last executing test programs: 31.686845619s ago: executing program 1 (id=180): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) io_uring_setup$auto(0x86, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x28, 0x4, 0xffffffc0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/trace_printk\x00', 0x121082, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/sys/kernel/debug/tracing/options/trace_printk\x00', 0x800) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 28.403416589s ago: executing program 1 (id=189): syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg1\x00', 0x1c1881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/rose3/carrier\x00', 0x502, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) socket(0x15, 0x5, 0x0) socket(0x2a, 0x6, 0x40080) socketpair$auto(0x1, 0x204, 0x3, 0x0) dup2$auto(0x5, 0x4) splice$auto(0x4, 0x0, 0x2, 0x0, 0x80000001, 0x9) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/vm/dirty_writeback_centisecs\x00', 0xb02, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0xc803, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) prctl$auto(0x41, 0x0, 0x0, 0x0, 0x0) read$auto(r0, 0x0, 0x20) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0xc02, 0x0) poll$auto(0x0, 0xd59, 0xffffffff) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) memfd_create$auto(0x0, 0x6) open(0x0, 0x303500, 0x150) rename$auto(&(0x7f0000000040)='./file0\x00', 0x0) rename$auto(&(0x7f0000000000)='./file0\x00', 0x0) unshare$auto(0x40000080) 23.807513772s ago: executing program 1 (id=197): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptybd\x00', 0x6202, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x5, 0x1) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe735f26, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc461, 0x80, 0x6, 0x3, 0xfffffffffffffff2, 0x3, 0x1, 0x62, 0x80000022, 0x7, 0x6d42, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0}) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioperm$auto(0xfffffffeffffffff, 0x389, 0xd) 12.697493349s ago: executing program 2 (id=227): mmap$auto(0x0, 0xd, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mount$auto(0x0, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='nfsd\x00\xee\x1a\x8fg\x1b\x04\xad>\x96\xe9IG\xbe\xc8\x12\xae\xc3\xc0@[\x99\xec\xbf(\xec\xc3\xb2\xf2\x15Zi\xc4S6\'\x14\x05\t\x8c\xd5?\xa0\x00\xd8\xe4\xafW\xcc\xa3\xce\t\xf8p\xc6\x00\x00\x00\x00\xb9\xac\xde\x0e\x90\x18\xf1\x13I\x95\xe12\xaclJ\xba\xeb\xe4\x83Z\xaev\xd7\xd9\xdd\x14\x81\xbe\xab\xed\xd5MI\x830_\xc2\x14O\x84\xaa\x13W\xb7\x06\'fvQ\x95\xc5\xd1\x98\xe3T\xees\xf0\xc2\xad\xae\x99\xeb\xc5\xf0\"\x92\xcdfk\xc7\xe9\x96\r\x91\xb0\xc46\xf2\xfc\xef\xfe\xa0\xc9d\xb3h$\xeb\xad\xa4P\x8f\xc3bM{4RQ\x00\x9d)_\xd81(\x03\xfd\rw\xca1\x88|\xe5\x1e\x10\x89X\x01\xe9\xf6g\x95xx\xaf\xa9~m\x05\xa2\xe4\x81\xb9\x92\xda\x13\xfe5\xfb\xc6\xd8>\x01\xd4\x14\x94o\x1b[\xa8]\x9b\x03\x95\xc3\xad\xad\x1d#oi|\x04\x93N\xfa\x17\xf3b\xf6', 0x4, 0x0) getcwd$auto(0x0, 0xffffffffffffffff) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) mmap$auto(0x0, 0x8, 0x6, 0xd4, 0xffffffffffffffff, 0x6) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x10000801, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = getpid() process_vm_readv$auto(r3, &(0x7f0000000000)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) waitid$auto_P_PGID(0x2, r3, &(0x7f0000000340)={@siginfo_0_0={0x6, 0x7, 0x6, @_sigpoll={0x200, r0}}}, 0x7, &(0x7f00000003c0)={{0xa, 0x8000000000000000}, {0x5}, 0x7, 0xfce3, 0xfffffffffffffffc, 0x8, 0x224, 0x80000000, 0x7ff, 0x0, 0x5, 0x101, 0x50b, 0x5, 0x9, 0x2}) r4 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$auto_SO_ATTACH_REUSEPORT_CBPF(r4, 0x1, 0x33, &(0x7f0000000280)='o\x00\xfb\x00\x00\x00\xe4(\xe5\xb9Y\xacS\xbe\xcc4\xf9!\xd0\x92<\x9bf\x01j\x83\xb3\xd7a.\x92\xf5\xb0j\xd3\x01\xfe:\x93\xed\xe4\x16\a\xcemS\xeb\x93D\b\xdb\x0f\x9f\x903\xad?\x17\xddF2\x7f\x15~\x94\x1d\x1c\x83\x03\xb9K\x04\xd3\x99\xe6[\xf8\xddn`\xdb\x19\xa9R\xc2\x00\x8a\xc7>\xfbC\x9e\xcfY\xaa\xc9\x99_\x8d\xc14o\xd9\x97\xf9\xb6\x80\xc0Tf\xea\x82\x8f\x82^\xf7\x01\x894?\xf7\xb8\"\x9dd/\x15\xf5\x013\x84\xe8\xdev\x8eW\xfaym\x8a_\x0e\xc5\xde\x90\xc4$\xbb\xaa\x839]\x14m{R,i\x80\xecM.\xa9\'<\xd6\xc8\xd6\xc4\x1b\xd2\xd6\x193<\".\x85\xea\xb7\x9d\xa3r\xca\xeeP\xdeu4\xf2s\x9b\x03\xbex.\x17\xf2\xa4\xba\x9a$\x1f.e\v3.\xd1{}\x94\xd9\xc4\xf1\xa9\x9aK\xbc?0x\xa1G\xf5\xd3K\xf7\xa25=\x9f+\x1d\xe7\x00', 0x10) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) r5 = socket(0x15, 0x5, 0x0) sendmsg$auto(r5, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) sendmsg$auto_OVS_FLOW_CMD_SET(r2, &(0x7f0000001b80)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000001b40)={&(0x7f0000000940)=ANY=[@ANYBLOB="b0040000", @ANYRES16=0x0, @ANYBLOB="000828bd7000fbdbdf250400000005000900040000008f030780980144800c003e00000000000000000008003d00", @ANYRES32=0x0, @ANYBLOB="f496466d77aaf1f89f92a4d0acc66d69e2d4e5b2295152f741a73a25a5f46cc34289e34a5ca0e01b8af095bf5cfb06845e8b2856446c21483dd3170b0000002b71f5076277a7c6389d7409dcd938a5d7912688d383b7cbd39daa273651", @ANYRES32=r5], 0x4b0}, 0x1, 0x0, 0x0, 0x8884}, 0x800) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_GET_SCAN(r6, 0x0, 0x4000) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) fspick$auto(0xffffffffffffffff, 0x0, 0x6) 10.940375034s ago: executing program 2 (id=232): syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) write$auto(0x3, 0x0, 0x4fffffdf2) mmap$auto(0x0, 0x0, 0x7, 0xeb1, 0xffffffffffffffff, 0x1) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x752502, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80e42, 0x0) read$auto(r1, 0x0, 0x1000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) write$auto(0x3, 0x0, 0x100082) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2, 0x1, 0x0) getsockopt$auto(0x3, 0x6, 0xb, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x2, 0x40009, 0xfffffffffdffffff, 0x9372, 0xffffffffffffffff, 0x28000) write$auto(0x3, 0x0, 0xffd8) semctl$auto_GETPID(0x0, 0x800, 0xb, 0xa6d446c) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) listen$auto(0x3, 0x3) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, 0x0, 0x22a40, 0x0) openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bluetooth/hci4\x00', 0x8000, 0x0) syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000000), 0xffffffffffffffff) r2 = eventfd$auto(0x34b) write$auto(r2, 0x0, 0x8) sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4080}, 0x1bef8a3657dd5a1a) 9.555506292s ago: executing program 1 (id=234): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x4000000000000c8, 0x800454cf, 0x3) r0 = socket(0xa, 0x5, 0x0) setsockopt$auto(r0, 0x10000000084, 0x13, 0x0, 0x4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0xc40, 0x0) read$auto_proc_iter_file_ops_compat_inode(r1, 0x0, 0x4d) 8.171685626s ago: executing program 1 (id=237): mmap$auto(0x1000000, 0x4020009, 0xdf, 0x80000000eb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x6, 0x0) syz_genetlink_get_family_id$auto_nl802154(0x0, r0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto_SNDCTL_DSP_POST(r1, 0x5008, 0xfffffffffffffffe) r2 = syz_clone(0xa204000, &(0x7f0000000000)="02045141196df8db248446feee7ab1804191270a95aa1a412a6ed34d922a7f3334e3f55543ff24eb035c5e9ff92742dbdd0e5d3a7af5e506aa3d87def7708a708dde4fde80bb8c3e0af33818439ef6208f623fd40d7b856b4421d9d0196d1cff1b19bc757534bc7193feef3a832d5a387df99e78bd305847c25f366b2c9f8f6faf43dd24e07d32b464", 0x89, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="11c7620d7055142950de33c271826c59f3") migrate_pages$auto(r2, 0x8, &(0x7f0000000180)=0x705, &(0x7f00000001c0)=0x5f) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x80000001, 0x3, 0xffff, r1, 0x8000) r4 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/usbmon8\x00', 0x640, 0x0) mmap$auto(0x0, 0x20009, 0xffffffffffffffff, 0xeb1, 0x401, 0x8000) r5 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r5, 0x0, 0x9a28) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) read$auto_proc_fail_nth_operations_base(r6, &(0x7f0000000040)=""/221, 0xdd) mmap$auto(0x0, 0xa00006, 0x400002, 0x40eb1, 0x602, 0x300000000000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) acct$auto(0x0) r7 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/netdevsim/del_device\x00', 0x501, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r7, &(0x7f0000000200)="34aeede84184", 0x6) fcntl$auto_F_SETOWN(r7, 0x8, r2) madvise$auto(0x0, 0x2000040080000004, 0xe) r8 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/pagemap\x00', 0x0, 0x0) readv$auto(r8, &(0x7f0000000400)={0x0, 0x40}, 0x6) read$auto_mon_fops_binary_mon_bin(r4, 0x0, 0x2f) ioctl$auto_MON_IOCG_STATS(r4, 0x80089203, 0x0) close_range$auto(0x2, 0x8, 0x0) r9 = getsockopt$auto_SO_PEERPIDFD(r3, 0x7, 0x4d, &(0x7f0000000240)='&\x00', &(0x7f0000000280)=0x4) mmap$auto(0x200, 0x1, 0x6, 0x7fff, r9, 0x3) 6.325153142s ago: executing program 2 (id=240): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(0xffffffffffffffff, 0x0, 0x84) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0xf, 0x9, 0xffff, 0x406, 0x2, 0x9, 0xb84, 0xfffffffffffffffd, 0x9, 0x2000000000000003, 0x6, 0x1fd, 0x2]}, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20080, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2, 0xa, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) ioctl$auto(0x1, 0x541b, 0x8) 4.758994416s ago: executing program 2 (id=242): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop1/removable\x00', 0x80302, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 3.310282853s ago: executing program 2 (id=243): openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x40000006, 0x0) mmap$auto(0x0, 0x4, 0xc00000072, 0x8b72, 0x1000000002, 0x8000) io_uring_setup$auto(0x86, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x28, 0x4, 0xffffffc0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) write$auto(0xffffffffffffffff, 0x0, 0x81) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/options/trace_printk\x00', 0x121082, 0x0) read$auto(0xffffffffffffffff, &(0x7f0000000080)='/sys/kernel/debug/tracing/options/trace_printk\x00', 0x800) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/controlC2\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000580)={{@raw=0x7fffffff, 0xf0ee, 0x20009, 0x3, "790eaa833e6fc65b6b3cf705001900ffff8eac2cdafc1f64010043eeb0b0530300000000000e00", @raw=0x1}, 0x4, 0x966, 0x3, @raw=0x404, @integer={0x800000000000400e, 0x2000000b752, 0x1}, "6cc1294d63a4f1b4285854c5368de438f8cc142ef6df12bf3373a1183bedbd31b642b4051b078fa1c1c61c329794e5311121c760cb9611c78e6947a99807bcc1"}) 3.239889413s ago: executing program 0 (id=244): openat$auto_userfaultfd_dev_fops_userfaultfd(0xffffffffffffff9c, &(0x7f0000000000), 0x48400, 0x0) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nbd12\x00', 0x2282, 0x0) ioctl$auto_BLKRRPART(r0, 0x125f, 0x0) 2.980295627s ago: executing program 0 (id=245): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0x2003f0, 0x15) setrlimit$auto(0xb, 0x0) mincore$auto(0x101f, 0x8001, 0x0) 2.502378434s ago: executing program 3 (id=247): openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x8001, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/pcmC0D0c\x00', 0x0, 0x0) 2.279867437s ago: executing program 0 (id=248): syz_genetlink_get_family_id$auto_nl802154(0x0, 0xffffffffffffffff) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x181881, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x18000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) write$auto(0x3, 0x0, 0xfdef) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) 2.119989318s ago: executing program 0 (id=249): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x22004840}, 0x4001) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="a7fdffff", @ANYRES16=0x0, @ANYRESHEX], 0x24}, 0x1, 0x0, 0x0, 0x4c884}, 0x4008800) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x20008810) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x28, 0x1, 0x0) getsockopt$auto(r0, 0x28, 0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='!'], 0x1ac}, 0x1, 0x0, 0x0, 0x44}, 0x40090) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) 2.108002665s ago: executing program 3 (id=250): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r2 = pidfd_open$auto(0x0, 0x80000001) write$auto_fuse_conn_congestion_threshold_ops_control(r2, &(0x7f0000000100)="1c63009af181c4c9db054b9c77296c2105cbcfba5a9894bbd352c6faf0b68e914931920f73089d2474c05af450a46ac977762acda89b95b1f9bf9505a66b908f5167403962d04685969c89e785ebdd15b73c85d6d0932461063d0b74bc947067be4a536941d52ae1e4623149e4594cc90ce04630f3128f9184d615ea62ffc6a15b859053d084a90cd07172a58758ad888d4c9d505e3c71bee86a0119375694cac9772597640f8aef791e64410f728179533448b4e9334f11bab9bac0e86a3cf248db912c7e687dc6a3f9c765197997df4c9a40a18aa66991fbba453e3da0836f6fb57257d8ae2d73dba7cfe59d0b668a92d710c71ac0775a65", 0xf9) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) connect$auto(0x3, &(0x7f00000000c0)=@in={0x2, 0x3}, 0x55) capset$auto(0x0, &(0x7f00000000c0)={0x400, 0x2, 0x80}) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f0000000040)={0x0, 0x34000}, 0x3ff, 0x0, 0x1}, 0xed71388}, 0x2, 0x9) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r0, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010027bd7000fcdbdf250a9e00ff150000001400017533e621c29eba8fac799ce18ab455fc1f2ae0edc05caaf6812229d32fc041fcda495a42f4eb20457970dd6b6539d28af0f551e6056cc6b0575191ac634dac17aca3e6c3e2465446993fa25718f9cc5ec1bceeff1b3c7d064a50873b8a3d87c0426e5b77bd96a9ecccf82702f4e64e17b7fb7eb32d358178c1bd8ceee21f36e3a7de0b33cd78c261c7478840c4865471678bbdda1215fee0c58a328d96b73365f45bd99e1c2e8437091cd50dba2c6c5a7c2ce9759be88f07ead3a43777dc880f24a9196ae6c1fa70c9e6bfb5093c6beb27fd6c6938dae55e2ebdf1998d90750f5473c64c011786b6260d4ff36f7a0c7d1fc4497f18ad3b4836fb51c42951b4b2c1e070092519aa573fcb96eee98eca3c4722ea65dcb973d72077dd85420e5cf3c45f801ea9be53fd351cc98118f97341caa79d6c84d487183c9570a95ce180a2356fb7b0f9552c19d3a870f3ac5dc07377a4cc86c67a25bc89f19d0046e14f9c24b3b4a9a8c60e3e16d2562a65bf1fbe22f2ab74e061e88e8e2736d3a5ed8218813f868aff5bda8a5d4f79a0e5c63757666db318cf16ee95aaca"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) 1.906401261s ago: executing program 3 (id=251): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x84) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0xf, 0x9, 0xffff, 0x406, 0x2, 0x9, 0xb84, 0xfffffffffffffffd, 0x9, 0x2000000000000003, 0x6, 0x1fd, 0x2]}, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x9, 0x3fb}, 0x4}, 0x200, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2, 0xa, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) ioctl$auto(0x1, 0x890b, 0x8) (fail_nth: 5) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0xf2) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x9, 0x8000) ioctl$auto(0x3, 0x89e1, 0x91) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd6\x00', 0x800, 0x0) ioctl$auto_TIOCVHANGUP2(r2, 0x5437, &(0x7f00000001c0)="106e09839108dc034b3e1b6fa27971235d546112cac8f4") setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0x4) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) timer_gettime$auto(0x0, 0x0) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000002f80)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000100ae180500000004000380186e00"/29], 0x30}, 0x1, 0x0, 0x0, 0x11}, 0x2400c802) 1.902908718s ago: executing program 2 (id=252): r0 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x82000, 0x0) (async) r1 = socket(0xa, 0x1, 0x100) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, 0x0) (async) getsockopt$auto_SO_RCVPRIORITY(r1, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', &(0x7f0000000240)=0x7) (async) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0) pread64$auto(r0, 0x0, 0x803, 0x400) (async) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x121900, 0x0) (async) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) (async) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_IOCTL_VMCI_CTX_SET_CPT_STATE(r3, 0x7b2, 0x0) (async) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) (async) select$auto(0x4e, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x100, 0x0, 0x948f, 0x3, 0xb, 0x1, 0x3, 0x0, 0x8, 0x7, 0x8000000000000000, 0x3, 0x5, 0x1]}, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$auto_regulator_summary_fops_(r3, &(0x7f0000000400)=""/23, 0x17) inotify_init1$auto(0x401) (async) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) (async) sendmsg$auto_IPVS_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000440)={&(0x7f0000000d80)=ANY=[@ANYBLOB="b2f40700", @ANYBLOB="f2824a0ce0726080654149468c663d10d65c17121b94c14bfcf8a6e06057b6d134b0acc13a8f4c183e79065465e0a345b03cc638cb038a4c49d859a8dc3bbc93ebd808f7ad46ce2650d18c5cfcb115f671d10e54221b3c136462d5a74c2f430e5f56f9e4706ba3", @ANYBLOB="080025bd7000ffdbdf25110000000800050006000000", @ANYRES32=0xffffffffffffffff, @ANYBLOB="0c00290084660000000000008d1083b7312d58c5ebaf487bb998f3418a8151bb07f2443548e4f835120dabebd9cfacb4df6c09d5c51d5a796dcd884b3e930a755c3e6e9a8bf602ba954dddf50ba937da8e0eb88ee25349d036733e829ade17deaae15e1e9298ffa9cd09d12467d4b27c2248f3edabe64261dd558c1b9e518a124437c3303efdaea14284ea051911d982703916a3f34e0c89480014f473c0ff7dc811d675c55aafeab4d5d79dd93004732cfecf02265e2993274e159f1788f1f775bbefa7dc340bd198fa7cfeb7b5eee7dae5e118a7f160e9e3f016e93bc1cf8d297c2528030dee4f73abb51c22b64bbc744da934cb7396ef4d43cef20800a100", @ANYRES32=0x0, @ANYBLOB="00bc576579826533b0bf28dd4ab3bcbd8ab5ba0fef7e0cc364fe58f8dce18c9872044366c6c84580eba54f8d10371bdd8d9c3b9cd34547896c43028f757e0ebcee414737920c57bdbfeb5dac56de76bbb8958687c8e6a28f2abc7cc8b762a5d35a6adf6b86f6c64098412ef2a1137df6118438a22b93d46511faa2adbedbeb746ee2febf170ea395f95cedf50bb882f27d931c0d42c0263d9e9b4b8ce9ffac38dcd248d43d327efaa1b5753cb899958a8e58816005f1070c4b7bef97d4d6ae8b03a52cddde678d47b2330642be41e367b50a91537e5dd302dd19b6b9bd1d5cab5ea5580f2578b1485e192a2ceb5e044e4124ca2f0c1e2aea865081c49ef300000008000400040000000800060000000000300101802901048004000d80040049800400488004002600ad5d079172db3691f31015fadd64b9c931790efa342d19514b7503daebc29a40309d5c7953853d16920c55059408001e00ac1414aa0500460000000000f746e4ceb215f9ad8a0b3d3c0291e872c69279e298f2763cecc21bca1d5023aa95adcffdd1d45d17d23664c07ccd27046599633761ae38dd2d1382aff1a1163982df04f1f23275332711104e421d771ddda8fcee19e1ed3f79f52e0fe787d2f2af50f256747bd0aaa67390631906ed21ba4bfd683b69ab229223cdc1f014e2c991d7213b162d3b7c4860fb679b7e0d5cea2b70b470b6f02ceb846f607067dcdd158a0d9afebd432fe560f985b78cb61d88d2b3145a74736efee47c57ec42c7cc71dd1e4f0e47807f02e40efbd83114a8032604911d92e4df0000000800050004000000"], 0x390}, 0x1, 0x0, 0x0, 0x20018810}, 0x44040) mmap$auto(0x0, 0x6, 0xe1, 0x9b72, 0xffffffffffffffff, 0x7) r5 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000280)='/dev/sr0\x00', 0x20000, 0x0) ioctl$auto(r5, 0xab04, 0xffffffffffffffff) (async) sendmsg$auto_NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000780)=ANY=[@ANYBLOB="8c020000", @ANYBLOB="0500130007000000080005000100000008000c000000000009012d80a5ca9112889325b0c8661ebfd9ad2ed199a9b628e3617382962fdc96c34aa897bcc83deef20dd984de67ae3d5a5d4a06992d0699d4efc32f6923c9be7d8858527813c36b30663b4465d9eb4e39181111b2b18856ea65d1a0c018ac82c6b94ab4e73f9d02f95b6c993617bc1eb3a4558664ed4e51cc4684b9b41e6b612fa82e47cd5fc066b868c63d38cd86b63bb7c58ee9ec42e236dbc1c11bc14e26f4d919d8d1f2c1eaff022be67e0a547095352408041115232ca104987f3a", @ANYBLOB="02002dbd7000fcdbdf251d0000004301188014002100fc0200000000000000000000000000003600bd0068f76224d76fcedd858a40d2e4daac3a906310b4882866e15a38c714c9301ed5c7bc670cf749f0cdf4d958ac4a46c983cc4f0000018afb34431813703fe999e41360aa2f78624f27b11e5a80a7355d38b6a4c7eca4adda34ea7b2c60ffec2b34de68f8ff238429af8ce6285ab588c4cbe1d1b9824702b1b3566b51eb0437240289d7fdcbf3ef53cadf457e49070342cb80a88f3f14dca7b272e3137c4e10ce76365024e974704d9a5595511d1f39495f2163c2230d709bd2265fdf2d1186082017d28e03ab27269c84a9209ad6f713d57101963260539b122401c9b87400fb6d4b3bc1372583932e221d8f717a5356013ff43bd8a3750baecad4d4d3deafe0a6cf783bfeaedc61d5f02142c3cd9d90bd596f2170c6488482f92288f2c3490acdd285c57f422cb30008000300", @ANYRES32=0x0, @ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX=r1, @ANYRESDEC=r4, @ANYBLOB="4cc249970b26be4fd9816b6912987d6d3a558bc53a82015e25fa66a7bb74d7f7eb31ef1b9b47a691cfee11860e12eacea7659c11002c40aabd2f9c4c94f76f79a05c5ba97ed7d5ef85bd973be34d2ae747b3"], 0x28c}, 0x1, 0x0, 0x0, 0x20040100}, 0x0) (async) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x50b41, 0x0) (async) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/pcmC1D0c\x00', 0x80042, 0x0) (async) mmap$auto(0x0, 0x68, 0x3, 0x8012, 0x3, 0x83000000) (async) close_range$auto(0x2, 0xa, 0x0) (async) socket(0xa, 0x2, 0x0) 1.739565692s ago: executing program 0 (id=253): socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x20009, 0x5, 0xeb2, 0x8, 0x1008000) socket(0x10, 0x2, 0x0) openat$auto_short_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/ieee80211/phy0/short_retry_limit\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x10, &(0x7f0000001700)=@query={@target_ifindex, 0x11, 0x1, 0x9, 0x7f, @prog_cnt=0x2, 0x0, 0x1000f, 0xa, 0x7, 0x400000000001}, 0x7) ioctl$auto_FS_IOC_SETFLAGS2(0xffffffffffffffff, 0x40086602, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x29, 0x2, 0x0) ioctl$auto(r0, 0x8923, 0x24) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x6, 0x1, 0x9, 0x5, 0x1f, 0x940, 0x1ffde, 0x2000003, 0x10001, 0x8000006, 0x9, 0x5, 0x0, 0x4, 0x200, 0x7, 0x2, 0x3, 0x201, 0x7, 0x0, 0x3ffff, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0x13, 0x4b80000, 0x40003, [0xfffffffffffffffc, 0xa, 0x0, 0x1, 0x0, 0x8000004, 0x0, 0x0, 0xfffffffffffffffb, 0x0, 0x0, 0x4, 0x2, 0x0, 0x1, 0x3, 0x0, 0x0, 0x201, 0x0, 0x86, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x401, 0x2, 0x34, 0x80000, 0x3, 0x100000000, 0x0, 0x8000000000000002, 0x80000000, 0x0, 0x0, 0xbb5, 0x20, 0x10, 0x0, 0x0, 0x2000000000000000, 0x2]}, 0x203, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x1000000, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 1.082471295s ago: executing program 3 (id=254): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0xc4b6) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0x3, 0xa, 0x1fd) 830.087418ms ago: executing program 0 (id=255): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) rseq$auto(0x0, 0xfffffff4, 0x0, 0x5) r1 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES(r1, 0x4008af25, 0x0) mmap$auto(0x4, 0xa00006, 0x2, 0x100000000040eb1, 0x602, 0x300000000000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x2c0880, 0x0) r2 = openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) rseq$auto(&(0x7f0000000580)={0x0, 0x85, 0x9416, 0x1, 0x7, 0x6}, 0x6, 0x3, 0xff) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x1, 0x40009, 0xdf, 0x13, 0xffffffffffffffff, 0x10001) msync$auto(0x1ffff01f, 0x1800000ff000000, 0x400000004) socket(0xf, 0xa, 0x5) connect$auto(0x3, &(0x7f0000000080)=@l2={0x1f, 0x6, @none, 0x5}, 0x2) ioperm$auto(0x7, 0x75, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_UNLCK(r2, 0x8, 0x2) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48000}, 0x0) kexec_load$auto(0xff, 0x2, &(0x7f0000000080)={@kbuf=0x0, 0x2, 0x8000, 0x3000}, 0x4) r4 = socket(0x2, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) sendmmsg$auto(r4, &(0x7f0000000140)={{&(0x7f0000000040), 0x10, &(0x7f00000000c0)={0x0, 0x1fff8}, 0x7, 0x0, 0x2, 0xb}, 0xfff}, 0x5, 0x311) 503.833525ms ago: executing program 3 (id=256): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) sendmsg$auto_NL802154_CMD_LIST_ASSOCIATIONS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x84) select$auto(0x3, 0x0, &(0x7f0000000100)={[0x9, 0x200, 0x0, 0xf, 0x9, 0xffff, 0x406, 0x2, 0x9, 0xb84, 0xfffffffffffffffd, 0x9, 0x2000000000000003, 0x6, 0x1fd, 0x2]}, 0x0, 0x0) sendmmsg$auto(0x3, &(0x7f0000000040)={{0x0, 0x2, 0x0, 0x10a, 0x0, 0x9, 0x3fb}, 0x4}, 0x200, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x1, 0x84) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/175, 0xaf) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x2, 0xf2, 0xdf, 0xeb1, 0xf6f6, 0xff) getcwd$auto(0x0, 0xffffffffffffffff) move_mount$auto(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x100) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') socket(0x2, 0xa, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) ioctl$auto(0x1, 0x890b, 0x8) write$auto(0x3, 0x0, 0xfffffdef) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x3, 0x9) bind$auto(0x3, &(0x7f0000000000)=@nl=@kern={0x10, 0x0, 0x24, 0x400000}, 0x68) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0xa, 0x3, 0xf2) mmap$auto(0x0, 0x400008, 0xe2, 0x9b72, 0x9, 0x8000) ioctl$auto(0x3, 0x89e1, 0x91) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyd6\x00', 0x800, 0x0) ioctl$auto_TIOCVHANGUP2(r1, 0x5437, &(0x7f00000001c0)="106e09839108dc034b3e1b6fa27971235d546110cac8f4") 146.026056ms ago: executing program 3 (id=257): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptybd\x00', 0x6202, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x5, 0x1) select$auto(0xe735f26, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc461, 0x80, 0x6, 0x3, 0xfffffffffffffff2, 0x3, 0x1, 0x62, 0x80000022, 0x7, 0x6d42, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0}) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioperm$auto(0xfffffffeffffffff, 0x389, 0xd) 0s ago: executing program 1 (id=258): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) socket(0x15, 0x5, 0x0) openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, 0x0, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20342, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptybd\x00', 0x6202, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x109302, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) select$auto(0x7, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1a000, 0x2, 0x3, 0x95f4da0a, 0xefffffffffffffff, 0x3, 0x62, 0x80000001, 0x10000000000004, 0x6d40, 0xffffffffffffffff, 0x4, 0xfffffffffffffffe]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x5, 0x1) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe735f26, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x7, 0xc461, 0x80, 0x6, 0x3, 0xfffffffffffffff2, 0x3, 0x1, 0x62, 0x80000022, 0x7, 0x6d42, 0x2000000004000009, 0x2, 0x6]}, 0x0) mmap$auto(0xf87f, 0x400108, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_USBDEVFS_DISCSIGNAL(0xffffffffffffffff, 0x8010550e, &(0x7f0000000040)={0x6, 0x0}) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20b42, 0x0) quotactl_fd$auto(0x0, 0x80000201, 0x0, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40, 0x0) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) syz_clone3(&(0x7f00000001c0)={0x2000000, 0x0, 0x0, 0x0, {0x21}, 0x0, 0x0, 0x0, 0x0}, 0x58) ioperm$auto(0xfffffffeffffffff, 0x389, 0xd) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.106' (ED25519) to the list of known hosts. [ 82.071859][ T5850] cgroup: Unknown subsys name 'net' [ 82.239749][ T5850] cgroup: Unknown subsys name 'cpuset' [ 82.248858][ T5850] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.757885][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.486214][ T5862] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.493675][ T5862] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.501090][ T5862] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.509138][ T5862] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.516950][ T5862] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.649054][ T5862] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.656472][ T5862] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.663906][ T5862] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.677352][ T5862] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.684905][ T5862] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.706001][ T5862] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.721932][ T51] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.729423][ T51] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.737518][ T51] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.745313][ T51] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.806906][ T5183] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.814474][ T5183] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.822114][ T5183] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.835646][ T5183] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.843450][ T5183] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 85.943441][ T5859] chnl_net:caif_netlink_parms(): no params data found [ 86.052970][ T5859] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.060338][ T5859] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.067680][ T5859] bridge_slave_0: entered allmulticast mode [ 86.074588][ T5859] bridge_slave_0: entered promiscuous mode [ 86.084117][ T5859] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.091472][ T5859] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.098796][ T5859] bridge_slave_1: entered allmulticast mode [ 86.105673][ T5859] bridge_slave_1: entered promiscuous mode [ 86.173911][ T5859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.185996][ T5859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.228860][ T5863] chnl_net:caif_netlink_parms(): no params data found [ 86.240595][ T5859] team0: Port device team_slave_0 added [ 86.248584][ T5859] team0: Port device team_slave_1 added [ 86.263084][ T5870] chnl_net:caif_netlink_parms(): no params data found [ 86.314864][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.322164][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.348452][ T5859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.377710][ T5859] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 86.384693][ T5859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.415432][ T5859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.430613][ T5865] chnl_net:caif_netlink_parms(): no params data found [ 86.517130][ T5870] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.524279][ T5870] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.531944][ T5870] bridge_slave_0: entered allmulticast mode [ 86.539161][ T5870] bridge_slave_0: entered promiscuous mode [ 86.573096][ T5870] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.580483][ T5870] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.587767][ T5870] bridge_slave_1: entered allmulticast mode [ 86.594656][ T5870] bridge_slave_1: entered promiscuous mode [ 86.608104][ T5859] hsr_slave_0: entered promiscuous mode [ 86.614293][ T5859] hsr_slave_1: entered promiscuous mode [ 86.620834][ T5863] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.628108][ T5863] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.635293][ T5863] bridge_slave_0: entered allmulticast mode [ 86.642206][ T5863] bridge_slave_0: entered promiscuous mode [ 86.649796][ T5863] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.656980][ T5863] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.664307][ T5863] bridge_slave_1: entered allmulticast mode [ 86.671580][ T5863] bridge_slave_1: entered promiscuous mode [ 86.731230][ T5863] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.742756][ T5870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.760716][ T5865] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.768267][ T5865] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.775434][ T5865] bridge_slave_0: entered allmulticast mode [ 86.782875][ T5865] bridge_slave_0: entered promiscuous mode [ 86.791998][ T5863] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.810348][ T5870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.833597][ T5865] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.841007][ T5865] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.848324][ T5865] bridge_slave_1: entered allmulticast mode [ 86.855124][ T5865] bridge_slave_1: entered promiscuous mode [ 86.896744][ T5863] team0: Port device team_slave_0 added [ 86.904017][ T5870] team0: Port device team_slave_0 added [ 86.924975][ T5865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.935606][ T5863] team0: Port device team_slave_1 added [ 86.942549][ T5870] team0: Port device team_slave_1 added [ 86.964962][ T5865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.012724][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.020662][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.048709][ T5863] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.060295][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.067434][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.095835][ T5870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.120218][ T5863] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.127294][ T5863] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.153563][ T5863] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.165055][ T5870] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.172471][ T5870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.199113][ T5870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.214459][ T5865] team0: Port device team_slave_0 added [ 87.222481][ T5865] team0: Port device team_slave_1 added [ 87.255751][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.262849][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.289006][ T5865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.314265][ T5865] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.321436][ T5865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.347699][ T5865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.418123][ T5863] hsr_slave_0: entered promiscuous mode [ 87.424407][ T5863] hsr_slave_1: entered promiscuous mode [ 87.430685][ T5863] debugfs: 'hsr0' already exists in 'hsr' [ 87.436464][ T5863] Cannot create hsr debugfs directory [ 87.445110][ T5870] hsr_slave_0: entered promiscuous mode [ 87.451925][ T5870] hsr_slave_1: entered promiscuous mode [ 87.458124][ T5870] debugfs: 'hsr0' already exists in 'hsr' [ 87.463877][ T5870] Cannot create hsr debugfs directory [ 87.499483][ T5865] hsr_slave_0: entered promiscuous mode [ 87.505716][ T5865] hsr_slave_1: entered promiscuous mode [ 87.512249][ T5865] debugfs: 'hsr0' already exists in 'hsr' [ 87.518055][ T5865] Cannot create hsr debugfs directory [ 87.556657][ T5183] Bluetooth: hci0: command tx timeout [ 87.592710][ T5859] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.612891][ T5859] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.635468][ T5859] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.655729][ T5859] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.716871][ T5183] Bluetooth: hci1: command tx timeout [ 87.796791][ T5183] Bluetooth: hci2: command tx timeout [ 87.824508][ T5863] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 87.838362][ T5863] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 87.849023][ T5863] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 87.860470][ T5863] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.876791][ T5183] Bluetooth: hci3: command tx timeout [ 87.921900][ T5870] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.933238][ T5870] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.943967][ T5870] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.953926][ T5870] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.981819][ T5859] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.026567][ T5865] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 88.036568][ T5865] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 88.054707][ T5859] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.063103][ T5865] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 88.073169][ T5865] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 88.092523][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.099718][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.124887][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.132042][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.197823][ T5863] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.214706][ T5859] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 88.225388][ T5859] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.282034][ T5870] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.293373][ T5863] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.318356][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.325501][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.346375][ T2964] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.353566][ T2964] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.365422][ T5870] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.391218][ T1031] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.398425][ T1031] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.430084][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.437270][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.466269][ T5865] 8021q: adding VLAN 0 to HW filter on device bond0 [ 88.533439][ T5859] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.542237][ T5865] 8021q: adding VLAN 0 to HW filter on device team0 [ 88.561978][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 88.569147][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 88.590720][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.597927][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.698827][ T5865] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.738626][ T5859] veth0_vlan: entered promiscuous mode [ 88.772830][ T5859] veth1_vlan: entered promiscuous mode [ 88.833959][ T5859] veth0_macvtap: entered promiscuous mode [ 88.862322][ T5859] veth1_macvtap: entered promiscuous mode [ 88.906403][ T5863] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.924496][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.954363][ T5859] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.980049][ T2964] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.991848][ T2964] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.011530][ T2964] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.021025][ T2964] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.034238][ T5870] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.096138][ T5865] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.105326][ T5863] veth0_vlan: entered promiscuous mode [ 89.123238][ T2964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.134907][ T5863] veth1_vlan: entered promiscuous mode [ 89.137403][ T2964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.177573][ T5870] veth0_vlan: entered promiscuous mode [ 89.197409][ T2964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.205644][ T2964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.221364][ T5870] veth1_vlan: entered promiscuous mode [ 89.229781][ T5863] veth0_macvtap: entered promiscuous mode [ 89.259011][ T5863] veth1_macvtap: entered promiscuous mode [ 89.275424][ T5865] veth0_vlan: entered promiscuous mode [ 89.285841][ T5859] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.293969][ T5870] veth0_macvtap: entered promiscuous mode [ 89.328407][ T5870] veth1_macvtap: entered promiscuous mode [ 89.359161][ T5865] veth1_vlan: entered promiscuous mode [ 89.371498][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.403281][ T5863] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.416156][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.434412][ T2964] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.447799][ T5870] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.458693][ T2964] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.468848][ T2964] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.496242][ T2964] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.522502][ T5865] veth0_macvtap: entered promiscuous mode [ 89.530077][ T2964] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.545359][ T5865] veth1_macvtap: entered promiscuous mode [ 89.554172][ T2964] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.568576][ T2964] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.594473][ T2964] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.611157][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.637375][ T5183] Bluetooth: hci0: command tx timeout [ 89.650920][ T5865] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.676344][ T1031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.684612][ T1031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.710396][ T30] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.749614][ T30] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.759196][ T30] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.793591][ T1031] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.797618][ T5183] Bluetooth: hci1: command tx timeout [ 89.828012][ T1031] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.835535][ T30] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.877050][ T5183] Bluetooth: hci2: command tx timeout [ 89.957199][ T5183] Bluetooth: hci3: command tx timeout [ 90.000143][ T1031] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.036367][ T1031] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.070890][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.103021][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.125491][ T30] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.163001][ T30] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.264302][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.277537][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.497225][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.786955][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.796188][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 90.805008][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 90.814166][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.981604][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.086943][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.096815][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.532657][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.538515][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.720264][ T5183] Bluetooth: hci0: command tx timeout [ 91.877462][ T5183] Bluetooth: hci1: command tx timeout [ 91.957058][ T5183] Bluetooth: hci2: command tx timeout [ 92.036888][ T5183] Bluetooth: hci3: command tx timeout [ 92.253242][ T5985] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 92.549364][ T5983] syz.1.7 (5983): attempted to duplicate a private mapping with mremap. This is not supported. [ 93.084378][ T5991] syz.1.9 uses obsolete (PF_INET,SOCK_PACKET) [ 93.798550][ T5183] Bluetooth: hci0: command tx timeout [ 93.956937][ T5183] Bluetooth: hci1: command tx timeout [ 94.049319][ T5183] Bluetooth: hci2: command tx timeout [ 94.117848][ T5183] Bluetooth: hci3: command tx timeout [ 94.256389][ T6011] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.452097][ T6019] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 94.519833][ T6004] Zero length message leads to an empty skb [ 95.279281][ T6031] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 95.330432][ T6031] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 97.083061][ T24] cfg80211: failed to load regulatory.db [ 98.182141][ T6078] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.143315][ T6148] FAULT_INJECTION: forcing a failure. [ 103.143315][ T6148] name failslab, interval 1, probability 0, space 0, times 1 [ 103.245575][ T6148] CPU: 1 UID: 0 PID: 6148 Comm: syz.0.39 Not tainted syzkaller #0 PREEMPT(full) [ 103.245617][ T6148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 103.245637][ T6148] Call Trace: [ 103.245647][ T6148] [ 103.245658][ T6148] dump_stack_lvl+0x16c/0x1f0 [ 103.245716][ T6148] should_fail_ex+0x512/0x640 [ 103.245766][ T6148] should_failslab+0xc2/0x120 [ 103.245811][ T6148] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 103.245870][ T6148] ? rcu_is_watching+0x12/0xc0 [ 103.245902][ T6148] ? snd_pcm_hw_rule_add+0x414/0x5a0 [ 103.245951][ T6148] krealloc_noprof+0x1ff/0x3a0 [ 103.245992][ T6148] snd_pcm_hw_rule_add+0x414/0x5a0 [ 103.246038][ T6148] ? __pfx_snd_pcm_hw_rule_format+0x10/0x10 [ 103.246071][ T6148] ? __pfx_snd_pcm_hw_rule_add+0x10/0x10 [ 103.246118][ T6148] ? lockdep_init_map_type+0x5c/0x280 [ 103.246163][ T6148] ? debug_mutex_init+0x37/0x70 [ 103.246193][ T6148] ? snd_pcm_attach_substream+0x89d/0xd60 [ 103.246236][ T6148] snd_pcm_open_substream+0x534/0x17f0 [ 103.246274][ T6148] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 103.246311][ T6148] ? rcu_is_watching+0x12/0xc0 [ 103.246343][ T6148] ? rcu_is_watching+0x12/0xc0 [ 103.246377][ T6148] snd_pcm_open+0x29e/0x730 [ 103.246414][ T6148] ? __pfx_snd_pcm_open+0x10/0x10 [ 103.246451][ T6148] ? __pfx_default_wake_function+0x10/0x10 [ 103.246488][ T6148] ? __pfx_snd_pcm_capture_open+0x10/0x10 [ 103.246534][ T6148] snd_pcm_capture_open+0x89/0xe0 [ 103.246574][ T6148] snd_open+0x22a/0x4c0 [ 103.246617][ T6148] ? __pfx_snd_open+0x10/0x10 [ 103.246661][ T6148] chrdev_open+0x231/0x6a0 [ 103.246702][ T6148] ? __pfx_chrdev_open+0x10/0x10 [ 103.246745][ T6148] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 103.246784][ T6148] do_dentry_open+0x97f/0x1530 [ 103.246827][ T6148] ? __pfx_chrdev_open+0x10/0x10 [ 103.246867][ T6148] vfs_open+0x82/0x3f0 [ 103.246910][ T6148] path_openat+0x1de4/0x2cb0 [ 103.246948][ T6148] ? __pfx_path_openat+0x10/0x10 [ 103.246985][ T6148] do_filp_open+0x20b/0x470 [ 103.247016][ T6148] ? __pfx_do_filp_open+0x10/0x10 [ 103.247060][ T6148] ? alloc_fd+0x471/0x7d0 [ 103.247093][ T6148] do_sys_openat2+0x11b/0x1d0 [ 103.247134][ T6148] ? __pfx_do_sys_openat2+0x10/0x10 [ 103.247183][ T6148] __x64_sys_openat+0x174/0x210 [ 103.247225][ T6148] ? __pfx___x64_sys_openat+0x10/0x10 [ 103.247275][ T6148] do_syscall_64+0xcd/0x490 [ 103.247312][ T6148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.247339][ T6148] RIP: 0033:0x7f552eb8ebe9 [ 103.247369][ T6148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 103.247396][ T6148] RSP: 002b:00007f552f944038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 103.247423][ T6148] RAX: ffffffffffffffda RBX: 00007f552edb5fa0 RCX: 00007f552eb8ebe9 [ 103.247441][ T6148] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 103.247458][ T6148] RBP: 00007f552ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 103.247474][ T6148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.247492][ T6148] R13: 00007f552edb6038 R14: 00007f552edb5fa0 R15: 00007fffae78d288 [ 103.247517][ T6148] [ 104.499600][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.3.45'. [ 108.439904][ T6239] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 111.704873][ T6299] mmap: syz.1.74 (6299): VmData 37523456 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data. [ 112.293168][ T6301] FAULT_INJECTION: forcing a failure. [ 112.293168][ T6301] name failslab, interval 1, probability 0, space 0, times 0 [ 112.316700][ T6301] CPU: 0 UID: 0 PID: 6301 Comm: syz.3.75 Not tainted syzkaller #0 PREEMPT(full) [ 112.316744][ T6301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 112.316764][ T6301] Call Trace: [ 112.316774][ T6301] [ 112.316786][ T6301] dump_stack_lvl+0x16c/0x1f0 [ 112.316833][ T6301] should_fail_ex+0x512/0x640 [ 112.316881][ T6301] should_failslab+0xc2/0x120 [ 112.316923][ T6301] __kmalloc_cache_noprof+0x6a/0x3e0 [ 112.316955][ T6301] ? lockdep_init_map_type+0x5c/0x280 [ 112.316999][ T6301] ? dummy_hrtimer_create+0x45/0x170 [ 112.317035][ T6301] dummy_hrtimer_create+0x45/0x170 [ 112.317067][ T6301] ? __pfx_dummy_hrtimer_create+0x10/0x10 [ 112.317100][ T6301] dummy_pcm_open+0xd4/0x5b0 [ 112.317185][ T6301] snd_pcm_open_substream+0xa5d/0x17f0 [ 112.317225][ T6301] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 112.317260][ T6301] ? rcu_is_watching+0x12/0xc0 [ 112.317293][ T6301] ? rcu_is_watching+0x12/0xc0 [ 112.317327][ T6301] snd_pcm_open+0x29e/0x730 [ 112.317364][ T6301] ? __pfx_snd_pcm_open+0x10/0x10 [ 112.317400][ T6301] ? __pfx_default_wake_function+0x10/0x10 [ 112.317436][ T6301] ? __pfx_snd_pcm_capture_open+0x10/0x10 [ 112.317479][ T6301] snd_pcm_capture_open+0x89/0xe0 [ 112.317516][ T6301] snd_open+0x22a/0x4c0 [ 112.317561][ T6301] ? __pfx_snd_open+0x10/0x10 [ 112.317604][ T6301] chrdev_open+0x231/0x6a0 [ 112.317643][ T6301] ? __pfx_apparmor_file_open+0x10/0x10 [ 112.317677][ T6301] ? __pfx_chrdev_open+0x10/0x10 [ 112.317720][ T6301] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 112.317760][ T6301] do_dentry_open+0x97f/0x1530 [ 112.317799][ T6301] ? __pfx_chrdev_open+0x10/0x10 [ 112.317844][ T6301] vfs_open+0x82/0x3f0 [ 112.317891][ T6301] path_openat+0x1de4/0x2cb0 [ 112.317933][ T6301] ? __pfx_path_openat+0x10/0x10 [ 112.317974][ T6301] do_filp_open+0x20b/0x470 [ 112.318010][ T6301] ? __pfx_do_filp_open+0x10/0x10 [ 112.318059][ T6301] ? alloc_fd+0x471/0x7d0 [ 112.318095][ T6301] do_sys_openat2+0x11b/0x1d0 [ 112.318142][ T6301] ? __pfx_do_sys_openat2+0x10/0x10 [ 112.318209][ T6301] __x64_sys_openat+0x174/0x210 [ 112.318258][ T6301] ? __pfx___x64_sys_openat+0x10/0x10 [ 112.318318][ T6301] do_syscall_64+0xcd/0x490 [ 112.318360][ T6301] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.318393][ T6301] RIP: 0033:0x7f7b6818ebe9 [ 112.318416][ T6301] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.318448][ T6301] RSP: 002b:00007f7b69002038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 112.318478][ T6301] RAX: ffffffffffffffda RBX: 00007f7b683b5fa0 RCX: 00007f7b6818ebe9 [ 112.318499][ T6301] RDX: 0000000000000000 RSI: 0000200000000280 RDI: ffffffffffffff9c [ 112.318520][ T6301] RBP: 00007f7b68211e19 R08: 0000000000000000 R09: 0000000000000000 [ 112.318539][ T6301] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.318558][ T6301] R13: 00007f7b683b6038 R14: 00007f7b683b5fa0 R15: 00007ffe055c0238 [ 112.318589][ T6301] [ 112.727523][ T6314] FAULT_INJECTION: forcing a failure. [ 112.727523][ T6314] name failslab, interval 1, probability 0, space 0, times 0 [ 112.804552][ T6314] CPU: 1 UID: 0 PID: 6314 Comm: syz.3.80 Not tainted syzkaller #0 PREEMPT(full) [ 112.804592][ T6314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 112.804609][ T6314] Call Trace: [ 112.804619][ T6314] [ 112.804629][ T6314] dump_stack_lvl+0x16c/0x1f0 [ 112.804673][ T6314] should_fail_ex+0x512/0x640 [ 112.804717][ T6314] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 112.804764][ T6314] should_failslab+0xc2/0x120 [ 112.804805][ T6314] __kmalloc_noprof+0xd2/0x510 [ 112.804843][ T6314] tomoyo_realpath_from_path+0xc2/0x6e0 [ 112.804889][ T6314] ? tomoyo_profile+0x47/0x60 [ 112.804917][ T6314] tomoyo_path_number_perm+0x245/0x580 [ 112.804952][ T6314] ? tomoyo_path_number_perm+0x237/0x580 [ 112.804990][ T6314] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 112.805034][ T6314] ? preempt_count_add+0x76/0x150 [ 112.805087][ T6314] ? rcu_is_watching+0x12/0xc0 [ 112.805118][ T6314] ? __fget_files+0x204/0x3c0 [ 112.805240][ T6314] ? hook_file_ioctl_common+0x145/0x410 [ 112.805282][ T6314] ? lock_release+0x201/0x2f0 [ 112.805324][ T6314] ? __fget_files+0x20e/0x3c0 [ 112.805359][ T6314] security_file_ioctl+0x9b/0x240 [ 112.805400][ T6314] __x64_sys_ioctl+0xb7/0x210 [ 112.805451][ T6314] do_syscall_64+0xcd/0x490 [ 112.805492][ T6314] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.805521][ T6314] RIP: 0033:0x7f7b6818ebe9 [ 112.805544][ T6314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.805573][ T6314] RSP: 002b:00007f7b69002038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 112.805602][ T6314] RAX: ffffffffffffffda RBX: 00007f7b683b5fa0 RCX: 00007f7b6818ebe9 [ 112.805621][ T6314] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 112.805638][ T6314] RBP: 00007f7b69002090 R08: 0000000000000000 R09: 0000000000000000 [ 112.805655][ T6314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 112.805672][ T6314] R13: 00007f7b683b6038 R14: 00007f7b683b5fa0 R15: 00007ffe055c0238 [ 112.805700][ T6314] [ 112.805711][ T6314] ERROR: Out of memory at tomoyo_realpath_from_path. [ 113.488422][ T6327] FAULT_INJECTION: forcing a failure. [ 113.488422][ T6327] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 113.501742][ T6327] CPU: 0 UID: 0 PID: 6327 Comm: syz.1.84 Not tainted syzkaller #0 PREEMPT(full) [ 113.501779][ T6327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 113.501793][ T6327] Call Trace: [ 113.501800][ T6327] [ 113.501808][ T6327] dump_stack_lvl+0x16c/0x1f0 [ 113.501842][ T6327] should_fail_ex+0x512/0x640 [ 113.501877][ T6327] _copy_from_user+0x2e/0xd0 [ 113.501915][ T6327] snd_pcm_oss_write2+0x1c2/0x410 [ 113.501939][ T6327] ? __pfx_snd_pcm_oss_write2+0x10/0x10 [ 113.501960][ T6327] ? rcu_is_watching+0x12/0xc0 [ 113.501984][ T6327] ? lock_release+0x201/0x2f0 [ 113.502017][ T6327] snd_pcm_oss_write+0x711/0xa10 [ 113.502040][ T6327] ? security_file_permission+0x71/0x210 [ 113.502076][ T6327] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 113.502098][ T6327] vfs_write+0x29d/0x11d0 [ 113.502128][ T6327] ? __pfx_vfs_write+0x10/0x10 [ 113.502163][ T6327] ? __fget_files+0x204/0x3c0 [ 113.502186][ T6327] ? rcu_is_watching+0x12/0xc0 [ 113.502209][ T6327] ? lock_release+0x201/0x2f0 [ 113.502241][ T6327] ? __fget_files+0x20e/0x3c0 [ 113.502269][ T6327] ksys_write+0x12a/0x250 [ 113.502295][ T6327] ? __pfx_ksys_write+0x10/0x10 [ 113.502328][ T6327] do_syscall_64+0xcd/0x490 [ 113.502360][ T6327] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.502383][ T6327] RIP: 0033:0x7fd4ce18ebe9 [ 113.502400][ T6327] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 113.502423][ T6327] RSP: 002b:00007fd4cef4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 113.502444][ T6327] RAX: ffffffffffffffda RBX: 00007fd4ce3b5fa0 RCX: 00007fd4ce18ebe9 [ 113.502460][ T6327] RDX: 000000000000ffd8 RSI: 0000000000000000 RDI: 0000000000000003 [ 113.502473][ T6327] RBP: 00007fd4cef4e090 R08: 0000000000000000 R09: 0000000000000000 [ 113.502487][ T6327] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 113.502501][ T6327] R13: 00007fd4ce3b6038 R14: 00007fd4ce3b5fa0 R15: 00007ffc00f3c048 [ 113.502523][ T6327] [ 114.290564][ T6337] zswap: compressor 000 not available [ 114.855810][ T6357] FAULT_INJECTION: forcing a failure. [ 114.855810][ T6357] name failslab, interval 1, probability 0, space 0, times 0 [ 114.877128][ T6357] CPU: 0 UID: 0 PID: 6357 Comm: syz.0.90 Not tainted syzkaller #0 PREEMPT(full) [ 114.877169][ T6357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 114.877186][ T6357] Call Trace: [ 114.877195][ T6357] [ 114.877206][ T6357] dump_stack_lvl+0x16c/0x1f0 [ 114.877248][ T6357] should_fail_ex+0x512/0x640 [ 114.877302][ T6357] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 114.877346][ T6357] should_failslab+0xc2/0x120 [ 114.877386][ T6357] __kmalloc_noprof+0xd2/0x510 [ 114.877426][ T6357] tomoyo_realpath_from_path+0xc2/0x6e0 [ 114.877471][ T6357] ? tomoyo_profile+0x47/0x60 [ 114.877498][ T6357] tomoyo_path_number_perm+0x245/0x580 [ 114.877533][ T6357] ? tomoyo_path_number_perm+0x237/0x580 [ 114.877571][ T6357] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 114.877615][ T6357] ? preempt_count_add+0x76/0x150 [ 114.877672][ T6357] ? hook_file_ioctl_common+0x145/0x410 [ 114.877720][ T6357] security_file_ioctl+0x9b/0x240 [ 114.877757][ T6357] __x64_sys_ioctl+0xb7/0x210 [ 114.877805][ T6357] do_syscall_64+0xcd/0x490 [ 114.877846][ T6357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.877875][ T6357] RIP: 0033:0x7f552eb8ebe9 [ 114.877898][ T6357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.877927][ T6357] RSP: 002b:00007f552f944038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 114.877957][ T6357] RAX: ffffffffffffffda RBX: 00007f552edb5fa0 RCX: 00007f552eb8ebe9 [ 114.877977][ T6357] RDX: 0000000000000008 RSI: 000000000000890b RDI: 0000000000000001 [ 114.877995][ T6357] RBP: 00007f552f944090 R08: 0000000000000000 R09: 0000000000000000 [ 114.878013][ T6357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 114.878031][ T6357] R13: 00007f552edb6038 R14: 00007f552edb5fa0 R15: 00007fffae78d288 [ 114.878062][ T6357] [ 114.878074][ T6357] ERROR: Out of memory at tomoyo_realpath_from_path. [ 116.050561][ T6387] netlink: 342 bytes leftover after parsing attributes in process `syz.0.99'. [ 116.108498][ T6389] FAULT_INJECTION: forcing a failure. [ 116.108498][ T6389] name failslab, interval 1, probability 0, space 0, times 0 [ 116.122739][ T6389] CPU: 1 UID: 0 PID: 6389 Comm: syz.1.100 Not tainted syzkaller #0 PREEMPT(full) [ 116.122778][ T6389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 116.122795][ T6389] Call Trace: [ 116.122805][ T6389] [ 116.122815][ T6389] dump_stack_lvl+0x16c/0x1f0 [ 116.122859][ T6389] should_fail_ex+0x512/0x640 [ 116.122907][ T6389] should_failslab+0xc2/0x120 [ 116.122949][ T6389] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 116.122987][ T6389] ? __alloc_skb+0x2b2/0x380 [ 116.123026][ T6389] __alloc_skb+0x2b2/0x380 [ 116.123058][ T6389] ? __pfx___alloc_skb+0x10/0x10 [ 116.123094][ T6389] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 116.123135][ T6389] netlink_alloc_large_skb+0x69/0x130 [ 116.123176][ T6389] netlink_sendmsg+0x6a1/0xdd0 [ 116.123228][ T6389] ? __pfx_netlink_sendmsg+0x10/0x10 [ 116.123265][ T6389] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 116.123296][ T6389] ____sys_sendmsg+0xa95/0xc70 [ 116.123338][ T6389] ? copy_msghdr_from_user+0x10a/0x160 [ 116.123372][ T6389] ? __pfx_____sys_sendmsg+0x10/0x10 [ 116.123416][ T6389] ? __pfx__kstrtoull+0x10/0x10 [ 116.123448][ T6389] ? rcu_is_watching+0x12/0xc0 [ 116.123476][ T6389] ___sys_sendmsg+0x134/0x1d0 [ 116.123510][ T6389] ? __pfx____sys_sendmsg+0x10/0x10 [ 116.123549][ T6389] ? rcu_is_watching+0x12/0xc0 [ 116.123587][ T6389] __sys_sendmmsg+0x200/0x420 [ 116.123622][ T6389] ? __pfx___sys_sendmmsg+0x10/0x10 [ 116.123654][ T6389] ? lock_release+0x201/0x2f0 [ 116.123693][ T6389] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 116.123734][ T6389] ? fput+0x9b/0xd0 [ 116.123778][ T6389] ? ksys_write+0x1ac/0x250 [ 116.123813][ T6389] ? __pfx_ksys_write+0x10/0x10 [ 116.123852][ T6389] __x64_sys_sendmmsg+0x9c/0x100 [ 116.123892][ T6389] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 116.123939][ T6389] do_syscall_64+0xcd/0x490 [ 116.123979][ T6389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.124005][ T6389] RIP: 0033:0x7fd4ce18ebe9 [ 116.124024][ T6389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.124053][ T6389] RSP: 002b:00007fd4cef4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 116.124082][ T6389] RAX: ffffffffffffffda RBX: 00007fd4ce3b5fa0 RCX: 00007fd4ce18ebe9 [ 116.124102][ T6389] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 116.124120][ T6389] RBP: 00007fd4cef4e090 R08: 0000000000000000 R09: 0000000000000000 [ 116.124138][ T6389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.124155][ T6389] R13: 00007fd4ce3b6038 R14: 00007fd4ce3b5fa0 R15: 00007ffc00f3c048 [ 116.124182][ T6389] [ 116.873509][ T6397] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x18000 [ 116.919692][ T6397] flags: 0xfff00000002000(reserved|node=0|zone=1|lastcpupid=0x7ff) [ 116.944587][ T6397] raw: 00fff00000002000 ffffea0000600008 ffffea0000600008 0000000000000000 [ 116.992344][ T6397] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 117.016793][ T6397] page dumped because: unmovable page [ 117.032477][ T6397] page_owner info is not present (never set?) [ 117.139451][ T6414] netlink: 28 bytes leftover after parsing attributes in process `syz.0.107'. [ 117.151288][ T6414] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.235892][ T6414] bridge_slave_1 (unregistering): left allmulticast mode [ 117.245482][ T6414] bridge_slave_1 (unregistering): left promiscuous mode [ 117.264215][ T6414] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.335512][ T6420] FAULT_INJECTION: forcing a failure. [ 117.335512][ T6420] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 117.356721][ T6420] CPU: 0 UID: 0 PID: 6420 Comm: syz.2.110 Not tainted syzkaller #0 PREEMPT(full) [ 117.356762][ T6420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 117.356780][ T6420] Call Trace: [ 117.356817][ T6420] [ 117.356827][ T6420] dump_stack_lvl+0x16c/0x1f0 [ 117.356870][ T6420] should_fail_ex+0x512/0x640 [ 117.356918][ T6420] _copy_from_user+0x2e/0xd0 [ 117.356968][ T6420] core_sys_select+0x35b/0xc10 [ 117.357002][ T6420] ? __pfx_core_sys_select+0x10/0x10 [ 117.357033][ T6420] ? proc_fail_nth_write+0x9f/0x220 [ 117.357073][ T6420] ? __fget_files+0x204/0x3c0 [ 117.357100][ T6420] ? rcu_is_watching+0x12/0xc0 [ 117.357127][ T6420] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 117.357174][ T6420] kern_select+0x15d/0x1e0 [ 117.357200][ T6420] ? __pfx_kern_select+0x10/0x10 [ 117.357229][ T6420] ? __pfx_ksys_write+0x10/0x10 [ 117.357266][ T6420] __x64_sys_select+0xbd/0x160 [ 117.357292][ T6420] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 117.357335][ T6420] do_syscall_64+0xcd/0x490 [ 117.357371][ T6420] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.357397][ T6420] RIP: 0033:0x7f911c38ebe9 [ 117.357417][ T6420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 117.357441][ T6420] RSP: 002b:00007f911d224038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 117.357466][ T6420] RAX: ffffffffffffffda RBX: 00007f911c5b5fa0 RCX: 00007f911c38ebe9 [ 117.357483][ T6420] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007 [ 117.357498][ T6420] RBP: 00007f911d224090 R08: 0000000000000000 R09: 0000000000000000 [ 117.357514][ T6420] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 117.357530][ T6420] R13: 00007f911c5b6038 R14: 00007f911c5b5fa0 R15: 00007ffd470f46e8 [ 117.357555][ T6420] [ 118.909255][ T6453] CIFS: VFS: Invalid SecurityFlags: [ 119.501820][ T6472] ima: policy update failed [ 119.560209][ T31] audit: type=1802 audit(1755568282.399:2): pid=6472 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.121" res=0 errno=0 [ 120.180855][ T6490] FAULT_INJECTION: forcing a failure. [ 120.180855][ T6490] name failslab, interval 1, probability 0, space 0, times 0 [ 120.310197][ T6490] CPU: 0 UID: 0 PID: 6490 Comm: syz.0.124 Not tainted syzkaller #0 PREEMPT(full) [ 120.310241][ T6490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 120.310260][ T6490] Call Trace: [ 120.310271][ T6490] [ 120.310283][ T6490] dump_stack_lvl+0x16c/0x1f0 [ 120.310331][ T6490] should_fail_ex+0x512/0x640 [ 120.310381][ T6490] should_failslab+0xc2/0x120 [ 120.310425][ T6490] __kmalloc_cache_noprof+0x6a/0x3e0 [ 120.310458][ T6490] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 120.310511][ T6490] ? hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 120.310549][ T6490] hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 120.310584][ T6490] hugetlb_reserve_pages+0x151/0xf40 [ 120.310636][ T6490] ? __vma_enter_locked+0x163/0x3f0 [ 120.310668][ T6490] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 120.310732][ T6490] ? atime_needs_update+0x8b/0x710 [ 120.310788][ T6490] hugetlbfs_file_mmap+0x4a1/0x730 [ 120.310847][ T6490] __mmap_region+0x1314/0x27b0 [ 120.310894][ T6490] ? rcu_is_watching+0x12/0xc0 [ 120.310927][ T6490] ? __pfx___mmap_region+0x10/0x10 [ 120.310964][ T6490] ? is_bpf_text_address+0x8a/0x1a0 [ 120.311004][ T6490] ? rcu_is_watching+0x12/0xc0 [ 120.311041][ T6490] ? is_bpf_text_address+0x94/0x1a0 [ 120.311081][ T6490] ? kernel_text_address+0x8d/0x100 [ 120.311110][ T6490] ? __kernel_text_address+0xd/0x40 [ 120.311138][ T6490] ? unwind_get_return_address+0x59/0xa0 [ 120.311172][ T6490] ? arch_stack_walk+0xa6/0x100 [ 120.311216][ T6490] ? __pfx_stack_trace_save+0x10/0x10 [ 120.311277][ T6490] ? trace_cap_capable+0x18d/0x200 [ 120.311314][ T6490] ? cap_capable+0xb3/0x250 [ 120.311348][ T6490] mmap_region+0x32b/0x3f0 [ 120.311391][ T6490] do_mmap+0xa3e/0x1210 [ 120.311443][ T6490] ? __pfx_do_mmap+0x10/0x10 [ 120.311489][ T6490] ? __pfx_down_write_killable+0x10/0x10 [ 120.311541][ T6490] vm_mmap_pgoff+0x29e/0x470 [ 120.311592][ T6490] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 120.311635][ T6490] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 120.311685][ T6490] ? hugetlbfs_get_inode+0x31f/0x730 [ 120.311725][ T6490] ksys_mmap_pgoff+0x1c8/0x5c0 [ 120.311773][ T6490] __x64_sys_mmap+0x125/0x190 [ 120.311826][ T6490] do_syscall_64+0xcd/0x490 [ 120.311869][ T6490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.311909][ T6490] RIP: 0033:0x7f552eb8ebe9 [ 120.311935][ T6490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.311967][ T6490] RSP: 002b:00007f552f923038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 120.311998][ T6490] RAX: ffffffffffffffda RBX: 00007f552edb6090 RCX: 00007f552eb8ebe9 [ 120.312020][ T6490] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 120.312040][ T6490] RBP: 00007f552ec11e19 R08: 0000000000000602 R09: 0000300000000000 [ 120.312061][ T6490] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 120.312081][ T6490] R13: 00007f552edb6128 R14: 00007f552edb6090 R15: 00007fffae78d288 [ 120.312121][ T6490] [ 120.607381][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.664141][ T6490] HugeTLB: unable to allocate vma specific lock [ 120.932516][ T6501] FAULT_INJECTION: forcing a failure. [ 120.932516][ T6501] name failslab, interval 1, probability 0, space 0, times 0 [ 120.996364][ T6501] CPU: 1 UID: 0 PID: 6501 Comm: syz.1.125 Not tainted syzkaller #0 PREEMPT(full) [ 120.996404][ T6501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 120.996421][ T6501] Call Trace: [ 120.996430][ T6501] [ 120.996441][ T6501] dump_stack_lvl+0x16c/0x1f0 [ 120.996484][ T6501] should_fail_ex+0x512/0x640 [ 120.996534][ T6501] ? tomoyo_encode2+0x100/0x3e0 [ 120.996604][ T6501] should_failslab+0xc2/0x120 [ 120.996652][ T6501] __kmalloc_noprof+0xd2/0x510 [ 120.996692][ T6501] tomoyo_encode2+0x100/0x3e0 [ 120.996737][ T6501] tomoyo_encode+0x29/0x50 [ 120.996778][ T6501] tomoyo_realpath_from_path+0x18f/0x6e0 [ 120.996825][ T6501] ? tomoyo_profile+0x47/0x60 [ 120.996854][ T6501] tomoyo_path_number_perm+0x245/0x580 [ 120.996890][ T6501] ? tomoyo_path_number_perm+0x237/0x580 [ 120.996930][ T6501] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 120.996976][ T6501] ? preempt_count_add+0x76/0x150 [ 120.997035][ T6501] ? hook_file_ioctl_common+0x145/0x410 [ 120.997087][ T6501] security_file_ioctl+0x9b/0x240 [ 120.997127][ T6501] __x64_sys_ioctl+0xb7/0x210 [ 120.997178][ T6501] do_syscall_64+0xcd/0x490 [ 120.997220][ T6501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.997251][ T6501] RIP: 0033:0x7fd4ce18ebe9 [ 120.997275][ T6501] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.997304][ T6501] RSP: 002b:00007fd4cef2d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 120.997333][ T6501] RAX: ffffffffffffffda RBX: 00007fd4ce3b6090 RCX: 00007fd4ce18ebe9 [ 120.997353][ T6501] RDX: 0000000000000008 RSI: 000000000000890b RDI: 0000000000000001 [ 120.997372][ T6501] RBP: 00007fd4cef2d090 R08: 0000000000000000 R09: 0000000000000000 [ 120.997391][ T6501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 120.997409][ T6501] R13: 00007fd4ce3b6128 R14: 00007fd4ce3b6090 R15: 00007ffc00f3c048 [ 120.997439][ T6501] [ 121.252972][ T6501] ERROR: Out of memory at tomoyo_realpath_from_path. [ 121.743834][ T6518] FAULT_INJECTION: forcing a failure. [ 121.743834][ T6518] name failslab, interval 1, probability 0, space 0, times 0 [ 121.767865][ T6518] CPU: 0 UID: 0 PID: 6518 Comm: syz.1.130 Not tainted syzkaller #0 PREEMPT(full) [ 121.767907][ T6518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 121.767924][ T6518] Call Trace: [ 121.767934][ T6518] [ 121.767945][ T6518] dump_stack_lvl+0x16c/0x1f0 [ 121.767987][ T6518] should_fail_ex+0x512/0x640 [ 121.768033][ T6518] ? tomoyo_encode2+0x100/0x3e0 [ 121.768076][ T6518] should_failslab+0xc2/0x120 [ 121.768116][ T6518] __kmalloc_noprof+0xd2/0x510 [ 121.768151][ T6518] ? d_absolute_path+0x136/0x1a0 [ 121.768201][ T6518] tomoyo_encode2+0x100/0x3e0 [ 121.768248][ T6518] tomoyo_encode+0x29/0x50 [ 121.768289][ T6518] tomoyo_realpath_from_path+0x18f/0x6e0 [ 121.768341][ T6518] tomoyo_path_number_perm+0x245/0x580 [ 121.768379][ T6518] ? tomoyo_path_number_perm+0x237/0x580 [ 121.768417][ T6518] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 121.768461][ T6518] ? preempt_count_add+0x76/0x150 [ 121.768518][ T6518] ? rcu_is_watching+0x12/0xc0 [ 121.768550][ T6518] ? __fget_files+0x204/0x3c0 [ 121.768581][ T6518] ? hook_file_ioctl_common+0x145/0x410 [ 121.768621][ T6518] ? lock_release+0x201/0x2f0 [ 121.768663][ T6518] ? __fget_files+0x20e/0x3c0 [ 121.768698][ T6518] security_file_ioctl+0x9b/0x240 [ 121.768737][ T6518] __x64_sys_ioctl+0xb7/0x210 [ 121.768788][ T6518] do_syscall_64+0xcd/0x490 [ 121.768836][ T6518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.768869][ T6518] RIP: 0033:0x7fd4ce18ebe9 [ 121.768892][ T6518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.768951][ T6518] RSP: 002b:00007fd4cef4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 121.768981][ T6518] RAX: ffffffffffffffda RBX: 00007fd4ce3b5fa0 RCX: 00007fd4ce18ebe9 [ 121.769000][ T6518] RDX: 0000000000000000 RSI: 000000000000125f RDI: 0000000000000003 [ 121.769019][ T6518] RBP: 00007fd4cef4e090 R08: 0000000000000000 R09: 0000000000000000 [ 121.769037][ T6518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 121.769064][ T6518] R13: 00007fd4ce3b6038 R14: 00007fd4ce3b5fa0 R15: 00007ffc00f3c048 [ 121.769102][ T6518] [ 121.769180][ T6518] ERROR: Out of memory at tomoyo_realpath_from_path. [ 122.634917][ T5183] Bluetooth: hci3: unexpected event 0x3e length: 726 > 260 [ 122.634954][ T5183] Bluetooth: hci3: unexpected subevent 0x0d length: 725 > 260 [ 122.651034][ T5183] Bluetooth: hci3: Unknown advertising packet type: 0x7f [ 122.651065][ T5183] Bluetooth: hci3: Unknown advertising packet type: 0x76 [ 122.658433][ T5183] Bluetooth: hci3: adv larger than maximum supported [ 122.665577][ T5183] Bluetooth: hci3: Malformed LE Event: 0x0d [ 122.853308][ T6521] bond0: option all_slaves_active: invalid value () [ 122.988841][ T6539] bond0: option all_slaves_active: invalid value () [ 124.288597][ T6568] capability: warning: `syz.0.143' uses 32-bit capabilities (legacy support in use) [ 124.888747][ T6577] netlink: 342 bytes leftover after parsing attributes in process `syz.3.145'. [ 125.125193][ T6582] netlink: 330 bytes leftover after parsing attributes in process `syz.3.147'. [ 125.198424][ T6584] FAULT_INJECTION: forcing a failure. [ 125.198424][ T6584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 125.272506][ T6584] CPU: 0 UID: 0 PID: 6584 Comm: syz.1.148 Not tainted syzkaller #0 PREEMPT(full) [ 125.272545][ T6584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 125.272563][ T6584] Call Trace: [ 125.272573][ T6584] [ 125.272584][ T6584] dump_stack_lvl+0x16c/0x1f0 [ 125.272626][ T6584] should_fail_ex+0x512/0x640 [ 125.272673][ T6584] _copy_to_iter+0x29f/0x16f0 [ 125.272702][ T6584] ? SEQ_printf+0xd2/0x130 [ 125.272749][ T6584] ? __pfx_SEQ_printf+0x10/0x10 [ 125.272797][ T6584] ? __pfx__copy_to_iter+0x10/0x10 [ 125.272825][ T6584] ? rcu_is_watching+0x12/0xc0 [ 125.272857][ T6584] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 125.272906][ T6584] ? read_tsc+0x9/0x20 [ 125.272943][ T6584] ? seq_vprintf+0x10b/0x170 [ 125.272988][ T6584] ? move_iter+0x1ea/0x260 [ 125.273035][ T6584] seq_read_iter+0xcf8/0x12c0 [ 125.273071][ T6584] proc_reg_read_iter+0x220/0x310 [ 125.273115][ T6584] vfs_read+0x8bf/0xcf0 [ 125.273153][ T6584] ? __pfx___mutex_lock+0x10/0x10 [ 125.273193][ T6584] ? __pfx_vfs_read+0x10/0x10 [ 125.273239][ T6584] ksys_read+0x12a/0x250 [ 125.273274][ T6584] ? __pfx_ksys_read+0x10/0x10 [ 125.273321][ T6584] do_syscall_64+0xcd/0x490 [ 125.273363][ T6584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.273394][ T6584] RIP: 0033:0x7fd4ce18ebe9 [ 125.273417][ T6584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.273446][ T6584] RSP: 002b:00007fd4cef4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 125.273475][ T6584] RAX: ffffffffffffffda RBX: 00007fd4ce3b5fa0 RCX: 00007fd4ce18ebe9 [ 125.273496][ T6584] RDX: 000000000000004d RSI: 0000000000000000 RDI: 0000000000000003 [ 125.273515][ T6584] RBP: 00007fd4cef4e090 R08: 0000000000000000 R09: 0000000000000000 [ 125.273539][ T6584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 125.273557][ T6584] R13: 00007fd4ce3b6038 R14: 00007fd4ce3b5fa0 R15: 00007ffc00f3c048 [ 125.273588][ T6584] [ 125.618006][ T6590] FAULT_INJECTION: forcing a failure. [ 125.618006][ T6590] name failslab, interval 1, probability 0, space 0, times 0 [ 125.630747][ T6590] CPU: 0 UID: 0 PID: 6590 Comm: syz.2.149 Not tainted syzkaller #0 PREEMPT(full) [ 125.630779][ T6590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 125.630794][ T6590] Call Trace: [ 125.630803][ T6590] [ 125.630812][ T6590] dump_stack_lvl+0x16c/0x1f0 [ 125.630845][ T6590] should_fail_ex+0x512/0x640 [ 125.630883][ T6590] should_failslab+0xc2/0x120 [ 125.630915][ T6590] __kmalloc_cache_noprof+0x6a/0x3e0 [ 125.630940][ T6590] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 125.630974][ T6590] ? hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 125.631003][ T6590] hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 125.631034][ T6590] hugetlb_reserve_pages+0x151/0xf40 [ 125.631083][ T6590] ? __vma_enter_locked+0x163/0x3f0 [ 125.631113][ T6590] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 125.631163][ T6590] ? atime_needs_update+0x8b/0x710 [ 125.631204][ T6590] hugetlbfs_file_mmap+0x4a1/0x730 [ 125.631246][ T6590] __mmap_region+0x1314/0x27b0 [ 125.631275][ T6590] ? rcu_is_watching+0x12/0xc0 [ 125.631309][ T6590] ? __pfx___mmap_region+0x10/0x10 [ 125.631337][ T6590] ? is_bpf_text_address+0x8a/0x1a0 [ 125.631367][ T6590] ? rcu_is_watching+0x12/0xc0 [ 125.631393][ T6590] ? is_bpf_text_address+0x94/0x1a0 [ 125.631423][ T6590] ? kernel_text_address+0x8d/0x100 [ 125.631446][ T6590] ? __kernel_text_address+0xd/0x40 [ 125.631467][ T6590] ? unwind_get_return_address+0x59/0xa0 [ 125.631493][ T6590] ? arch_stack_walk+0xa6/0x100 [ 125.631524][ T6590] ? __pfx_stack_trace_save+0x10/0x10 [ 125.631570][ T6590] ? trace_cap_capable+0x18d/0x200 [ 125.631595][ T6590] ? cap_capable+0xb3/0x250 [ 125.631621][ T6590] mmap_region+0x32b/0x3f0 [ 125.631654][ T6590] do_mmap+0xa3e/0x1210 [ 125.631691][ T6590] ? __pfx_do_mmap+0x10/0x10 [ 125.631725][ T6590] ? __pfx_down_write_killable+0x10/0x10 [ 125.631765][ T6590] vm_mmap_pgoff+0x29e/0x470 [ 125.631802][ T6590] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 125.631835][ T6590] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 125.631878][ T6590] ? hugetlbfs_get_inode+0x31f/0x730 [ 125.631908][ T6590] ksys_mmap_pgoff+0x1c8/0x5c0 [ 125.631944][ T6590] __x64_sys_mmap+0x125/0x190 [ 125.631984][ T6590] do_syscall_64+0xcd/0x490 [ 125.632016][ T6590] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 125.632041][ T6590] RIP: 0033:0x7f911c38ebe9 [ 125.632060][ T6590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 125.632083][ T6590] RSP: 002b:00007f911d203038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 125.632105][ T6590] RAX: ffffffffffffffda RBX: 00007f911c5b6090 RCX: 00007f911c38ebe9 [ 125.632121][ T6590] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 125.632135][ T6590] RBP: 00007f911c411e19 R08: 0000000000000602 R09: 0000300000000000 [ 125.632150][ T6590] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 125.632165][ T6590] R13: 00007f911c5b6128 R14: 00007f911c5b6090 R15: 00007ffd470f46e8 [ 125.632187][ T6590] [ 126.257465][ T6598] netlink: 28 bytes leftover after parsing attributes in process `syz.3.151'. [ 126.297377][ T6598] bridge0: port 2(bridge_slave_1) entered disabled state [ 126.499256][ T6598] bridge_slave_1 (unregistering): left allmulticast mode [ 126.506554][ T6598] bridge_slave_1 (unregistering): left promiscuous mode [ 126.514203][ T6598] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.366833][ T6621] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.726368][ T6631] netlink: 330 bytes leftover after parsing attributes in process `syz.1.158'. [ 127.735603][ T6631] mac80211_hwsim hwsim7 ›: renamed from wlan0 (while UP) [ 128.231331][ T6618] FAULT_INJECTION: forcing a failure. [ 128.231331][ T6618] name failslab, interval 1, probability 0, space 0, times 0 [ 128.296155][ T6618] CPU: 0 UID: 0 PID: 6618 Comm: syz.0.155 Not tainted syzkaller #0 PREEMPT(full) [ 128.296199][ T6618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 128.296216][ T6618] Call Trace: [ 128.296227][ T6618] [ 128.296237][ T6618] dump_stack_lvl+0x16c/0x1f0 [ 128.296282][ T6618] should_fail_ex+0x512/0x640 [ 128.296331][ T6618] ? __register_sysctl_table+0xb3/0x1900 [ 128.296380][ T6618] should_failslab+0xc2/0x120 [ 128.296424][ T6618] __kmalloc_noprof+0xd2/0x510 [ 128.296467][ T6618] __register_sysctl_table+0xb3/0x1900 [ 128.296514][ T6618] ? rcu_is_watching+0x12/0xc0 [ 128.296547][ T6618] ? lock_release+0x201/0x2f0 [ 128.296594][ T6618] ? __pfx___register_sysctl_table+0x10/0x10 [ 128.296641][ T6618] ? is_module_address+0x69/0xf0 [ 128.296687][ T6618] ? register_net_sysctl_sz+0x228/0x3e0 [ 128.296732][ T6618] ? __asan_memcpy+0x3c/0x60 [ 128.296764][ T6618] ipv6_frags_init_net+0x217/0x350 [ 128.296817][ T6618] ? __pfx_ipv6_frags_init_net+0x10/0x10 [ 128.296867][ T6618] ops_init+0x1df/0x5f0 [ 128.296911][ T6618] setup_net+0x10f/0x380 [ 128.296952][ T6618] ? lockdep_init_map_type+0x5c/0x280 [ 128.296996][ T6618] ? __pfx_setup_net+0x10/0x10 [ 128.297043][ T6618] ? debug_mutex_init+0x37/0x70 [ 128.297085][ T6618] copy_net_ns+0x2a6/0x5f0 [ 128.297136][ T6618] create_new_namespaces+0x3ea/0xa90 [ 128.297177][ T6618] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 128.297217][ T6618] ksys_unshare+0x45b/0xa40 [ 128.297262][ T6618] ? __pfx_ksys_unshare+0x10/0x10 [ 128.297307][ T6618] ? xfd_validate_state+0x61/0x180 [ 128.297360][ T6618] __x64_sys_unshare+0x31/0x40 [ 128.297405][ T6618] do_syscall_64+0xcd/0x490 [ 128.297449][ T6618] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 128.297482][ T6618] RIP: 0033:0x7f552eb8ebe9 [ 128.297508][ T6618] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 128.297538][ T6618] RSP: 002b:00007f552f944038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 128.297570][ T6618] RAX: ffffffffffffffda RBX: 00007f552edb5fa0 RCX: 00007f552eb8ebe9 [ 128.297591][ T6618] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 128.297610][ T6618] RBP: 00007f552ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 128.297630][ T6618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 128.297648][ T6618] R13: 00007f552edb6038 R14: 00007f552edb5fa0 R15: 00007fffae78d288 [ 128.297677][ T6618] [ 130.270759][ T6672] random: crng reseeded on system resumption [ 135.048312][ T6732] FAULT_INJECTION: forcing a failure. [ 135.048312][ T6732] name failslab, interval 1, probability 0, space 0, times 0 [ 135.122443][ T6732] CPU: 1 UID: 0 PID: 6732 Comm: syz.3.178 Not tainted syzkaller #0 PREEMPT(full) [ 135.122483][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 135.122500][ T6732] Call Trace: [ 135.122509][ T6732] [ 135.122520][ T6732] dump_stack_lvl+0x16c/0x1f0 [ 135.122563][ T6732] should_fail_ex+0x512/0x640 [ 135.122623][ T6732] should_failslab+0xc2/0x120 [ 135.122666][ T6732] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 135.122705][ T6732] ? alloc_empty_file+0x55/0x1e0 [ 135.122754][ T6732] alloc_empty_file+0x55/0x1e0 [ 135.122801][ T6732] path_openat+0xda/0x2cb0 [ 135.122835][ T6732] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.122874][ T6732] ? __pfx_path_openat+0x10/0x10 [ 135.122917][ T6732] do_filp_open+0x20b/0x470 [ 135.122955][ T6732] ? __pfx_do_filp_open+0x10/0x10 [ 135.123007][ T6732] ? alloc_fd+0x471/0x7d0 [ 135.123044][ T6732] do_sys_openat2+0x11b/0x1d0 [ 135.123093][ T6732] ? __pfx_do_sys_openat2+0x10/0x10 [ 135.123145][ T6732] ? __fget_files+0x20e/0x3c0 [ 135.123181][ T6732] __x64_sys_openat+0x174/0x210 [ 135.123231][ T6732] ? __pfx___x64_sys_openat+0x10/0x10 [ 135.123280][ T6732] ? ksys_write+0x1ac/0x250 [ 135.123322][ T6732] do_syscall_64+0xcd/0x490 [ 135.123365][ T6732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.123397][ T6732] RIP: 0033:0x7f7b6818ebe9 [ 135.123421][ T6732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.123462][ T6732] RSP: 002b:00007f7b69002038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 135.123492][ T6732] RAX: ffffffffffffffda RBX: 00007f7b683b5fa0 RCX: 00007f7b6818ebe9 [ 135.123512][ T6732] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 135.123532][ T6732] RBP: 00007f7b69002090 R08: 0000000000000000 R09: 0000000000000000 [ 135.123551][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.123569][ T6732] R13: 00007f7b683b6038 R14: 00007f7b683b5fa0 R15: 00007ffe055c0238 [ 135.123611][ T6732] [ 138.724943][ T6795] FAULT_INJECTION: forcing a failure. [ 138.724943][ T6795] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 138.760059][ T6795] CPU: 0 UID: 0 PID: 6795 Comm: syz.0.184 Not tainted syzkaller #0 PREEMPT(full) [ 138.760110][ T6795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 138.760128][ T6795] Call Trace: [ 138.760138][ T6795] [ 138.760149][ T6795] dump_stack_lvl+0x16c/0x1f0 [ 138.760192][ T6795] should_fail_ex+0x512/0x640 [ 138.760250][ T6795] _copy_from_iter+0x463/0x16f0 [ 138.760303][ T6795] ? __pfx__copy_from_iter+0x10/0x10 [ 138.760355][ T6795] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 138.760402][ T6795] netlink_sendmsg+0x829/0xdd0 [ 138.760447][ T6795] ? __pfx_netlink_sendmsg+0x10/0x10 [ 138.760491][ T6795] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 138.760527][ T6795] ____sys_sendmsg+0xa95/0xc70 [ 138.760577][ T6795] ? copy_msghdr_from_user+0x10a/0x160 [ 138.760616][ T6795] ? __pfx_____sys_sendmsg+0x10/0x10 [ 138.760669][ T6795] ? __pfx__kstrtoull+0x10/0x10 [ 138.760714][ T6795] ? rcu_is_watching+0x12/0xc0 [ 138.760748][ T6795] ___sys_sendmsg+0x134/0x1d0 [ 138.760788][ T6795] ? __pfx____sys_sendmsg+0x10/0x10 [ 138.760836][ T6795] ? rcu_is_watching+0x12/0xc0 [ 138.760880][ T6795] __sys_sendmmsg+0x200/0x420 [ 138.760923][ T6795] ? __pfx___sys_sendmmsg+0x10/0x10 [ 138.760962][ T6795] ? lock_release+0x201/0x2f0 [ 138.761008][ T6795] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 138.761057][ T6795] ? fput+0x9b/0xd0 [ 138.761101][ T6795] ? ksys_write+0x1ac/0x250 [ 138.761136][ T6795] ? __pfx_ksys_write+0x10/0x10 [ 138.761175][ T6795] __x64_sys_sendmmsg+0x9c/0x100 [ 138.761214][ T6795] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 138.761263][ T6795] do_syscall_64+0xcd/0x490 [ 138.761305][ T6795] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.761336][ T6795] RIP: 0033:0x7f552eb8ebe9 [ 138.761360][ T6795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.761390][ T6795] RSP: 002b:00007f552f944038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 138.761420][ T6795] RAX: ffffffffffffffda RBX: 00007f552edb5fa0 RCX: 00007f552eb8ebe9 [ 138.761440][ T6795] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 138.761458][ T6795] RBP: 00007f552f944090 R08: 0000000000000000 R09: 0000000000000000 [ 138.761477][ T6795] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.761495][ T6795] R13: 00007f552edb6038 R14: 00007f552edb5fa0 R15: 00007fffae78d288 [ 138.761524][ T6795] [ 140.116790][ T6815] netlink: 28 bytes leftover after parsing attributes in process `syz.0.187'. [ 140.341218][ T6819] FAULT_INJECTION: forcing a failure. [ 140.341218][ T6819] name failslab, interval 1, probability 0, space 0, times 0 [ 140.409018][ T6819] CPU: 1 UID: 0 PID: 6819 Comm: syz.0.190 Not tainted syzkaller #0 PREEMPT(full) [ 140.409057][ T6819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 140.409074][ T6819] Call Trace: [ 140.409084][ T6819] [ 140.409094][ T6819] dump_stack_lvl+0x16c/0x1f0 [ 140.409135][ T6819] should_fail_ex+0x512/0x640 [ 140.409181][ T6819] ? tomoyo_encode2+0x100/0x3e0 [ 140.409225][ T6819] should_failslab+0xc2/0x120 [ 140.409268][ T6819] __kmalloc_noprof+0xd2/0x510 [ 140.409308][ T6819] tomoyo_encode2+0x100/0x3e0 [ 140.409353][ T6819] tomoyo_encode+0x29/0x50 [ 140.409395][ T6819] tomoyo_realpath_from_path+0x18f/0x6e0 [ 140.409443][ T6819] ? tomoyo_profile+0x47/0x60 [ 140.409473][ T6819] tomoyo_path_number_perm+0x245/0x580 [ 140.409522][ T6819] ? tomoyo_path_number_perm+0x237/0x580 [ 140.409561][ T6819] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 140.409604][ T6819] ? preempt_count_add+0x76/0x150 [ 140.409661][ T6819] ? hook_file_ioctl_common+0x145/0x410 [ 140.409712][ T6819] security_file_ioctl+0x9b/0x240 [ 140.409751][ T6819] __x64_sys_ioctl+0xb7/0x210 [ 140.409801][ T6819] do_syscall_64+0xcd/0x490 [ 140.409841][ T6819] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.409873][ T6819] RIP: 0033:0x7f552eb8ebe9 [ 140.409895][ T6819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.409926][ T6819] RSP: 002b:00007f552f944038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 140.409956][ T6819] RAX: ffffffffffffffda RBX: 00007f552edb5fa0 RCX: 00007f552eb8ebe9 [ 140.409976][ T6819] RDX: 0000000000000008 RSI: 000000000000890b RDI: 0000000000000001 [ 140.409994][ T6819] RBP: 00007f552f944090 R08: 0000000000000000 R09: 0000000000000000 [ 140.410013][ T6819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 140.410032][ T6819] R13: 00007f552edb6038 R14: 00007f552edb5fa0 R15: 00007fffae78d288 [ 140.410062][ T6819] [ 140.410082][ T6819] ERROR: Out of memory at tomoyo_realpath_from_path. [ 140.676499][ T6825] FAULT_INJECTION: forcing a failure. [ 140.676499][ T6825] name failslab, interval 1, probability 0, space 0, times 0 [ 140.752397][ T6825] CPU: 0 UID: 0 PID: 6825 Comm: syz.3.188 Not tainted syzkaller #0 PREEMPT(full) [ 140.752440][ T6825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 140.752459][ T6825] Call Trace: [ 140.752470][ T6825] [ 140.752481][ T6825] dump_stack_lvl+0x16c/0x1f0 [ 140.752697][ T6825] should_fail_ex+0x512/0x640 [ 140.752749][ T6825] should_failslab+0xc2/0x120 [ 140.752793][ T6825] __kmalloc_cache_noprof+0x6a/0x3e0 [ 140.752829][ T6825] ? ktime_get_coarse_real_ts64_mg+0x240/0x300 [ 140.752874][ T6825] ? hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 140.752913][ T6825] hugetlb_vma_lock_alloc+0xbc/0x1f0 [ 140.752950][ T6825] hugetlb_reserve_pages+0x151/0xf40 [ 140.753004][ T6825] ? __vma_enter_locked+0x163/0x3f0 [ 140.753037][ T6825] ? __pfx_hugetlb_reserve_pages+0x10/0x10 [ 140.753091][ T6825] ? atime_needs_update+0x8b/0x710 [ 140.753146][ T6825] hugetlbfs_file_mmap+0x4a1/0x730 [ 140.753204][ T6825] __mmap_region+0x1314/0x27b0 [ 140.753243][ T6825] ? rcu_is_watching+0x12/0xc0 [ 140.753277][ T6825] ? __pfx___mmap_region+0x10/0x10 [ 140.753313][ T6825] ? is_bpf_text_address+0x8a/0x1a0 [ 140.753354][ T6825] ? rcu_is_watching+0x12/0xc0 [ 140.753389][ T6825] ? is_bpf_text_address+0x94/0x1a0 [ 140.753428][ T6825] ? kernel_text_address+0x8d/0x100 [ 140.753465][ T6825] ? __kernel_text_address+0xd/0x40 [ 140.753493][ T6825] ? unwind_get_return_address+0x59/0xa0 [ 140.753525][ T6825] ? arch_stack_walk+0xa6/0x100 [ 140.753564][ T6825] ? __pfx_stack_trace_save+0x10/0x10 [ 140.753678][ T6825] ? trace_cap_capable+0x18d/0x200 [ 140.753719][ T6825] ? cap_capable+0xb3/0x250 [ 140.753756][ T6825] mmap_region+0x32b/0x3f0 [ 140.753796][ T6825] do_mmap+0xa3e/0x1210 [ 140.753845][ T6825] ? __pfx_do_mmap+0x10/0x10 [ 140.753888][ T6825] ? __pfx_down_write_killable+0x10/0x10 [ 140.753942][ T6825] vm_mmap_pgoff+0x29e/0x470 [ 140.753991][ T6825] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 140.754032][ T6825] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 140.754082][ T6825] ? hugetlbfs_get_inode+0x31f/0x730 [ 140.754121][ T6825] ksys_mmap_pgoff+0x1c8/0x5c0 [ 140.754169][ T6825] __x64_sys_mmap+0x125/0x190 [ 140.754221][ T6825] do_syscall_64+0xcd/0x490 [ 140.754265][ T6825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.754298][ T6825] RIP: 0033:0x7f7b6818ebe9 [ 140.754324][ T6825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.754356][ T6825] RSP: 002b:00007f7b68fe1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 140.754484][ T6825] RAX: ffffffffffffffda RBX: 00007f7b683b6090 RCX: 00007f7b6818ebe9 [ 140.754518][ T6825] RDX: 0000000000400002 RSI: 0000000000a00006 RDI: 0000000000000000 [ 140.754537][ T6825] RBP: 00007f7b68211e19 R08: 0000000000000602 R09: 0000300000000000 [ 140.754556][ T6825] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 140.754576][ T6825] R13: 00007f7b683b6128 R14: 00007f7b683b6090 R15: 00007ffe055c0238 [ 140.754605][ T6825] [ 141.728740][ T6834] FAULT_INJECTION: forcing a failure. [ 141.728740][ T6834] name failslab, interval 1, probability 0, space 0, times 0 [ 141.777854][ T6834] CPU: 0 UID: 0 PID: 6834 Comm: syz.0.191 Not tainted syzkaller #0 PREEMPT(full) [ 141.777896][ T6834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 141.777914][ T6834] Call Trace: [ 141.777924][ T6834] [ 141.777935][ T6834] dump_stack_lvl+0x16c/0x1f0 [ 141.777980][ T6834] should_fail_ex+0x512/0x640 [ 141.778019][ T6834] should_failslab+0xc2/0x120 [ 141.778053][ T6834] __kmalloc_cache_noprof+0x6a/0x3e0 [ 141.778078][ T6834] ? find_get_task_by_vpid+0x19e/0x310 [ 141.778116][ T6834] ? yama_ptracer_add+0x48/0x590 [ 141.778152][ T6834] ? lock_release+0x201/0x2f0 [ 141.778186][ T6834] yama_ptracer_add+0x48/0x590 [ 141.778222][ T6834] yama_task_prctl+0xf4/0x1d0 [ 141.778258][ T6834] security_task_prctl+0xc2/0x160 [ 141.778300][ T6834] __do_sys_prctl+0xaa/0x20e0 [ 141.778339][ T6834] ? __pfx___do_sys_prctl+0x10/0x10 [ 141.778381][ T6834] do_syscall_64+0xcd/0x490 [ 141.778426][ T6834] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.778454][ T6834] RIP: 0033:0x7f552eb8ebe9 [ 141.778471][ T6834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.778493][ T6834] RSP: 002b:00007f552cdf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 141.778515][ T6834] RAX: ffffffffffffffda RBX: 00007f552edb6180 RCX: 00007f552eb8ebe9 [ 141.778530][ T6834] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000059616d61 [ 141.778544][ T6834] RBP: 00007f552ec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 141.778557][ T6834] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 141.778571][ T6834] R13: 00007f552edb6218 R14: 00007f552edb6180 R15: 00007fffae78d288 [ 141.778592][ T6834] [ 142.441679][ T6838] mmap: syz.3.192 (6838) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 143.160221][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.167650][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 144.916847][ T6538] syz.2.137 (6538) used greatest stack depth: 18776 bytes left [ 147.336123][ T6896] netlink: 28 bytes leftover after parsing attributes in process `syz.3.205'. [ 147.767530][ T6893] netlink: 342 bytes leftover after parsing attributes in process `syz.2.204'. [ 148.827887][ T6896] team0: Port device team_slave_1 removed [ 149.384828][ T6909] blktrace: Concurrent blktraces are not allowed on loop2 [ 153.364194][ T5183] Bluetooth: hci3: unexpected event 0x20 length: 123 > 7 [ 156.217201][ T7004] random: crng reseeded on system resumption [ 158.670998][ T6664] syz.1.160 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 158.896861][ T6664] CPU: 0 UID: 0 PID: 6664 Comm: syz.1.160 Not tainted syzkaller #0 PREEMPT(full) [ 158.896900][ T6664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 158.896918][ T6664] Call Trace: [ 158.896927][ T6664] [ 158.896938][ T6664] dump_stack_lvl+0x16c/0x1f0 [ 158.897023][ T6664] dump_header+0x101/0x930 [ 158.897063][ T6664] oom_kill_process+0x272/0xa40 [ 158.897103][ T6664] out_of_memory+0x350/0x1700 [ 158.897144][ T6664] ? __pfx_out_of_memory+0x10/0x10 [ 158.897182][ T6664] ? lock_acquire+0x2cd/0x350 [ 158.897226][ T6664] mem_cgroup_out_of_memory+0x118/0x130 [ 158.897275][ T6664] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 158.897328][ T6664] ? do_raw_spin_unlock+0x172/0x230 [ 158.897378][ T6664] try_charge_memcg+0x72b/0xd50 [ 158.897419][ T6664] ? __pfx_try_charge_memcg+0x10/0x10 [ 158.897457][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.897490][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.897520][ T6664] ? __folio_batch_add_and_move+0x602/0xc90 [ 158.897565][ T6664] charge_memcg+0x8a/0x230 [ 158.897602][ T6664] __mem_cgroup_charge+0x2b/0x1e0 [ 158.897644][ T6664] shmem_alloc_and_add_folio+0x514/0xc20 [ 158.897683][ T6664] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 158.897720][ T6664] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 158.897759][ T6664] shmem_get_folio_gfp+0x67f/0x1600 [ 158.897798][ T6664] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 158.897839][ T6664] shmem_write_begin+0x160/0x300 [ 158.897876][ T6664] ? __pfx_shmem_write_begin+0x10/0x10 [ 158.897910][ T6664] ? timestamp_truncate+0x21e/0x2d0 [ 158.897947][ T6664] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 158.898005][ T6664] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 158.898057][ T6664] generic_perform_write+0x3c5/0x900 [ 158.898096][ T6664] ? __pfx_generic_perform_write+0x10/0x10 [ 158.898130][ T6664] ? inode_needs_update_time.part.0+0x191/0x270 [ 158.898177][ T6664] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 158.898220][ T6664] shmem_file_write_iter+0x10e/0x140 [ 158.898262][ T6664] __kernel_write_iter+0x317/0xb10 [ 158.898300][ T6664] ? __pfx___kernel_write_iter+0x10/0x10 [ 158.898334][ T6664] ? __up_read+0x1f8/0x750 [ 158.898382][ T6664] ? lock_release+0x201/0x2f0 [ 158.898420][ T6664] ? dump_user_range+0x467/0xb70 [ 158.898452][ T6664] dump_user_range+0x413/0xb70 [ 158.898486][ T6664] ? __pfx_dump_user_range+0x10/0x10 [ 158.898518][ T6664] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 158.898573][ T6664] ? __pfx_writenote+0x10/0x10 [ 158.898611][ T6664] elf_core_dump+0x2929/0x3b60 [ 158.898654][ T6664] ? __pfx_elf_core_dump+0x10/0x10 [ 158.898686][ T6664] ? kasan_save_stack+0x42/0x60 [ 158.898720][ T6664] ? kasan_save_stack+0x33/0x60 [ 158.898752][ T6664] ? kasan_save_track+0x14/0x30 [ 158.898785][ T6664] ? __kasan_kmalloc+0xaa/0xb0 [ 158.898819][ T6664] ? vfs_coredump+0x1dc8/0x56d0 [ 158.898846][ T6664] ? get_signal+0x22e3/0x26d0 [ 158.898878][ T6664] ? arch_do_signal_or_restart+0x8f/0x790 [ 158.898923][ T6664] ? 0xffffffffff600000 [ 158.898977][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899009][ T6664] ? lock_acquire+0x2cd/0x350 [ 158.899048][ T6664] ? __pfx___might_resched+0x10/0x10 [ 158.899083][ T6664] ? vfs_coredump+0x2ba2/0x56d0 [ 158.899112][ T6664] vfs_coredump+0x2ba2/0x56d0 [ 158.899149][ T6664] ? __pfx_vfs_coredump+0x10/0x10 [ 158.899177][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899208][ T6664] ? is_bpf_text_address+0x8a/0x1a0 [ 158.899249][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899280][ T6664] ? unwind_next_frame+0x3f4/0x20a0 [ 158.899311][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899346][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899378][ T6664] ? unwind_next_frame+0x3f4/0x20a0 [ 158.899407][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.899443][ T6664] ? lock_release+0x201/0x2f0 [ 158.899481][ T6664] ? bpf_ksym_find+0x124/0x1c0 [ 158.899514][ T6664] ? __kernel_text_address+0xd/0x40 [ 158.899554][ T6664] ? unwind_get_return_address+0x59/0xa0 [ 158.899595][ T6664] ? arch_stack_walk+0xa6/0x100 [ 158.899634][ T6664] ? stack_trace_save+0x8e/0xc0 [ 158.899668][ T6664] ? __pfx_stack_trace_save+0x10/0x10 [ 158.899696][ T6664] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 158.899728][ T6664] ? stack_depot_save_flags+0x29/0x9c0 [ 158.899766][ T6664] ? arch_do_signal_or_restart+0x4c0/0x790 [ 158.899800][ T6664] ? irqentry_exit_to_user_mode+0x12a/0x270 [ 158.899835][ T6664] ? asm_exc_page_fault+0x26/0x30 [ 158.899888][ T6664] ? proc_coredump_connector+0x2d1/0x4f0 [ 158.899916][ T6664] ? __pfx_proc_coredump_connector+0x10/0x10 [ 158.899948][ T6664] ? rcu_is_watching+0x12/0xc0 [ 158.900131][ T6664] get_signal+0x22e3/0x26d0 [ 158.900170][ T6664] ? force_sig_fault+0xc4/0x100 [ 158.900200][ T6664] ? __pfx_get_signal+0x10/0x10 [ 158.900234][ T6664] arch_do_signal_or_restart+0x8f/0x790 [ 158.900269][ T6664] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 158.900312][ T6664] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 158.900355][ T6664] irqentry_exit_to_user_mode+0x12a/0x270 [ 158.900391][ T6664] asm_exc_page_fault+0x26/0x30 [ 158.900417][ T6664] RIP: 0033:0x0 [ 158.900434][ T6664] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 158.900446][ T6664] RSP: 002b:00000000000000f8 EFLAGS: 00010217 [ 158.900473][ T6664] RAX: 0000000000000000 RBX: 00007fd4ce3b6180 RCX: 00007fd4ce18ebe9 [ 158.900490][ T6664] RDX: 0000000000000000 RSI: 00000000000000f0 RDI: 0000000020300000 [ 158.900506][ T6664] RBP: 00007fd4ce211e19 R08: 0000000000000000 R09: 0000000000000000 [ 158.900522][ T6664] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 158.900538][ T6664] R13: 00007fd4ce3b6218 R14: 00007fd4ce3b6180 R15: 00007ffc00f3c048 [ 158.900562][ T6664] [ 158.900578][ T6664] memory: usage 307196kB, limit 307200kB, failcnt 22025 [ 159.417493][ T7014] random: crng reseeded on system resumption [ 160.805790][ T6664] memory+swap: usage 425040kB, limit 9007199254740988kB, failcnt 0 [ 160.878351][ T6664] kmem: usage 3780kB, limit 9007199254740988kB, failcnt 0 [ 160.912375][ T6664] Memory cgroup stats for /syz1: [ 160.912574][ T6664] cache 310198272 [ 160.956715][ T6664] rss 188416 [ 160.986686][ T6664] rss_huge 0 [ 160.989951][ T6664] shmem 309800960 [ 161.038781][ T6664] mapped_file 4096 [ 161.043605][ T6664] dirty 0 [ 161.137164][ T6664] writeback 0 [ 161.183677][ T6664] workingset_refault_anon 156 [ 161.282176][ T6664] workingset_refault_file 1068 [ 161.300317][ T6664] swap 120844288 [ 161.312118][ T6664] swapcached 45056 [ 161.325817][ T6664] pgpgin 138345 [ 161.335665][ T6664] pgpgout 62561 [ 161.345105][ T6664] pgfault 82782 [ 161.360374][ T6664] pgmajfault 93 [ 161.425136][ T6664] inactive_anon 266067968 [ 161.463544][ T6664] active_anon 43945984 [ 161.501196][ T6664] inactive_file 143360 [ 161.527968][ T6664] active_file 172032 [ 161.531949][ T6664] unevictable 0 [ 161.634995][ T6664] hierarchical_memory_limit 314572800 [ 161.659323][ T6664] hierarchical_memsw_limit 9223372036854771712 [ 161.745842][ T6664] total_cache 310198272 [ 161.785131][ T6664] total_rss 188416 [ 161.940025][ T6664] total_rss_huge 0 [ 161.982548][ T6664] total_shmem 309800960 [ 162.028023][ T6664] total_mapped_file 4096 [ 162.164793][ T6664] total_dirty 0 [ 162.171473][ T6664] total_writeback 0 [ 162.211331][ T6664] total_workingset_refault_anon 156 [ 162.268300][ T6664] total_workingset_refault_file 1068 [ 162.336753][ T6664] total_swap 120844288 [ 162.340905][ T6664] total_swapcached 45056 [ 162.345444][ T6664] total_pgpgin 138345 [ 162.357889][ T6664] total_pgpgout 62561 [ 162.377860][ T6664] total_pgfault 82782 [ 162.381912][ T6664] total_pgmajfault 93 [ 162.396734][ T6664] total_inactive_anon 266067968 [ 162.401734][ T6664] total_active_anon 43945984 [ 162.416771][ T6664] total_inactive_file 143360 [ 162.421572][ T6664] total_active_file 172032 [ 162.426030][ T6664] total_unevictable 0 [ 162.447066][ T6664] anon_cost 0 [ 162.450642][ T6664] file_cost 0 [ 162.453963][ T6664] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.160,pid=6647,uid=0 [ 162.506712][ T6664] Memory cgroup out of memory: Killed process 6647 (syz.1.160) total-vm:131212kB, anon-rss:968kB, file-rss:35712kB, shmem-rss:192kB, UID:0 pgtables:256kB oom_score_adj:1000 [ 163.654027][ T6655] syz.1.160 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 163.663907][ T6655] CPU: 1 UID: 0 PID: 6655 Comm: syz.1.160 Not tainted syzkaller #0 PREEMPT(full) [ 163.663946][ T6655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 163.663963][ T6655] Call Trace: [ 163.663973][ T6655] [ 163.663984][ T6655] dump_stack_lvl+0x16c/0x1f0 [ 163.664027][ T6655] dump_header+0x101/0x930 [ 163.664067][ T6655] oom_kill_process+0x272/0xa40 [ 163.664107][ T6655] out_of_memory+0x350/0x1700 [ 163.664158][ T6655] ? __pfx_out_of_memory+0x10/0x10 [ 163.664198][ T6655] ? lock_acquire+0x2cd/0x350 [ 163.664240][ T6655] mem_cgroup_out_of_memory+0x118/0x130 [ 163.664290][ T6655] ? __pfx_mem_cgroup_out_of_memory+0x10/0x10 [ 163.664353][ T6655] ? do_raw_spin_unlock+0x172/0x230 [ 163.664405][ T6655] try_charge_memcg+0x72b/0xd50 [ 163.664446][ T6655] ? __pfx_try_charge_memcg+0x10/0x10 [ 163.664483][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.664514][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.664546][ T6655] ? __folio_batch_add_and_move+0x602/0xc90 [ 163.664594][ T6655] charge_memcg+0x8a/0x230 [ 163.664640][ T6655] __mem_cgroup_charge+0x2b/0x1e0 [ 163.664684][ T6655] shmem_alloc_and_add_folio+0x514/0xc20 [ 163.664725][ T6655] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 163.664762][ T6655] ? shmem_allowable_huge_orders+0xcb/0x2f0 [ 163.664800][ T6655] shmem_get_folio_gfp+0x67f/0x1600 [ 163.664841][ T6655] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 163.664880][ T6655] shmem_write_begin+0x160/0x300 [ 163.664918][ T6655] ? __pfx_shmem_write_begin+0x10/0x10 [ 163.664951][ T6655] ? timestamp_truncate+0x21e/0x2d0 [ 163.664989][ T6655] ? balance_dirty_pages_ratelimited_flags+0x92/0x1260 [ 163.665040][ T6655] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 163.665090][ T6655] generic_perform_write+0x3c5/0x900 [ 163.665128][ T6655] ? __pfx_generic_perform_write+0x10/0x10 [ 163.665163][ T6655] ? inode_needs_update_time.part.0+0x191/0x270 [ 163.665207][ T6655] ? __pfx_shmem_file_write_iter+0x10/0x10 [ 163.665254][ T6655] shmem_file_write_iter+0x10e/0x140 [ 163.665303][ T6655] __kernel_write_iter+0x317/0xb10 [ 163.665341][ T6655] ? __pfx___kernel_write_iter+0x10/0x10 [ 163.665376][ T6655] ? __up_read+0x1f8/0x750 [ 163.665423][ T6655] ? lock_release+0x201/0x2f0 [ 163.665461][ T6655] ? write_comp_data+0x3c/0x90 [ 163.665503][ T6655] dump_user_range+0x413/0xb70 [ 163.665538][ T6655] ? __pfx_dump_user_range+0x10/0x10 [ 163.665569][ T6655] ? elf_coredump_extra_notes_write+0xbd/0x4f0 [ 163.665621][ T6655] ? __pfx_writenote+0x10/0x10 [ 163.665670][ T6655] elf_core_dump+0x2929/0x3b60 [ 163.665713][ T6655] ? __pfx_elf_core_dump+0x10/0x10 [ 163.665745][ T6655] ? kasan_save_stack+0x42/0x60 [ 163.665780][ T6655] ? kasan_save_stack+0x33/0x60 [ 163.665813][ T6655] ? kasan_save_track+0x14/0x30 [ 163.665848][ T6655] ? __kasan_kmalloc+0xaa/0xb0 [ 163.665881][ T6655] ? vfs_coredump+0x1dc8/0x56d0 [ 163.665909][ T6655] ? get_signal+0x22e3/0x26d0 [ 163.665942][ T6655] ? arch_do_signal_or_restart+0x8f/0x790 [ 163.665994][ T6655] ? 0xffffffffff600000 [ 163.666040][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666071][ T6655] ? lock_acquire+0x2cd/0x350 [ 163.666109][ T6655] ? __pfx___might_resched+0x10/0x10 [ 163.666152][ T6655] ? vfs_coredump+0x2ba2/0x56d0 [ 163.666180][ T6655] vfs_coredump+0x2ba2/0x56d0 [ 163.666217][ T6655] ? __pfx_vfs_coredump+0x10/0x10 [ 163.666246][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666277][ T6655] ? is_bpf_text_address+0x8a/0x1a0 [ 163.666329][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666360][ T6655] ? unwind_next_frame+0x3f4/0x20a0 [ 163.666389][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666424][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666456][ T6655] ? unwind_next_frame+0x3f4/0x20a0 [ 163.666487][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.666524][ T6655] ? lock_release+0x201/0x2f0 [ 163.666566][ T6655] ? bpf_ksym_find+0x124/0x1c0 [ 163.666597][ T6655] ? __kernel_text_address+0xd/0x40 [ 163.666623][ T6655] ? unwind_get_return_address+0x59/0xa0 [ 163.666666][ T6655] ? arch_stack_walk+0xa6/0x100 [ 163.666702][ T6655] ? stack_trace_save+0x8e/0xc0 [ 163.666734][ T6655] ? __pfx_stack_trace_save+0x10/0x10 [ 163.666764][ T6655] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 163.666800][ T6655] ? stack_depot_save_flags+0x29/0x9c0 [ 163.666850][ T6655] ? arch_do_signal_or_restart+0x4c0/0x790 [ 163.666890][ T6655] ? irqentry_exit_to_user_mode+0x12a/0x270 [ 163.666931][ T6655] ? asm_exc_page_fault+0x26/0x30 [ 163.666995][ T6655] ? proc_coredump_connector+0x2d1/0x4f0 [ 163.667029][ T6655] ? __pfx_proc_coredump_connector+0x10/0x10 [ 163.667067][ T6655] ? rcu_is_watching+0x12/0xc0 [ 163.667100][ T6655] get_signal+0x22e3/0x26d0 [ 163.667141][ T6655] ? force_sig_fault+0xc4/0x100 [ 163.667176][ T6655] ? __pfx_get_signal+0x10/0x10 [ 163.667229][ T6655] arch_do_signal_or_restart+0x8f/0x790 [ 163.667269][ T6655] ? trace_irq_disable.constprop.0+0xd4/0x120 [ 163.667317][ T6655] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 163.667370][ T6655] irqentry_exit_to_user_mode+0x12a/0x270 [ 163.667420][ T6655] asm_exc_page_fault+0x26/0x30 [ 163.667450][ T6655] RIP: 0033:0x0 [ 163.667470][ T6655] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 163.667484][ T6655] RSP: 002b:00000000000000f8 EFLAGS: 00010217 [ 163.667508][ T6655] RAX: 0000000000000000 RBX: 00007fd4ce3b6180 RCX: 00007fd4ce18ebe9 [ 163.667527][ T6655] RDX: 0000000000000000 RSI: 00000000000000f0 RDI: 0000000020300000 [ 163.667546][ T6655] RBP: 00007fd4ce211e19 R08: 0000000000000000 R09: 0000000000000000 [ 163.667564][ T6655] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 163.667583][ T6655] R13: 00007fd4ce3b6218 R14: 00007fd4ce3b6180 R15: 00007ffc00f3c048 [ 163.667613][ T6655] [ 164.337090][ T6655] memory: usage 307200kB, limit 307200kB, failcnt 24664 [ 164.344170][ T6655] memory+swap: usage 425000kB, limit 9007199254740988kB, failcnt 0 [ 164.352247][ T6655] kmem: usage 3960kB, limit 9007199254740988kB, failcnt 0 [ 164.359430][ T6655] Memory cgroup stats for /syz1: [ 164.359606][ T6655] cache 310226944 [ 164.368284][ T6655] rss 253952 [ 164.371624][ T6655] rss_huge 0 [ 164.374865][ T6655] shmem 310222848 [ 164.378788][ T6655] mapped_file 0 [ 164.382264][ T6655] dirty 0 [ 164.385214][ T6655] writeback 0 [ 164.388529][ T6655] workingset_refault_anon 156 [ 164.393222][ T6655] workingset_refault_file 2065 [ 164.398047][ T6655] swap 121008128 [ 164.401683][ T6655] swapcached 45056 [ 164.405412][ T6655] pgpgin 139709 [ 164.409067][ T6655] pgpgout 63899 [ 164.412522][ T6655] pgfault 82862 [ 164.415979][ T6655] pgmajfault 124 [ 164.419560][ T6655] inactive_anon 297201664 [ 164.424371][ T6655] active_anon 13312000 [ 164.428471][ T6655] inactive_file 4096 [ 164.432361][ T6655] active_file 0 [ 164.435841][ T6655] unevictable 0 [ 164.439347][ T6655] hierarchical_memory_limit 314572800 [ 164.444717][ T6655] hierarchical_memsw_limit 9223372036854771712 [ 164.450895][ T6655] total_cache 310226944 [ 164.455056][ T6655] total_rss 253952 [ 164.458919][ T6655] total_rss_huge 0 [ 164.462766][ T6655] total_shmem 310222848 [ 164.466964][ T6655] total_mapped_file 0 [ 164.471034][ T6655] total_dirty 0 [ 164.474583][ T6655] total_writeback 0 [ 164.478442][ T6655] total_workingset_refault_anon 156 [ 164.483639][ T6655] total_workingset_refault_file 2065 [ 164.488977][ T6655] total_swap 121008128 [ 164.493045][ T6655] total_swapcached 45056 [ 164.497301][ T6655] total_pgpgin 139709 [ 164.501308][ T6655] total_pgpgout 63899 [ 164.505414][ T6655] total_pgfault 82862 [ 164.509479][ T6655] total_pgmajfault 124 [ 164.513695][ T6655] total_inactive_anon 297201664 [ 164.518831][ T6655] total_active_anon 13312000 [ 164.524090][ T6655] total_inactive_file 4096 [ 164.528567][ T6655] total_active_file 0 [ 164.532581][ T6655] total_unevictable 0 [ 164.536637][ T6655] anon_cost 0 [ 164.540044][ T6655] file_cost 0 [ 164.543332][ T6655] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.160,pid=6654,uid=0 [ 164.558350][ T6655] Memory cgroup out of memory: Killed process 6654 (syz.1.160) total-vm:131344kB, anon-rss:924kB, file-rss:23552kB, shmem-rss:128kB, UID:0 pgtables:256kB oom_score_adj:1000 [ 166.464433][ T7094] netlink: 342 bytes leftover after parsing attributes in process `syz.0.249'. [ 166.630921][ T7096] FAULT_INJECTION: forcing a failure. [ 166.630921][ T7096] name failslab, interval 1, probability 0, space 0, times 0 [ 166.643988][ T7096] CPU: 0 UID: 0 PID: 7096 Comm: syz.3.251 Not tainted syzkaller #0 PREEMPT(full) [ 166.644028][ T7096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 166.644046][ T7096] Call Trace: [ 166.644055][ T7096] [ 166.644066][ T7096] dump_stack_lvl+0x16c/0x1f0 [ 166.644108][ T7096] should_fail_ex+0x512/0x640 [ 166.644154][ T7096] ? fib_create_info+0x53f/0x46b0 [ 166.644185][ T7096] should_failslab+0xc2/0x120 [ 166.644226][ T7096] __kmalloc_noprof+0xd2/0x510 [ 166.644266][ T7096] fib_create_info+0x53f/0x46b0 [ 166.644307][ T7096] ? kasan_save_stack+0x42/0x60 [ 166.644341][ T7096] ? kasan_save_stack+0x33/0x60 [ 166.644376][ T7096] ? __pfx_fib_create_info+0x10/0x10 [ 166.644407][ T7096] ? inet_ioctl+0x344/0x3f0 [ 166.644461][ T7096] ? packet_ioctl+0xb6/0x280 [ 166.644509][ T7096] ? sock_do_ioctl+0x118/0x280 [ 166.644552][ T7096] ? sock_ioctl+0x227/0x6b0 [ 166.644579][ T7096] ? __x64_sys_ioctl+0x18b/0x210 [ 166.644624][ T7096] ? do_syscall_64+0xcd/0x490 [ 166.644663][ T7096] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.644698][ T7096] fib_table_insert+0x177/0x1c40 [ 166.644747][ T7096] ? __pfx_fib_table_insert+0x10/0x10 [ 166.644798][ T7096] ? ip_rt_ioctl+0x81e/0x13f0 [ 166.644843][ T7096] ip_rt_ioctl+0x81e/0x13f0 [ 166.644888][ T7096] ? tomoyo_get_name+0x49/0x4c0 [ 166.644923][ T7096] ? __x64_sys_ioctl+0xb7/0x210 [ 166.644963][ T7096] ? __pfx_ip_rt_ioctl+0x10/0x10 [ 166.645014][ T7096] inet_ioctl+0x344/0x3f0 [ 166.645054][ T7096] ? __pfx_inet_ioctl+0x10/0x10 [ 166.645096][ T7096] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 166.645146][ T7096] ? tomoyo_path_number_perm+0x18d/0x580 [ 166.645180][ T7096] packet_ioctl+0xb6/0x280 [ 166.645221][ T7096] sock_do_ioctl+0x118/0x280 [ 166.645259][ T7096] ? __pfx_sock_do_ioctl+0x10/0x10 [ 166.645297][ T7096] ? preempt_count_add+0x76/0x150 [ 166.645340][ T7096] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 166.645384][ T7096] sock_ioctl+0x227/0x6b0 [ 166.645408][ T7096] ? __pfx_sock_ioctl+0x10/0x10 [ 166.645432][ T7096] ? hook_file_ioctl_common+0x145/0x410 [ 166.645479][ T7096] ? __pfx_sock_ioctl+0x10/0x10 [ 166.645505][ T7096] __x64_sys_ioctl+0x18b/0x210 [ 166.645547][ T7096] do_syscall_64+0xcd/0x490 [ 166.645581][ T7096] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.645607][ T7096] RIP: 0033:0x7f7b6818ebe9 [ 166.645626][ T7096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.645651][ T7096] RSP: 002b:00007f7b69002038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 166.645676][ T7096] RAX: ffffffffffffffda RBX: 00007f7b683b5fa0 RCX: 00007f7b6818ebe9 [ 166.645693][ T7096] RDX: 0000000000000008 RSI: 000000000000890b RDI: 0000000000000001 [ 166.645710][ T7096] RBP: 00007f7b69002090 R08: 0000000000000000 R09: 0000000000000000 [ 166.645725][ T7096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.645741][ T7096] R13: 00007f7b683b6038 R14: 00007f7b683b5fa0 R15: 00007ffe055c0238 [ 166.645766][ T7096] [ 167.226072][ T7104] netlink: 28 bytes leftover after parsing attributes in process `syz.0.253'. [ 168.502299][ T7098] ------------[ cut here ]------------ [ 168.507874][ T7098] WARNING: CPU: 1 PID: 7098 at kernel/trace/trace.c:8594 tracing_buffers_mmap_close+0xdd/0x130 [ 168.518959][ T7098] Modules linked in: [ 168.523093][ T7098] CPU: 1 UID: 0 PID: 7098 Comm: syz.2.252 Not tainted syzkaller #0 PREEMPT(full) [ 168.532727][ T7098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 168.543358][ T7098] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 168.549870][ T7098] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 31 bb 60 00 eb 87 e8 5a [ 168.570992][ T7098] RSP: 0018:ffffc9001917f990 EFLAGS: 00010293 [ 168.577794][ T7098] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfb029 [ 168.585905][ T7098] RDX: ffff8880289d5a00 RSI: ffffffff81bfb03c RDI: 0000000000000005 [ 168.594265][ T7098] RBP: ffffffff81bfaf60 R08: 0000000000000005 R09: 0000000000000000 [ 168.602718][ T7098] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff888079fcca48 [ 168.611299][ T7098] R13: dffffc0000000000 R14: ffffc9001917fa28 R15: 0000000000100000 [ 168.620102][ T7098] FS: 0000000000000000(0000) GS:ffff8881247c4000(0000) knlGS:0000000000000000 [ 168.629724][ T7098] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.636365][ T7098] CR2: 00007fd4ceee56c0 CR3: 0000000057c34000 CR4: 00000000003526f0 [ 168.644890][ T7098] Call Trace: [ 168.648547][ T7098] [ 168.651531][ T7098] remove_vma+0x85/0x160 [ 168.656006][ T7098] exit_mmap+0x511/0xb90 [ 168.660887][ T7098] ? uprobe_clear_state+0xfc/0x400 [ 168.666075][ T7098] ? __pfx_exit_mmap+0x10/0x10 [ 168.671347][ T7098] ? lock_release+0x201/0x2f0 [ 168.676338][ T7098] ? lock_release+0x201/0x2f0 [ 168.681401][ T7098] __mmput+0x12a/0x410 [ 168.685752][ T7098] mmput+0x62/0x70 [ 168.690221][ T7098] do_exit+0x7c7/0x2bf0 [ 168.694811][ T7098] ? submit_bio_wait+0x1bb/0x250 [ 168.700590][ T7098] ? __pfx_do_exit+0x10/0x10 [ 168.706231][ T7098] ? do_raw_spin_lock+0x12c/0x2b0 [ 168.711890][ T7098] ? get_signal+0x8f5/0x26d0 [ 168.717252][ T7098] ? rcu_is_watching+0x12/0xc0 [ 168.722957][ T7098] do_group_exit+0xd3/0x2a0 [ 168.728373][ T7098] get_signal+0x2673/0x26d0 [ 168.733510][ T7098] ? __pfx_mt_find+0x10/0x10 [ 168.739595][ T7098] ? __pfx_get_signal+0x10/0x10 [ 168.745418][ T7098] ? __pfx___might_resched+0x10/0x10 [ 168.751347][ T7098] arch_do_signal_or_restart+0x8f/0x790 [ 168.757570][ T7098] ? __up_read+0x1f8/0x750 [ 168.762061][ T7098] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 168.768923][ T7098] ? fput+0x9b/0xd0 [ 168.772905][ T7098] exit_to_user_mode_loop+0x84/0x110 [ 168.778655][ T7098] do_syscall_64+0x3f6/0x490 [ 168.783343][ T7098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.789784][ T7098] RIP: 0033:0x7f911c38ebe9 [ 168.794425][ T7098] Code: Unable to access opcode bytes at 0x7f911c38ebbf. [ 168.802371][ T7098] RSP: 002b:00007f911d224038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 168.811339][ T7098] RAX: ffffffffffffffea RBX: 00007f911c5b5fa0 RCX: 00007f911c38ebe9 [ 168.820152][ T7098] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 168.828985][ T7098] RBP: 00007f911c411e19 R08: 0000000000000000 R09: 0000000000000000 [ 168.838042][ T7098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.847604][ T7098] R13: 00007f911c5b6038 R14: 00007f911c5b5fa0 R15: 00007ffd470f46e8 [ 168.856029][ T7098] [ 168.860331][ T7098] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 168.868349][ T7098] CPU: 1 UID: 0 PID: 7098 Comm: syz.2.252 Not tainted syzkaller #0 PREEMPT(full) [ 168.878980][ T7098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 168.889269][ T7098] Call Trace: [ 168.892693][ T7098] [ 168.895753][ T7098] dump_stack_lvl+0x3d/0x1f0 [ 168.900397][ T7098] vpanic+0x6e8/0x7a0 [ 168.904472][ T7098] ? __pfx_vpanic+0x10/0x10 [ 168.909197][ T7098] ? tracing_buffers_mmap_close+0xdd/0x130 [ 168.915069][ T7098] panic+0xca/0xd0 [ 168.918858][ T7098] ? __pfx_panic+0x10/0x10 [ 168.923337][ T7098] ? check_panic_on_warn+0x1f/0xb0 [ 168.928499][ T7098] check_panic_on_warn+0xab/0xb0 [ 168.933499][ T7098] __warn+0xf6/0x3c0 [ 168.937484][ T7098] ? tracing_buffers_mmap_close+0xdd/0x130 [ 168.943321][ T7098] report_bug+0x3c3/0x580 [ 168.947689][ T7098] ? tracing_buffers_mmap_close+0xdd/0x130 [ 168.953521][ T7098] handle_bug+0x184/0x210 [ 168.957898][ T7098] exc_invalid_op+0x17/0x50 [ 168.962467][ T7098] asm_exc_invalid_op+0x1a/0x20 [ 168.967461][ T7098] RIP: 0010:tracing_buffers_mmap_close+0xdd/0x130 [ 168.973912][ T7098] Code: 75 46 48 8b 7b 08 e8 02 96 ff ff 31 ff 89 c3 89 c6 e8 e7 58 fb ff 85 db 75 0a 48 83 c4 08 5b e9 99 5d fb ff e8 94 5d fb ff 90 <0f> 0b 90 48 83 c4 08 5b e9 86 5d fb ff e8 31 bb 60 00 eb 87 e8 5a [ 168.993633][ T7098] RSP: 0018:ffffc9001917f990 EFLAGS: 00010293 [ 168.999733][ T7098] RAX: 0000000000000000 RBX: 00000000ffffffed RCX: ffffffff81bfb029 [ 169.007726][ T7098] RDX: ffff8880289d5a00 RSI: ffffffff81bfb03c RDI: 0000000000000005 [ 169.015726][ T7098] RBP: ffffffff81bfaf60 R08: 0000000000000005 R09: 0000000000000000 [ 169.023812][ T7098] R10: 00000000ffffffed R11: 0000000000000000 R12: ffff888079fcca48 [ 169.031802][ T7098] R13: dffffc0000000000 R14: ffffc9001917fa28 R15: 0000000000100000 [ 169.039831][ T7098] ? __pfx_tracing_buffers_mmap_close+0x10/0x10 [ 169.046138][ T7098] ? tracing_buffers_mmap_close+0xc9/0x130 [ 169.052842][ T7098] ? tracing_buffers_mmap_close+0xdc/0x130 [ 169.058878][ T7098] remove_vma+0x85/0x160 [ 169.063171][ T7098] exit_mmap+0x511/0xb90 [ 169.067466][ T7098] ? uprobe_clear_state+0xfc/0x400 [ 169.072728][ T7098] ? __pfx_exit_mmap+0x10/0x10 [ 169.077545][ T7098] ? lock_release+0x201/0x2f0 [ 169.082356][ T7098] ? lock_release+0x201/0x2f0 [ 169.087147][ T7098] __mmput+0x12a/0x410 [ 169.091335][ T7098] mmput+0x62/0x70 [ 169.095094][ T7098] do_exit+0x7c7/0x2bf0 [ 169.099309][ T7098] ? submit_bio_wait+0x1bb/0x250 [ 169.104282][ T7098] ? __pfx_do_exit+0x10/0x10 [ 169.108924][ T7098] ? do_raw_spin_lock+0x12c/0x2b0 [ 169.114000][ T7098] ? get_signal+0x8f5/0x26d0 [ 169.118617][ T7098] ? rcu_is_watching+0x12/0xc0 [ 169.123499][ T7098] do_group_exit+0xd3/0x2a0 [ 169.128046][ T7098] get_signal+0x2673/0x26d0 [ 169.132587][ T7098] ? __pfx_mt_find+0x10/0x10 [ 169.137223][ T7098] ? __pfx_get_signal+0x10/0x10 [ 169.142105][ T7098] ? __pfx___might_resched+0x10/0x10 [ 169.147423][ T7098] arch_do_signal_or_restart+0x8f/0x790 [ 169.153001][ T7098] ? __up_read+0x1f8/0x750 [ 169.157453][ T7098] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 169.163727][ T7098] ? fput+0x9b/0xd0 [ 169.167585][ T7098] exit_to_user_mode_loop+0x84/0x110 [ 169.173029][ T7098] do_syscall_64+0x3f6/0x490 [ 169.177674][ T7098] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.183694][ T7098] RIP: 0033:0x7f911c38ebe9 [ 169.188137][ T7098] Code: Unable to access opcode bytes at 0x7f911c38ebbf. [ 169.195165][ T7098] RSP: 002b:00007f911d224038 EFLAGS: 00000246 ORIG_RAX: 000000000000001a [ 169.203616][ T7098] RAX: ffffffffffffffea RBX: 00007f911c5b5fa0 RCX: 00007f911c38ebe9 [ 169.211871][ T7098] RDX: 0000000400000004 RSI: 0180000000000000 RDI: 000000001ffff000 [ 169.221191][ T7098] RBP: 00007f911c411e19 R08: 0000000000000000 R09: 0000000000000000 [ 169.230583][ T7098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.239374][ T7098] R13: 00007f911c5b6038 R14: 00007f911c5b5fa0 R15: 00007ffd470f46e8 [ 169.247587][ T7098] [ 169.250783][ T7098] Kernel Offset: disabled [ 169.255212][ T7098] Rebooting in 86400 seconds..