last executing test programs: 3.895613179s ago: executing program 3 (id=1263): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc0002, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2902, 0x0) read$auto(r0, 0x0, 0x20) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x2000000008000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x20, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x0, 0x0) socket(0x2, 0x5, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x9, 0xffc, 0x20000000007, 0x939f, 0x0, 0xee01, 0x0, 0x6, 0x3, 0x80000000000005, 0xc0f, 0x1, 0x7fd, 0x92b8, 0x7, 0x800, 0x7}) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000336bd7000fedbdf2502"], 0x24}, 0x1, 0x0, 0x0, 0xc005}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' \x00\''], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa507}, 0x800}, 0x7, 0x8) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x8001, 0x0) r2 = socket(0x15, 0x5, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net/blkio.bfq.sectors_recursive\x00', 0x88000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000500)=""/189, 0xbd) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, r2, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f6) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f0000000180)={0x80040, 0x40, 0xc}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) socket(0x8, 0x80000, 0x0) socket(0x10, 0x2, 0x0) sendmmsg$auto(r5, &(0x7f0000000000)={{0x0, 0x8, 0x0, 0x106, 0x0, 0x1, 0xfffffff3}, 0xed7138c}, 0x7, 0x0) r6 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r6, @new_prog_fd=0x4, 0x4, @old_map_fd=r4}, 0xa8) 2.975977354s ago: executing program 2 (id=1268): r0 = creat$auto(&(0x7f0000000000)='./file0\x00', 0xffff) ioctl$auto_USBDEVFS_DISCARDURB(r0, 0x550b, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000080), r1) bpf$auto(0x6, &(0x7f0000000000)=@bpf_attr_3={0x1, 0x9067, 0x40000080018c, 0xf3, 0x0, 0x8, 0x4, 0x57b8, 0xf, "63ac0600000033ebc15774e816ef77cf", 0x0, 0x100543, 0x4, 0x207, 0x6, 0x1009, 0x4, 0x2, 0xe, 0x5, @attach_btf_obj_fd, 0x166, 0x7fb, 0x6, 0xa, 0x48000000}, 0x10) writev$auto(0xc8, &(0x7f00000028c0)={&(0x7f0000000000), 0x200}, 0x9) sendmsg$auto_ILA_CMD_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r2, 0x9, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x11}, 0x20048840) 2.939575551s ago: executing program 1 (id=1269): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000140), 0x80800, 0x0) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0xffffffffffffffff, 0x10001) syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000040), 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) getsockopt$auto(0xffffffffffffffff, 0x29, 0x4b, 0x0, 0x0) r1 = socket(0xa, 0x5, 0x84) sendto$auto(r1, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) 2.83961564s ago: executing program 2 (id=1270): r0 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x8140, 0x0) ioctl$auto_UI_SET_PROPBIT(r0, 0x4004556e, &(0x7f0000000040)=0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) unshare$auto(0x40000080) lstat$auto(0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000100), 0xffffffffffffffff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000040)='1', 0x1) sendmsg$auto_NL80211_CMD_VENDOR(r1, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000001700)={0x1c, r2, 0x705, 0x70bd27, 0x25dfdbfb, {}, [@NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0x40}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4241, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x40000008000) mmap$auto(0x0, 0xc, 0x4000000000df, 0x100000044eb2, 0x10006, 0x300000000000) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0x0) io_uring_register$auto(0xffffffffffffffff, 0x8, 0x0, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) ioctl$auto(0xffffffffffffffff, 0x7, 0xffffffffffffffff) fcntl$auto_F_SETSIG(0xffffffffffffffff, 0xa, 0x400000000000) socketcall$auto_SYS_SOCKETPAIR(0x8, &(0x7f0000000100)=0x7) writev$auto(0x3, 0x0, 0x8000000000001b) unshare$auto(0x40000080) mmap$auto(0xfffffffffffff30f, 0x5, 0x44000000000dd, 0x2000000000015, 0xffffffffffffffff, 0x7fff) msgget$auto(0x0, 0x5) r4 = prctl$auto_PR_SCHED_CORE_GET(0x6, 0x0, 0x0, 0x6, 0x0) r5 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MEDIA_GET(r4, &(0x7f0000001740)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001700)={&(0x7f0000000480)={0x17ff, r5, 0x400, 0x70bd2e, 0x25dfdafc, {}, [@TIPC_NLA_MON={0x0, 0x9, 0x0, 0x1, [@generic="9054d76c11bba34d3280b2337ccaa0f049e19e39ec1fcc8356c98afb4bd7044369599cc9d40d680abdb5993cdb6d54a97de30ba552d36db8e5d946e6ba70468fef261eb2310b85f72dfe414c11419fb2e964f03eb7ed40a0f1e0ba37c01a97d4b67a43fd989b25c0f5f2fda1d2f5a0ed2671b65e0ee4a3828f612b43ac942db7053039338275f2bdbfc92116b4e49fe5a978256d064a8055c82d4a129c772b95c5de5e93e8d472ed", @generic, @nested={0x0, 0xd0, 0x0, 0x1, [@nested={0x0, 0x159}, @typed={0x0, 0x34, 0x0, 0x0, @str='}\x19]+\x03@\x00'}, @nested={0x0, 0x10c}, @nested={0x0, 0xd6}, @typed={0x0, 0xaf, 0x0, 0x0, @str='\x00'}, @generic="b5acf6096989ee30088bac6efd5ad4f7771ef670ac082c2d5ca1b96664ec347f4cf0297898e12151f87e308a1eca0779d21553170e1199234a707dc1a2d5837f8e220ad936b1805f847f59ace0363527eaf11262e7ec7efc54fa5e3f8c14b0e9ad27354a9f4711eff14f6badeec42955d6cb9c77669446", @typed={0x0, 0x65, 0x0, 0x0, @pid}, @generic="c46af189cd66bb7c3c47e3df0f51be6ac78a2903f7426fcc03fd380749317d420dccbb44a1ac7d763935", @generic="7b0f9dae4dfc2819abe81e6e20d2471f956e0f1f54d9cd3e8ce37233328f4e8759e7cf92b86f44a3f0e4ffa712a6c6c0fdc2fcd4768b4d2e7a7b7e9990e365f02e0918dacc9b42ce34123729e6ae41c4b48e5d67d635dc5671a622d7a29bf768213a01e8bd3f7133251b66fc08b857a06176758b08eba3c26d5bce6acc2ca207d8124ccc7740b04a550f03429e7e17adfd0ed5c2dc604ee6bb45436215384f3451746dc932c681f3a1921a3e26403e70e17d42f340bd7f1397a3ee"]}]}]}, 0x19d8}, 0x1, 0x0, 0x0, 0x800}, 0x4000) msgsnd$auto(0x0, 0x0, 0x8, 0x7) msgsnd$auto(0x0, 0x0, 0x400, 0x2) ioctl$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x4, &(0x7f0000000280)="f26891cb") 2.829849358s ago: executing program 0 (id=1271): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pnp0/00:01/options\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) bpf$auto_BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=@bpf_attr_5={@target_fd=r0, r0, 0x5, 0x8, r0, @relative_id=0x2, 0x347c}, 0x7ff) r2 = syz_genetlink_get_family_id$auto_ncsi(&(0x7f00000001c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_CQM(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="60120000", @ANYRES16=r4, @ANYBLOB="01002bbd7000fddbdf253f00000042125e80120157803b38694e6b0fca720453224d88a2393983143415c642e3c360ab48d694e21204e89b4c8ab7d4be6f1bd65055c54d3fedb9b4591e6ee6576b1f011e23c80c6ea478e8f3da21f26ade35148398f2ef3e09640a60c3c91182270b133cd2c31dc32b05b5ee01b088c4974eef13d2e4f95cb2ac0310e4be67d9c413ba544ba9032697b70cfabb60ec8054e108535328bdec1e0b739a64b91ce719be7daf4bef038618c8fccd0944385a98747f2a7268f08864bda87a2213c48acc5e6c42979968e0f3768eb883808e04e10e569b844eaaeaa3189ba059a1cceea2c7c642a436757dd6815ec3f1582f74e9dee4e0f7e472575ed6621d42aeaa18af25da7d3268e408003100", @ANYRES32=0x0, @ANYBLOB="080081000700000000112a00058008002600", @ANYRES32=0x0, @ANYBLOB="67a34f3643a24c499e4c63b8933bc03715b91d650cbaa8940368ce12126cb0aac0004ecf7aa17f73a3580b834e2e6b914d225f52f74ac0fea28df7265abd3ee736be519502d1717de6cd8673330df94952258d016e7ea44db5c61bf50173c5f714008eb6ba9a3ec87482ad4433f20ae1aeaef535a29b40dc43a545955f7c53b5bc1c64e04a1f25edacecc1e88d36cbcfde4c02e45b5a5d96c28b396e509d080083007f000001140083000000000000000000000000000000000164100080081001800400e6804f9d3286f5dc37e371f2459a3d66ebdfbc0ffda4cd833e918c26af5fd11a1099cf1bafb1021a26bac24ecbd707760cd870c1561769fa8c7e9a939af2db3a623ac30c74e2d416fb9af4b9f936e69756ea46e2ca2b5fd29901458eba4ec4f39bec5c9948a29368c214eec7410d0117d0eeb576c3a522600b452fb976eb7e0fa7d306778d000bc42187176a9921361dd2a35d73b58cfc18c6692d74059fda389d16c17708dda577c841913e44028f9421866c3b5f2fdfe6cec6dca9949c9565b7819064e6d58eb88c6f3206013985acbc070726d3a18ede631b42b63e48e22bb3eb3310ce27ed3d87788dadd5b689768f5d9a1851f571a532595e242e8193fb161d541cf6cf8b33d1ac2f50cb54486d88af170aaad39514a106b69034e566a8683dee50b27ad1197cd43d4e1f86a11056f50af8a2a22712534dddb5038f30e7f9ed9931d73f18a01c2ae5be38a9d7997e9ce58d870cb1053a892e1b121f1a3ddc5f77d0e8732f2831d4cdc963f0914b6571a42c8f84b3f5f56b00903a820a383aae4d18152b4971974fe87c021438e2c83a0fc7aea2b928292d41bffe9c8a0530e5100e1d758d4ae7400bade7a8f8e5bcec452c0956ff05cac08c513de68f87ba7c43ab2296ee307bd1974d277b6a1bd9ea8e8aae39fa1cbafaedd754b6ffa0a1be7bcd1ee8a21d951eb5817fb3cb8f6fe6de3ef17cd5e2732914ce89185bce0cefdaeecd0d11d6857d798411db6e54e4a4541fecd51b8e182d068ce78ee082dcd94c0d82533dfde08ec897128faad32bb46685ddc3ec95472aba2dfb8a9b74352bd81faeb23cdc62115b88c4d48f65c5039e333c02dfbfcd742852cc9ad54274cd3917137de8e8e9ab7b73b64f86051d996f7574b5f66eb9bdfa7c28350aa1e5358c54de919fd9b0b8b9cb6742f91611ab6fa32f7e26d5f031e3826edd4e9a1d8b4683a983b9b5c31ee73bf5e534e0f076c7da397d47274c2ccfc5fbac9c94d219858ecf9cbec11ab987cd5e3efe607670f2075045f7fa76aa8b0e39a58b11efdf611c8ab9fe1ca4d16487f88bd4d144fe32315a1b006986c392bb2159ec69a6315ee61b97f49e24046859d019ac7d55782a3a1eacf3e09c61270e20a74125d574083bf57a8ea7fd4b3408c66d3a9d8ae40020ae1032a119234507dff4bb5dbf5fc434adcb01730ed5d88fe385012bd2d043291420576e36c0368a0a57cfa58319209402c836b06bfcc5f3a715075df18cd8e4eba8918aefa03bb0581df7ef430ce922f046cf7342f70b1902c9456196ef2e2ef606a4f2278d6ebc5b982af304aadc47e3481e4300d5ef1c2c4677cd370219ce8f5b88f33ff139fa5a102311406746af4d69a579fb19f633b58cf80205774514138392b42d1a49c24f6976380fc388073299b78e495e278d227288534bfea710bf44e2284ae5906324839004b6540d4fa7e866e8aa91707a63193fa955ec5d673c1a9cbe5eb056a53f60a067f998234dd10cdd6eb234af4e898bc31a0f64ffb774f09748a2eb2289bec50ddb5b06b11e08512dc7bfcfa4c4bbaa842a439d9db5b182ad749d23a461a83f530d1aadbe103726f6dcebb044486578acb34ad7390c691e564fde7289ad818797e4363d995a3828a67218b7374e3f02f023a3aa92c7e5dcdc179efc2407a49d3e7a8c6e0edde033e3060482163291eafdeff6a2dd194ac208ebb82827bcb60188ec9b71192c4b7843729fbb65f049e11640aab0ddbb6544d75f36f5961e68c02edd3892cb24a6b25c426ce7e6b104498087e47f67b786596fa7c02ce1956b710ca5df9282509378faa646312186495863807b7e2f47cdef0fb21579576b2700ae11c2db7b2d04fbdcb677e67db4e33dc017d7eba07392c80653193d42e9f4159db3fa71808971730c3b1906721b14939751da8d370c3909bab48a518ac61da7132b5ba284b94ca521d178057c747b55bca88545e7dcbc2a06933e12be65efa79d822853132e87f7c6539a127a501abb2421c8365e486b6ac9bf955dbe1643fa5faf8267de3f92e64feaed768b088ca5c8104bd09823fd38a119c73b0d208a608f80091736e0e1817373e87d1bcfd1be5e7a78735505d5dc023312da6cbd0d41d0594c94d2cd0235b81a56420f98e8ae22c4cd66c0c22a4aa584cfdaa441492e3c8432c0c64b00a59c6f7daf490ddce33e44a7f86012ab1c6c3a97802c7b966c6aa4e8c22d7db072680bcb0bad0cf81f03b48908ef8eb096af0ad1c1a8cd1e5a76cfda5ff3d30c4a5750b241ca655b7c68e9b1a1813fce539b5621aa6a969ea4984ea6e8dddff49ff16446fbcceee05d516917b90ac1d4e9638081ceaabbd41cbcb541a993b8e89999b9c8ee6148f1b2c1ade6270a871f1f3f683ebd9b391628977f27795566999932898f3a227ac1c725a34c201d8fc1405bed0d91d83348e0b3e3be09e0cf49f4148dca0c8373983714da584224a0ff37d051e6722b9c5669a295b812ce8d2e7b4f1bea4a28acc0fd647304de5bb8a9de4d56167b4ab4362729ae33dc43a1f50d51aa07e60d352b471d332610d9110d08905497a56cff0e65cfdab5c125ab8bef8e0bf6fc70755dacac1454c57e93c188d29f00612a15cd26fc3b46552c95410dd81bf1b772ac179ee25a4f4117792c7bf2177d93d636d66822487b34f215b8c9fae1884230b3ee022414ccd52faace045206de9d67f3ef8e6e134492e70ebcb0a0db67ff838ef9943393a1e21c2681efedb3f60ad7555d8e65bb1e67b17bfb2b5a596fb0d9afccad7a720d5f868e6f534dbddb19004021d5f28146d1d96a35e311d3f28a05538904893929a5e69dfa508753a08871721a35b93c2d6b71ab97c58b6a6460c246587a8a6acc165a39f8f83be478a9616ba720ade7dbe21eee9ff9c83acca284d75aff38747ecbff40d9972718e514069895bbc8264a5df1ba92817c79d2b2743dbe6ddf484d0bc6fa888d22a1e562ba7eb72d06f9a8269280c87aa228e110fa12c3efebcaa2061857e0e791a8f696f8bcdb5322151a158c181ec9eb6fc6c6a1b21915acc940dc479d3124039162b4bec71f59a60dd6fa52e01d370f1d128baa6013f242f81b342097a46bbb719c0fcda1e96f640df394b52970d83f9ff4c17032d2c678175ca0a67fcf96827c03d947775465fb215aeb3e7a2e61b894b8a708e19d723e0a3b5092ad53996493a19d45da7045bacae2bc5ece379309504101d06225dbe2a06338f390cad72dca28ff9ad86eeffab2e4217df4d22a81cb1f9a232233ccc4fa07f972e02efae6d6cca4d6ccb70de3f67d5f9a4935ee24f12468879fcfaa9521696efdf0f262d362ecfd4fcaa66102985b1b99f576d7a80deb0e0e7a7b1ca10ad804df3c5e15d0b9a42cc5313aec9e1fa6e5a80d653291988f03cb2404f8874925f4279a20af1d821533c6af18e9ef618b6588d28dc030f98ed32a1b74cc6dfad2548d1469efd6107f3ca178870f2e894d48c962a57d87ad290fbce440ccc9b34f0b0ee2a562efbc33cbf7469af40ef44c4eb55f48c9780bbf338d367a7979c8f689960d7f80689631209bf7700c86839c225e4e5ef374cb92252c3e6ea3d95badfee2e0bd2546005a19572ef18b97010714b3eebc25309d7b01af6786e96208126ab0ec4820e75ce420db45f8264e0acbe063a7c340ced860d2f85fd140460c9b64fd949abd41c47a96dba2d589e6c38dda1a94b67dcd37c3af44a84531cbceafb65591edb2bc21b74d79b59a29037dedf6f37e3527509d5b28031f3072611deaa62682a58c4a77ad959b61dfcd1fd2a617afb91c9d29ef358a70841df7313c6d52601160b061165c4851e1497ac6162165d4558e0c18b8217a4f656873dad090659faa4936267d4322cc973762e1e4c9dc232dab90d2b682d57d115b47be4fd093ece7844b5bdac07efbad8f21864fc2496ab3448e9e7a22dc80aeeab304a1b7bdba03ba196511da60c615aed3b1ccf0622852b8fdc53ac1ca4b29f469a2f4a2ae9482853fa23377c27903cc820abcf350e5df4e00b4a004ed0178b837308a5a5d8eb74027d37076a6ac68a48b0b28c8fa333528a40d83c64bf9017db8294afb806be56be448f5375d88b3983fe4b0f02caa27bb6e7ddbbcdb70ad825e230b765fd621791cfe1c4231f5ba2c1368df7d85f05b71ca7e6fe034356a0b75ee8841a308a11cefff15ed855417e51f908c580647d7e808be4d246ac3cdfeeb859e1a01a1336b5ec5bce4e6ab8952069280b6387304dcdbcfb5810e46d090bfab07d9f07744ddc913e7e9488496fa4ba849b458667aa7b445e9aeea9a6f79fc1c58a44f5dd3a21b9e1eb7c35407be193c51e98120608142c68e21974406e1778701d7ff45ceb5a8b9f905b811e61e035def42570ddc4cfd4a616704f8f37d454a0146895e6460b696e5c0a0e471843ebacdadb9acecaab4f26695a2e51b0c7de7b827aadaf15b6fa4689c1d79eb8c15b9305fae6f280a9c81c3f6e6c40e9cfa48f61ba119f247a3cb62fb972168d3d169efecda069a6247f55fee3a91c6fb732004437b1a8a19b38ef806bbd70af4f2387b635b37be1fe926c3c5312d9a48b1ee3f43ae973489a52a759a9e205ef6016973950e80d75bbbfc21e5e705dcfbb3247d26dcbb189127527c4b1c70259eb091511e88aa93e106b948715acca28d2b88169c156ac62a09caa132ffcce3ea40123dbe79a5ecdfbbd3bf980728bc7b98e9ccb7892b6996a8c009b0ed2f7c69c35c50ddfb2df05e875e3bce83c96d2ddd522e822f3f9128a7d80adf62b1871403950c4ab03da3f2fe31b8c1414ecf2489e0718b68bd660510c6cdc65bb893eebd4ad81b4ffd93ee20aa6533e8476e542f095bdff331f467accff8866fea9191a7b73b47008067f2fc43cf4ffc0fdaa0035bc44c7a9147c136b76b059ba33551069be8fe76b0422e26365443ffbd54c21d3c33fccf41a3a267de5d204de4c5da2c62df6bedd553a20780e6510a4ba3bc1a0cdfd26b2ff9f359d83e53daa232f06392a10217382ce20f9732b181877b9a8c39d2f52629c682e11ca6cec671b2c11eb8e11ce3ec52cfe857ee0cf6cccacf70de2d3f5fad104ba578b7a543907ac30d19a0042a8d0844665e4118f6bec03b15cb3541553f0aba726f4884521ac4b8d6270787e9a9e6466e9186f579d22b84305c3a5ba884e0be911ce87c16490de860dbcaf3abc83ea9cc9ee7650b629a0a75bf21d7601eb23ba719b01e44cf6571b21e4cb3ecd07ef2b20e37fd7f6367d6dba9fec5a565e01d89e1046f346e94185ad1097df8663cfbb49c4c0deab6afb339bfc393d9670bb2d38ed372bdea496a7c4e9be26bf74b3f242bd544e55c81c022237d8084df1df66e697c7e72731e752609f8bad9059241e8b8c778e4a19da51067d61c1da151df71089dee888b7b6dd2079c2e2de548b0a9a4e1d8fb61ba64b05dfb8fb31875f8f95df18c2c54c3cc38e3733bbf3608cc47c65d9fab1f8c2ee78a407dc0431e3097e2a95e881c5c70cd66e9bdece8201173bbe1a251f5a7ef40ecc31cf1b0d3f0100fc486c25dbc6b976e1ab30194639b9250b5efa4d2c4a6d22d92541e155ee669d54fd59487cc5d67c69c1c05517c399ae3e734e8b1fd43c4e1a17bf27ef926cabdee9aaf06776b6ce7f3ae034958df4e41a346be04931df9cc5c713a5f6c4cc28263a8c57da46dfd11da13906d562c5c38c1bcb92b3f7873d72d8f14605ff80f1db1452f76ed29775e6a7e01ecd21a3a3db9798d4c1322d1ea55724b20c7c8f853be621c1af3a440f8664ccd9dabdd4d99aa06046c70d088b08f07c52fbdc13be7c68fc9e96507ba7d78e0affcd8d011ddd818b6df6bb92a62a485193841dd0ff0c0888d57b6ec262ec7ca942ae603b7e9a9a05c10e7b36b0c00548008007900e0000002000008000300", @ANYRES32=r6], 0x1260}, 0x1, 0x0, 0x0, 0x1}, 0x8000000) sendmsg$auto_NCSI_CMD_SEND_CMD(r1, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, r2, 0x800, 0x70bd2d, 0x25dfdbfc, {}, [@NCSI_ATTR_IFINDEX={0x8, 0x1, r6}, @NCSI_ATTR_MULTI_FLAG={0x4}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r7 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) clock_nanosleep$auto(0xfffffffe, 0x9771, &(0x7f0000013b80)={0x1ff, 0x6}, 0x0) sendmmsg$auto(r7, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) setfsuid$auto(0xee01) r8 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) statx$auto(r8, 0x0, 0x401006, 0x4015, 0x0) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) write$auto(0x3, 0x0, 0xfffffdef) read$auto(r0, 0x0, 0x3) 2.519562592s ago: executing program 3 (id=1272): r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)={0x9, 0x0, [{0xc0000102, 0x400, 0x100000000000000}]}) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x3b) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mount$auto(&(0x7f0000000000)='veth0_macvtap\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='nfs\x00', 0x1, 0x0) 2.454016732s ago: executing program 0 (id=1273): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) r1 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r1, 0x921064b1, 0x8) fadvise64$auto(r0, 0x8, 0x400000000000008, 0x4) 2.213519765s ago: executing program 0 (id=1274): io_uring_setup$auto(0x59, &(0x7f0000000640)={0x0, 0x1, 0x43800, 0x2, 0x7, 0x400a, 0xffffffffffffffff, [], {0x7, 0x1000, 0x8c48, 0x2029b, 0x3, 0x7b, 0x0, 0x5, 0xfffffffffffffffa}, {0x100, 0x20001, 0x52, 0x85, 0x2, 0x2740, 0x2072c2, 0xc, 0xc80c}}) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000010c0)='/sys/bus/scsi/drivers/st/debug_flag\x00', 0xa000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/4085, 0xff5) r1 = open(&(0x7f0000000100)='.\x00', 0x595002, 0x408) write$auto(r1, 0x0, 0xfffffdf1) sendmsg$auto_NL80211_CMD_START_P2P_DEVICE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=ANY=[@ANYBLOB="da0100", @ANYRES16], 0x128}, 0x1, 0x0, 0x0, 0x20000090}, 0x4891) r2 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/block/loop6/rqos/wbt/enabled\x00', 0x880, 0x0) read$auto_blk_mq_debugfs_fops_blk_mq_debugfs(r2, &(0x7f00000001c0)=""/70, 0x46) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x100, 0x0) ioctl$auto_SNDCTL_SEQ_OUTOFBAND(r3, 0x40085112, &(0x7f00000001c0)="ff") socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000040), 0xffffffffffffffff) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000740), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000200)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0304268ed5a365b5b8546200000004000300005e12ec002b293ae2118308000000"], 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8000, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xffffffff, 0xfffff7fffffffffd, 0x7, 0x10001, 0x7181, 0x4, 0x8, 0x7, 0x9, 0x6, 0x80003, 0x4, 0x400, 0x8, 0x1004, 0x80, 0x9, 0x84, 0x8000000000000000, 0x0, 0xc, 0x6, 0x200, 0x1000004, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000000, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0x1fe, 0x5) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xfffffffffffffe85, &(0x7f0000000200)={0x0, 0xffe7}}, 0x881) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="d49a"], 0x1ac}}, 0x200088d4) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_PROCMAP_QUERY(0xffffffffffffffff, 0xc0686611, &(0x7f0000000080)={0x67, 0x80000, 0x7fff, 0x5, 0x80000000007, 0x1, 0x2, 0xff, 0x5, 0x7, 0xfbfffffe, 0x5, 0x7fb, 0x7, 0x9}) mmap$auto(0x0, 0x400208, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nullb0\x00', 0x143e00, 0x0) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dynamic_debug/control\x00', 0x8101, 0x0) writev$auto(0x3, &(0x7f0000000080)={0x0, 0x1}, 0x3) close_range$auto(0x2, 0x8, 0x0) 2.049687702s ago: executing program 1 (id=1275): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x4040, 0x0) r1 = socket(0x11, 0x3, 0x2) mmap$auto(0x0, 0x400008, 0xdf, 0x100000009b72, 0x2, 0x8000) io_uring_setup$auto(0x7, 0x0) getsockopt$auto(r1, 0x107, 0xb, 0x0, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card0\x00', 0x0, 0x0) ioctl$auto(r2, 0x921064b1, 0x8) r3 = socket(0x1d, 0x2, 0x6) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x890) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r4 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r4, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) getsockopt$auto_SO_ZEROCOPY(r3, 0x0, 0x3c, 0x0, 0x0) fadvise64$auto(r0, 0x8, 0x400000000000008, 0x4) 2.038591557s ago: executing program 2 (id=1276): mmap$auto(0x0, 0x2020009, 0x2003, 0x8000000000000eb1, 0xfffffffffffffffa, 0x8000000000000000) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x100000000000031, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, r1, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0x38) close_range$auto(0x2, 0x8, 0x0) 1.775545317s ago: executing program 3 (id=1277): syz_clone(0x60011, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) (async, rerun: 32) io_uring_setup$auto(0x1, 0x0) (async, rerun: 32) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0x6) (async, rerun: 32) futex_requeue$auto(0x0, 0x0, 0xf, 0x9) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) (async) write$auto(0xffffffffffffffff, 0x0, 0x100082) mmap$auto(0xfffffffffffffffd, 0xffffffffffffffff, 0x5, 0xeb1, 0xffffffffffffffff, 0x400) (async) sysfs$auto(0x2, 0x100000000000037, 0x0) fsopen$auto(0x0, 0x1) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) (async, rerun: 32) fsopen$auto(0x0, 0x1) (rerun: 32) close_range$auto(0x2, 0x8, 0x0) (async) mmap$auto(0x0, 0x420009, 0xe3, 0x200000000000eb1, 0x401, 0x8000) (async, rerun: 64) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (rerun: 64) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x28, 0x1, 0x0) (async) r1 = io_uring_setup$auto(0x2, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) socket(0x2, 0x1, 0x0) (async) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x800, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0xfffffffffffffffc, 0xfffffffffffffffe, 0x80000000, 0x9, 0xffffdfffffffff81, 0x4]}, 0x0) socket(0x10, 0x2, 0xc) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0xfffffffd, 0x1, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x8, 0x4000, 0x0) (async, rerun: 32) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), r1) (rerun: 32) 1.755174343s ago: executing program 2 (id=1278): r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) 1.632668749s ago: executing program 2 (id=1279): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@HWSIM_ATTR_MLO_SUPPORT={0x4}]}, 0x18}, 0x63, 0x0, 0x0, 0x240088d0}, 0x8c0) 1.610916384s ago: executing program 1 (id=1280): mmap$auto(0x0, 0xa00006, 0x400002, 0xfffffffffffffffc, 0x602, 0x2ffffffffffc) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0xf03, 0x5, 0x6, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyt2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) bpf$auto(0x0, &(0x7f0000000780)=@link_update={0xa, @new_map_fd=0x5, 0x4007, @old_prog_fd=0x13b}, 0xa3) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x8a403, 0x0) migrate_pages$auto(0x0, 0xa, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2) 1.525256389s ago: executing program 0 (id=1281): r0 = socket(0xa, 0x2, 0x3a) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)={0x64, r2, 0x1, 0x70bd25, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x80}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x1}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14, 0x1f, @loopback}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @empty}}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e21}]}, 0x64}, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) setsockopt$auto(r0, 0x29, 0x19, &(0x7f0000000040)='!\x00', 0x1ff) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, &(0x7f00000002c0), 0xc000, 0x0) 1.458755384s ago: executing program 2 (id=1282): r0 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0180140002006e655a15db5e5afab2d07464657673690400000000000000"], 0x2c}}, 0x4000000) mmap$auto(0x0, 0x20009, 0x7fffffff, 0xeb1, 0x401, 0x8000) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000100)={0x7, 0x7, 0x3ff, 0xef6c, 0xa9, 0xffffffffffffffff}) migrate_pages$auto(r3, 0x3ff, &(0x7f0000000140)=0x2, &(0x7f0000000180)=0xfffffffffffffffe) r4 = socket(0x10, 0x2, 0x0) ioprio_set$auto(0x2, 0x800000000, 0x8) clone$auto(0x10051c, 0x6, 0x0, 0xffffffffffffffff, 0x80000001) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0x0, 0x0, 0x0, 0xffffffffffffff91, 0xfd3, 0x2, 0xec, 0x4, 0x80000020281, 0x8, 0x2, 0xfffffffffffffff8}) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) r5 = openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000002080)='/proc/loadavg\x00', 0x20200, 0x0) read$auto_proc_mountinfo_operations_mnt_namespace(r5, &(0x7f0000000040)=""/4080, 0x1036) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/memory/memory15/online\x00', 0xa001, 0x0) write$auto(r6, &(0x7f0000000140)='0[.[\x00', 0xcd04) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x400, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x102, 0x0) r7 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x1eba02, 0x0) sendfile$auto(0x3, r7, 0x0, 0x400000000006) swapon$auto(&(0x7f00000000c0)='/dev/ram5\x00', 0x0) sendmmsg$auto(r4, 0x0, 0x8, 0x4008) ioctl$auto(r2, 0x40045431, r2) 1.33788168s ago: executing program 0 (id=1283): socket(0x1a, 0x800, 0x1000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) socket(0x0, 0x2, 0x32) ustat$auto(0x801, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) getsockopt$auto(0x3, 0x200000000001, 0x1c, 0x0, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x6, 0x0) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000080)=0x8000) r0 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x0, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r0, 0x41015500, &(0x7f0000000140)={"a7a018b09bb196a05739a38a73473b93f5452886bc599ef976c54a71a5ce72a9af15390e93a8760df83859e16320e8d0b1161f13d12afae66b1d900a49586aa98d3504ca431aabab1964249251e57fa70517cc19b0e3974dc2a89e90c932b8859c767780d65e849700", "e600d778e82f8b8db7e27a036e39a8ac08de7e036d650e2184857e6b64f6a2c7fb08c6f5ce3828fb4e9498c076bef49c99c9cd91332e12b53664dc20fa879020fbd184c0d300c13be6047a70685ce029fb2385ae6e132c1c6adbcfbd873a3b925d397a08e8733e19ef5ec4f40b0b473c72efd18b8a9e9f3d12c5e44468922beb", 0x3}) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r1, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4) bpf$auto(0x2, &(0x7f00000001c0)=@batch={0x8000000000009, 0x80000001, 0x10008, 0x8250, 0xa6d5, 0xffffffffffffffff, 0x7, 0x6}, 0x103) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xe, 0x2, 0x6, 0x5, 0x8, 0xffffffffffffffff, [], {0xd74c, 0x6, 0x2, 0x29f, 0x100, 0x7f, 0x101, 0x6, 0x2}, {0xff, 0x1, 0x10001, 0x7, 0x1, 0x40, 0x76c5, 0x400005, 0x100000005}}) sendmsg$auto_NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="01002dbd7000fcdbdf25010000000c0002000500000000000000c5000700c1007cf7c27c120e3984130834a73f9221887ac28e443c4a1a7da8d2ddcf2890cce5822826764f3f410e53f43f300d2e04700395778e7935c99f6a38f6f3e56e7d8a18d15791b3b4f9378d743a8f0cbbe1c604a782030626ead26826f4790233f19c29fbaf1da77e1b84522d05ca0f4237b24aead87b47d41805fa9967d02ad2deba1895652b8d630c30213ed8f72c1066f1bb9fb1b242d08a55d32398d8d3c635008f2c61049c8abf600a98d1d2d0b0027aecaf27d20b6ff4129883e111e1c858000000dc00090069fccb38f57447a8af8c40a03b92af7adc0c48af4308483b99aa587ed8711b4a79a383c263698842365af6807d1be1800fd492770983a6df345fb472e9fa41b667af43bc36d7063b6b93ab7661925e8d71452acd95b788c31a32ae903b96b9ed9a5e3542c625105e8f21a5b41ff3d17f8704581f4b8b75ae741d0fba8cab2e187c93eeea89f6cf6ab7cc496e0bd9759cc0b408bbe0c6eae2aa29c2d97d48a55fc0ff937c90173d61cf652f97cb301e4d7e3bac0026732e22eadd3a6c5ffa4faed6855a86814c920a650a61936305d2713db1c92a238e265c080001007f0e00000c0002"], 0x1d8}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x8000) r3 = socket(0x10, 0x2, 0x4) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000011c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x10) 800.67657ms ago: executing program 1 (id=1284): r0 = openat$auto_proc_timers_operations_base(0xffffffffffffff9c, 0x0, 0x40000, 0x0) r1 = openat$dir(0xffffffffffffff9c, 0x0, 0x40400, 0x48) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) bpf$auto(0x0, 0x0, 0x6f4) arch_prctl$auto_ARCH_REQ_XCOMP_GUEST_PERM(0x1025, 0xfffffffffffffff7) sendmmsg$auto(0xffffffffffffffff, 0x0, 0x8, 0xe4) close_range$auto(0x2, 0x8, 0x0) r2 = io_uring_setup$auto(0x6, 0x0) socket(0x2, 0x2, 0x1) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0xffeb, 0xe, &(0x7f0000000100)=@in={0x2, 0x4e22, @multicast2}, 0x19) faccessat$auto(r1, 0x0, 0x2) ioctl$auto_UBI_IOCATT(0xffffffffffffffff, 0x40186f40, 0x0) ioctl$auto_CEC_TRANSMIT(r2, 0xc0386105, &(0x7f0000000000)={0x8, 0xeaf, 0x7, 0xd, 0x0, 0x0, "5be5a16615f2d4ea8e041f86f797ab63", 0x62, 0x9, 0x6, 0x9, 0x2, 0x8, 0x2}) close_range$auto(r1, r0, 0x2) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0x5, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/uts\x00') socket(0x2, 0xa, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x972, 0x0) ioctl$auto(0x1, 0x890b, 0x8) 655.526067ms ago: executing program 0 (id=1285): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) gettid() r1 = socket(0x10, 0x2, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_REPORT_PMSR(r1, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tk_debug_sleep_time_fops_(0xffffffffffffff9c, 0x0, 0x0, 0x0) rt_sigqueueinfo$auto(0x0, 0x9, &(0x7f00000000c0)={@_si_pad}) r2 = socket(0xa, 0x2, 0x88) shmget$auto(0x8, 0x10565, 0x7ff) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffa) sync_file_range$auto(r2, 0xfffffffffffffe95, 0x9, 0x9) shmctl$auto(0x0, 0x0, 0xfffffffffffffffd) openat$auto_dvb_demux_fops_dmxdev(0xffffffffffffff9c, 0x0, 0x80100, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) read$auto_proc_reg_file_ops_compat_inode(0xffffffffffffffff, 0x0, 0x0) shmat$auto(0x0, &(0x7f0000000000)='(\x00', 0xfffffffb) mmap$auto(0x200000000000, 0x41d4255, 0x0, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x2c, 0x1, 0x0) listen$auto(0xffffffffffffffff, 0x10082) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x28, 0x80000, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 574.328452ms ago: executing program 3 (id=1286): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/bus/pci/drivers/pata_amd/remove_id\x00', 0xa0302, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000002740)={0x0, 0x0, &(0x7f0000002700)={&(0x7f0000003a80)={0x2c, r2, 0x401, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_BEARER={0x18, 0x1, 0x0, 0x1, [@nested={0x14, 0x1, 0x0, 0x1, [@typed={0x8, 0x4e, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x131, 0x0, 0x0, @pid}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24004011}, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r3 = socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r4 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r5, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0xe4, r4, 0x1, 0x70bd25, 0x25dfdbfc, {}, [@HWSIM_ATTR_RADIO_NAME={0xd0, 0x11, 'u)(\xa0\xb66s\xec\xbe\f\x19\"\xbfW:L\x15\x94\x1a\x06\xb27\b\xb7;\x1eF\xe0 .\xdfB\xbb\xe11\xea\xfdX\x95\xa5\x01\xd62\xf4E\xa5O\x1a\x950\xacJkD\xa39\x11\x11\xb4\xb1,>\xc7\xf97=\xe7\x98\xa9\xefPq\'\xc9\x8doJ$2\xae\xd1\xeaF\xd7os7\xffr\n#\x00\x00\x04\x00\xc3\x9fx\a\xc3f\xb1\xc1i\xa4\xaf8y\xf2\x0f\xa3\xcaa\xaf%\xe1\xd3j;U\xd8t\xc9\xf7\xbf\xbf\xb4$\xbb\x8eM\x17c\x9c\xc2\xbfn\x83\r\xcbY\xb4O(\x05[\x90\x9di\xbb\xd3oC\x1f\a\xd7\x1f\xeb\xb1pBr\x8e\a<\xa7?\x05\xf7UI\x92\xa4pt\x9b\xee\x904\x91\xd8\xa4\xcb\x83o\\\xdf&\xae\xe8\xe9\x80nmy\xf0\r[:\xf2\xf3\x1f\x1d\xa4'}]}, 0xe4}, 0x1, 0x0, 0x0, 0x40c8}, 0x4048000) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video1\x00', 0xc0400, 0x0) ioctl$auto(0x3, 0xc0205647, r3) r6 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec10\x00', 0x101901, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r7 = openat$auto_fuse_conn_congestion_threshold_ops_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2001, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r8 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r8, 0xffffffffffdffe00, &(0x7f0000000140)=';') ioctl$auto(0x3, 0x40046201, 0x38) ioctl$auto_FS_IOC_FSGETXATTR(r7, 0x801c581f, 0x0) ioctl$auto_CEC_TRANSMIT(r6, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x6, 0x1, 0x2, 0x101, "9b2140fd8a9500", 0xb, 0x5, 0x9, 0x5, 0x2, 0x9, 0x2}) sendfile$auto(r0, r0, 0x0, 0x7ffff000) 364.135445ms ago: executing program 1 (id=1287): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cec4\x00', 0x800, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000001480)='/proc/sys/net/ipv6/conf/geneve0/disable_ipv6\x00', 0x40001, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_IPVS_CMD_SET_CONFIG(r2, &(0x7f0000000980)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000940)={&(0x7f0000000500)={0x420, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0xb6, 0x3, 0x0, 0x1, [@generic="79dae7686d1bca0b9992f32020cd19014315cc3e42e6d87b1320aeace96d1de1eb746aa907367f200d136b756690c778c4ffebe7bb5a7f23527916b1185c2cef8b9e82466a6f16bc09ebed", @generic="1165479a56fd86cad23c387f82fc0f95333cdc2902cd121a9c58fe1edd5e1978a237dd2d0fad3913f97d70b1fbf988", @nested={0x35, 0x134, 0x0, 0x1, [@nested={0x4, 0x60}, @nested={0x4, 0x13b}, @generic="416cb3d17c1ff4afa51dc82ec8c8d13a8ab61d048f868802d0959bfb0748d3e1528570181e145125ed"]}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x81}, @IPVS_CMD_ATTR_DAEMON={0x349, 0x3, 0x0, 0x1, [@generic="c3946a3ada0d1cb38ca3a41200b1bfd062359058be8a112e2908a87cefe2c687e7bc0a24c08b9bbec1f1a52a823c4f3a3117765cb2294064f8f6acd6a17bc32568cf12c1f87dc8a82d4e3a0d9d16e59643a4db6e10042c048a50eed538ba79d76fc7bec49a8e4b186c", @typed={0x8, 0x58, 0x0, 0x0, @fd=r1}, @typed={0x8, 0x94, 0x0, 0x0, @fd}, @nested={0x29e, 0xa2, 0x0, 0x1, [@generic="45ebf3eb7d3bfdc5e8ac384c050f89e8620aaf99e09c742cf42d9e7e280183aaf3471339486de8d50ff7b0c4d2f88acc89f80c0c27a1e15faa5d018690155329570224e4c77447fa50ef23fa1b31d543c1cad457f2cbaeba770915aaee86f12eba63d609e2f202baf08af6ada48cb5931f7fa29834e7b67998494126ad7641d144cdabf08ebf24a43c64c130ab55d4a7fde550633bc224ab56ec458eb9b41041674461118ff31bca0e12d12cbe9fa15a683662333fded8781de14691ebd8dfee335bcb8c1bd5fa9a98397c19550b792f6d2ab85bbc9745ef375a227c1d9ead65131b206a7414a91d", @nested={0x4, 0x2c}, @generic="c1eb602316f31bfb960cfef54d14ba191bea7f48b843478e82f9b554bb5183b3f6fffdb1d06792cc2861", @typed={0x9b, 0x67, 0x0, 0x0, @binary="0e95e50b6e983fd1434baeb5832c0c7e7b970e300a4f8608a23f647d0b62776f1c22e9147107b51b9c87ff527509fe2837f499a1863ebb532b022a160b7af1f3fc8bb36d6528d5b1cd90ccf2010cd746386a293ba2102bbcc8805d29232d69c5611b5c1b5e99729673c1c849dbc240f448b9ae256a43f8ed98361d15a91c6f0a5adfdfa177565d4445acf544460c225556669abdb0eb8a"}, @nested={0x4, 0x14c}, @generic="1a9bee51665258234aab425eb4f61e50f13f4279a169b0c3f5e13d0f43d7e7506a5a9c8b8a06cf7e2d1273905c5200d409abebf9d3ad59a0df9c484ad1199b0b33abfebdf759904ce547d1de71cfed0e3429f37bb4c3973f1b80feb77146fa1238eb3c083dac530f093bf0624a2fd44d5091eb96058d35602f99737654d1359c8242a14a418c467387d208c4d2595cfaa199d784c43a21424a2e467d810491ee5533c876570b3918701bfe0e5d61ad3b0efa3a79a102f9bd9c1831f4f6c49b1d37e46961bdd4802eef55766f867360bd575de808c39acae53a10798ef1e7351850df64e5"]}, @nested={0x2c, 0x7e, 0x0, 0x1, [@typed={0x1f, 0x34, 0x0, 0x0, @binary="2edc2f8e23fbbaac4de15b9351aa70605fc0c09ad4a95a13f5a2b6"}, @typed={0x8, 0xfe, 0x0, 0x0, @pid}]}]}]}, 0x420}}, 0x40040) mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto(0x3, 0x0, 0x7fffffff) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1a, &(0x7f0000000000), 0x1) io_uring_setup$auto(0x2, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_STATUS(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x1c, r4, 0x1, 0x70bd2b, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x40) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r5, 0x5423, 0x0) io_uring_setup$auto(0x1, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f00000004c0), 0x2202, 0x0) ioctl$auto_TIOCVHANGUP2(r5, 0x5437, 0x0) ioctl$auto_CEC_TRANSMIT(r0, 0xc0386105, &(0x7f0000000000)={0x6, 0x3, 0x207, 0x4, 0x2, 0x7ffffffe, "9b2142725dff0d93ff75a7746600", 0xb, 0x6, 0x40, 0x5, 0x6, 0xc, 0x2}) 148.976642ms ago: executing program 3 (id=1288): r0 = socket(0x15, 0x5, 0x0) getsockopt$auto(r0, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) 36.190077ms ago: executing program 1 (id=1289): openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000180), 0xffffffffffffffff) io_uring_setup$auto(0x2, &(0x7f0000000040)={0x3ff, 0x9, 0x103, 0xfffffffa, 0x2, 0x1, r1, [0x6d8aac67, 0xffffffff, 0x8f4], {0x4a3, 0x800, 0xf, 0x13, 0x2, 0x8, 0x9, 0x400, 0x80000000}, {0xfffffffc, 0x6, 0x6, 0xfffff06d, 0x29, 0x7, 0x2, 0x6, 0x2}}) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x2, 0x0) socket(0x28, 0x1, 0x0) socket(0x2, 0x5, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/xfs/stats/stats\x00', 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f0000001180)=""/187, 0xbb) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NFSD_CMD_THREADS_GET(r3, &(0x7f0000001800)={0x0, 0x0, &(0x7f00000017c0)={&(0x7f0000001780)={0x14, 0x0, 0x4, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x44848}, 0x4000000) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f00000019c0), r3) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x5, 0x1, 0x9, 0x7, 0x5, 0x6, 0x8, 0x7, 0x8787, 0x9, 0x9, 0xffff, 0xffffffffffff3eb9, 0x200000000001, 0xb4, 0x80000000000000, 0x8, 0x10007, 0x7, 0x100, 0x0, 0x3, 0x4, 0x203, 0x9, 0x87, 0x0, 0x4, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x7fffffff, 0x9, 0x7, 0x6, 0x0, 0x8, 0xfffffffffffffffd, 0x3, 0x0, 0x10000, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x10000000000, 0x0, 0x1, 0x8000000000000001, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8001, 0x0, 0x0, 0x0, 0xff]}, 0x81, 0x968a) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000100000008000200", @ANYRES32=0x0, @ANYBLOB="0c001a"], 0x68}, 0x1, 0x0, 0x0, 0x4044080}, 0x40090) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f0026bd7000fcdbdf9907"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r4 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f00000000c0), r3) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r3, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="030527bd7000fbdbdf25040000000c0001800800010050b890f9"], 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x40) 0s ago: executing program 3 (id=1290): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, &(0x7f0000001dc0)={0x0, 0x0, &(0x7f0000001d80)={&(0x7f0000000540)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010027bd7080ffdbdf25100000000c000180080001793ba81c5acc5f4635324a79ee5171bcb88d4a3c14d1fd6d9210d790ee314578ac57777c9c2c886ac49da673c6e592f7d9ca999e45b12fda368c7010bd155b4577d85332a00b9bfbf175f572c483d9662acdbf0b4eb2cdb2460279fa6a88bf1f50b352ac60aa6a9943c3e692c34459b5c2a4635850cb4ff8f54b415ec04785988ccff208381e3bb08f64964571344047508da4bce100c1b4848aab485483ce75", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00\t\x00\x00\x00'], 0x28}, 0x1, 0x0, 0x0, 0x90}, 0x80000) sendmsg$auto_ETHTOOL_MSG_FEC_GET(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000004c0)={&(0x7f00000003c0)={0xdc, 0x0, 0x200, 0x70bd2c, 0x25dfdbfd, {}, [@ETHTOOL_A_FEC_HEADER={0x78, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_macvtap\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xffffffff}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7fff}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvtap0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @ETHTOOL_A_FEC_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9e42}]}, @ETHTOOL_A_FEC_HEADER={0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xff}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'sit0\x00'}]}]}, 0xdc}, 0x1, 0x0, 0x0, 0x4000}, 0x4008080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0xfffffffffffffffd, 0x2020009, 0x0, 0xeb1, 0xfffffffffffffffa, 0x8002) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) madvise$auto(0x0, 0x200007, 0x19) pread64$auto(0xffffffffffffffff, 0x0, 0x100000002, 0x100000001) r2 = openat$auto_tracing_saved_tgids_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/tracing/saved_tgids\x00', 0x80040, 0x0) mmap$auto(0xfffffffffffffffb, 0x6, 0x1, 0x10, r2, 0x7) io_setup$auto(0x1, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) socket(0xa, 0x1, 0x84) io_setup$auto(0xffffffff, &(0x7f00000001c0)=0x3) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_msr_fops_msr(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cpu/0/msr\x00', 0xf82, 0x0) unshare$auto(0x40000080) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x4, 0x0, 0x5, 0x7}, 0x8}, 0x4000000, 0x4b) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x10000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x0, 0x7fff, 0x200000000000eb0, 0x401, 0x8002) madvise$auto(0xfffffffffffffff1, 0x2, 0x900) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): ]=FIRMWARE_WORKAROUND [ 262.781344][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 262.781352][ T9698] Call Trace: [ 262.781358][ T9698] [ 262.781363][ T9698] dump_stack_lvl+0x100/0x190 [ 262.781390][ T9698] should_fail_ex.cold+0x5/0xa [ 262.781405][ T9698] ? prepare_alloc_pages+0x16d/0x5f0 [ 262.781425][ T9698] should_fail_alloc_page+0xeb/0x140 [ 262.781443][ T9698] prepare_alloc_pages+0x1f0/0x5f0 [ 262.781460][ T9698] ? bpf_ksym_find+0x124/0x1c0 [ 262.781481][ T9698] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 262.781506][ T9698] ? __kernel_text_address+0xd/0x30 [ 262.781527][ T9698] ? unwind_get_return_address+0x59/0xa0 [ 262.781544][ T9698] ? arch_stack_walk+0xa6/0xf0 [ 262.781565][ T9698] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 262.781588][ T9698] ? stack_trace_save+0x8e/0xc0 [ 262.781602][ T9698] ? __pfx_stack_trace_save+0x10/0x10 [ 262.781618][ T9698] ? stack_depot_save_flags+0x27/0x9d0 [ 262.781638][ T9698] ? is_bpf_text_address+0x8a/0x1a0 [ 262.781664][ T9698] ? kasan_save_stack+0x30/0x50 [ 262.781677][ T9698] ? kasan_save_track+0x14/0x30 [ 262.781690][ T9698] ? __kasan_slab_alloc+0x89/0x90 [ 262.781703][ T9698] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 262.781725][ T9698] ? __pmd_alloc+0xbf/0x950 [ 262.781742][ T9698] ? __handle_mm_fault+0xa9e/0x2b60 [ 262.781760][ T9698] ? handle_mm_fault+0x36d/0xa20 [ 262.781779][ T9698] ? __get_user_pages+0xf9c/0x34d0 [ 262.781795][ T9698] ? get_user_pages_remote+0x3d2/0xb10 [ 262.781811][ T9698] ? __access_remote_vm+0x3ba/0xa70 [ 262.781824][ T9698] ? mem_rw+0x20a/0x640 [ 262.781838][ T9698] ? vfs_write+0x2aa/0x1070 [ 262.781851][ T9698] ? ksys_write+0x12a/0x250 [ 262.781870][ T9698] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 262.781887][ T9698] ? policy_nodemask+0xed/0x4f0 [ 262.781904][ T9698] alloc_pages_mpol+0x1fb/0x550 [ 262.781922][ T9698] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 262.781943][ T9698] alloc_pages_noprof+0x136/0x390 [ 262.781960][ T9698] pte_alloc_one+0x1c/0x3d0 [ 262.781977][ T9698] __pte_alloc+0x6d/0x3e0 [ 262.781993][ T9698] ? __pfx___pte_alloc+0x10/0x10 [ 262.782010][ T9698] ? do_raw_spin_lock+0x128/0x260 [ 262.782031][ T9698] ? find_held_lock+0x2b/0x80 [ 262.782047][ T9698] do_anonymous_page+0x13cc/0x1fb0 [ 262.782067][ T9698] ? do_raw_spin_unlock+0x145/0x1e0 [ 262.782090][ T9698] ? _raw_spin_unlock+0x28/0x50 [ 262.782112][ T9698] ? __pmd_alloc+0x3fb/0x950 [ 262.782131][ T9698] __handle_mm_fault+0x1d48/0x2b60 [ 262.782154][ T9698] ? mt_find+0x45e/0x8e0 [ 262.782172][ T9698] ? __pfx___handle_mm_fault+0x10/0x10 [ 262.782191][ T9698] ? __pfx_mt_find+0x10/0x10 [ 262.782206][ T9698] ? rcu_read_unlock+0x2d/0xb0 [ 262.782242][ T9698] handle_mm_fault+0x36d/0xa20 [ 262.782266][ T9698] __get_user_pages+0xf9c/0x34d0 [ 262.782288][ T9698] ? find_held_lock+0x2b/0x80 [ 262.782302][ T9698] ? mtree_load+0x311/0xa40 [ 262.782317][ T9698] ? __pfx___get_user_pages+0x10/0x10 [ 262.782339][ T9698] get_user_pages_remote+0x3d2/0xb10 [ 262.782357][ T9698] ? mas_new_root+0x690/0x6e0 [ 262.782374][ T9698] ? __pfx_get_user_pages_remote+0x10/0x10 [ 262.782399][ T9698] __access_remote_vm+0x3ba/0xa70 [ 262.782418][ T9698] ? __pfx___access_remote_vm+0x10/0x10 [ 262.782433][ T9698] ? rep_movs_alternative+0x4a/0x90 [ 262.782456][ T9698] mem_rw+0x20a/0x640 [ 262.782476][ T9698] vfs_write+0x2aa/0x1070 [ 262.782490][ T9698] ? __pfx_mem_write+0x10/0x10 [ 262.782508][ T9698] ? __pfx_vfs_write+0x10/0x10 [ 262.782521][ T9698] ? __fget_files+0x215/0x3d0 [ 262.782540][ T9698] ? __fget_files+0x21f/0x3d0 [ 262.782560][ T9698] ksys_write+0x12a/0x250 [ 262.782574][ T9698] ? __pfx_ksys_write+0x10/0x10 [ 262.782593][ T9698] do_syscall_64+0x106/0xf80 [ 262.782608][ T9698] ? clear_bhb_loop+0x40/0x90 [ 262.782626][ T9698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.782641][ T9698] RIP: 0033:0x7eff1c39c819 [ 262.782654][ T9698] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 262.782667][ T9698] RSP: 002b:00007eff1d276028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 262.782682][ T9698] RAX: ffffffffffffffda RBX: 00007eff1c615fa0 RCX: 00007eff1c39c819 [ 262.782691][ T9698] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000005 [ 262.782700][ T9698] RBP: 00007eff1d276090 R08: 0000000000000000 R09: 0000000000000000 [ 262.782708][ T9698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 262.782716][ T9698] R13: 00007eff1c616038 R14: 00007eff1c615fa0 R15: 00007ffd2a97b6c8 [ 262.782735][ T9698] [ 265.491608][ T9700] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 265.520899][ T9700] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 265.545103][ T9700] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 265.552678][ T9700] page_type: f5(slab) [ 265.596673][ T9700] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 265.667364][ T9700] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 265.729220][ T9700] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 265.796745][ T9700] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 265.858049][ T9700] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 265.894016][ T9754] netlink: 306 bytes leftover after parsing attributes in process `syz.0.874'. [ 265.913919][ T9700] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 265.971731][ T9700] page dumped because: unmovable page [ 266.020339][ T9700] page_owner tracks the page as allocated [ 266.046986][ T30] audit: type=1800 audit(1775916153.343:16): pid=9759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.875" name="dbroot" dev="configfs" ino=25690 res=0 errno=0 [ 266.077333][ T9700] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 266.216774][ T9700] post_alloc_hook+0x153/0x170 [ 266.241991][ T9700] get_page_from_freelist+0x111d/0x3140 [ 266.292342][ T9700] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 266.353543][ T9700] new_slab+0xa6/0x6b0 [ 266.390567][ T9700] refill_objects+0x26b/0x400 [ 266.415706][ T9700] __pcs_replace_empty_main+0x1ab/0x660 [ 266.450469][ T9700] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 266.488545][ T9700] alloc_inode+0x183/0x250 [ 266.522102][ T9700] iget_locked+0x1d9/0x6d0 [ 266.548885][ T9700] kernfs_get_inode+0x46/0x470 [ 266.595133][ T9700] kernfs_iop_lookup+0x1a7/0x2d0 [ 266.615137][ T9700] __lookup_slow+0x251/0x460 [ 266.655148][ T9700] lookup_slow+0x50/0x70 [ 266.673491][ T9700] link_path_walk+0x1377/0x1cc0 [ 266.714075][ T9700] path_lookupat+0x74/0xc40 [ 266.737255][ T9700] filename_lookup+0x202/0x590 [ 266.775138][ T9700] page last free pid 1 tgid 1 stack trace: [ 266.824765][ T9700] __free_frozen_pages+0x7e1/0x10d0 [ 266.840362][ T9700] free_contig_range+0xde/0x1d0 [ 266.881169][ T9700] destroy_args+0xa8/0x7a0 [ 266.937987][ T9700] debug_vm_pgtable+0x1b66/0x34c0 [ 266.962332][ T9700] do_one_initcall+0x11d/0x760 [ 266.998042][ T9700] kernel_init_freeable+0x6e5/0x7a0 [ 267.039564][ T9700] kernel_init+0x1f/0x1e0 [ 267.065123][ T9700] ret_from_fork+0x754/0xd80 [ 267.127218][ T9700] ret_from_fork_asm+0x1a/0x30 [ 268.387326][ T30] audit: type=1800 audit(1775916155.683:17): pid=9799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.884" name="dbroot" dev="configfs" ino=25993 res=0 errno=0 [ 268.979166][ T9813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 269.068244][ T9813] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 269.161181][ T9813] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 269.226808][ T9813] page_type: f5(slab) [ 269.271111][ T9813] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 269.377894][ T9813] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 269.477411][ T9813] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 269.582633][ T9813] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 269.661128][ T9825] netlink: 338 bytes leftover after parsing attributes in process `syz.2.890'. [ 269.684676][ T9813] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 269.765879][ T9813] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 269.836109][ T9813] page dumped because: unmovable page [ 269.895115][ T9813] page_owner tracks the page as allocated [ 269.900860][ T9813] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 270.149380][ T9813] post_alloc_hook+0x153/0x170 [ 270.185945][ T9813] get_page_from_freelist+0x111d/0x3140 [ 270.221895][ T9813] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 270.268711][ T9813] new_slab+0xa6/0x6b0 [ 270.288776][ T9813] refill_objects+0x26b/0x400 [ 270.301170][ T9813] __pcs_replace_empty_main+0x1ab/0x660 [ 270.313588][ T9813] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 270.326338][ T9813] alloc_inode+0x183/0x250 [ 270.335296][ T9813] iget_locked+0x1d9/0x6d0 [ 270.346012][ T9813] kernfs_get_inode+0x46/0x470 [ 270.359837][ T9813] kernfs_iop_lookup+0x1a7/0x2d0 [ 270.371691][ T9813] __lookup_slow+0x251/0x460 [ 270.383437][ T9813] lookup_slow+0x50/0x70 [ 270.392527][ T9813] link_path_walk+0x1377/0x1cc0 [ 270.403070][ T9813] path_lookupat+0x74/0xc40 [ 270.413125][ T9813] filename_lookup+0x202/0x590 [ 270.422485][ T9813] page last free pid 1 tgid 1 stack trace: [ 270.435128][ T9813] __free_frozen_pages+0x7e1/0x10d0 [ 270.448486][ T9813] free_contig_range+0xde/0x1d0 [ 270.458968][ T9813] destroy_args+0xa8/0x7a0 [ 270.467975][ T9813] debug_vm_pgtable+0x1b66/0x34c0 [ 270.480620][ T9813] do_one_initcall+0x11d/0x760 [ 270.492755][ T9813] kernel_init_freeable+0x6e5/0x7a0 [ 270.503562][ T9813] kernel_init+0x1f/0x1e0 [ 270.512601][ T9813] ret_from_fork+0x754/0xd80 [ 270.522713][ T9813] ret_from_fork_asm+0x1a/0x30 [ 272.873644][ T9875] random: crng reseeded on system resumption [ 272.885020][ T9877] FAULT_INJECTION: forcing a failure. [ 272.885020][ T9877] name failslab, interval 1, probability 0, space 0, times 0 [ 272.897907][ T9877] CPU: 0 UID: 0 PID: 9877 Comm: syz.1.903 Tainted: G I syzkaller #0 PREEMPT(full) [ 272.897930][ T9877] Tainted: [I]=FIRMWARE_WORKAROUND [ 272.897936][ T9877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 272.897944][ T9877] Call Trace: [ 272.897950][ T9877] [ 272.897956][ T9877] dump_stack_lvl+0x100/0x190 [ 272.897983][ T9877] should_fail_ex.cold+0x5/0xa [ 272.897998][ T9877] ? tipc_conn_lookup+0xd0/0x260 [ 272.898023][ T9877] should_failslab+0xc2/0x120 [ 272.898040][ T9877] __kmalloc_cache_noprof+0x7a/0x6f0 [ 272.898061][ T9877] ? tipc_topsrv_queue_evt+0x125/0x3f0 [ 272.898087][ T9877] tipc_topsrv_queue_evt+0x125/0x3f0 [ 272.898114][ T9877] tipc_sub_report_overlap+0x54c/0x9b0 [ 272.898131][ T9877] tipc_nametbl_insert_publ+0xd5a/0x1570 [ 272.898157][ T9877] tipc_nametbl_publish+0x137/0x260 [ 272.898177][ T9877] tipc_sk_publish+0x1d8/0x430 [ 272.898195][ T9877] ? __pfx_tipc_sk_publish+0x10/0x10 [ 272.898218][ T9877] tipc_setsockopt+0x7af/0xe30 [ 272.898238][ T9877] ? __pfx_tipc_setsockopt+0x10/0x10 [ 272.898263][ T9877] ? __pfx_tipc_setsockopt+0x10/0x10 [ 272.898282][ T9877] do_sock_setsockopt+0xf3/0x1d0 [ 272.898302][ T9877] __sys_setsockopt+0x119/0x190 [ 272.898328][ T9877] __x64_sys_setsockopt+0xbd/0x160 [ 272.898350][ T9877] ? do_syscall_64+0x95/0xf80 [ 272.898366][ T9877] ? lockdep_hardirqs_on+0x78/0x100 [ 272.898383][ T9877] do_syscall_64+0x106/0xf80 [ 272.898397][ T9877] ? clear_bhb_loop+0x40/0x90 [ 272.898415][ T9877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.898430][ T9877] RIP: 0033:0x7f3c6879c819 [ 272.898444][ T9877] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 272.898457][ T9877] RSP: 002b:00007f3c6959d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 272.898471][ T9877] RAX: ffffffffffffffda RBX: 00007f3c68a15fa0 RCX: 00007f3c6879c819 [ 272.898480][ T9877] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003 [ 272.898489][ T9877] RBP: 00007f3c6959d090 R08: 0000000000000014 R09: 0000000000000000 [ 272.898498][ T9877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 272.898506][ T9877] R13: 00007f3c68a16038 R14: 00007f3c68a15fa0 R15: 00007ffc917969b8 [ 272.898525][ T9877] [ 274.406818][ T9894] FAULT_INJECTION: forcing a failure. [ 274.406818][ T9894] name failslab, interval 1, probability 0, space 0, times 0 [ 274.485255][ T9894] CPU: 0 UID: 0 PID: 9894 Comm: syz.3.904 Tainted: G I syzkaller #0 PREEMPT(full) [ 274.485283][ T9894] Tainted: [I]=FIRMWARE_WORKAROUND [ 274.485289][ T9894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 274.485298][ T9894] Call Trace: [ 274.485304][ T9894] [ 274.485310][ T9894] dump_stack_lvl+0x100/0x190 [ 274.485337][ T9894] should_fail_ex.cold+0x5/0xa [ 274.485356][ T9894] should_failslab+0xc2/0x120 [ 274.485376][ T9894] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 274.485399][ T9894] ? alloc_empty_file+0x55/0x1c0 [ 274.485418][ T9894] ? __pfx_stack_trace_save+0x10/0x10 [ 274.485436][ T9894] alloc_empty_file+0x55/0x1c0 [ 274.485456][ T9894] path_openat+0xe8/0x31a0 [ 274.485471][ T9894] ? kasan_save_stack+0x3f/0x50 [ 274.485484][ T9894] ? kasan_save_stack+0x30/0x50 [ 274.485497][ T9894] ? kasan_save_track+0x14/0x30 [ 274.485510][ T9894] ? __kasan_slab_alloc+0x89/0x90 [ 274.485525][ T9894] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 274.485546][ T9894] ? do_getname+0x35/0x390 [ 274.485563][ T9894] ? do_sys_openat2+0xc5/0x1e0 [ 274.485582][ T9894] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.485600][ T9894] ? __pfx_path_openat+0x10/0x10 [ 274.485622][ T9894] do_file_open+0x20e/0x430 [ 274.485639][ T9894] ? __pfx_do_file_open+0x10/0x10 [ 274.485668][ T9894] ? alloc_fd+0x476/0x790 [ 274.485684][ T9894] ? do_getname+0x191/0x390 [ 274.485704][ T9894] do_sys_openat2+0x10d/0x1e0 [ 274.485724][ T9894] ? __pfx_do_sys_openat2+0x10/0x10 [ 274.485753][ T9894] ? do_raw_spin_unlock+0x145/0x1e0 [ 274.485781][ T9894] __x64_sys_openat+0x12d/0x210 [ 274.485802][ T9894] ? __pfx___x64_sys_openat+0x10/0x10 [ 274.485830][ T9894] do_syscall_64+0x106/0xf80 [ 274.485845][ T9894] ? clear_bhb_loop+0x40/0x90 [ 274.485862][ T9894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 274.485878][ T9894] RIP: 0033:0x7eff1c39c819 [ 274.485891][ T9894] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 274.485904][ T9894] RSP: 002b:00007eff1d276028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 274.485919][ T9894] RAX: ffffffffffffffda RBX: 00007eff1c615fa0 RCX: 00007eff1c39c819 [ 274.485928][ T9894] RDX: 0000000000169780 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 274.485938][ T9894] RBP: 00007eff1c432c91 R08: 0000000000000000 R09: 0000000000000000 [ 274.485946][ T9894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 274.485954][ T9894] R13: 00007eff1c616038 R14: 00007eff1c615fa0 R15: 00007ffd2a97b6c8 [ 274.485973][ T9894] [ 275.141986][ T9898] zram: Removed device: zram0 [ 276.191188][ T30] audit: type=1800 audit(1775916163.483:18): pid=9920 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.912" name="dbroot" dev="configfs" ino=26908 res=0 errno=0 [ 276.934618][ T9924] netlink: 306 bytes leftover after parsing attributes in process `syz.2.913'. [ 277.655916][ T9942] netlink: 28 bytes leftover after parsing attributes in process `syz.1.918'. [ 277.716975][ T9942] vlan1: entered promiscuous mode [ 277.745575][ T9942] vlan1: entered allmulticast mode [ 277.764232][ T9942] veth0_vlan: entered allmulticast mode [ 278.138053][ T9954] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 278.528298][ T9967] input: jJǸ-¶š9ã%vø“ûJ86Ö‘ as /devices/virtual/input/input6 [ 278.727860][ T9960] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 279.356506][ T9977] netlink: 338 bytes leftover after parsing attributes in process `syz.1.925'. [ 281.198512][ T5826] Bluetooth: hci0: unexpected event 0x3e length: 358 > 260 [ 281.198616][ T5826] Bluetooth: hci0: unexpected subevent 0x1b length: 357 > 260 [ 281.403455][ T30] audit: type=1800 audit(1775916168.693:19): pid=10001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.932" name="dbroot" dev="configfs" ino=27536 res=0 errno=0 [ 281.617402][T10007] sp0: Synchronizing with TNC [ 281.973568][ T30] audit: type=1800 audit(1775916169.263:20): pid=10020 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.939" name="dbroot" dev="configfs" ino=27667 res=0 errno=0 [ 282.101120][T10022] netlink: 12 bytes leftover after parsing attributes in process `syz.2.940'. [ 282.161118][T10026] netlink: 342 bytes leftover after parsing attributes in process `syz.3.941'. [ 282.243777][T10028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 282.323840][T10028] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 282.391255][T10028] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 282.409480][ T30] audit: type=1800 audit(1775916169.703:21): pid=10038 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.944" name="dbroot" dev="configfs" ino=27907 res=0 errno=0 [ 282.469094][T10028] page_type: f5(slab) [ 282.497851][T10028] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 282.562659][T10028] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 282.664654][T10028] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 282.685602][T10048] FAULT_INJECTION: forcing a failure. [ 282.685602][T10048] name failslab, interval 1, probability 0, space 0, times 0 [ 282.735088][T10028] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 282.745744][T10048] CPU: 0 UID: 0 PID: 10048 Comm: syz.1.948 Tainted: G I syzkaller #0 PREEMPT(full) [ 282.745770][T10048] Tainted: [I]=FIRMWARE_WORKAROUND [ 282.745775][T10048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 282.745783][T10048] Call Trace: [ 282.745789][T10048] [ 282.745795][T10048] dump_stack_lvl+0x100/0x190 [ 282.745821][T10048] should_fail_ex.cold+0x5/0xa [ 282.745839][T10048] ? copy_splice_read+0x1a3/0xb90 [ 282.745854][T10048] should_failslab+0xc2/0x120 [ 282.745870][T10048] __kmalloc_noprof+0xe0/0x850 [ 282.745897][T10048] copy_splice_read+0x1a3/0xb90 [ 282.745912][T10048] ? __pfx_iter_file_splice_write+0x10/0x10 [ 282.745938][T10048] ? __pfx_copy_splice_read+0x10/0x10 [ 282.745959][T10048] ? find_held_lock+0x2b/0x80 [ 282.745977][T10048] ? __pfx_copy_splice_read+0x10/0x10 [ 282.745992][T10048] do_splice_read+0x285/0x370 [ 282.746009][T10048] splice_direct_to_actor+0x2a1/0xa30 [ 282.746025][T10048] ? __pfx_direct_splice_actor+0x10/0x10 [ 282.746043][T10048] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 282.746064][T10048] do_splice_direct+0x174/0x240 [ 282.746080][T10048] ? __pfx_do_splice_direct+0x10/0x10 [ 282.746095][T10048] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 282.746113][T10048] ? rw_verify_area+0xce/0x6d0 [ 282.746136][T10048] do_sendfile+0xadc/0xe20 [ 282.746154][T10048] ? __pfx_do_sendfile+0x10/0x10 [ 282.746177][T10048] ? __fget_files+0x21f/0x3d0 [ 282.746196][T10048] __x64_sys_sendfile64+0x1d8/0x220 [ 282.746213][T10048] ? ksys_write+0x1ac/0x250 [ 282.746227][T10048] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 282.746250][T10048] do_syscall_64+0x106/0xf80 [ 282.746265][T10048] ? clear_bhb_loop+0x40/0x90 [ 282.746283][T10048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 282.746298][T10048] RIP: 0033:0x7f3c6879c819 [ 282.746310][T10048] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 282.746324][T10048] RSP: 002b:00007f3c6959d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 282.746338][T10048] RAX: ffffffffffffffda RBX: 00007f3c68a15fa0 RCX: 00007f3c6879c819 [ 282.746347][T10048] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 282.746356][T10048] RBP: 00007f3c6959d090 R08: 0000000000000000 R09: 0000000000000000 [ 282.746364][T10048] R10: 000000007ffff000 R11: 0000000000000246 R12: 0000000000000001 [ 282.746373][T10048] R13: 00007f3c68a16038 R14: 00007f3c68a15fa0 R15: 00007ffc917969b8 [ 282.746391][T10048] [ 283.265101][T10028] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 283.273912][T10028] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 283.334294][T10028] page dumped because: unmovable page [ 283.375126][T10028] page_owner tracks the page as allocated [ 283.401355][T10028] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 283.554780][T10028] post_alloc_hook+0x153/0x170 [ 283.576591][T10057] bond0: option lp_interval: invalid value () [ 283.583562][T10028] get_page_from_freelist+0x111d/0x3140 [ 283.589582][T10057] bond0: option lp_interval: allowed values 1 - 2147483647 [ 283.599521][T10028] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 283.635325][T10028] new_slab+0xa6/0x6b0 [ 283.665134][T10028] refill_objects+0x26b/0x400 [ 283.669851][T10028] __pcs_replace_empty_main+0x1ab/0x660 [ 283.707006][T10028] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 283.740859][T10028] alloc_inode+0x183/0x250 [ 283.749690][T10028] iget_locked+0x1d9/0x6d0 [ 283.764568][T10028] kernfs_get_inode+0x46/0x470 [ 283.779127][T10028] kernfs_iop_lookup+0x1a7/0x2d0 [ 283.817480][T10028] __lookup_slow+0x251/0x460 [ 283.822107][T10028] lookup_slow+0x50/0x70 [ 283.893680][T10028] link_path_walk+0x1377/0x1cc0 [ 283.918627][T10028] path_lookupat+0x74/0xc40 [ 283.951947][T10028] filename_lookup+0x202/0x590 [ 283.990930][T10028] page last free pid 1 tgid 1 stack trace: [ 284.031645][T10028] __free_frozen_pages+0x7e1/0x10d0 [ 284.073070][T10028] free_contig_range+0xde/0x1d0 [ 284.109778][T10028] destroy_args+0xa8/0x7a0 [ 284.143755][T10028] debug_vm_pgtable+0x1b66/0x34c0 [ 284.164021][T10028] do_one_initcall+0x11d/0x760 [ 284.173264][T10063] random: crng reseeded on system resumption [ 284.189979][T10028] kernel_init_freeable+0x6e5/0x7a0 [ 284.212698][T10028] kernel_init+0x1f/0x1e0 [ 284.232482][T10028] ret_from_fork+0x754/0xd80 [ 284.252398][T10028] ret_from_fork_asm+0x1a/0x30 [ 285.497305][T10103] rnbd_client L213: map_device: Parameters missing [ 286.225676][ T30] audit: type=1800 audit(1775916173.513:22): pid=10125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.966" name="dbroot" dev="configfs" ino=28260 res=0 errno=0 [ 286.781751][T10149] rnbd_client L202: map_device: Unknown parameter or missing value '7' [ 287.736735][ T30] audit: type=1800 audit(1775916175.033:23): pid=10177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.977" name="dbroot" dev="configfs" ino=28617 res=0 errno=0 [ 288.698537][ T30] audit: type=1800 audit(1775916175.993:24): pid=10205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.987" name="dbroot" dev="configfs" ino=28703 res=0 errno=0 [ 288.994163][ T30] audit: type=1800 audit(1775916176.283:25): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.997" name="dbroot" dev="configfs" ino=28746 res=0 errno=0 [ 289.126384][T10216] bridge0: port 3(team0) entered blocking state [ 289.146159][T10216] bridge0: port 3(team0) entered disabled state [ 289.152539][T10216] team0: entered allmulticast mode [ 289.186685][T10216] team_slave_0: entered allmulticast mode [ 289.213129][T10216] team_slave_1: entered allmulticast mode [ 289.235016][T10216] team0: entered promiscuous mode [ 289.252124][T10216] team_slave_0: entered promiscuous mode [ 289.270810][T10216] team_slave_1: entered promiscuous mode [ 289.294131][T10216] bridge0: port 3(team0) entered blocking state [ 289.300757][T10216] bridge0: port 3(team0) entered forwarding state [ 289.539415][T10231] rnbd_client L213: map_device: Parameters missing [ 289.931765][T10237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 290.023310][T10237] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 290.102188][T10237] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 290.201205][T10237] page_type: f5(slab) [ 290.251079][T10237] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 290.374016][ T30] audit: type=1800 audit(1775916177.663:26): pid=10250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1002" name="lu_gp_id" dev="configfs" ino=28996 res=0 errno=0 [ 290.417844][T10237] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 290.485160][T10237] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 290.579357][T10237] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 290.691677][T10237] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 290.739090][T10237] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 290.820016][T10237] page dumped because: unmovable page [ 290.862831][T10237] page_owner tracks the page as allocated [ 290.888065][T10262] netlink: 306 bytes leftover after parsing attributes in process `syz.1.1004'. [ 290.913482][T10237] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 291.104643][T10237] post_alloc_hook+0x153/0x170 [ 291.145825][T10237] get_page_from_freelist+0x111d/0x3140 [ 291.193685][T10237] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 291.291796][T10237] new_slab+0xa6/0x6b0 [ 291.316129][T10237] refill_objects+0x26b/0x400 [ 291.402280][T10237] __pcs_replace_empty_main+0x1ab/0x660 [ 291.445086][T10237] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 291.526948][T10237] alloc_inode+0x183/0x250 [ 291.592556][T10237] iget_locked+0x1d9/0x6d0 [ 291.602886][T10237] kernfs_get_inode+0x46/0x470 [ 291.642474][T10237] kernfs_iop_lookup+0x1a7/0x2d0 [ 291.681669][T10237] __lookup_slow+0x251/0x460 [ 291.686536][T10237] lookup_slow+0x50/0x70 [ 291.690802][T10237] link_path_walk+0x1377/0x1cc0 [ 291.725546][T10237] path_lookupat+0x74/0xc40 [ 291.730087][T10237] filename_lookup+0x202/0x590 [ 291.734843][T10237] page last free pid 1 tgid 1 stack trace: [ 291.789822][T10237] __free_frozen_pages+0x7e1/0x10d0 [ 291.818008][T10237] free_contig_range+0xde/0x1d0 [ 291.822900][T10237] destroy_args+0xa8/0x7a0 [ 291.855183][T10237] debug_vm_pgtable+0x1b66/0x34c0 [ 291.875083][T10237] do_one_initcall+0x11d/0x760 [ 291.895129][T10237] kernel_init_freeable+0x6e5/0x7a0 [ 291.920946][T10237] kernel_init+0x1f/0x1e0 [ 291.941154][T10237] ret_from_fork+0x754/0xd80 [ 291.958187][T10237] ret_from_fork_asm+0x1a/0x30 [ 292.298536][T10285] rnbd_client L213: map_device: Parameters missing [ 294.674053][ T30] audit: type=1800 audit(1775916181.963:27): pid=10343 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1023" name="dbroot" dev="configfs" ino=29624 res=0 errno=0 [ 295.365406][T10366] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1026'. [ 295.977366][T10378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 296.035123][T10378] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 296.116865][T10378] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 296.202270][T10378] page_type: f5(slab) [ 296.258542][T10378] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 296.318638][T10378] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 296.403866][T10378] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 296.525555][T10378] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 296.610567][T10378] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 296.731837][T10378] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 296.814893][T10378] page dumped because: unmovable page [ 296.872502][T10378] page_owner tracks the page as allocated [ 296.933273][T10378] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 297.175629][T10378] post_alloc_hook+0x153/0x170 [ 297.180441][T10378] get_page_from_freelist+0x111d/0x3140 [ 297.257400][T10378] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 297.275662][T10378] new_slab+0xa6/0x6b0 [ 297.283172][ T30] audit: type=1800 audit(1775916184.573:28): pid=10412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1034" name="dbroot" dev="configfs" ino=29917 res=0 errno=0 [ 297.324352][T10378] refill_objects+0x26b/0x400 [ 297.332552][T10378] __pcs_replace_empty_main+0x1ab/0x660 [ 297.358555][T10378] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 297.387835][T10378] alloc_inode+0x183/0x250 [ 297.405111][T10378] iget_locked+0x1d9/0x6d0 [ 297.425475][T10378] kernfs_get_inode+0x46/0x470 [ 297.445858][T10378] kernfs_iop_lookup+0x1a7/0x2d0 [ 297.465983][T10378] __lookup_slow+0x251/0x460 [ 297.491510][T10378] lookup_slow+0x50/0x70 [ 297.509197][T10378] link_path_walk+0x1377/0x1cc0 [ 297.530626][T10378] path_lookupat+0x74/0xc40 [ 297.550677][T10378] filename_lookup+0x202/0x590 [ 297.557389][T10416] FAULT_INJECTION: forcing a failure. [ 297.557389][T10416] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 297.576361][T10378] page last free pid 1 tgid 1 stack trace: [ 297.602493][T10378] __free_frozen_pages+0x7e1/0x10d0 [ 297.618151][T10416] CPU: 0 UID: 0 PID: 10416 Comm: syz.3.1036 Tainted: G I syzkaller #0 PREEMPT(full) [ 297.618177][T10416] Tainted: [I]=FIRMWARE_WORKAROUND [ 297.618182][T10416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 297.618191][T10416] Call Trace: [ 297.618196][T10416] [ 297.618202][T10416] dump_stack_lvl+0x100/0x190 [ 297.618231][T10416] should_fail_ex.cold+0x5/0xa [ 297.618249][T10416] _copy_to_user+0x32/0xd0 [ 297.618277][T10416] simple_read_from_buffer+0xcb/0x170 [ 297.618302][T10416] proc_fail_nth_read+0x1af/0x230 [ 297.618322][T10416] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 297.618342][T10416] ? rw_verify_area+0xce/0x6d0 [ 297.618363][T10416] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 297.618382][T10416] vfs_read+0x1e4/0xb30 [ 297.618398][T10416] ? __pfx_vfs_read+0x10/0x10 [ 297.618412][T10416] ? __fget_files+0x215/0x3d0 [ 297.618430][T10416] ? __fget_files+0x21f/0x3d0 [ 297.618449][T10416] ksys_read+0x12a/0x250 [ 297.618463][T10416] ? __pfx_ksys_read+0x10/0x10 [ 297.618488][T10416] do_syscall_64+0x106/0xf80 [ 297.618503][T10416] ? clear_bhb_loop+0x40/0x90 [ 297.618521][T10416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.618536][T10416] RIP: 0033:0x7eff1c35d04e [ 297.618548][T10416] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 297.618562][T10416] RSP: 002b:00007eff1d275fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 297.618576][T10416] RAX: ffffffffffffffda RBX: 00007eff1d2766c0 RCX: 00007eff1c35d04e [ 297.618585][T10416] RDX: 000000000000000f RSI: 00007eff1d2760a0 RDI: 0000000000000004 [ 297.618594][T10416] RBP: 00007eff1d276090 R08: 0000000000000000 R09: 0000000000000000 [ 297.618602][T10416] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 297.618610][T10416] R13: 00007eff1c616038 R14: 00007eff1c615fa0 R15: 00007ffd2a97b6c8 [ 297.618629][T10416] [ 297.957138][T10378] free_contig_range+0xde/0x1d0 [ 297.962068][T10378] destroy_args+0xa8/0x7a0 [ 297.968484][T10378] debug_vm_pgtable+0x1b66/0x34c0 [ 297.973547][T10378] do_one_initcall+0x11d/0x760 [ 297.978760][T10378] kernel_init_freeable+0x6e5/0x7a0 [ 297.983966][T10378] kernel_init+0x1f/0x1e0 [ 297.990197][T10378] ret_from_fork+0x754/0xd80 [ 297.994798][T10378] ret_from_fork_asm+0x1a/0x30 [ 298.719529][T10419] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 298.725909][T10419] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 298.743228][T10419] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 298.765675][T10419] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 299.483734][T10466] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1048'. [ 299.695999][T10474] FAULT_INJECTION: forcing a failure. [ 299.695999][T10474] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 299.795123][T10474] CPU: 0 UID: 0 PID: 10474 Comm: syz.0.1049 Tainted: G I syzkaller #0 PREEMPT(full) [ 299.795148][T10474] Tainted: [I]=FIRMWARE_WORKAROUND [ 299.795154][T10474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 299.795162][T10474] Call Trace: [ 299.795168][T10474] [ 299.795173][T10474] dump_stack_lvl+0x100/0x190 [ 299.795201][T10474] should_fail_ex.cold+0x5/0xa [ 299.795219][T10474] _copy_from_user+0x2e/0xd0 [ 299.795243][T10474] mem_rw+0x1d2/0x640 [ 299.795263][T10474] vfs_write+0x2aa/0x1070 [ 299.795286][T10474] ? __pfx_mem_write+0x10/0x10 [ 299.795304][T10474] ? __pfx_vfs_write+0x10/0x10 [ 299.795317][T10474] ? __fget_files+0x215/0x3d0 [ 299.795337][T10474] ? __fget_files+0x21f/0x3d0 [ 299.795356][T10474] ksys_write+0x12a/0x250 [ 299.795370][T10474] ? __pfx_ksys_write+0x10/0x10 [ 299.795390][T10474] do_syscall_64+0x106/0xf80 [ 299.795406][T10474] ? clear_bhb_loop+0x40/0x90 [ 299.795423][T10474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.795438][T10474] RIP: 0033:0x7f64e2d9c819 [ 299.795451][T10474] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.795465][T10474] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 299.795479][T10474] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 299.795488][T10474] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000009 [ 299.795497][T10474] RBP: 00007f64e3ce8090 R08: 0000000000000000 R09: 0000000000000000 [ 299.795505][T10474] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 299.795514][T10474] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 299.795533][T10474] [ 300.242565][ T5826] Bluetooth: hci0: command 0x0c1a tx timeout [ 300.258559][ T30] audit: type=1800 audit(1775916187.483:29): pid=10486 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1053" name="dbroot" dev="configfs" ino=30140 res=0 errno=0 [ 300.304307][T10489] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1051'. [ 300.368144][T10491] random: crng reseeded on system resumption [ 300.773497][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout [ 300.779632][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 300.847096][ T5826] Bluetooth: hci3: command 0x0c1a tx timeout [ 301.246070][T10516] ======================================================= [ 301.246070][T10516] WARNING: The mand mount option has been deprecated and [ 301.246070][T10516] and is ignored by this kernel. Remove the mand [ 301.246070][T10516] option from the mount to silence this warning. [ 301.246070][T10516] ======================================================= [ 302.056232][ T30] audit: type=1800 audit(1775916189.353:30): pid=10533 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1063" name="dbroot" dev="configfs" ino=30273 res=0 errno=0 [ 302.312459][T10539] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1064'. [ 303.162731][T10564] FAULT_INJECTION: forcing a failure. [ 303.162731][T10564] name failslab, interval 1, probability 0, space 0, times 0 [ 303.240992][T10564] CPU: 0 UID: 0 PID: 10564 Comm: syz.2.1071 Tainted: G I syzkaller #0 PREEMPT(full) [ 303.241018][T10564] Tainted: [I]=FIRMWARE_WORKAROUND [ 303.241024][T10564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 303.241033][T10564] Call Trace: [ 303.241039][T10564] [ 303.241045][T10564] dump_stack_lvl+0x100/0x190 [ 303.241073][T10564] should_fail_ex.cold+0x5/0xa [ 303.241091][T10564] should_failslab+0xc2/0x120 [ 303.241108][T10564] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 303.241131][T10564] ? __proc_create+0x2cb/0x8c0 [ 303.241150][T10564] __proc_create+0x2cb/0x8c0 [ 303.241165][T10564] ? __pfx___proc_create+0x10/0x10 [ 303.241183][T10564] ? _raw_write_unlock+0x28/0x50 [ 303.241198][T10564] ? proc_register+0x559/0x8a0 [ 303.241215][T10564] proc_create_reg+0x75/0x170 [ 303.241234][T10564] proc_create_net_data+0x8e/0x1c0 [ 303.241251][T10564] ? __pfx_proc_create_net_data+0x10/0x10 [ 303.241269][T10564] ? sctp_defaults_init+0x720/0xd90 [ 303.241292][T10564] sctp_proc_init+0xfb/0x270 [ 303.241307][T10564] ? __pfx_sctp_defaults_init+0x10/0x10 [ 303.241321][T10564] sctp_defaults_init+0x758/0xd90 [ 303.241337][T10564] ? __pfx_sctp_defaults_init+0x10/0x10 [ 303.241353][T10564] ops_init+0x1e2/0x5f0 [ 303.241370][T10564] setup_net+0x118/0x3a0 [ 303.241386][T10564] ? __pfx_setup_net+0x10/0x10 [ 303.241400][T10564] ? lockdep_init_map_type+0x5c/0x250 [ 303.241421][T10564] ? mutex_init_lockep+0x110/0x150 [ 303.241444][T10564] copy_net_ns+0x46f/0x7c0 [ 303.241462][T10564] create_new_namespaces+0x3ea/0xac0 [ 303.241483][T10564] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 303.241501][T10564] ksys_unshare+0x473/0xad0 [ 303.241521][T10564] ? __pfx_ksys_unshare+0x10/0x10 [ 303.241547][T10564] __x64_sys_unshare+0x31/0x40 [ 303.241565][T10564] do_syscall_64+0x106/0xf80 [ 303.241580][T10564] ? clear_bhb_loop+0x40/0x90 [ 303.241598][T10564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.241612][T10564] RIP: 0033:0x7f8b0979c819 [ 303.241625][T10564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 303.241639][T10564] RSP: 002b:00007f8b0a6de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 303.241653][T10564] RAX: ffffffffffffffda RBX: 00007f8b09a15fa0 RCX: 00007f8b0979c819 [ 303.241663][T10564] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 303.241671][T10564] RBP: 00007f8b09832c91 R08: 0000000000000000 R09: 0000000000000000 [ 303.241680][T10564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 303.241688][T10564] R13: 00007f8b09a16038 R14: 00007f8b09a15fa0 R15: 00007ffd7ef8ad18 [ 303.241707][T10564] [ 303.626858][ T30] audit: type=1107 audit(1775916190.863:31): pid=10563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='f/f' [ 303.724856][T10577] snd_virmidi snd_virmidi.0: control 61678:131081:43:yª:1 is already present [ 304.148445][T10591] futex_wake_op: syz.1.1077 tries to shift op by -2048; fix this program [ 304.392292][T10602] netlink: 206 bytes leftover after parsing attributes in process `syz.3.1073'. [ 305.684034][T10632] FAULT_INJECTION: forcing a failure. [ 305.684034][T10632] name failslab, interval 1, probability 0, space 0, times 0 [ 305.789532][T10632] CPU: 0 UID: 0 PID: 10632 Comm: syz.1.1084 Tainted: G I syzkaller #0 PREEMPT(full) [ 305.789559][T10632] Tainted: [I]=FIRMWARE_WORKAROUND [ 305.789565][T10632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 305.789574][T10632] Call Trace: [ 305.789580][T10632] [ 305.789587][T10632] dump_stack_lvl+0x100/0x190 [ 305.789614][T10632] should_fail_ex.cold+0x5/0xa [ 305.789633][T10632] should_failslab+0xc2/0x120 [ 305.789650][T10632] __kmalloc_cache_noprof+0x7a/0x6f0 [ 305.789670][T10632] ? smc_stats_init+0x4e/0x160 [ 305.789688][T10632] ? __pfx_smc_net_stat_init+0x10/0x10 [ 305.789714][T10632] smc_stats_init+0x4e/0x160 [ 305.789729][T10632] ? smc_net_init+0x39/0x50 [ 305.789748][T10632] ops_init+0x1e2/0x5f0 [ 305.789766][T10632] setup_net+0x118/0x3a0 [ 305.789782][T10632] ? __pfx_setup_net+0x10/0x10 [ 305.789796][T10632] ? lockdep_init_map_type+0x5c/0x250 [ 305.789817][T10632] ? mutex_init_lockep+0x110/0x150 [ 305.789840][T10632] copy_net_ns+0x46f/0x7c0 [ 305.789859][T10632] create_new_namespaces+0x3ea/0xac0 [ 305.789879][T10632] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 305.789897][T10632] ksys_unshare+0x473/0xad0 [ 305.789918][T10632] ? __pfx_ksys_unshare+0x10/0x10 [ 305.789943][T10632] __x64_sys_unshare+0x31/0x40 [ 305.789961][T10632] do_syscall_64+0x106/0xf80 [ 305.789977][T10632] ? clear_bhb_loop+0x40/0x90 [ 305.789994][T10632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.790010][T10632] RIP: 0033:0x7f3c6879c819 [ 305.790023][T10632] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 305.790037][T10632] RSP: 002b:00007f3c6959d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 305.790051][T10632] RAX: ffffffffffffffda RBX: 00007f3c68a15fa0 RCX: 00007f3c6879c819 [ 305.790061][T10632] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 305.790070][T10632] RBP: 00007f3c68832c91 R08: 0000000000000000 R09: 0000000000000000 [ 305.790079][T10632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 305.790089][T10632] R13: 00007f3c68a16038 R14: 00007f3c68a15fa0 R15: 00007ffc917969b8 [ 305.790108][T10632] [ 306.100699][T10640] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1086'. [ 306.414550][ T30] audit: type=1107 audit(1775916193.703:32): pid=10629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='f/f' [ 308.622092][T10706] FAULT_INJECTION: forcing a failure. [ 308.622092][T10706] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 308.659633][T10705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 308.682721][T10706] CPU: 0 UID: 0 PID: 10706 Comm: syz.1.1103 Tainted: G I syzkaller #0 PREEMPT(full) [ 308.682749][T10706] Tainted: [I]=FIRMWARE_WORKAROUND [ 308.682755][T10706] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 308.682764][T10706] Call Trace: [ 308.682769][T10706] [ 308.682776][T10706] dump_stack_lvl+0x100/0x190 [ 308.682804][T10706] should_fail_ex.cold+0x5/0xa [ 308.682822][T10706] _copy_from_user+0x2e/0xd0 [ 308.682843][T10706] __do_sys_io_uring_register+0xcdb/0x1ac0 [ 308.682863][T10706] ? __do_sys_statmount+0xb65/0x2490 [ 308.682879][T10706] ? __pfx___do_sys_io_uring_register+0x10/0x10 [ 308.682896][T10706] ? __x64_sys_futex+0x34f/0x4d0 [ 308.682915][T10706] ? __x64_sys_futex+0x358/0x4d0 [ 308.682937][T10706] ? xfd_validate_state+0x129/0x190 [ 308.682966][T10706] do_syscall_64+0x106/0xf80 [ 308.682982][T10706] ? clear_bhb_loop+0x40/0x90 [ 308.682999][T10706] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.683015][T10706] RIP: 0033:0x7f3c6879c819 [ 308.683028][T10706] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.683042][T10706] RSP: 002b:00007f3c6959d028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab [ 308.683057][T10706] RAX: ffffffffffffffda RBX: 00007f3c68a15fa0 RCX: 00007f3c6879c819 [ 308.683066][T10706] RDX: 0000000000000000 RSI: 000000000000000b RDI: ffffffffffffffff [ 308.683075][T10706] RBP: 00007f3c68832c91 R08: 0000000000000000 R09: 0000000000000000 [ 308.683084][T10706] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 308.683092][T10706] R13: 00007f3c68a16038 R14: 00007f3c68a15fa0 R15: 00007ffc917969b8 [ 308.683111][T10706] [ 309.076422][T10705] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 309.150951][T10705] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 309.219811][T10705] page_type: f5(slab) [ 309.240012][T10705] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 309.295253][T10705] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 309.330265][T10705] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 309.392968][T10705] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 309.469285][T10705] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 309.499367][T10705] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 309.625312][T10705] page dumped because: unmovable page [ 309.706534][T10705] page_owner tracks the page as allocated [ 309.712281][T10705] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 309.908892][T10705] post_alloc_hook+0x153/0x170 [ 309.947963][T10705] get_page_from_freelist+0x111d/0x3140 [ 309.953564][T10705] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 310.017857][T10705] new_slab+0xa6/0x6b0 [ 310.037088][T10705] refill_objects+0x26b/0x400 [ 310.076204][T10705] __pcs_replace_empty_main+0x1ab/0x660 [ 310.093882][T10705] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 310.132901][T10705] alloc_inode+0x183/0x250 [ 310.151994][T10705] iget_locked+0x1d9/0x6d0 [ 310.170826][T10705] kernfs_get_inode+0x46/0x470 [ 310.210875][T10705] kernfs_iop_lookup+0x1a7/0x2d0 [ 310.232878][T10705] __lookup_slow+0x251/0x460 [ 310.253561][T10705] lookup_slow+0x50/0x70 [ 310.283965][T10705] link_path_walk+0x1377/0x1cc0 [ 310.311314][T10705] path_lookupat+0x74/0xc40 [ 310.329517][T10705] filename_lookup+0x202/0x590 [ 310.368517][T10705] page last free pid 1 tgid 1 stack trace: [ 310.390189][T10705] __free_frozen_pages+0x7e1/0x10d0 [ 310.410448][T10705] free_contig_range+0xde/0x1d0 [ 310.430677][T10705] destroy_args+0xa8/0x7a0 [ 310.450930][T10705] debug_vm_pgtable+0x1b66/0x34c0 [ 310.471376][T10705] do_one_initcall+0x11d/0x760 [ 310.495114][T10705] kernel_init_freeable+0x6e5/0x7a0 [ 310.500354][T10705] kernel_init+0x1f/0x1e0 [ 310.535145][T10705] ret_from_fork+0x754/0xd80 [ 310.555089][T10705] ret_from_fork_asm+0x1a/0x30 [ 312.935955][T10790] random: crng reseeded on system resumption [ 313.826134][T10809] FAULT_INJECTION: forcing a failure. [ 313.826134][T10809] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 313.880232][T10809] CPU: 0 UID: 0 PID: 10809 Comm: syz.0.1132 Tainted: G I syzkaller #0 PREEMPT(full) [ 313.880258][T10809] Tainted: [I]=FIRMWARE_WORKAROUND [ 313.880263][T10809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 313.880272][T10809] Call Trace: [ 313.880277][T10809] [ 313.880283][T10809] dump_stack_lvl+0x100/0x190 [ 313.880311][T10809] should_fail_ex.cold+0x5/0xa [ 313.880326][T10809] ? prepare_alloc_pages+0x16d/0x5f0 [ 313.880345][T10809] should_fail_alloc_page+0xeb/0x140 [ 313.880364][T10809] prepare_alloc_pages+0x1f0/0x5f0 [ 313.880384][T10809] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 313.880409][T10809] ? __pfx_stack_trace_save+0x10/0x10 [ 313.880426][T10809] ? stack_depot_save_flags+0x27/0x9d0 [ 313.880446][T10809] ? kasan_save_stack+0x3f/0x50 [ 313.880459][T10809] ? kasan_save_stack+0x30/0x50 [ 313.880472][T10809] ? kasan_save_track+0x14/0x30 [ 313.880487][T10809] ? kasan_save_stack+0x30/0x50 [ 313.880502][T10809] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 313.880526][T10809] ? __lock_acquire+0x4a5/0x2630 [ 313.880547][T10809] ? __lock_acquire+0x4a5/0x2630 [ 313.880565][T10809] ? look_up_lock_class+0x55/0x120 [ 313.880588][T10809] ? __lock_acquire+0x4a5/0x2630 [ 313.880607][T10809] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 313.880624][T10809] ? policy_nodemask+0xed/0x4f0 [ 313.880642][T10809] alloc_pages_mpol+0x1fb/0x550 [ 313.880660][T10809] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 313.880681][T10809] folio_alloc_mpol_noprof+0x36/0x340 [ 313.880701][T10809] vma_alloc_folio_noprof+0xed/0x1d0 [ 313.880720][T10809] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 313.880745][T10809] do_anonymous_page+0xb3a/0x1fb0 [ 313.880772][T10809] __handle_mm_fault+0x1d48/0x2b60 [ 313.880798][T10809] ? __pfx___handle_mm_fault+0x10/0x10 [ 313.880820][T10809] ? pte_offset_map_lock+0x174/0x320 [ 313.880836][T10809] ? find_held_lock+0x2b/0x80 [ 313.880856][T10809] ? follow_page_pte+0x5b3/0x1400 [ 313.880877][T10809] handle_mm_fault+0x36d/0xa20 [ 313.880901][T10809] __get_user_pages+0xf9c/0x34d0 [ 313.880924][T10809] ? find_held_lock+0x2b/0x80 [ 313.880938][T10809] ? mtree_load+0x311/0xa40 [ 313.880953][T10809] ? __pfx___get_user_pages+0x10/0x10 [ 313.880976][T10809] get_user_pages_remote+0x3d2/0xb10 [ 313.880994][T10809] ? mas_new_root+0x690/0x6e0 [ 313.881016][T10809] ? __pfx_get_user_pages_remote+0x10/0x10 [ 313.881041][T10809] __access_remote_vm+0x3ba/0xa70 [ 313.881060][T10809] ? __pfx___access_remote_vm+0x10/0x10 [ 313.881076][T10809] ? rep_movs_alternative+0x4a/0x90 [ 313.881099][T10809] mem_rw+0x20a/0x640 [ 313.881120][T10809] vfs_write+0x2aa/0x1070 [ 313.881135][T10809] ? __pfx_mem_write+0x10/0x10 [ 313.881153][T10809] ? __pfx_vfs_write+0x10/0x10 [ 313.881166][T10809] ? __fget_files+0x215/0x3d0 [ 313.881186][T10809] ? __fget_files+0x21f/0x3d0 [ 313.881205][T10809] ksys_write+0x12a/0x250 [ 313.881220][T10809] ? __pfx_ksys_write+0x10/0x10 [ 313.881239][T10809] do_syscall_64+0x106/0xf80 [ 313.881255][T10809] ? clear_bhb_loop+0x40/0x90 [ 313.881273][T10809] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 313.881288][T10809] RIP: 0033:0x7f64e2d9c819 [ 313.881303][T10809] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 313.881316][T10809] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 313.881331][T10809] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 313.881340][T10809] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000009 [ 313.881349][T10809] RBP: 00007f64e3ce8090 R08: 0000000000000000 R09: 0000000000000000 [ 313.881357][T10809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 313.881366][T10809] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 313.881385][T10809] [ 314.731673][ T30] audit: type=1800 audit(1775916201.553:33): pid=10811 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1131" name="dbroot" dev="configfs" ino=32204 res=0 errno=0 [ 314.822216][T10823] FAULT_INJECTION: forcing a failure. [ 314.822216][T10823] name failslab, interval 1, probability 0, space 0, times 0 [ 314.865754][T10823] CPU: 0 UID: 0 PID: 10823 Comm: syz.0.1134 Tainted: G I syzkaller #0 PREEMPT(full) [ 314.865779][T10823] Tainted: [I]=FIRMWARE_WORKAROUND [ 314.865784][T10823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 314.865793][T10823] Call Trace: [ 314.865798][T10823] [ 314.865804][T10823] dump_stack_lvl+0x100/0x190 [ 314.865841][T10823] should_fail_ex.cold+0x5/0xa [ 314.865859][T10823] should_failslab+0xc2/0x120 [ 314.865877][T10823] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 314.865900][T10823] ? __anon_vma_prepare+0x344/0x5e0 [ 314.865925][T10823] __anon_vma_prepare+0x344/0x5e0 [ 314.865946][T10823] ? __pfx___pte_alloc+0x10/0x10 [ 314.865964][T10823] __vmf_anon_prepare+0x11f/0x250 [ 314.865983][T10823] do_anonymous_page+0x552/0x1fb0 [ 314.866004][T10823] ? do_raw_spin_unlock+0x145/0x1e0 [ 314.866029][T10823] ? __pmd_alloc+0x3fb/0x950 [ 314.866048][T10823] __handle_mm_fault+0x1d48/0x2b60 [ 314.866071][T10823] ? mt_find+0x45e/0x8e0 [ 314.866092][T10823] ? __pfx___handle_mm_fault+0x10/0x10 [ 314.866111][T10823] ? __pfx_mt_find+0x10/0x10 [ 314.866126][T10823] ? rcu_read_unlock+0x2d/0xb0 [ 314.866162][T10823] handle_mm_fault+0x36d/0xa20 [ 314.866187][T10823] __get_user_pages+0xf9c/0x34d0 [ 314.866209][T10823] ? find_held_lock+0x2b/0x80 [ 314.866223][T10823] ? mtree_load+0x311/0xa40 [ 314.866237][T10823] ? __pfx___get_user_pages+0x10/0x10 [ 314.866260][T10823] get_user_pages_remote+0x3d2/0xb10 [ 314.866278][T10823] ? mas_new_root+0x690/0x6e0 [ 314.866295][T10823] ? __pfx_get_user_pages_remote+0x10/0x10 [ 314.866320][T10823] __access_remote_vm+0x3ba/0xa70 [ 314.866339][T10823] ? __pfx___access_remote_vm+0x10/0x10 [ 314.866355][T10823] ? rep_movs_alternative+0x4a/0x90 [ 314.866378][T10823] mem_rw+0x20a/0x640 [ 314.866399][T10823] vfs_write+0x2aa/0x1070 [ 314.866414][T10823] ? __pfx_mem_write+0x10/0x10 [ 314.866431][T10823] ? __pfx_vfs_write+0x10/0x10 [ 314.866445][T10823] ? __fget_files+0x215/0x3d0 [ 314.866464][T10823] ? __fget_files+0x21f/0x3d0 [ 314.866484][T10823] ksys_write+0x12a/0x250 [ 314.866498][T10823] ? __pfx_ksys_write+0x10/0x10 [ 314.866517][T10823] do_syscall_64+0x106/0xf80 [ 314.866533][T10823] ? clear_bhb_loop+0x40/0x90 [ 314.866551][T10823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 314.866565][T10823] RIP: 0033:0x7f64e2d9c819 [ 314.866578][T10823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 314.866592][T10823] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 314.866607][T10823] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 314.866616][T10823] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000005 [ 314.866625][T10823] RBP: 00007f64e3ce8090 R08: 0000000000000000 R09: 0000000000000000 [ 314.866633][T10823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 314.866642][T10823] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 314.866660][T10823] [ 315.971870][T10830] can: request_module (can-proto-5) failed. [ 317.173457][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.185783][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.729852][T10828] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 317.739296][T10828] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 317.795118][T10828] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 317.819796][T10828] page_type: f5(slab) [ 317.845106][T10828] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 317.883365][T10828] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 317.916319][T10828] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 317.970339][T10828] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 318.019247][T10828] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 318.069771][T10828] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 318.112758][T10828] page dumped because: unmovable page [ 318.155208][T10828] page_owner tracks the page as allocated [ 318.178662][T10828] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 318.297156][T10828] post_alloc_hook+0x153/0x170 [ 318.301971][T10828] get_page_from_freelist+0x111d/0x3140 [ 318.355096][T10828] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 318.395117][T10828] new_slab+0xa6/0x6b0 [ 318.399247][T10828] refill_objects+0x26b/0x400 [ 318.403920][T10828] __pcs_replace_empty_main+0x1ab/0x660 [ 318.469794][T10828] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 318.500405][T10828] alloc_inode+0x183/0x250 [ 318.504889][T10828] iget_locked+0x1d9/0x6d0 [ 318.546193][T10828] kernfs_get_inode+0x46/0x470 [ 318.572144][T10828] kernfs_iop_lookup+0x1a7/0x2d0 [ 318.599810][T10828] __lookup_slow+0x251/0x460 [ 318.626933][T10828] lookup_slow+0x50/0x70 [ 318.647803][T10828] link_path_walk+0x1377/0x1cc0 [ 318.681463][T10828] path_lookupat+0x74/0xc40 [ 318.698375][T10828] filename_lookup+0x202/0x590 [ 318.726382][T10828] page last free pid 1 tgid 1 stack trace: [ 318.758382][T10828] __free_frozen_pages+0x7e1/0x10d0 [ 318.795128][T10828] free_contig_range+0xde/0x1d0 [ 318.815173][T10828] destroy_args+0xa8/0x7a0 [ 318.840106][T10828] debug_vm_pgtable+0x1b66/0x34c0 [ 318.872486][T10828] do_one_initcall+0x11d/0x760 [ 318.903666][T10828] kernel_init_freeable+0x6e5/0x7a0 [ 318.921512][T10828] kernel_init+0x1f/0x1e0 [ 318.954749][T10828] ret_from_fork+0x754/0xd80 [ 318.975291][T10828] ret_from_fork_asm+0x1a/0x30 [ 319.247532][T10868] random: crng reseeded on system resumption [ 319.802984][T10874] kAFS: Invalid Command on /proc/fs/afs/cells file [ 320.408505][T10895] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1147'. [ 320.968782][T10905] netlink: 252 bytes leftover after parsing attributes in process `syz.3.1148'. [ 320.995877][T10905] unsupported nla_type 65535 [ 322.816025][T10929] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1153'. [ 322.899350][T10935] FAULT_INJECTION: forcing a failure. [ 322.899350][T10935] name failslab, interval 1, probability 0, space 0, times 0 [ 322.957231][ T30] audit: type=1800 audit(1775916210.253:34): pid=10938 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1155" name="dbroot" dev="configfs" ino=32716 res=0 errno=0 [ 322.988790][T10937] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1156'. [ 323.030195][T10935] CPU: 0 UID: 0 PID: 10935 Comm: syz.3.1154 Tainted: G I syzkaller #0 PREEMPT(full) [ 323.030221][T10935] Tainted: [I]=FIRMWARE_WORKAROUND [ 323.030227][T10935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 323.030235][T10935] Call Trace: [ 323.030241][T10935] [ 323.030246][T10935] dump_stack_lvl+0x100/0x190 [ 323.030272][T10935] should_fail_ex.cold+0x5/0xa [ 323.030289][T10935] ? tomoyo_realpath_from_path+0xb6/0x690 [ 323.030312][T10935] should_failslab+0xc2/0x120 [ 323.030329][T10935] __kmalloc_noprof+0xe0/0x850 [ 323.030356][T10935] tomoyo_realpath_from_path+0xb6/0x690 [ 323.030382][T10935] tomoyo_path_number_perm+0x23c/0x580 [ 323.030399][T10935] ? tomoyo_path_number_perm+0x22e/0x580 [ 323.030418][T10935] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 323.030454][T10935] ? find_held_lock+0x2b/0x80 [ 323.030467][T10935] ? __fget_files+0x215/0x3d0 [ 323.030481][T10935] ? hook_file_ioctl_common+0x146/0x410 [ 323.030504][T10935] ? __fget_files+0x21f/0x3d0 [ 323.030521][T10935] security_file_ioctl+0xd3/0x230 [ 323.030540][T10935] __x64_sys_ioctl+0xb7/0x210 [ 323.030564][T10935] do_syscall_64+0x106/0xf80 [ 323.030579][T10935] ? clear_bhb_loop+0x40/0x90 [ 323.030597][T10935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.030612][T10935] RIP: 0033:0x7eff1c39c819 [ 323.030625][T10935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.030638][T10935] RSP: 002b:00007eff1d276028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 323.030652][T10935] RAX: ffffffffffffffda RBX: 00007eff1c615fa0 RCX: 00007eff1c39c819 [ 323.030661][T10935] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000002 [ 323.030670][T10935] RBP: 00007eff1d276090 R08: 0000000000000000 R09: 0000000000000000 [ 323.030678][T10935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 323.030686][T10935] R13: 00007eff1c616038 R14: 00007eff1c615fa0 R15: 00007ffd2a97b6c8 [ 323.030704][T10935] [ 323.030711][T10935] ERROR: Out of memory at tomoyo_realpath_from_path. [ 324.436739][T10974] FAULT_INJECTION: forcing a failure. [ 324.436739][T10974] name failslab, interval 1, probability 0, space 0, times 0 [ 324.682733][T10974] CPU: 0 UID: 0 PID: 10974 Comm: syz.2.1163 Tainted: G I syzkaller #0 PREEMPT(full) [ 324.682759][T10974] Tainted: [I]=FIRMWARE_WORKAROUND [ 324.682764][T10974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 324.682772][T10974] Call Trace: [ 324.682777][T10974] [ 324.682783][T10974] dump_stack_lvl+0x100/0x190 [ 324.682810][T10974] should_fail_ex.cold+0x5/0xa [ 324.682828][T10974] should_failslab+0xc2/0x120 [ 324.682845][T10974] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 324.682868][T10974] ? alloc_empty_file+0x55/0x1c0 [ 324.682887][T10974] ? __pfx_stack_trace_save+0x10/0x10 [ 324.682905][T10974] alloc_empty_file+0x55/0x1c0 [ 324.682924][T10974] path_openat+0xe8/0x31a0 [ 324.682938][T10974] ? kasan_save_stack+0x3f/0x50 [ 324.682958][T10974] ? kasan_save_stack+0x30/0x50 [ 324.682970][T10974] ? kasan_save_track+0x14/0x30 [ 324.682982][T10974] ? __kasan_slab_alloc+0x89/0x90 [ 324.682996][T10974] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 324.683017][T10974] ? do_getname+0x35/0x390 [ 324.683034][T10974] ? do_sys_openat2+0xc5/0x1e0 [ 324.683054][T10974] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.683071][T10974] ? __pfx_path_openat+0x10/0x10 [ 324.683093][T10974] do_file_open+0x20e/0x430 [ 324.683110][T10974] ? __pfx_do_file_open+0x10/0x10 [ 324.683138][T10974] ? alloc_fd+0x476/0x790 [ 324.683156][T10974] ? do_getname+0x191/0x390 [ 324.683176][T10974] do_sys_openat2+0x10d/0x1e0 [ 324.683196][T10974] ? __pfx_do_sys_openat2+0x10/0x10 [ 324.683214][T10974] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 324.683234][T10974] ? __fget_files+0x21f/0x3d0 [ 324.683251][T10974] __x64_sys_openat+0x12d/0x210 [ 324.683271][T10974] ? __pfx___x64_sys_openat+0x10/0x10 [ 324.683290][T10974] ? ksys_write+0x1ac/0x250 [ 324.683310][T10974] do_syscall_64+0x106/0xf80 [ 324.683326][T10974] ? clear_bhb_loop+0x40/0x90 [ 324.683343][T10974] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 324.683359][T10974] RIP: 0033:0x7f8b0979c819 [ 324.683371][T10974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 324.683385][T10974] RSP: 002b:00007f8b0a6de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 324.683399][T10974] RAX: ffffffffffffffda RBX: 00007f8b09a15fa0 RCX: 00007f8b0979c819 [ 324.683409][T10974] RDX: 0000000000008000 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 324.683418][T10974] RBP: 00007f8b0a6de090 R08: 0000000000000000 R09: 0000000000000000 [ 324.683426][T10974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 324.683434][T10974] R13: 00007f8b09a16038 R14: 00007f8b09a15fa0 R15: 00007ffd7ef8ad18 [ 324.683453][T10974] [ 325.308862][ T30] audit: type=1800 audit(1775916212.533:35): pid=10984 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1166" name="dbroot" dev="configfs" ino=32907 res=0 errno=0 [ 327.281833][ T30] audit: type=1800 audit(1775916214.573:36): pid=11044 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1179" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 327.361543][T11043] FAULT_INJECTION: forcing a failure. [ 327.361543][T11043] name fail_futex, interval 1, probability 0, space 0, times 0 [ 327.457520][T11043] CPU: 0 UID: 8 PID: 11043 Comm: syz.0.1180 Tainted: G I syzkaller #0 PREEMPT(full) [ 327.457548][T11043] Tainted: [I]=FIRMWARE_WORKAROUND [ 327.457554][T11043] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 327.457562][T11043] Call Trace: [ 327.457568][T11043] [ 327.457574][T11043] dump_stack_lvl+0x100/0x190 [ 327.457603][T11043] should_fail_ex.cold+0x5/0xa [ 327.457619][T11043] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 327.457637][T11043] get_futex_key+0x1d2/0x1620 [ 327.457658][T11043] ? __pfx_get_futex_key+0x10/0x10 [ 327.457684][T11043] ? kasan_save_stack+0x3f/0x50 [ 327.457697][T11043] ? kasan_save_stack+0x30/0x50 [ 327.457709][T11043] ? kasan_record_aux_stack+0xa7/0xc0 [ 327.457729][T11043] ? __call_rcu_common.constprop.0+0xa5/0x9b0 [ 327.457749][T11043] ? __put_cred+0x10c/0x180 [ 327.457769][T11043] ? keyctl_session_to_parent+0x95a/0xae0 [ 327.457786][T11043] ? __do_sys_keyctl+0x2b1/0x5a0 [ 327.457800][T11043] ? do_syscall_64+0x106/0xf80 [ 327.457815][T11043] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.457833][T11043] futex_wake+0xea/0x530 [ 327.457856][T11043] ? __pfx_futex_wake+0x10/0x10 [ 327.457885][T11043] do_futex+0x32b/0x350 [ 327.457905][T11043] ? __pfx_do_futex+0x10/0x10 [ 327.457928][T11043] __x64_sys_futex+0x34f/0x4d0 [ 327.457949][T11043] ? __pfx___x64_sys_futex+0x10/0x10 [ 327.457968][T11043] ? __put_cred+0x111/0x180 [ 327.457988][T11043] ? keyctl_session_to_parent+0x39a/0xae0 [ 327.458010][T11043] do_syscall_64+0x106/0xf80 [ 327.458025][T11043] ? clear_bhb_loop+0x40/0x90 [ 327.458042][T11043] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.458057][T11043] RIP: 0033:0x7f64e2d9c819 [ 327.458069][T11043] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 327.458083][T11043] RSP: 002b:00007f64e3ce80e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 327.458097][T11043] RAX: ffffffffffffffda RBX: 00007f64e3015fa8 RCX: 00007f64e2d9c819 [ 327.458107][T11043] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f64e3015fac [ 327.458116][T11043] RBP: 00007f64e3015fa0 R08: 0000000000000000 R09: 0000000000000000 [ 327.458124][T11043] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 327.458133][T11043] R13: 00007f64e3016038 R14: 00007fffb314d1b0 R15: 00007fffb314d298 [ 327.458152][T11043] [ 328.236060][T11055] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1182'. [ 328.255771][T11056] FAULT_INJECTION: forcing a failure. [ 328.255771][T11056] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 328.335375][T11056] CPU: 0 UID: 0 PID: 11056 Comm: syz.0.1181 Tainted: G I syzkaller #0 PREEMPT(full) [ 328.335402][T11056] Tainted: [I]=FIRMWARE_WORKAROUND [ 328.335408][T11056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 328.335416][T11056] Call Trace: [ 328.335422][T11056] [ 328.335428][T11056] dump_stack_lvl+0x100/0x190 [ 328.335455][T11056] should_fail_ex.cold+0x5/0xa [ 328.335473][T11056] _copy_from_iter+0x1f4/0x1690 [ 328.335498][T11056] ? __pfx__copy_from_iter+0x10/0x10 [ 328.335516][T11056] ? trace_kmalloc+0x101/0x130 [ 328.335532][T11056] ? __kasan_kmalloc+0xaa/0xb0 [ 328.335546][T11056] ? __kvmalloc_node_noprof+0x37b/0xa00 [ 328.335568][T11056] ? proc_sys_call_handler+0x2c7/0x5a0 [ 328.335588][T11056] proc_sys_call_handler+0x3ed/0x5a0 [ 328.335604][T11056] ? __pfx_proc_sys_call_handler+0x10/0x10 [ 328.335624][T11056] vfs_write+0x6ac/0x1070 [ 328.335639][T11056] ? __pfx_proc_sys_write+0x10/0x10 [ 328.335655][T11056] ? __pfx_vfs_write+0x10/0x10 [ 328.335680][T11056] ksys_write+0x12a/0x250 [ 328.335695][T11056] ? __pfx_ksys_write+0x10/0x10 [ 328.335714][T11056] do_syscall_64+0x106/0xf80 [ 328.335730][T11056] ? clear_bhb_loop+0x40/0x90 [ 328.335748][T11056] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 328.335762][T11056] RIP: 0033:0x7f64e2d9c819 [ 328.335775][T11056] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 328.335789][T11056] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 328.335804][T11056] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 328.335813][T11056] RDX: 0000000000000008 RSI: 0000200000000180 RDI: 0000000000000003 [ 328.335821][T11056] RBP: 00007f64e3ce8090 R08: 0000000000000000 R09: 0000000000000000 [ 328.335830][T11056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 328.335838][T11056] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 328.335857][T11056] [ 329.095183][T11070] FAULT_INJECTION: forcing a failure. [ 329.095183][T11070] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 329.147033][T11070] CPU: 0 UID: 0 PID: 11070 Comm: syz.1.1187 Tainted: G I syzkaller #0 PREEMPT(full) [ 329.147059][T11070] Tainted: [I]=FIRMWARE_WORKAROUND [ 329.147064][T11070] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 329.147073][T11070] Call Trace: [ 329.147086][T11070] [ 329.147092][T11070] dump_stack_lvl+0x100/0x190 [ 329.147119][T11070] should_fail_ex.cold+0x5/0xa [ 329.147134][T11070] ? prepare_alloc_pages+0x16d/0x5f0 [ 329.147154][T11070] should_fail_alloc_page+0xeb/0x140 [ 329.147176][T11070] prepare_alloc_pages+0x1f0/0x5f0 [ 329.147196][T11070] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 329.147221][T11070] ? __pfx_stack_trace_save+0x10/0x10 [ 329.147241][T11070] ? stack_depot_save_flags+0x27/0x9d0 [ 329.147262][T11070] ? kasan_save_stack+0x3f/0x50 [ 329.147276][T11070] ? kasan_save_stack+0x30/0x50 [ 329.147289][T11070] ? kasan_save_track+0x14/0x30 [ 329.147305][T11070] ? kasan_save_stack+0x30/0x50 [ 329.147321][T11070] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 329.147345][T11070] ? look_up_lock_class+0x55/0x120 [ 329.147362][T11070] ? register_lock_class+0x40/0x560 [ 329.147382][T11070] ? __lock_acquire+0x4a5/0x2630 [ 329.147406][T11070] ? __lock_acquire+0x4a5/0x2630 [ 329.147428][T11070] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 329.147445][T11070] ? policy_nodemask+0xed/0x4f0 [ 329.147470][T11070] alloc_pages_mpol+0x1fb/0x550 [ 329.147488][T11070] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 329.147504][T11070] ? __anon_vma_prepare+0x2db/0x5e0 [ 329.147525][T11070] ? __anon_vma_prepare+0x2db/0x5e0 [ 329.147548][T11070] folio_alloc_mpol_noprof+0x36/0x340 [ 329.147569][T11070] vma_alloc_folio_noprof+0xed/0x1d0 [ 329.147588][T11070] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 329.147607][T11070] ? __anon_vma_prepare+0x2e2/0x5e0 [ 329.147632][T11070] do_anonymous_page+0xb3a/0x1fb0 [ 329.147658][T11070] ? __pmd_alloc+0x3fb/0x950 [ 329.147677][T11070] __handle_mm_fault+0x1d48/0x2b60 [ 329.147701][T11070] ? mt_find+0x45e/0x8e0 [ 329.147719][T11070] ? __pfx___handle_mm_fault+0x10/0x10 [ 329.147739][T11070] ? __pfx_mt_find+0x10/0x10 [ 329.147754][T11070] ? rcu_read_unlock+0x2d/0xb0 [ 329.147791][T11070] handle_mm_fault+0x36d/0xa20 [ 329.147815][T11070] __get_user_pages+0xf9c/0x34d0 [ 329.147838][T11070] ? find_held_lock+0x2b/0x80 [ 329.147852][T11070] ? mtree_load+0x311/0xa40 [ 329.147867][T11070] ? __pfx___get_user_pages+0x10/0x10 [ 329.147890][T11070] get_user_pages_remote+0x3d2/0xb10 [ 329.147908][T11070] ? mas_new_root+0x690/0x6e0 [ 329.147926][T11070] ? __pfx_get_user_pages_remote+0x10/0x10 [ 329.147951][T11070] __access_remote_vm+0x3ba/0xa70 [ 329.147971][T11070] ? __pfx___access_remote_vm+0x10/0x10 [ 329.147987][T11070] ? rep_movs_alternative+0x4a/0x90 [ 329.148011][T11070] mem_rw+0x20a/0x640 [ 329.148031][T11070] vfs_write+0x2aa/0x1070 [ 329.148047][T11070] ? __pfx_mem_write+0x10/0x10 [ 329.148065][T11070] ? __pfx_vfs_write+0x10/0x10 [ 329.148078][T11070] ? __fget_files+0x215/0x3d0 [ 329.148098][T11070] ? __fget_files+0x21f/0x3d0 [ 329.148117][T11070] ksys_write+0x12a/0x250 [ 329.148132][T11070] ? __pfx_ksys_write+0x10/0x10 [ 329.148152][T11070] do_syscall_64+0x106/0xf80 [ 329.148168][T11070] ? clear_bhb_loop+0x40/0x90 [ 329.148186][T11070] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.148201][T11070] RIP: 0033:0x7f3c6879c819 [ 329.148214][T11070] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 329.148228][T11070] RSP: 002b:00007f3c6959d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 329.148243][T11070] RAX: ffffffffffffffda RBX: 00007f3c68a15fa0 RCX: 00007f3c6879c819 [ 329.148252][T11070] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000005 [ 329.148262][T11070] RBP: 00007f3c6959d090 R08: 0000000000000000 R09: 0000000000000000 [ 329.148270][T11070] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.148279][T11070] R13: 00007f3c68a16038 R14: 00007f3c68a15fa0 R15: 00007ffc917969b8 [ 329.148298][T11070] [ 330.265412][T11079] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.0.1189: bg 1: bad block bitmap checksum [ 330.294038][T11079] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6685: Filesystem failed CRC [ 330.336407][T11079] random: crng reseeded on system resumption [ 330.681467][T11074] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1188'. [ 331.035564][T11100] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1194'. [ 331.069719][ T30] audit: type=1800 audit(1775916218.363:37): pid=11102 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1195" name="dbroot" dev="configfs" ino=33521 res=0 errno=0 [ 331.442117][T11108] netlink: 306 bytes leftover after parsing attributes in process `syz.2.1197'. [ 332.590209][T11136] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1204'. [ 334.388633][ T30] audit: type=1800 audit(1775916221.683:38): pid=11181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1216" name="dbroot" dev="configfs" ino=34128 res=0 errno=0 [ 334.714762][T11190] FAULT_INJECTION: forcing a failure. [ 334.714762][T11190] name fail_futex, interval 1, probability 0, space 0, times 0 [ 334.761580][T11190] CPU: 0 UID: 0 PID: 11190 Comm: syz.2.1219 Tainted: G I syzkaller #0 PREEMPT(full) [ 334.761606][T11190] Tainted: [I]=FIRMWARE_WORKAROUND [ 334.761612][T11190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 334.761621][T11190] Call Trace: [ 334.761627][T11190] [ 334.761632][T11190] dump_stack_lvl+0x100/0x190 [ 334.761659][T11190] should_fail_ex.cold+0x5/0xa [ 334.761678][T11190] get_futex_key+0x1d2/0x1620 [ 334.761699][T11190] ? __pfx_get_futex_key+0x10/0x10 [ 334.761723][T11190] futex_wake+0xea/0x530 [ 334.761747][T11190] ? __pfx_futex_wake+0x10/0x10 [ 334.761773][T11190] ? __call_rcu_common.constprop.0+0x3f0/0x9b0 [ 334.761800][T11190] do_futex+0x32b/0x350 [ 334.761821][T11190] ? __pfx_do_futex+0x10/0x10 [ 334.761840][T11190] ? __pfx___might_resched+0x10/0x10 [ 334.761862][T11190] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 334.761888][T11190] __x64_sys_futex+0x34f/0x4d0 [ 334.761918][T11190] ? __pfx___x64_sys_futex+0x10/0x10 [ 334.761946][T11190] do_syscall_64+0x106/0xf80 [ 334.761962][T11190] ? clear_bhb_loop+0x40/0x90 [ 334.761979][T11190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 334.761995][T11190] RIP: 0033:0x7f8b0979c819 [ 334.762008][T11190] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 334.762022][T11190] RSP: 002b:00007f8b0a6de0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 334.762036][T11190] RAX: ffffffffffffffda RBX: 00007f8b09a15fa8 RCX: 00007f8b0979c819 [ 334.762046][T11190] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f8b09a15fac [ 334.762055][T11190] RBP: 00007f8b09a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 334.762063][T11190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 334.762071][T11190] R13: 00007f8b09a16038 R14: 00007ffd7ef8ac30 R15: 00007ffd7ef8ad18 [ 334.762090][T11190] [ 335.198763][ T30] audit: type=1800 audit(1775916222.403:39): pid=11197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1220" name="dbroot" dev="configfs" ino=34189 res=0 errno=0 [ 335.494672][T11207] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1224'. [ 337.148597][T11243] FAULT_INJECTION: forcing a failure. [ 337.148597][T11243] name failslab, interval 1, probability 0, space 0, times 0 [ 337.264796][T11243] CPU: 0 UID: 0 PID: 11243 Comm: syz.0.1230 Tainted: G I syzkaller #0 PREEMPT(full) [ 337.264821][T11243] Tainted: [I]=FIRMWARE_WORKAROUND [ 337.264827][T11243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 337.264836][T11243] Call Trace: [ 337.264841][T11243] [ 337.264847][T11243] dump_stack_lvl+0x100/0x190 [ 337.264874][T11243] should_fail_ex.cold+0x5/0xa [ 337.264891][T11243] ? tomoyo_realpath_from_path+0xb6/0x690 [ 337.264913][T11243] should_failslab+0xc2/0x120 [ 337.264930][T11243] __kmalloc_noprof+0xe0/0x850 [ 337.264957][T11243] tomoyo_realpath_from_path+0xb6/0x690 [ 337.264986][T11243] tomoyo_path_number_perm+0x23c/0x580 [ 337.265003][T11243] ? tomoyo_path_number_perm+0x22e/0x580 [ 337.265023][T11243] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 337.265058][T11243] ? find_held_lock+0x2b/0x80 [ 337.265073][T11243] ? __fget_files+0x215/0x3d0 [ 337.265086][T11243] ? hook_file_ioctl_common+0x146/0x410 [ 337.265109][T11243] ? __fget_files+0x21f/0x3d0 [ 337.265126][T11243] security_file_ioctl+0xd3/0x230 [ 337.265146][T11243] __x64_sys_ioctl+0xb7/0x210 [ 337.265170][T11243] do_syscall_64+0x106/0xf80 [ 337.265185][T11243] ? clear_bhb_loop+0x40/0x90 [ 337.265203][T11243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 337.265218][T11243] RIP: 0033:0x7f64e2d9c819 [ 337.265231][T11243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 337.265244][T11243] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 337.265258][T11243] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 337.265268][T11243] RDX: 0000000000000000 RSI: 0000000000005409 RDI: 0000000000000005 [ 337.265276][T11243] RBP: 00007f64e3ce8090 R08: 0000000000000000 R09: 0000000000000000 [ 337.265284][T11243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 337.265292][T11243] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 337.265311][T11243] [ 337.509648][ T30] audit: type=1800 audit(1775916224.783:40): pid=11248 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1231" name="dbroot" dev="configfs" ino=34437 res=0 errno=0 [ 337.576867][T11250] bridge0: port 3(veth0_to_bridge) entered blocking state [ 337.584060][T11250] bridge0: port 3(veth0_to_bridge) entered disabled state [ 337.591346][T11250] veth0_to_bridge: entered allmulticast mode [ 337.598416][T11250] veth0_to_bridge: entered promiscuous mode [ 337.604454][T11250] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0) [ 337.618077][T11250] bridge0: port 3(veth0_to_bridge) entered blocking state [ 337.625300][T11250] bridge0: port 3(veth0_to_bridge) entered forwarding state [ 337.750147][T11254] random: crng reseeded on system resumption [ 338.233979][T11266] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 338.321933][T11266] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 338.343087][T11243] ERROR: Out of memory at tomoyo_realpath_from_path. [ 338.602412][T11266] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 338.729928][T11266] page_type: f5(slab) [ 338.779797][T11266] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 338.868368][T11266] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 338.984796][T11266] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 339.081882][T11266] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 339.171564][T11266] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 339.254231][T11266] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 339.270642][T11288] FAULT_INJECTION: forcing a failure. [ 339.270642][T11288] name failslab, interval 1, probability 0, space 0, times 0 [ 339.327667][T11288] CPU: 0 UID: 0 PID: 11288 Comm: syz.2.1239 Tainted: G I syzkaller #0 PREEMPT(full) [ 339.327695][T11288] Tainted: [I]=FIRMWARE_WORKAROUND [ 339.327700][T11288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 339.327709][T11288] Call Trace: [ 339.327714][T11288] [ 339.327720][T11288] dump_stack_lvl+0x100/0x190 [ 339.327747][T11288] should_fail_ex.cold+0x5/0xa [ 339.327765][T11288] ? event_inject_write+0x368/0x2190 [ 339.327789][T11288] should_failslab+0xc2/0x120 [ 339.327805][T11288] __kmalloc_noprof+0xe0/0x850 [ 339.327832][T11288] event_inject_write+0x368/0x2190 [ 339.327853][T11288] ? __pfx_aa_file_perm+0x10/0x10 [ 339.327880][T11288] ? __pfx_event_inject_write+0x10/0x10 [ 339.327899][T11288] ? __pfx___might_resched+0x10/0x10 [ 339.327921][T11288] ? lock_acquire+0x1cf/0x380 [ 339.327953][T11288] vfs_write+0x2aa/0x1070 [ 339.327968][T11288] ? __pfx_event_inject_write+0x10/0x10 [ 339.327989][T11288] ? __pfx_vfs_write+0x10/0x10 [ 339.328003][T11288] ? __fget_files+0x215/0x3d0 [ 339.328022][T11288] ? __fget_files+0x21f/0x3d0 [ 339.328042][T11288] ksys_write+0x12a/0x250 [ 339.328056][T11288] ? __pfx_ksys_write+0x10/0x10 [ 339.328075][T11288] do_syscall_64+0x106/0xf80 [ 339.328091][T11288] ? clear_bhb_loop+0x40/0x90 [ 339.328109][T11288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.328123][T11288] RIP: 0033:0x7f8b0979c819 [ 339.328136][T11288] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 339.328149][T11288] RSP: 002b:00007f8b0a6de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 339.328164][T11288] RAX: ffffffffffffffda RBX: 00007f8b09a15fa0 RCX: 00007f8b0979c819 [ 339.328173][T11288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 339.328182][T11288] RBP: 00007f8b0a6de090 R08: 0000000000000000 R09: 0000000000000000 [ 339.328190][T11288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 339.328198][T11288] R13: 00007f8b09a16038 R14: 00007f8b09a15fa0 R15: 00007ffd7ef8ad18 [ 339.328217][T11288] [ 339.797848][T11295] netlink: 'syz.1.1242': attribute type 2 has an invalid length. [ 339.819349][T11295] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1242'. [ 339.946530][T11300] block2mtd: error: cannot open device /sys/module/block2mtd/parameters/block2mtd [ 340.221659][T11266] page dumped because: unmovable page [ 340.243764][T11266] page_owner tracks the page as allocated [ 340.270433][T11266] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5208, tgid 5208 (udevadm), ts 30103550708, free_ts 23876321943 [ 340.377962][T11266] post_alloc_hook+0x153/0x170 [ 340.395137][T11266] get_page_from_freelist+0x111d/0x3140 [ 340.414540][T11266] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 340.431378][T11266] new_slab+0xa6/0x6b0 [ 340.445288][T11266] refill_objects+0x26b/0x400 [ 340.461318][T11266] __pcs_replace_empty_main+0x1ab/0x660 [ 340.479005][T11266] kmem_cache_alloc_lru_noprof+0x485/0x6e0 [ 340.495018][T11266] alloc_inode+0x183/0x250 [ 340.503820][T11266] iget_locked+0x1d9/0x6d0 [ 340.513766][T11266] kernfs_get_inode+0x46/0x470 [ 340.524045][T11266] kernfs_iop_lookup+0x1a7/0x2d0 [ 340.534493][T11266] __lookup_slow+0x251/0x460 [ 340.552672][T11266] lookup_slow+0x50/0x70 [ 340.568105][T11266] link_path_walk+0x1377/0x1cc0 [ 340.582795][T11266] path_lookupat+0x74/0xc40 [ 340.600110][T11266] filename_lookup+0x202/0x590 [ 340.612758][T11266] page last free pid 1 tgid 1 stack trace: [ 340.627452][T11266] __free_frozen_pages+0x7e1/0x10d0 [ 340.640323][T11266] free_contig_range+0xde/0x1d0 [ 340.652189][T11266] destroy_args+0xa8/0x7a0 [ 340.662268][T11266] debug_vm_pgtable+0x1b66/0x34c0 [ 340.677594][T11266] do_one_initcall+0x11d/0x760 [ 340.687698][T11266] kernel_init_freeable+0x6e5/0x7a0 [ 340.703184][T11266] kernel_init+0x1f/0x1e0 [ 340.735095][T11266] ret_from_fork+0x754/0xd80 [ 340.739839][T11266] ret_from_fork_asm+0x1a/0x30 [ 340.949294][ T30] audit: type=1800 audit(1775916228.243:41): pid=11325 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1247" name="dbroot" dev="configfs" ino=34831 res=0 errno=0 [ 341.239161][T11337] FAULT_INJECTION: forcing a failure. [ 341.239161][T11337] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 341.265773][T11339] netlink: 338 bytes leftover after parsing attributes in process `syz.0.1252'. [ 341.331865][T11341] FAULT_INJECTION: forcing a failure. [ 341.331865][T11341] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 341.377226][T11337] CPU: 0 UID: 0 PID: 11337 Comm: syz.3.1251 Tainted: G I syzkaller #0 PREEMPT(full) [ 341.377250][T11337] Tainted: [I]=FIRMWARE_WORKAROUND [ 341.377256][T11337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 341.377265][T11337] Call Trace: [ 341.377270][T11337] [ 341.377283][T11337] dump_stack_lvl+0x100/0x190 [ 341.377312][T11337] should_fail_ex.cold+0x5/0xa [ 341.377330][T11337] _copy_from_user+0x2e/0xd0 [ 341.377351][T11337] mem_rw+0x1d2/0x640 [ 341.377370][T11337] vfs_write+0x2aa/0x1070 [ 341.377387][T11337] ? __pfx_mem_write+0x10/0x10 [ 341.377404][T11337] ? __pfx_vfs_write+0x10/0x10 [ 341.377418][T11337] ? __fget_files+0x215/0x3d0 [ 341.377437][T11337] ? __fget_files+0x21f/0x3d0 [ 341.377457][T11337] ksys_write+0x12a/0x250 [ 341.377471][T11337] ? __pfx_ksys_write+0x10/0x10 [ 341.377490][T11337] do_syscall_64+0x106/0xf80 [ 341.377507][T11337] ? clear_bhb_loop+0x40/0x90 [ 341.377525][T11337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.377539][T11337] RIP: 0033:0x7eff1c39c819 [ 341.377552][T11337] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 341.377566][T11337] RSP: 002b:00007eff1d276028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 341.377580][T11337] RAX: ffffffffffffffda RBX: 00007eff1c615fa0 RCX: 00007eff1c39c819 [ 341.377589][T11337] RDX: 00000000fffffc96 RSI: 0000200000001680 RDI: 0000000000000005 [ 341.377598][T11337] RBP: 00007eff1d276090 R08: 0000000000000000 R09: 0000000000000000 [ 341.377606][T11337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 341.377614][T11337] R13: 00007eff1c616038 R14: 00007eff1c615fa0 R15: 00007ffd2a97b6c8 [ 341.377633][T11337] [ 341.741199][T11341] CPU: 0 UID: 0 PID: 11341 Comm: syz.2.1253 Tainted: G I syzkaller #0 PREEMPT(full) [ 341.741226][T11341] Tainted: [I]=FIRMWARE_WORKAROUND [ 341.741231][T11341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 341.741240][T11341] Call Trace: [ 341.741246][T11341] [ 341.741258][T11341] dump_stack_lvl+0x100/0x190 [ 341.741286][T11341] should_fail_ex.cold+0x5/0xa [ 341.741308][T11341] _copy_to_user+0x32/0xd0 [ 341.741329][T11341] simple_read_from_buffer+0xcb/0x170 [ 341.741354][T11341] proc_fail_nth_read+0x1af/0x230 [ 341.741375][T11341] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 341.741395][T11341] ? rw_verify_area+0xce/0x6d0 [ 341.741416][T11341] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 341.741435][T11341] vfs_read+0x1e4/0xb30 [ 341.741452][T11341] ? __pfx_vfs_read+0x10/0x10 [ 341.741466][T11341] ? __fget_files+0x215/0x3d0 [ 341.741484][T11341] ? __fget_files+0x21f/0x3d0 [ 341.741503][T11341] ksys_read+0x12a/0x250 [ 341.741517][T11341] ? __pfx_ksys_read+0x10/0x10 [ 341.741536][T11341] do_syscall_64+0x106/0xf80 [ 341.741552][T11341] ? clear_bhb_loop+0x40/0x90 [ 341.741570][T11341] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 341.741591][T11341] RIP: 0033:0x7f8b0975d04e [ 341.741604][T11341] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 341.741618][T11341] RSP: 002b:00007f8b0a6ddfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 341.741632][T11341] RAX: ffffffffffffffda RBX: 00007f8b0a6de6c0 RCX: 00007f8b0975d04e [ 341.741642][T11341] RDX: 000000000000000f RSI: 00007f8b0a6de0a0 RDI: 0000000000000004 [ 341.741650][T11341] RBP: 00007f8b0a6de090 R08: 0000000000000000 R09: 0000000000000000 [ 341.741659][T11341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 341.741667][T11341] R13: 00007f8b09a16038 R14: 00007f8b09a15fa0 R15: 00007ffd7ef8ad18 [ 341.741686][T11341] [ 342.517943][T11346] netlink: 'syz.3.1254': attribute type 27 has an invalid length. [ 342.601410][T11346] netlink: 'syz.3.1254': attribute type 28 has an invalid length. [ 342.656165][T11346] netlink: 'syz.3.1254': attribute type 29 has an invalid length. [ 342.715815][T11346] netlink: 'syz.3.1254': attribute type 30 has an invalid length. [ 342.774837][T11346] netlink: 'syz.3.1254': attribute type 31 has an invalid length. [ 342.803863][T11355] FAULT_INJECTION: forcing a failure. [ 342.803863][T11355] name failslab, interval 1, probability 0, space 0, times 0 [ 342.833383][T11355] CPU: 0 UID: 0 PID: 11355 Comm: syz.0.1257 Tainted: G I syzkaller #0 PREEMPT(full) [ 342.833411][T11355] Tainted: [I]=FIRMWARE_WORKAROUND [ 342.833417][T11355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 342.833427][T11355] Call Trace: [ 342.833432][T11355] [ 342.833438][T11355] dump_stack_lvl+0x100/0x190 [ 342.833466][T11355] should_fail_ex.cold+0x5/0xa [ 342.833486][T11355] should_failslab+0xc2/0x120 [ 342.833503][T11355] __kmalloc_cache_noprof+0x7a/0x6f0 [ 342.833523][T11355] ? trace_pid_list_alloc+0x2fe/0x480 [ 342.833549][T11355] trace_pid_list_alloc+0x2fe/0x480 [ 342.833574][T11355] trace_pid_write+0x110/0x460 [ 342.833597][T11355] ? __pfx_trace_pid_write+0x10/0x10 [ 342.833631][T11355] event_pid_write.isra.0+0x1e4/0x800 [ 342.833648][T11355] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 342.833668][T11355] vfs_write+0x2aa/0x1070 [ 342.833684][T11355] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 342.833700][T11355] ? __pfx_vfs_write+0x10/0x10 [ 342.833715][T11355] ? __fget_files+0x215/0x3d0 [ 342.833733][T11355] ? __fget_files+0x21f/0x3d0 [ 342.833753][T11355] ksys_write+0x12a/0x250 [ 342.833767][T11355] ? __pfx_ksys_write+0x10/0x10 [ 342.833787][T11355] do_syscall_64+0x106/0xf80 [ 342.833802][T11355] ? clear_bhb_loop+0x40/0x90 [ 342.833820][T11355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 342.833835][T11355] RIP: 0033:0x7f64e2d9c819 [ 342.833849][T11355] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 342.833863][T11355] RSP: 002b:00007f64e3ce8028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 342.833877][T11355] RAX: ffffffffffffffda RBX: 00007f64e3015fa0 RCX: 00007f64e2d9c819 [ 342.833886][T11355] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 342.833895][T11355] RBP: 00007f64e2e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 342.833903][T11355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 342.833911][T11355] R13: 00007f64e3016038 R14: 00007f64e3015fa0 R15: 00007fffb314d298 [ 342.833930][T11355] [ 343.262079][T11346] netlink: 'syz.3.1254': attribute type 32 has an invalid length. [ 343.275038][T11346] netlink: 'syz.3.1254': attribute type 33 has an invalid length. [ 343.293022][T11346] netlink: 'syz.3.1254': attribute type 35 has an invalid length. [ 343.305012][T11346] netlink: 'syz.3.1254': attribute type 37 has an invalid length. [ 343.312825][T11346] netlink: 18 bytes leftover after parsing attributes in process `syz.3.1254'. [ 343.403713][T11349] netlink: 18 bytes leftover after parsing attributes in process `syz.3.1254'. [ 343.424951][ T30] audit: type=1800 audit(1775916230.673:42): pid=11363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1258" name="dbroot" dev="configfs" ino=35030 res=0 errno=0 [ 343.718480][T11372] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1261'. [ 343.740543][T11368] netlink: 306 bytes leftover after parsing attributes in process `syz.3.1260'. [ 343.821084][T11358] FAULT_INJECTION: forcing a failure. [ 343.821084][T11358] name failslab, interval 1, probability 0, space 0, times 0 [ 344.027407][T11358] CPU: 0 UID: 0 PID: 11358 Comm: syz.0.1257 Tainted: G I syzkaller #0 PREEMPT(full) [ 344.027435][T11358] Tainted: [I]=FIRMWARE_WORKAROUND [ 344.027441][T11358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 344.027451][T11358] Call Trace: [ 344.027457][T11358] [ 344.027462][T11358] dump_stack_lvl+0x100/0x190 [ 344.027490][T11358] should_fail_ex.cold+0x5/0xa [ 344.027509][T11358] should_failslab+0xc2/0x120 [ 344.027526][T11358] __kmalloc_cache_noprof+0x7a/0x6f0 [ 344.027546][T11358] ? __request_module+0x2b7/0x6c0 [ 344.027566][T11358] ? lockdep_hardirqs_on+0x78/0x100 [ 344.027584][T11358] __request_module+0x2b7/0x6c0 [ 344.027606][T11358] ? __pfx___request_module+0x10/0x10 [ 344.027632][T11358] ? __wake_up+0x3f/0x60 [ 344.027648][T11358] ? rcu_is_watching+0x12/0xc0 [ 344.027671][T11358] ? lockdep_hardirqs_on+0x78/0x100 [ 344.027694][T11358] netlink_create+0x450/0x610 [ 344.027713][T11358] __sock_create+0x339/0x860 [ 344.027736][T11358] __sys_socket+0x14d/0x260 [ 344.027756][T11358] ? __pfx___sys_socket+0x10/0x10 [ 344.027780][T11358] __x64_sys_socket+0x72/0xb0 [ 344.027799][T11358] ? lockdep_hardirqs_on+0x78/0x100 [ 344.027814][T11358] do_syscall_64+0x106/0xf80 [ 344.027829][T11358] ? clear_bhb_loop+0x40/0x90 [ 344.027847][T11358] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 344.027862][T11358] RIP: 0033:0x7f64e2d9c819 [ 344.027875][T11358] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 344.027891][T11358] RSP: 002b:00007f64e3cc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 344.027905][T11358] RAX: ffffffffffffffda RBX: 00007f64e3016090 RCX: 00007f64e2d9c819 [ 344.027915][T11358] RDX: 000000000000001f RSI: 0000000000000003 RDI: 0000000000000010 [ 344.027924][T11358] RBP: 00007f64e2e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 344.027932][T11358] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 344.027941][T11358] R13: 00007f64e3016128 R14: 00007f64e3016090 R15: 00007fffb314d298 [ 344.027961][T11358] [ 344.250709][T11381] netlink: 338 bytes leftover after parsing attributes in process `syz.2.1264'. [ 344.953992][ T30] audit: type=1800 audit(1775916232.243:43): pid=11398 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1267" name="dbroot" dev="configfs" ino=35249 res=0 errno=0 [ 345.120038][T11379] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1263'. [ 345.161060][T11404] validate_nla: 9 callbacks suppressed [ 345.161074][T11404] netlink: 'syz.0.1271': attribute type 5 has an invalid length. [ 345.177190][T11379] random: crng reseeded on system resumption [ 345.235770][T11404] netlink: 4158 bytes leftover after parsing attributes in process `syz.0.1271'. [ 346.793042][T11446] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 346.945100][T11446] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 347.138054][T11446] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 347.274951][T11446] page_type: f5(slab) [ 347.321271][T11460] Unable to find swap-space signature [ 347.343889][T11446] raw: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 347.485584][T11446] raw: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 347.639004][T11446] head: 00fff00000000040 ffff88801ce908c0 dead000000000100 dead000000000122 [ 347.729363][T11446] head: 0000000000000000 0000000800190019 00000000f5000000 0000000000000000 [ 347.837015][T11446] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 347.890870][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.903121][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.917018][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.929219][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.941480][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.953689][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.966002][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.978219][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 347.990439][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 348.002595][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.895113][ C0] net_ratelimit: 23365 callbacks suppressed [ 352.895129][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.913276][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.925559][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.937812][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.950011][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.962224][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.974437][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.986624][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 352.998789][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 353.010966][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.335020][ C0] sched: DL replenish lagged too much [ 357.905046][ C0] net_ratelimit: 23287 callbacks suppressed [ 357.905064][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.923193][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.935402][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.947575][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.959800][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.971991][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.984204][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 357.996399][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 358.008996][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 358.021208][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.915078][ C0] net_ratelimit: 22822 callbacks suppressed [ 362.915094][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.933247][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.945478][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.957692][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.969891][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.982065][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 362.994278][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 363.006466][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 363.018711][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 363.030910][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.925144][ C0] net_ratelimit: 23141 callbacks suppressed [ 367.925161][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.943308][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.955485][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.968005][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.980273][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 367.992490][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 368.004679][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 368.016941][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 368.029811][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 368.042071][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.935052][ C0] net_ratelimit: 23216 callbacks suppressed [ 372.935069][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.953217][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.965415][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.977638][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 372.989890][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.002105][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.014309][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.026543][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.038764][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 373.050968][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 377.945227][ C0] net_ratelimit: 23234 callbacks suppressed [ 377.945245][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 377.963415][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 377.975627][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 377.987840][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.000068][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.012295][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.024492][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.036713][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.048934][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.061274][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 378.746468][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 379.282048][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 382.955148][ C0] net_ratelimit: 23992 callbacks suppressed [ 382.955166][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 382.973283][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 382.985483][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 382.997669][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.009827][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.022005][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.034161][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.046389][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.058551][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 383.070756][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 387.965063][ C0] net_ratelimit: 23726 callbacks suppressed [ 387.965080][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 387.983274][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 387.995465][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.007674][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.019863][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.032062][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.044272][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.056470][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.068642][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 388.080858][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 392.975035][ C0] net_ratelimit: 23899 callbacks suppressed [ 392.975053][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 392.993188][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.005401][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.017570][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.029758][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.041944][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.054214][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.066499][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.078755][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 393.091039][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 397.985082][ C0] net_ratelimit: 24008 callbacks suppressed [ 397.985099][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.003179][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.015351][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.027496][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.039667][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.051842][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.064021][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.076175][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.088344][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 398.100525][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 402.995029][ C0] net_ratelimit: 23967 callbacks suppressed [ 402.995046][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.013196][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.025383][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.037574][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.049756][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.061936][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.074111][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.086320][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.098481][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 403.110660][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.005112][ C0] net_ratelimit: 23724 callbacks suppressed [ 408.005133][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.023242][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.035418][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.047677][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.059842][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.072032][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.084183][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.096388][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.108550][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 408.120726][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.015205][ C0] net_ratelimit: 24158 callbacks suppressed [ 413.015223][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.033354][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.045552][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.057771][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.070038][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.082267][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.094455][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.106664][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.118856][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 413.131062][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.025097][ C0] net_ratelimit: 24170 callbacks suppressed [ 418.025113][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.043262][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.055437][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.067620][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.079791][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.092016][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.104388][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.116610][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.128794][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 418.141040][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.034981][ C0] net_ratelimit: 23346 callbacks suppressed [ 423.034998][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.053165][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.065383][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.077588][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.089756][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.101947][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.114109][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.126281][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.138435][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 423.150629][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.045300][ C0] net_ratelimit: 24362 callbacks suppressed [ 428.045316][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.063475][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.075668][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.087856][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.100027][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.112222][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.124426][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.136637][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.148842][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 428.161027][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.054990][ C0] net_ratelimit: 23986 callbacks suppressed [ 433.055008][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.073131][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.085298][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.097500][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.109696][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.121955][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.134111][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.146285][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.158441][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 433.170635][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.065124][ C0] net_ratelimit: 23829 callbacks suppressed [ 438.065146][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.083270][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.095488][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.107699][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.119918][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.132102][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.144298][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.156513][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.168703][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 438.180917][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 440.935255][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 443.075109][ C0] net_ratelimit: 23675 callbacks suppressed [ 443.075126][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.093266][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.105423][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.117615][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.129801][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.142032][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.154206][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.166401][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.178569][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 443.190748][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 444.878938][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.085009][ C0] net_ratelimit: 23796 callbacks suppressed [ 448.085027][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.103163][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.115376][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.127562][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.139752][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.151964][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.164129][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.176401][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.188615][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 448.200825][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 452.894947][ C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks: [ 452.901918][ C0] rcu: Tasks blocked on level-0 rcu_node (CPUs 0-1): P11494/1:b..l [ 452.910221][ C0] rcu: (detected by 0, t=10502 jiffies, g=50533, q=1232 ncpus=1) [ 452.918013][ C0] task:syz.0.1285 state:R running task stack:26136 pid:11494 tgid:11467 ppid:5823 task_flags:0x400140 flags:0x00080000 [ 452.932002][ C0] Call Trace: [ 452.935272][ C0] [ 452.938191][ C0] __schedule+0xfee/0x6120 [ 452.942601][ C0] ? __lock_acquire+0x4a5/0x2630 [ 452.947525][ C0] ? __pfx___schedule+0x10/0x10 [ 452.952355][ C0] ? mark_held_locks+0x40/0x70 [ 452.957103][ C0] preempt_schedule_irq+0x50/0x90 [ 452.962108][ C0] irqentry_exit+0x17b/0x670 [ 452.966683][ C0] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 452.972647][ C0] RIP: 0010:stack_access_ok+0x53/0x1d0 [ 452.978105][ C0] Code: c0 74 08 3c 03 0f 8e 3f 01 00 00 8b 13 85 d2 74 65 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 08 48 89 fa 48 c1 ea 03 80 3c 02 00 <0f> 85 24 01 00 00 48 8d 7b 10 4c 8b 6b 08 48 b8 00 00 00 00 00 fc [ 452.997697][ C0] RSP: 0018:ffffc9000472ebf8 EFLAGS: 00000246 [ 453.003746][ C0] RAX: dffffc0000000000 RBX: ffffc9000472ece8 RCX: ffffffff9178864e [ 453.011699][ C0] RDX: 1ffff920008e5d9e RSI: ffffc9000472ecb8 RDI: ffffc9000472ecf0 [ 453.019651][ C0] RBP: ffffc9000472ecb8 R08: 0000000000000001 R09: 0000000000000007 [ 453.027603][ C0] R10: 0000000000000200 R11: 000000000000b7de R12: 0000000000000008 [ 453.035562][ C0] R13: ffffc9000472ece8 R14: ffffc9000472ece8 R15: ffffc9000472ed1c [ 453.043528][ C0] unwind_next_frame+0x14f0/0x1ea0 [ 453.048630][ C0] ? __unwind_start+0x2fb/0x7f0 [ 453.053463][ C0] __unwind_start+0x3d1/0x7f0 [ 453.058124][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 453.064259][ C0] arch_stack_walk+0x73/0xf0 [ 453.068833][ C0] ? arch_stack_walk+0x73/0xf0 [ 453.073580][ C0] stack_trace_save+0x8e/0xc0 [ 453.078238][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 453.083590][ C0] ? find_held_lock+0x2b/0x80 [ 453.088248][ C0] ? expand+0xae/0x490 [ 453.092300][ C0] ? expand+0xae/0x490 [ 453.096351][ C0] save_stack+0x162/0x1e0 [ 453.100663][ C0] ? __pfx_save_stack+0x10/0x10 [ 453.105508][ C0] __set_page_owner+0x8c/0x540 [ 453.110276][ C0] ? __pfx___set_page_owner+0x10/0x10 [ 453.115629][ C0] ? bad_range+0x261/0x400 [ 453.120029][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 453.125211][ C0] post_alloc_hook+0x153/0x170 [ 453.129967][ C0] get_page_from_freelist+0x111d/0x3140 [ 453.135507][ C0] ? __pfx___might_resched+0x10/0x10 [ 453.140782][ C0] ? prepare_alloc_pages+0x16d/0x5f0 [ 453.146056][ C0] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 453.151939][ C0] ? rcu_is_watching+0x12/0xc0 [ 453.156708][ C0] ? rcu_is_watching+0x12/0xc0 [ 453.161458][ C0] ? mod_memcg_lruvec_state+0x1a6/0x630 [ 453.167010][ C0] ? __mod_zone_page_state+0xe2/0x190 [ 453.172371][ C0] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 453.178690][ C0] ? lru_gen_add_folio+0x20f/0x13e0 [ 453.183875][ C0] ? folios_put_refs+0x66d/0x840 [ 453.188806][ C0] ? __pfx_folios_put_refs+0x10/0x10 [ 453.194098][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 453.199976][ C0] ? policy_nodemask+0xed/0x4f0 [ 453.204813][ C0] alloc_pages_mpol+0x1fb/0x550 [ 453.209650][ C0] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 453.215022][ C0] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 453.220899][ C0] ? __folio_batch_add_and_move+0x5e5/0xc60 [ 453.226779][ C0] folio_alloc_mpol_noprof+0x36/0x340 [ 453.232138][ C0] shmem_alloc_folio+0x135/0x160 [ 453.237063][ C0] shmem_alloc_and_add_folio+0x371/0xd40 [ 453.242691][ C0] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 453.248835][ C0] ? shmem_allowable_huge_orders+0x2bd/0x400 [ 453.254808][ C0] shmem_get_folio_gfp+0x6ab/0x1900 [ 453.260000][ C0] ? find_held_lock+0x2b/0x80 [ 453.264661][ C0] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 453.270306][ C0] ? ktime_get_coarse_real_ts64_mg+0x235/0x300 [ 453.276442][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 453.281639][ C0] shmem_fault+0x1f9/0xa20 [ 453.286044][ C0] ? __lock_acquire+0x4a5/0x2630 [ 453.290967][ C0] ? __pfx_shmem_fault+0x10/0x10 [ 453.295895][ C0] ? __up_read+0x2c5/0x700 [ 453.300304][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 453.305750][ C0] __do_fault+0x10d/0x550 [ 453.310062][ C0] ? __pfx_filemap_map_pages+0x10/0x10 [ 453.315506][ C0] do_fault+0x2db/0x18e0 [ 453.319739][ C0] __handle_mm_fault+0x1815/0x2b60 [ 453.324846][ C0] ? __pfx___handle_mm_fault+0x10/0x10 [ 453.330293][ C0] ? pte_offset_map_lock+0x174/0x320 [ 453.335563][ C0] ? find_held_lock+0x2b/0x80 [ 453.340250][ C0] ? follow_page_pte+0x5b3/0x1400 [ 453.345267][ C0] handle_mm_fault+0x36d/0xa20 [ 453.350021][ C0] __get_user_pages+0xf9c/0x34d0 [ 453.354954][ C0] ? down_read_killable+0x30e/0x4c0 [ 453.360137][ C0] ? __pfx___get_user_pages+0x10/0x10 [ 453.365499][ C0] faultin_page_range+0x1f1/0x9e0 [ 453.370514][ C0] madvise_do_behavior+0x354/0x510 [ 453.375616][ C0] ? __pfx_madvise_do_behavior+0x10/0x10 [ 453.381243][ C0] do_madvise+0x195/0x240 [ 453.385557][ C0] ? __pfx_do_madvise+0x10/0x10 [ 453.390392][ C0] ? do_futex+0x192/0x350 [ 453.394711][ C0] ? find_held_lock+0x2b/0x80 [ 453.399378][ C0] __x64_sys_madvise+0xa9/0x110 [ 453.404211][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 453.409391][ C0] do_syscall_64+0x106/0xf80 [ 453.413963][ C0] ? clear_bhb_loop+0x40/0x90 [ 453.418637][ C0] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.424512][ C0] RIP: 0033:0x7f64e2d9c819 [ 453.428910][ C0] RSP: 002b:00007f64e3ca6028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 453.437300][ C0] RAX: ffffffffffffffda RBX: 00007f64e3016180 RCX: 00007f64e2d9c819 [ 453.445252][ C0] RDX: 0000000000000017 RSI: ffffffffffff0005 RDI: 0000000000000000 [ 453.453215][ C0] RBP: 00007f64e2e32c91 R08: 0000000000000000 R09: 0000000000000000 [ 453.461166][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 453.469122][ C0] R13: 00007f64e3016218 R14: 00007f64e3016180 R15: 00007fffb314d298 [ 453.477087][ C0] [ 453.480100][ C0] rcu: rcu_preempt kthread starved for 802 jiffies! g50533 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0 [ 453.491118][ C0] rcu: Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior. [ 453.501063][ C0] rcu: RCU grace-period kthread stack dump: [ 453.506941][ C0] task:rcu_preempt state:R running task stack:27832 pid:16 tgid:16 ppid:2 task_flags:0x208040 flags:0x00080000 [ 453.520404][ C0] Call Trace: [ 453.523667][ C0] [ 453.526580][ C0] __schedule+0xfee/0x6120 [ 453.530981][ C0] ? __lock_acquire+0x4a5/0x2630 [ 453.535911][ C0] ? __pfx___schedule+0x10/0x10 [ 453.540740][ C0] ? find_held_lock+0x2b/0x80 [ 453.545398][ C0] ? schedule+0x2bf/0x390 [ 453.549711][ C0] schedule+0xdd/0x390 [ 453.553760][ C0] schedule_timeout+0x127/0x280 [ 453.558599][ C0] ? __pfx_schedule_timeout+0x10/0x10 [ 453.563960][ C0] ? __pfx_process_timeout+0x10/0x10 [ 453.569236][ C0] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 453.575023][ C0] ? prepare_to_swait_event+0xdf/0x4a0 [ 453.580472][ C0] rcu_gp_fqs_loop+0x1a9/0x900 [ 453.585226][ C0] ? __pfx_rcu_gp_fqs_loop+0x10/0x10 [ 453.590496][ C0] ? __pfx_rcu_gp_init+0x10/0x10 [ 453.595419][ C0] ? __pfx_rcu_gp_cleanup+0x10/0x10 [ 453.600597][ C0] ? rcu_is_watching+0x12/0xc0 [ 453.605349][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 453.611139][ C0] rcu_gp_kthread+0x179/0x230 [ 453.615818][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 453.621015][ C0] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 453.626816][ C0] ? __kthread_parkme+0x18c/0x230 [ 453.631834][ C0] ? kthread+0x13a/0x450 [ 453.636062][ C0] ? __pfx_rcu_gp_kthread+0x10/0x10 [ 453.641240][ C0] kthread+0x370/0x450 [ 453.645294][ C0] ? __pfx_kthread+0x10/0x10 [ 453.649869][ C0] ret_from_fork+0x754/0xd80 [ 453.654447][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 453.659559][ C0] ? __switch_to+0x7b4/0x1120 [ 453.664217][ C0] ? __pfx_kthread+0x10/0x10 [ 453.668792][ C0] ret_from_fork_asm+0x1a/0x30 [ 453.673550][ C0] [ 453.676565][ C0] rcu: Stack dump where RCU GP kthread last ran: [ 453.682874][ C0] CPU: 0 UID: 0 PID: 11473 Comm: kworker/u10:10 Tainted: G I syzkaller #0 PREEMPT(full) [ 453.694137][ C0] Tainted: [I]=FIRMWARE_WORKAROUND [ 453.699219][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 453.709264][ C0] Workqueue: bat_events batadv_tt_purge [ 453.714801][ C0] RIP: 0010:lock_release+0x19e/0x320 [ 453.720073][ C0] Code: ff 65 0f c1 05 4b d3 29 12 83 f8 01 0f 85 3d 01 00 00 9c 58 f6 c4 02 0f 85 28 01 00 00 41 f7 c6 00 02 00 00 0f 85 de 00 00 00 <48> 8b 44 24 10 65 48 2b 05 9d 8b 29 12 0f 85 63 01 00 00 48 83 c4 [ 453.739664][ C0] RSP: 0018:ffffc90000006ad0 EFLAGS: 00000206 [ 453.745710][ C0] RAX: 0000000000000046 RBX: ffffffff8e7e7760 RCX: ffffc90000006adc [ 453.753664][ C0] RDX: 0000000000000005 RSI: ffffffff8de5d9bf RDI: ffffffff8c1b1e20 [ 453.761614][ C0] RBP: ffffffff81b7c03e R08: 0000000000000001 R09: 0000000000000007 [ 453.769566][ C0] R10: 0000000000000200 R11: 00000000000932f8 R12: ffff88802f863d00 [ 453.777517][ C0] R13: ffffc90000006b88 R14: 0000000000000202 R15: 0000000000000006 [ 453.785472][ C0] FS: 0000000000000000(0000) GS:ffff888124340000(0000) knlGS:0000000000000000 [ 453.794403][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 453.800970][ C0] CR2: 00007f9658de7434 CR3: 000000000e598000 CR4: 00000000003526f0 [ 453.808937][ C0] Call Trace: [ 453.812198][ C0] [ 453.815027][ C0] unwind_next_frame+0x3c3/0x1ea0 [ 453.820037][ C0] ? nf_hook.constprop.0+0x2a6/0x750 [ 453.825308][ C0] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 453.831443][ C0] arch_stack_walk+0x94/0xf0 [ 453.836020][ C0] ? ipv6_rcv+0xa4/0x3d0 [ 453.840260][ C0] ? kfree_skbmem+0x19a/0x210 [ 453.844933][ C0] stack_trace_save+0x8e/0xc0 [ 453.849591][ C0] ? __pfx_stack_trace_save+0x10/0x10 [ 453.854943][ C0] ? __skb_ext_put+0x102/0x2f0 [ 453.859694][ C0] ? __lock_acquire+0x4a5/0x2630 [ 453.864617][ C0] ? sk_skb_reason_drop+0xc4/0x1b0 [ 453.869729][ C0] ? ip6_mc_input+0x832/0xf50 [ 453.874405][ C0] kasan_save_stack+0x30/0x50 [ 453.879070][ C0] ? kasan_save_stack+0x30/0x50 [ 453.883904][ C0] ? kasan_save_track+0x14/0x30 [ 453.888733][ C0] ? kasan_save_free_info+0x3b/0x70 [ 453.893914][ C0] ? __kasan_slab_free+0x5f/0x80 [ 453.898842][ C0] ? kmem_cache_free+0x124/0x6a0 [ 453.903765][ C0] ? kfree_skbmem+0x19a/0x210 [ 453.908436][ C0] ? sk_skb_reason_drop+0x10f/0x1b0 [ 453.913629][ C0] ? ip6_mc_input+0x832/0xf50 [ 453.918314][ C0] ? ip6_rcv_finish+0x294/0x300 [ 453.923151][ C0] ? ip_sabotage_in+0x21e/0x290 [ 453.927988][ C0] ? nf_hook_slow+0xbf/0x220 [ 453.932558][ C0] ? nf_hook.constprop.0+0x2a6/0x750 [ 453.937850][ C0] kasan_save_track+0x14/0x30 [ 453.942509][ C0] kasan_save_free_info+0x3b/0x70 [ 453.947523][ C0] __kasan_slab_free+0x5f/0x80 [ 453.952267][ C0] kmem_cache_free+0x124/0x6a0 [ 453.957029][ C0] ? skb_release_data+0x7a0/0x9d0 [ 453.962035][ C0] kfree_skbmem+0x19a/0x210 [ 453.966528][ C0] sk_skb_reason_drop+0x10f/0x1b0 [ 453.971545][ C0] ip6_mc_input+0x832/0xf50 [ 453.976036][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 453.981044][ C0] ? __netif_receive_skb_core.constprop.0+0xd4d/0x3550 [ 453.987881][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 453.992894][ C0] ip6_rcv_finish+0x294/0x300 [ 453.997568][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 454.002751][ C0] ip_sabotage_in+0x21e/0x290 [ 454.007420][ C0] nf_hook_slow+0xbf/0x220 [ 454.011820][ C0] nf_hook.constprop.0+0x2a6/0x750 [ 454.016917][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 454.022101][ C0] ? __pfx_nf_hook.constprop.0+0x10/0x10 [ 454.027740][ C0] ? __pfx_ip6_rcv_finish+0x10/0x10 [ 454.032926][ C0] ? __pfx_ipv6_rcv+0x10/0x10 [ 454.037589][ C0] ipv6_rcv+0xa4/0x3d0 [ 454.041642][ C0] ? __pfx_ipv6_rcv+0x10/0x10 [ 454.046301][ C0] __netif_receive_skb_one_core+0x12d/0x1e0 [ 454.052179][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 454.058584][ C0] ? get_rps_cpu+0x62f/0x1670 [ 454.063251][ C0] __netif_receive_skb+0x1f/0x120 [ 454.068262][ C0] netif_receive_skb+0x139/0x820 [ 454.073182][ C0] ? br_multicast_count+0x8d/0xbc0 [ 454.078282][ C0] ? __pfx_netif_receive_skb+0x10/0x10 [ 454.083731][ C0] ? br_netif_receive_skb+0xff/0x1f0 [ 454.089004][ C0] br_pass_frame_up+0x346/0x490 [ 454.093844][ C0] br_handle_frame_finish+0xa74/0x1f60 [ 454.099295][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 454.105192][ C0] ? __local_bh_enable_ip+0x9e/0x120 [ 454.110515][ C0] ? ip6t_do_table+0xc1d/0x1c90 [ 454.115356][ C0] ? __pfx_ip6t_do_table+0x10/0x10 [ 454.120453][ C0] ? nf_hook_slow+0x167/0x220 [ 454.125114][ C0] br_nf_hook_thresh+0x30d/0x420 [ 454.130047][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 454.135958][ C0] ? __pfx_br_nf_hook_thresh+0x10/0x10 [ 454.141413][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 454.147304][ C0] ? __pfx_nf_nat_ipv6_in+0x10/0x10 [ 454.152489][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 454.158370][ C0] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 454.164251][ C0] br_nf_pre_routing_finish_ipv6+0x769/0xfb0 [ 454.170214][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 454.176099][ C0] br_nf_pre_routing_ipv6+0x39c/0x8b0 [ 454.181461][ C0] ? __pfx_br_nf_pre_routing_ipv6+0x10/0x10 [ 454.187337][ C0] ? lock_acquire+0x1cf/0x380 [ 454.192002][ C0] ? __pfx_br_nf_pre_routing_finish_ipv6+0x10/0x10 [ 454.198487][ C0] ? net_generic+0xea/0x2a0 [ 454.202984][ C0] br_nf_pre_routing+0x90d/0x1550 [ 454.207993][ C0] br_handle_frame+0xcdd/0x1520 [ 454.212826][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 454.218105][ C0] ? __pfx_br_handle_frame_finish+0x10/0x10 [ 454.223994][ C0] ? __pfx_br_handle_frame+0x10/0x10 [ 454.229267][ C0] __netif_receive_skb_core.constprop.0+0x6c5/0x3550 [ 454.235929][ C0] ? mark_held_locks+0x40/0x70 [ 454.240687][ C0] ? kmem_cache_free+0x124/0x6a0 [ 454.245616][ C0] ? skb_release_data+0x7a0/0x9d0 [ 454.250621][ C0] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10 [ 454.257717][ C0] ? kfree_skbmem+0x19f/0x210 [ 454.262376][ C0] ? sk_skb_reason_drop+0x114/0x1b0 [ 454.267555][ C0] ? ip6_mc_input+0x51a/0xf50 [ 454.272219][ C0] ? __pfx_ip6_mc_input+0x10/0x10 [ 454.277231][ C0] ? __lock_acquire+0x4a5/0x2630 [ 454.282159][ C0] ? process_backlog+0x32a/0x1580 [ 454.287166][ C0] __netif_receive_skb_one_core+0xb0/0x1e0 [ 454.292961][ C0] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 454.299365][ C0] ? lock_acquire+0x1cf/0x380 [ 454.304029][ C0] ? process_backlog+0x32a/0x1580 [ 454.309040][ C0] ? process_backlog+0x32a/0x1580 [ 454.314054][ C0] __netif_receive_skb+0x1f/0x120 [ 454.319066][ C0] process_backlog+0x37a/0x1580 [ 454.323911][ C0] __napi_poll.constprop.0+0xaf/0x450 [ 454.329273][ C0] net_rx_action+0xa40/0xf20 [ 454.333858][ C0] ? __pfx_net_rx_action+0x10/0x10 [ 454.338962][ C0] ? mark_held_locks+0x40/0x70 [ 454.343713][ C0] ? lockdep_hardirqs_on+0x78/0x100 [ 454.348892][ C0] ? tmigr_handle_remote+0x132/0x380 [ 454.354166][ C0] ? run_timer_base+0x121/0x190 [ 454.359001][ C0] ? __pfx_run_timer_base+0x10/0x10 [ 454.364184][ C0] handle_softirqs+0x1eb/0x9e0 [ 454.368934][ C0] ? __pfx_handle_softirqs+0x10/0x10 [ 454.374203][ C0] ? irqtime_account_irq+0x176/0x2d0 [ 454.379474][ C0] ? batadv_tt_purge+0x25d/0xbd0 [ 454.384421][ C0] do_softirq+0xac/0xe0 [ 454.388576][ C0] [ 454.391484][ C0] [ 454.394406][ C0] __local_bh_enable_ip+0xf8/0x120 [ 454.399505][ C0] batadv_tt_purge+0x25d/0xbd0 [ 454.404259][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 454.409535][ C0] ? rcu_is_watching+0x12/0xc0 [ 454.414290][ C0] process_one_work+0xa23/0x19a0 [ 454.419226][ C0] ? __pfx_process_one_work+0x10/0x10 [ 454.424591][ C0] ? __pfx_batadv_tt_purge+0x10/0x10 [ 454.429867][ C0] worker_thread+0x5ef/0xe50 [ 454.434472][ C0] ? kthread+0x13a/0x450 [ 454.438700][ C0] ? __pfx_worker_thread+0x10/0x10 [ 454.443798][ C0] kthread+0x370/0x450 [ 454.447868][ C0] ? __pfx_kthread+0x10/0x10 [ 454.452463][ C0] ret_from_fork+0x754/0xd80 [ 454.457049][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 454.462165][ C0] ? __switch_to+0x7b4/0x1120 [ 454.466877][ C0] ? __pfx_kthread+0x10/0x10 [ 454.471465][ C0] ret_from_fork_asm+0x1a/0x30 [ 454.476225][ C0] [ 454.479569][ C0] net_ratelimit: 23515 callbacks suppressed [ 454.479581][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.497666][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.509858][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.522009][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.534183][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.546339][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.558518][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.571659][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.583945][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 454.596116][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.484981][ C0] net_ratelimit: 22785 callbacks suppressed [ 459.485003][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.503194][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.515420][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.527613][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.539797][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.552009][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.564364][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.576710][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.589003][ C0] bridge0: received packet on veth0_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0) [ 459.601245][ C0] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)