 to HW filter on device bond0 [ 788.526938][T17521] 8021q: adding VLAN 0 to HW filter on device team0 [ 788.665643][ T109] bridge0: port 1(bridge_slave_0) entered blocking state [ 788.673610][ T109] bridge0: port 1(bridge_slave_0) entered forwarding state [ 788.723788][T16618] bridge0: port 2(bridge_slave_1) entered blocking state [ 788.731130][T16618] bridge0: port 2(bridge_slave_1) entered forwarding state [ 789.472707][T17521] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 789.786467][T17521] veth0_vlan: entered promiscuous mode [ 789.794244][T17668] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 789.888200][T17521] veth1_vlan: entered promiscuous mode [ 790.244883][T17082] Bluetooth: hci2: command tx timeout [ 790.394625][T17521] veth0_macvtap: entered promiscuous mode [ 790.406784][T17521] veth1_macvtap: entered promiscuous mode [ 790.644452][T17521] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 790.744946][T17521] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 790.837322][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.882870][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 790.898801][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 791.027502][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 791.176653][T16621] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 791.199862][T16621] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 791.293457][T16621] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 791.323754][T16621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 791.479884][T17692] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2435'. [ 791.506964][T17695] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 795.318636][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 795.330114][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 795.342642][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 795.359864][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 795.376199][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 796.861271][T17759] chnl_net:caif_netlink_parms(): no params data found [ 797.113448][T16621] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.246109][T16621] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.301481][T17759] bridge0: port 1(bridge_slave_0) entered blocking state [ 797.319329][T17759] bridge0: port 1(bridge_slave_0) entered disabled state [ 797.338189][T17759] bridge_slave_0: entered allmulticast mode [ 797.347350][T17759] bridge_slave_0: entered promiscuous mode [ 797.421173][T16621] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.457358][ T5828] Bluetooth: hci1: command tx timeout [ 797.489502][T17759] bridge0: port 2(bridge_slave_1) entered blocking state [ 797.526935][T17759] bridge0: port 2(bridge_slave_1) entered disabled state [ 797.534989][T17759] bridge_slave_1: entered allmulticast mode [ 797.570740][T17759] bridge_slave_1: entered promiscuous mode [ 797.735456][T16621] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 797.780186][T17759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 797.793551][T17759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 797.836053][T17759] team0: Port device team_slave_0 added [ 797.880480][T17759] team0: Port device team_slave_1 added [ 797.973300][T17759] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 798.001363][T17759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 798.117339][T17759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 798.192442][T17759] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 798.228484][T17759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 798.289382][T17759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 798.753737][T17759] hsr_slave_0: entered promiscuous mode [ 798.772415][T17759] hsr_slave_1: entered promiscuous mode [ 798.851929][T17759] debugfs: 'hsr0' already exists in 'hsr' [ 798.859656][T17759] Cannot create hsr debugfs directory [ 798.974915][T16621] bridge_slave_1: left allmulticast mode [ 799.021619][T16621] bridge_slave_1: left promiscuous mode [ 799.037416][T16621] bridge0: port 2(bridge_slave_1) entered disabled state [ 799.062496][T16621] bridge_slave_0: left allmulticast mode [ 799.077642][T16621] bridge_slave_0: left promiscuous mode [ 799.156175][T16621] bridge0: port 1(bridge_slave_0) entered disabled state [ 799.528312][ T5828] Bluetooth: hci1: command tx timeout [ 799.924760][T16621] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 799.941958][T16621] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 799.944257][T16621] bond0 (unregistering): Released all slaves [ 800.650926][T16621] hsr_slave_0: left promiscuous mode [ 800.666292][T16621] hsr_slave_1: left promiscuous mode [ 800.684930][T16621] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 800.724544][T16621] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 800.760262][T16621] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 800.795336][T16621] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 800.877245][T16621] veth1_macvtap: left promiscuous mode [ 800.903980][T16621] veth0_macvtap: left promiscuous mode [ 800.945345][T16621] veth1_vlan: left promiscuous mode [ 800.955308][T16621] veth0_vlan: left promiscuous mode [ 801.363088][T16621] team0 (unregistering): Port device team_slave_1 removed [ 801.448057][T16621] team0 (unregistering): Port device team_slave_0 removed [ 801.609215][ T5828] Bluetooth: hci1: command tx timeout [ 802.756088][T17759] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 803.102121][T17759] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 803.462563][T17759] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 803.500841][T17759] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 803.691569][ T5828] Bluetooth: hci1: command tx timeout [ 804.554885][T17759] 8021q: adding VLAN 0 to HW filter on device bond0 [ 804.852601][T17759] 8021q: adding VLAN 0 to HW filter on device team0 [ 804.975395][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 804.983832][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 805.093201][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 805.101263][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 805.863198][T17759] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 806.040124][T17759] veth0_vlan: entered promiscuous mode [ 806.152258][T17759] veth1_vlan: entered promiscuous mode [ 806.325384][T17759] veth0_macvtap: entered promiscuous mode [ 806.363962][T17759] veth1_macvtap: entered promiscuous mode [ 806.393739][T17978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2487'. [ 806.598709][T17759] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 806.657729][T17759] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 806.710957][T16621] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.737326][T16621] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.765820][T16621] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 806.866618][T16621] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 807.002855][T16617] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 807.032102][T16617] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 807.136882][T16621] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 807.155242][T16621] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 808.066913][T18013] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2495'. [ 809.725752][T18054] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2507'. [ 810.086534][T18060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2509'. [ 810.474144][T18078] FAULT_INJECTION: forcing a failure. [ 810.474144][T18078] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 810.529003][T18078] CPU: 0 UID: 0 PID: 18078 Comm: syz.1.2514 Not tainted syzkaller #0 PREEMPT(full) [ 810.529040][T18078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 810.529056][T18078] Call Trace: [ 810.529064][T18078] [ 810.529074][T18078] dump_stack_lvl+0x100/0x190 [ 810.529120][T18078] should_fail_ex.cold+0x5/0xa [ 810.529152][T18078] strncpy_from_user+0x3b/0x2d0 [ 810.529189][T18078] do_getname+0x78/0x390 [ 810.529225][T18078] do_sys_openat2+0xc5/0x1e0 [ 810.529260][T18078] ? __pfx_do_sys_openat2+0x10/0x10 [ 810.529293][T18078] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 810.529328][T18078] ? __fget_files+0x21f/0x3d0 [ 810.529358][T18078] __x64_sys_openat+0x12d/0x210 [ 810.529394][T18078] ? __pfx___x64_sys_openat+0x10/0x10 [ 810.529429][T18078] ? ksys_write+0x1ac/0x250 [ 810.529467][T18078] do_syscall_64+0x106/0xf80 [ 810.529500][T18078] ? clear_bhb_loop+0x40/0x90 [ 810.529533][T18078] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 810.529560][T18078] RIP: 0033:0x7fe36079c819 [ 810.529582][T18078] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 810.529607][T18078] RSP: 002b:00007fe36162f028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 810.529633][T18078] RAX: ffffffffffffffda RBX: 00007fe360a16090 RCX: 00007fe36079c819 [ 810.529651][T18078] RDX: 0000000000109100 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 810.529668][T18078] RBP: 00007fe36162f090 R08: 0000000000000000 R09: 0000000000000000 [ 810.529684][T18078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 810.529700][T18078] R13: 00007fe360a16128 R14: 00007fe360a16090 R15: 00007ffed4b75328 [ 810.529741][T18078] [ 811.442673][T18091] ================================================================== [ 811.442704][T18091] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x19fb/0x1d60 [ 811.442757][T18091] Write of size 8 at addr ffffc90003c29000 by task syz.3.2518/18091 [ 811.442781][T18091] [ 811.442795][T18091] CPU: 0 UID: 0 PID: 18091 Comm: syz.3.2518 Not tainted syzkaller #0 PREEMPT(full) [ 811.442828][T18091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 811.442846][T18091] Call Trace: [ 811.442854][T18091] [ 811.442864][T18091] dump_stack_lvl+0x100/0x190 [ 811.442907][T18091] print_report+0x156/0x4c9 [ 811.442945][T18091] ? _raw_spin_lock_irqsave+0x52/0x60 [ 811.442993][T18091] ? sys_imageblit+0x19fb/0x1d60 [ 811.443034][T18091] kasan_report+0xdf/0x1e0 [ 811.443068][T18091] ? sys_imageblit+0x19fb/0x1d60 [ 811.443111][T18091] sys_imageblit+0x19fb/0x1d60 [ 811.443157][T18091] ? __pfx_sys_imageblit+0x10/0x10 [ 811.443199][T18091] ? prb_read_valid+0x78/0xa0 [ 811.443233][T18091] ? __pfx_prb_read_valid+0x10/0x10 [ 811.443287][T18091] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 811.443319][T18091] soft_cursor+0x524/0xa10 [ 811.443355][T18091] ? fb_get_color_depth+0x120/0x250 [ 811.443393][T18091] bit_cursor+0xe58/0x16f0 [ 811.443436][T18091] ? __pfx_bit_cursor+0x10/0x10 [ 811.443466][T18091] ? __lock_acquire+0x4a5/0x2630 [ 811.443503][T18091] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 811.443529][T18091] ? get_color+0x1da/0x450 [ 811.443557][T18091] ? __pfx_bit_cursor+0x10/0x10 [ 811.443585][T18091] fbcon_cursor+0x43c/0x5e0 [ 811.443611][T18091] ? add_softcursor+0x180/0x290 [ 811.443648][T18091] set_cursor+0x1db/0x250 [ 811.443682][T18091] con_write+0x89/0xb0 [ 811.443706][T18091] do_output_char+0x63b/0x850 [ 811.443731][T18091] n_tty_write+0x528/0x12d0 [ 811.443764][T18091] ? __pfx_n_tty_write+0x10/0x10 [ 811.443790][T18091] ? trace_kmalloc+0x101/0x130 [ 811.443817][T18091] ? __pfx_woken_wake_function+0x10/0x10 [ 811.443861][T18091] ? rcu_is_watching+0x12/0xc0 [ 811.443901][T18091] ? file_tty_write.isra.0+0x694/0x890 [ 811.443954][T18091] ? kfree+0x2ec/0x6b0 [ 811.443991][T18091] ? __pfx_n_tty_write+0x10/0x10 [ 811.444025][T18091] file_tty_write.isra.0+0x4d2/0x890 [ 811.444074][T18091] redirected_tty_write+0xd4/0x120 [ 811.444120][T18091] vfs_write+0x6ac/0x1070 [ 811.444147][T18091] ? __pfx_redirected_tty_write+0x10/0x10 [ 811.444193][T18091] ? __pfx_vfs_write+0x10/0x10 [ 811.444219][T18091] ? find_held_lock+0x2b/0x80 [ 811.444257][T18091] ksys_write+0x12a/0x250 [ 811.444284][T18091] ? __pfx_ksys_write+0x10/0x10 [ 811.444329][T18091] do_syscall_64+0x106/0xf80 [ 811.444361][T18091] ? clear_bhb_loop+0x40/0x90 [ 811.444401][T18091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.444431][T18091] RIP: 0033:0x7f9c9279c819 [ 811.444454][T18091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 811.444483][T18091] RSP: 002b:00007f9c935d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 811.444515][T18091] RAX: ffffffffffffffda RBX: 00007f9c92a15fa0 RCX: 00007f9c9279c819 [ 811.444535][T18091] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 000000000000000a [ 811.444553][T18091] RBP: 00007f9c92832c91 R08: 0000000000000000 R09: 0000000000000000 [ 811.444571][T18091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.444588][T18091] R13: 00007f9c92a16038 R14: 00007f9c92a15fa0 R15: 00007ffcdfbd8a58 [ 811.444616][T18091] [ 811.444625][T18091] [ 811.444633][T18091] The buggy address belongs to a 0-page vmalloc region starting at 0xffffc90003929000 allocated at drm_gem_shmem_vmap_locked+0x54b/0x800 [ 811.444685][T18091] Memory state around the buggy address: [ 811.444709][T18091] ffffc90003c28f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 811.444734][T18091] ffffc90003c28f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 811.444754][T18091] >ffffc90003c29000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 811.444770][T18091] ^ [ 811.444785][T18091] ffffc90003c29080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 811.444805][T18091] ffffc90003c29100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 811.444820][T18091] ================================================================== [ 811.456458][T18091] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 811.456484][T18091] CPU: 0 UID: 0 PID: 18091 Comm: syz.3.2518 Not tainted syzkaller #0 PREEMPT(full) [ 811.456519][T18091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 811.456537][T18091] Call Trace: [ 811.456546][T18091] [ 811.456556][T18091] dump_stack_lvl+0x100/0x190 [ 811.456601][T18091] vpanic+0x552/0x970 [ 811.456626][T18091] ? __pfx_vpanic+0x10/0x10 [ 811.456658][T18091] ? sys_imageblit+0x19fb/0x1d60 [ 811.456701][T18091] panic+0xd1/0xe0 [ 811.456725][T18091] ? __pfx_panic+0x10/0x10 [ 811.456752][T18091] ? sys_imageblit+0x19fb/0x1d60 [ 811.456794][T18091] ? preempt_schedule_common+0x42/0xc0 [ 811.456827][T18091] check_panic_on_warn.cold+0x19/0x34 [ 811.456857][T18091] end_report.part.0+0x3a/0x90 [ 811.456895][T18091] kasan_report.cold+0xe/0x18 [ 811.456933][T18091] ? sys_imageblit+0x19fb/0x1d60 [ 811.456977][T18091] sys_imageblit+0x19fb/0x1d60 [ 811.457023][T18091] ? __pfx_sys_imageblit+0x10/0x10 [ 811.457065][T18091] ? prb_read_valid+0x78/0xa0 [ 811.457102][T18091] ? __pfx_prb_read_valid+0x10/0x10 [ 811.457144][T18091] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 811.457180][T18091] soft_cursor+0x524/0xa10 [ 811.457219][T18091] ? fb_get_color_depth+0x120/0x250 [ 811.457252][T18091] bit_cursor+0xe58/0x16f0 [ 811.457292][T18091] ? __pfx_bit_cursor+0x10/0x10 [ 811.457326][T18091] ? __lock_acquire+0x4a5/0x2630 [ 811.457365][T18091] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 811.457402][T18091] ? get_color+0x1da/0x450 [ 811.457433][T18091] ? __pfx_bit_cursor+0x10/0x10 [ 811.457468][T18091] fbcon_cursor+0x43c/0x5e0 [ 811.457500][T18091] ? add_softcursor+0x180/0x290 [ 811.457542][T18091] set_cursor+0x1db/0x250 [ 811.457579][T18091] con_write+0x89/0xb0 [ 811.457604][T18091] do_output_char+0x63b/0x850 [ 811.457635][T18091] n_tty_write+0x528/0x12d0 [ 811.457674][T18091] ? __pfx_n_tty_write+0x10/0x10 [ 811.457705][T18091] ? trace_kmalloc+0x101/0x130 [ 811.457735][T18091] ? __pfx_woken_wake_function+0x10/0x10 [ 811.457777][T18091] ? rcu_is_watching+0x12/0xc0 [ 811.457820][T18091] ? file_tty_write.isra.0+0x694/0x890 [ 811.457862][T18091] ? kfree+0x2ec/0x6b0 [ 811.457898][T18091] ? __pfx_n_tty_write+0x10/0x10 [ 811.457931][T18091] file_tty_write.isra.0+0x4d2/0x890 [ 811.457977][T18091] redirected_tty_write+0xd4/0x120 [ 811.458018][T18091] vfs_write+0x6ac/0x1070 [ 811.458046][T18091] ? __pfx_redirected_tty_write+0x10/0x10 [ 811.458086][T18091] ? __pfx_vfs_write+0x10/0x10 [ 811.458108][T18091] ? find_held_lock+0x2b/0x80 [ 811.458141][T18091] ksys_write+0x12a/0x250 [ 811.458165][T18091] ? __pfx_ksys_write+0x10/0x10 [ 811.458193][T18091] do_syscall_64+0x106/0xf80 [ 811.458222][T18091] ? clear_bhb_loop+0x40/0x90 [ 811.458253][T18091] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 811.458287][T18091] RIP: 0033:0x7f9c9279c819 [ 811.458309][T18091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 811.458334][T18091] RSP: 002b:00007f9c935d5028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 811.458361][T18091] RAX: ffffffffffffffda RBX: 00007f9c92a15fa0 RCX: 00007f9c9279c819 [ 811.458386][T18091] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 000000000000000a [ 811.458403][T18091] RBP: 00007f9c92832c91 R08: 0000000000000000 R09: 0000000000000000 [ 811.458420][T18091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 811.458439][T18091] R13: 00007f9c92a16038 R14: 00007f9c92a15fa0 R15: 00007ffcdfbd8a58 [ 811.458467][T18091] [ 811.459035][T18091] Kernel Offset: disabled