last executing test programs: 9.405867972s ago: executing program 1 (id=348): bpf$auto(0x8000000, 0x0, 0x0) (async) openat$auto_bridges_fops_(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/dri/0000:00:02.0/encoder-0/bridges\x00', 0x0, 0x0) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x40, 0x0) (async) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x1}, 0x7) (async) write$auto(0xffffffffffffffff, &(0x7f00000002c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1d\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"P\x8a\xbbY8@Z5`\xa2\x9aSVd\x1d\xac\xe8\x90e\x9d\x03tm\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7.\xbe\x01\x98\xd7l\x00\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfa\xf0\xd9\xc0K\x8b\xa3c\x00'/160, 0xa9) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x20000054) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) (async) shmctl$auto_SHM_LOCK(0x2, 0xb, 0x0) (async) mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) (async) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) (async) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) (async) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card1/timer_source\x00', 0x8002, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x1}, 0x9) (async) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x4c2080, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x20004000) (async) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x400008000) (async) r3 = socketpair$auto(0x0, 0x1000, 0x7fffffff, 0x0) close_range$auto(r3, 0xffffffffffffffff, 0x0) (async) ioctl$auto(0x3, 0x6f50, 0xffffffffffffffff) (async) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r2, 0x8000) (async) ioctl$auto_BLKRRPART(r2, 0x125f, 0x0) (async) lseek$auto(0xffffffffffffffff, 0x7fff, 0x1000) madvise$auto(0x7fdfffff, 0x43f, 0xa) (async) mq_open$auto(&(0x7f0000000080)='\\:&#\xe7\'\x00', 0x8, 0x40, &(0x7f0000000140)={0x6, 0x4, 0x4, 0x3}) 7.101344272s ago: executing program 1 (id=352): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) write$auto(r0, 0x0, 0x2) getrlimit$auto(0x3, 0x0) fdatasync$auto(r0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) ioctl$auto_BLKZEROOUT(r1, 0x127f, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000380)='/dev/snd/controlC2\x00', 0x400, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/035/001\x00', 0x1102, 0x0) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xc8d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\xc6\x00\x89\te\x8d\a\xfb\\n\x89C:\x84D\x10u\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k', 0x100000a3d9) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x8ea182, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x1000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) init_module$auto(0x0, 0xffff9, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), r2) sendmsg$auto_NL80211_CMD_SET_SAR_SPECS(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000005c0)={0x28, r3, 0x1, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_WIPHY={0x8}, @NL80211_ATTR_WDEV={0xc, 0x99, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x400c080}, 0x44) madvise$auto(0x0, 0x8000000000000000, 0x15) madvise$auto(0x0, 0x2000000080000001, 0x3) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_dma_heap_fops_dma_heap(r4, 0xffffffffffdffe00, &(0x7f0000000180)="3bd5788960702feda35170139ce381fed118488f0307a3a4c18d4a8ac431fa07c041b1b920665c8c4d7e8d52e5d8dab558faa2531673d3a4fe350b9a8384db62d119fe8c337af67784ed1e440838f7bfa4c94fbedacbcdf699424f9f01c47fe508c0b4664fcb513747907e7f55ef1aaca2dde4a011870c17f67184421e998cb149c7fb47937cc4adff381e6ee2d13a032d56339870230a636493d9acc9e93f6e312d8f3607e3939bb16be3225fc75a7a3fcad911877b0d4531a7cca3a2c6417094fbd9fa6061adca05e94f1fae6649a051549085") pselect6$auto(0x9, &(0x7f0000000300)={[0x9, 0x4, 0x9, 0x6, 0x8001, 0x4000000000002bc8, 0xffd, 0x9, 0x3, 0xffffffff, 0x8000000000000001, 0x0, 0x2f, 0x2, 0x8, 0xfffffffffffffffe]}, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) 5.771203761s ago: executing program 0 (id=362): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/irq/default_smp_affinity\x00', 0x2, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r0, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r1 = socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba87e8000"}, 0x1c) futex$auto(&(0x7f0000000000)=0xf0fe, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x3000000) getsockopt$auto(r1, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x26, 0x3, 0x2) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000003c00), 0x1a9901, 0x0) write$auto(r3, &(0x7f0000004240)='\x01', 0x10000000004) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) 5.086812299s ago: executing program 0 (id=363): mmap$auto(0x5, 0x8000007, 0x1000000006e, 0x16, 0xffffffffffffffff, 0x9) r0 = socket(0xa, 0x3, 0x3b) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000001d00), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r1, &(0x7f0000001e00)={0x0, 0x0, &(0x7f0000001dc0)={&(0x7f0000000100)=ANY=[@ANYBLOB="66dd2c94c62ca9e700009a00000000", @ANYRES16=r2, @ANYBLOB="010025bd7000fddbdf250100000008000780040001800c0002000600000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x8880) mmap$auto(0x0, 0x200009, 0x2, 0x48eb1, 0xffffffffffffffff, 0x300000000000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0x6, 0x66) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) lseek$auto(0x3, 0x7fffffffffffffff, 0x0) mmap$auto(0x0, 0xa00006, 0x400002, 0x40ebe, 0xffffffffffffffff, 0x300000000000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0xe779, 0x400000000007, 0xdf, 0x13, 0xffffffffffffffff, 0x0) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sg1\x00', 0x103040, 0x0) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) mmap$auto(0x0, 0x2020009, 0x6, 0xeb1, r0, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x7ffe, 0xfffffffffeff0004, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) pselect6$auto(0x5, 0x0, &(0x7f0000000180)={[0x2, 0x8, 0x9, 0x3, 0x80000000101, 0x1c00000, 0xa1, 0x400000008, 0xfffffffffffffffe, 0x8, 0x1, 0x8001, 0x1, 0x0, 0x80e, 0x9]}, 0x0, 0x0, 0x0) ioctl$auto_PPPIOCSPASS(r3, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0xffffb034}}) 4.910697528s ago: executing program 3 (id=365): r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000980)='/proc/self/pagemap\x00', 0x2, 0x0) read$auto(r0, 0x0, 0x39b8) 4.83307057s ago: executing program 1 (id=367): mmap$auto(0x0, 0x5, 0xdf, 0xeb1, 0x401, 0x0) (async, rerun: 32) mmap$auto(0x5, 0x20009, 0x7, 0x1b3, 0xffffffffffffffff, 0x8000) (async, rerun: 32) r0 = socket(0xa, 0x801, 0x84) setsockopt$auto(r0, 0x10000000084, 0x3, 0x0, 0x5) (async) open(&(0x7f0000000240)='./file0/file0\x00', 0x420240, 0x115) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x80, 0x0) (async) mmap$auto(0x1, 0x5, 0xdf, 0xeb3, 0x401, 0x8000) (async, rerun: 64) move_pages$auto(0x1, 0x20007, 0x0, 0x0, 0x0, 0x8000000000000000) (async, rerun: 64) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000180)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x4}, 0x1000000000029, 0x0, 0x5, 0xa505}, 0x800}, 0x4, 0x4008) (async, rerun: 64) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x10000, 0x0) (rerun: 64) prctl$auto(0x3a, 0x1, 0x0, 0xffffffffffffffff, 0x1) (async) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) (async, rerun: 64) execve$auto(&(0x7f0000000080)='./file0\x00', 0x0, 0x0) (async, rerun: 64) open(&(0x7f00000002c0)='./file0/file0\x00', 0x12ba41, 0x0) (async) close_range$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async) socket(0x2, 0x801, 0x106) (async) listen$auto(0x3, 0x83) (async) accept$auto(0x3, 0xffffffffffffffff, 0xfffffffffffffffd) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x50e01, 0x0) (async) execve$auto(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) (async) execve$auto(&(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000100)=&(0x7f0000000440)='#\xdc\xfe\xd8E\xc8\x8bu4\xd9n\xcb\xca\xc7zw$\x96\xee\xf0e\x96\x8e<\xf1\xaf]\x9ejh\xad\x9eEc\xae\t\x00\x00\x00\x00\x00\x00\x00\xae\x9cf)\x05zz\xa6\xb3\xce=\x00\x00\x00\x00\x00/\xc4T\x1f\xe5P\xff\xb4\xb7s0\x02\xc5\x81\x93\xc6\xc8\xb6Sp\x1a{8\xfc\xe0,X\xc7GU\xd0\x97\x7f1\x16\x99\x04\xabu/a(\x02\x7f\xbb\xbd\x906\xa8\xce\xee\xcd\xd7\t\x00\xfb\x83\xc8\x8aO\xe9\xbe=\xf7\xf4\x98,\x06\xd3j\x99b\xe6\"Y3A\xbb\xa4\xb2\f\x1b\xc3\x8a,g\xc6\xe8[\xdf\x88\x01\x9f7\xb5\x19m\xd8L\x84j\x8c\xec\xdf\x1a\xbd\xc5\x94\xb9\xb7\xd5\xa4\xc0\f-6\xfe\xa8\xed/u\x81_G\xfeR\xbb\x12\x16\xb8*\xa9\xc9\xe81\x9d\x06\xbbC\x17\xbb\xe6|\x97\xabB4J\xed+-\xf8u0/n\xcf\v\x95\x9d\xab\xa8\xc47\xa6\x0e\xdeOq\\\xc3\'{\b\xd3m\x94\xc2\xdd{\xeaO\x0e\xe4\xe0\xb9\x18^\xcf\v\x97\x97\x06c\x1c\x8fi\x0e\xe4\xd7\x98\x9bN:\xd60\x17,\x06\xc7B#Y0\x99\xeb\x874\xab?\xc8\x82\xe5\x8f\xb7\x91\xc2\x00\xcc5\xb0\xd3k\xd5\xdcZ\xdcP\x8e+\xd8\xc7C\xcb\x15\x13c\xbf\xe8\xbd\"\x8f3\"\x14\xf8(\xda\x19\xcd\xec\x03.\xd9^\xc3A\xda\r[\x1a\xda\\#/\xd4\xaf\xd0\xe8\xff\xff\xff\xff\x00\x00\x00\x00\x99lQ\xec\x84h^\x11+\x93\b\xe0c\xe6\xd22\xf9\xa5') mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0xfa9d, 0x8001, &(0x7f0000000280)=0x10000c9e, 0x400, 0x1) (async) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async) openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/numa_maps\x00', 0x20000, 0x0) finit_module$auto(0x3, 0xfffffffffffffffe, 0x400000000004) (async, rerun: 32) pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5\x85\x91p\xe6\x1eRN8\x90\x86\xdde\x1cJ\x99\x00\x11\x89\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#\x1c\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\x00\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xaf\n1\x80\x1a\xbc_\xef\x8b\t\xcc\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xddef, 0x5) (async, rerun: 32) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) 4.057673716s ago: executing program 3 (id=368): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC2\x00', 0x60800, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85513, &(0x7f0000000840)={{@raw=0x5, 0x7, 0xba28, 0x0, "708c58271a7985a7f5ed0dd58af8d149fc53d81fd4a7553c2ff48b48a8a57689adcc1ca6d2cbfa93b50590c9", @raw=0x2}, 0x0, @bytes=@data_ptr=0x0, "fa491e08108961dd5708680f1134935851612a52d629535f54f3832490fc4e7f79daef312b3df3307044713a4801d409aefe3f932f78fc311771094e769c0095f94ee6d74f2517f34a0bbbf502bf3392ac4d93bde5f733ba936c0890312cf035bc44117db9b683eedc5e02a703fc82750d8d6ebac0c3019ef8e6c1eecea33a59"}) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x18, 0x5, 0x2) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x20008041) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/vhci_hcd.15/usb39/product\x00', 0x200, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r1 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85) ioctl$auto_SNDRV_PCM_IOCTL_STATUS32(r1, 0x806c4120, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) 3.689591214s ago: executing program 3 (id=370): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x0, 0x0) connect$auto(0xffffffffffffffff, &(0x7f00000018c0)=@generic={0xa}, 0x55) syz_genetlink_get_family_id$auto_tcp_metrics(&(0x7f0000000ac0), 0xffffffffffffffff) socket(0x2b, 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x28341, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000fc0), r0) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(r0, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000002880)={&(0x7f0000001100)={0x314, r1, 0x41d, 0x70bd28, 0x25dfdbff, {}, [@OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x28, 0x1, 0x0, 0x1, [@nested={0x18, 0x1a, 0x0, 0x1, [@generic, @typed={0xd, 0x2f, 0x0, 0x0, @binary="eeeabdac6767fd8292"}, @nested={0x4, 0x26}]}, @typed={0xc, 0x3e, 0x0, 0x0, @u64=0xab2}]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x16d, 0x1, 0x0, 0x1, [@generic="5b819d2e3eff693a9678cb419da58f871687cc365554f44a8f55501516273e17b8117643195217d552d844af8e573b83a482f2c5f55d3413e0064c584df0da96a1c41a5590997f4d232226639b37f3129401a6a41feed7fd7529456dbe7e58026bfd22dc9a0d97179de85f9f21007d4153dd3b166113c8c966ab635755deefaa8d624eec6430596add4317c249b22afa592d647cb8b78027a46353871d4def902fabcd012146ebf0fc3beb7b061b5ebb0ade0afbc7e4409094c9d94c91e40c5a3ecd25484c", @typed={0x3d, 0x39, 0x0, 0x0, @binary="3e50e8f53746711c59a2de76aaca74159d80e0cad22953225490dd3d8bd9412356b66ca56fb046926f0aab27799275c6794490cc836b650638"}, @generic, @nested={0x4, 0x1c}, @generic="e3304c74c435f9f36c3d1617fed8b63d73835472591776d0d6d5b8b3dd0e2468ea6d75dcc7a7aadd32199eef6ee91668a4dc262815659c0308281772fe200747c973e38b223571845432dfe63b3cb4d0dad7e87efca3da87b80d9f99a9c15af2"]}, @OVS_CT_LIMIT_ATTR_ZONE_LIMIT={0x167, 0x1, 0x0, 0x1, [@nested={0x84, 0x118, 0x0, 0x1, [@typed={0x8, 0xfb, 0x0, 0x0, @u32=0x6}, @nested={0x4, 0xb6}, @typed={0xc, 0x40, 0x0, 0x0, @u64=0x4e5b}, @generic="0db572f44408272cd2a306dd0f4f27d9cb1a25e50ca26f8391f49ef9b8c8b35e4290bdc4215273925f8344cbb412f61a8b8e7ed2a69bc01186ef75f15b093540bbdb2cd8866a15bc3239fddd1b4e98fb525cf9e636827008ec575079415b5dfd8e9492f2", @nested={0x4, 0xf2}]}, @nested={0xad, 0x14e, 0x0, 0x1, [@typed={0x8, 0x126, 0x0, 0x0, @uid=0xee01}, @typed={0x8, 0xa2, 0x0, 0x0, @fd=r0}, @typed={0x4, 0x136}, @typed={0x4, 0xe8}, @generic="4486c4c5f894c2d7a45d4d9c2c71911b9d8deab694b890df0804291512cc3f49c484d0603f23303472aafff7abda06a3f06556117ea12ec5d67d1a2ee00d53574dfc1ceaaa9549b46bc502c63afff562788b3a0f6820", @generic="5b38e3f04f5a903e41e92af6e39638d6e7fb87380795ddf6fc5914ba22c8759717c4893e94b85f1f811e7d286d5a5a957c457ed0342ce04b58a206"]}, @typed={0x8, 0xbf, 0x0, 0x0, @pid}, @generic="bffb563d466f9a86698d52475aa00bb0208ad50b511861", @typed={0x8, 0xdc, 0x0, 0x0, @pid}, @typed={0x8, 0x132, 0x0, 0x0, @u32=0xff}]}]}, 0x314}, 0x1, 0x0, 0x0, 0x40400c1}, 0x4014) 3.274130286s ago: executing program 0 (id=372): statmount$auto(0x0, &(0x7f0000000180)={0x3, 0x1, 0x9, 0x7352, 0x41, 0x65f, 0x1ffde, 0x7, 0x3, 0x2, 0xb, 0x3, 0x5, 0x101, 0xb4, 0x9, 0x6, 0x7ff, 0x84, 0x4, 0x0, 0x7, 0x2000, 0x203, 0x0, 0xb4, 0x4, 0x0, 0x0, 0x0, 0xfffffff9, [0x7, 0x0, 0x68, 0x0, 0x100000000, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x2000000000, 0x0, 0x0, 0x0, 0x9d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000, 0x1000000000000, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x800000000000000, 0x7e30e0be]}, 0x1fe, 0xf) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x24008004) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f00000000c0), r1) sendmsg$auto_KSMBD_EVENT_SPNEGO_AUTHEN_REQUEST(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)={0x14, r2, 0x1, 0x70bd25, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) memfd_secret$auto(0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000001980)={0x3c, r4, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0xc, 0x3, 0x0, 0x1, [@nested={0x8, 0x4, 0x0, 0x1, [@nested={0xa888, 0x128}]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) r5 = open(0x0, 0x261c2, 0x84) close_range$auto(0x2, 0x8000, 0x0) r6 = open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) io_uring_setup$auto(0x9, 0x0) close_range$auto(0x2, 0x8000, 0x0) r7 = socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) r8 = socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd=r5, r8, 0x4, 0x401, r7, @relative_id=0x14, 0xe600}, 0xd) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r6, 0x0, 0x3}, 0xc) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendmsg$auto_KSMBD_EVENT_LOGIN_RESPONSE(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x400, 0x70bd2d, 0x25dfdbfd, {}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x20000000) 3.253536157s ago: executing program 3 (id=373): bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x39, 0x0, 0x4, 0x3, 0xfffffffffffffff4, 0x1, 0x3, 0x7, 0xfffffff7, 0x4, 0x7, 0xd6, 0x7, 0x612}, 0x2) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f00000000c0)='%#\x00', &(0x7f00000002c0)="6007be2ef0712231f1fa4302c8a5e5b1562948348592324d1311e02973038f40dbdd7344dcd892b10b0d372f10b4b24df7576eff7d94764d61c144f7996b49184fca2404fe963f69befb4c4399c406ce21eeb0116ef24ee5e1d386996cdffb03b98a0e8473d9feb4c050b5965061ffb7a27fc66fcbbd0e096eca5a1afa9b88db5a55401e33470521ba60da24ec04bfc33626e63d3d56f84fddd5ba708069875f06e13c045b121ef5a3369e82b732e0a8f75102e74e4c7e9a421acee7bfc5df3552b209405ab82b727b857cdb666d4b60afdca6a05df26d017a35130794fe4a021e93ed77196f6ae1ad3f59c020e7555c416c3b9e61fe0dbfd2306daea120981e1a5b84ebc1762b5ae9a98e073acf55ad4bc940c45ad99051a7da73fa778facf1b4cc6b3f8f57b6185747c874251e402546ceedc71c65f49e849cc3dc9d4146c5ef737d8d0fefafac7a9e0a6fd35f3d80aba28d6d15b5e65c6654195c0b2aa3bfe860a4e79b0bc23f88438ddd37ed2f558ce70c8452a287286dfef4909ace802f10df6a3baa8d9eb1468fd199b8d28e50434ae4d8913033571bb32152e311d47266b32e81a761d65b5180a3bd2b873f2023f8a1fc7aef1ab27ccfa8d5a38a0b112383a0853a7c0e13712e4de2355b08909d157e1bdeb98a4ce47f2e1bebf5a0054e98b2eed3963094a878bd24e96438b8adbb15dc050d1a60273ed9c5a6c333d57fbc628e8710289479e4da3991da3a55b282f56a9f22eb845c5b08f438f5a8b8971fbff2e58cbb555352bd8846f054f903e97306f9fd780f140a54e1aac55a53408764bd3f3e8c8422a1c5630c417dd3f41f66b4595304b82f3759bbf7163c9e876ad07ede37e7d757a957e201f1dbf9e83094297ace59d550686c00e0c62d0a33002be85ce5539336a52d04444c1c78877fdfe7d020dbff728b876b0401ebdd1a674ee26fd19af15267f6ba16eadff56116c59d73f646b82fd819109c268af9aa317c15d679a4db023265f837a341ae90e9f26b4248857dddcc48477ebd3763e5dd33b262e3db44adbfa41a20abb8d72c35d6ef44cce50e6a63e83d8d71c43e9ae9bf71ef2403bd97c5c091f8876b2b2781a3b0da06aa6baf48cc9afe71108c08bbc35023cb946709d9366e62845558943dc01de5538d368b6759518690f3738df0618c7563de264e6ecb75c9ff229cbf7c25c6bc4dfe5eb590506784a560982e780b282b85adee62be3f948b4cc48768c82f2b586f898eb1caa4cf71aee28fc65470248030e7b01c19dd921e20ec74d920c7474d5083d830f981ca458b120ceb040deed67fcd559e7dfa5aca42829780a8d46498552d00466cc301e4baaac85505fe60a83536cefcbcb651fdcc7c17e0b6b6cfb75ea211d9f7c2ffc6b8d3528efa259cf9e1f9cc0caf6500190c0d7aadcab6c4e3963bf6f8ce12882cf41e1e8a5ab67e511b27378e0e2013c5cd92e7363ce63a600ad6808c409a641b04988eafc706dd2de9191c99fc2b02f60701aea187d7a10aae1879e737f422630389a4f1462c94b316e836af488b43b5be49a02ea3cd669a90c4056428337138fdd5a158210aadd6e4e1774290c9e241befb121b24e3aa4a16090a496ab3778934055ca727bb14b713c5dde06e52ebc0c6a8e579395a6921f940fbbb71fb875879742dfb3ede0685d9d5a67af55d8e0cc35e062b52b96641db38fd8cf839f17107e009015126b39b7f2c84aa9d4ec5f2bfb493f8ea2f782f020a873769bc96182ad7af170b9f12b50bf2d8b706fb074ce3305bd16de2f5bdd4e16c57931a6a0205ea28e2fcad25967d878d5eee8929720be97f354ff72a7497d45610a81ebd3a4fc63c19b352bcb304e6d9b2f238d1075db22878a2334926b267f7e9e143a9bf2e6ae78cd53a3a85e5f3c5398b5214ce1cdab6d9c73671609924529a978519b479fde48aee14bd8b9d4e5cca24b92cf8a428fc23fcd2e5b3814f91c00f2ac853524b03cede740776df7d12e380d915fbde8c9a996845a067454a504439c0d97bb33a35d6dac6d0cdff1f8f6986e7c4877a1533a920049a5383378a36ca5ce1336c5c8d7f367ae4ecefc99abccc8cc43e368e48d1307c7e23250dde4f4f6cbf74d54f7ae7690fafa916b327a014fbdbb7049fb1d0df52ec6239e322d238d141925eef1c5fde5cb9758b297fe951eee5ac849c6ad0b760457ac37ecdfa22f06de31dd43f8533b0a05faa66d013c6f91b8ab667a6f3cf82091b5516bfd075f2ff89dbaf40239d3f2c2a207e73a64fe25db5cda818b1429a1dd0c1dceb944b137e08ec3b65109045878d88d0b261baab4ae746613421702874c7611ddb9c6589d5309033d8c32ada00cfcc9ee88deb1121cf5401ec8ba6807eb58e59654ad7a33d1985837de1c6fcf9b6507bf998d07d7598c55468d8a4416060910583b79df720c15c1c6d55b4cedb7e35fb7a1a00ad9e9f2e7f77b162e1c5fbf5f913056f4316f8449236708c443492e802ed4da13a2d861cbac9b342d230a9e9126e999c9c54542b319aefaee6d8c538df5e182fc6de05f1651b6e19459d94ad89b678224360ec8c8e9dbcf66afcc4a747296b48e7e32d98b0cd29b4abdfa36a319e39d05c114662667fb293e137140e2ecdc6cc7c3fe2ba3680ae0593fd000b8cd607c0b9e562a0f68b145e68309b574e3bda1e75868af26c71b508baba1f61dfe15b7f78e59aae837ae7732ddc79ad3ad0cdd5379032e3b9ab7af77300b236c387cad195d14f3a3b8dc2c5e00664a95492f09cec715af43b5c4518375d92daa215911eea31ef95a9de57ec61ccfeaeedcfa871caf0c5ea583f6a289a815ccdc6bc8945c900f1ea324d56256957a57908dd93df853ff485de2c9eb52dac79dd3846270d7bb6e0c05191a47a129f30c8797cf4816024ce695edbbbf4483a5cfcc216287511fa4b617ee451e9fe328d5e47458205e681967bd460cd39758e21d1859679d8085cb87d129736386455f65692d2b335ab1416e513365e047f4470f8300006980e0f9dd2d6965f0abe09882a8b7527f6a66569ff0bc64274a3e2f31a25495dca8b59a35e31f1a465a81a658631f2a7549b029c0255774a6a7c49318f6d0b45c0d4c06ce124dc49b9239e2031aa69d7ad2e4a9ff852edcf5ce2b0c74194e9de041af55e96594ced8a9fc4e5638d04d03d69d17851c9ca4f8060292e1b898a343147fb81f8c21c694428694dfbb654a89b679955f2d7bdf3d7a41fe5fede52b4371c9ec57702c0f29baee3fcf5d6d117a483137b35292a36e6da7231354c3119eca12280ead7b48f89cfc66f5877dd17d514b128cbd8304732aef92787714db4c61bdfc528b144ec126d077624bfd338b3058e797347c6d909690d3f08c52b6f5089003f488003e545dd447d50574930cd77130003ed45afa5a853b612e004976b5692f1f79cc7bdac7167893b43919245aeb9f1542b5ba550454c8497246bc20466e2640281070b2ca29157605d34d7c2ffb77ba262d2e1ddb624a9ad07b22a909291eb9583674b378d7e08167c6e07538aa4e7ca070e55a745bf26c445e88348220380fccbb13d7c5dd9d668ec575f6bc27ade3ba43d14dd45daa0108380253d6db6d391809a82d4dd09c83990cfeea1a8779200d447d829f841be9f0b68ef01d673a92514801698b2d8201f05f4a3e4dd660cd92a42dc290a2c9436140023e0d6069c5a192f56b08953723064052c39051064a45450fa1abfe7e4af6be7e0b46ae64fcb05eb40eba999d6b884baadd074576a9e233bf72d7f3941406780bf41c7c3747fe73f2eadd735b1fe5763097eeced0ec6576a00323a93390fd2bc699aa2663703ec61930aa53ba3176ad8a06d187cc77839e00c8a70138a886063cce5d19d8a5138c2dda0e63f4f35222fa8d0f6fc91f65bc5dcee1a80982e5fda3993ac2e0319bcab74fec1aa4557b6ec3d1f4bbf06d574151bbac58e6944733117342c2e5c0217edf6387b660c4b7a5a2e53880caf267e50f66585a44a5d236fd30997070dec4dc1d278eedda54ca3dca558d34fc473ef630177c1e0f4aaa93a25eadf5f5fcff69486049357274a8abc9c8a792bf974170c06fad06f525182193c49d8ca88676446eba8fdbbddbb80828b64c7e51c78f53bd11b5edacf22e99ea74ef2f5424252b3c5c7f4ef92b81d7e56d4f3ef8e4daf2f71dda7ffbc234b0c29245eb215bf0b447c6d3ab1b8f8e30b706f291bd97ecac66bfd17e4446843d928296e58c4487b1e25eacfee63e1d1903044f8d2a07797e86785f49d512f39ba9aff62e8f42ebd19724d56a4bcdcbff11fe74d9e832e7462fcb94a46416ac279f1a301afc188dd7f42bd4b1ceec6784bf316eba7d1bed5f9cbad5c251313fda4ebc0e573a1328dc98783e38dbbc7cb2ac35eae7fd215fba269173714a1ea352724c85c534b90242de05e519849e00109a6e764bd9a030c0a71ccdf3468aacbaffa09404cbd790e9ae1e30498a9e22071bae5c06acb5caf3c70e3eabc5be823708361d7710b30f90cd384f37ef9d4168c8384b5ffcf6c842fddcff38926a6b9405e2cda8f4aa77c05dffb311a2f212878452e35c3566a0f055e3b551f6123dfc4bfda5579e6df690ab21496ed9dc923f0a99d81d8f7e883734ca523112ecb6191d2f7076d5288b6c5953fbba59ba993433986ec71ae4c98bd4bade08fb48f99298cc14e84a26f90086ca1f5ed5dac4262e70a20c927fb68e90ab2d1d5a54f2a4531c5b475f90981b29ab1edab5a3643a574e1bd7669fdf869b8a2047cbc1ba105be708db1988ec16fa02ac27d6b58d7724670876328c0a53fe8a6edbadcbd12183dd216c0c0b2f10342ec32ec7fe305f9038216f0733bc905ff66884ef5cc52f47a52ecce56191e81b45ec09008ffc5c8c956b19ce4fb94fa839465e828a30e3b7762e415cfc5000a3470271bd4b06356cbd758d30362b48200af6a836bb23a64c11df9bd2abbb1faae5cf732dbe1a66b2887c072f1dc1a3b2510ef660f8668ca3f9c92c31a4a9b483b4194b6ca4c49b765c5e795ba02b728a33d3e78c9e7b5bc6897390130b991152b865e9988979a0a98b6dd28026c36fc0584863a56a1856b8c5562e511a31a8ed3d9a134b776e05a892a9854ed90f2e9378e4f3fdb93f1dda4d7c9b1a426166bb60f47c1587b0cc1ed0b0e10e00cf1bd29ea7103e72ed1c916481f49eb0540e7fd33c3dc815509062f287ae77f96acbcb19f1146ff7c88f0bae9f5b72200055189e2f44316c1f7155328d1bee351bb8799ec72627a3e26ea9026aafd2c08287559d42daec92aacb423dc207f18dbd072d714a590c5a0605d600b24154c11fc9566044814668c24f44a8188c41ad9f722de9818531bff522acd00f8cba2eae8eebf198fe93a2513eb4ff59b61309e7978182ecbba5c848ca8e33f54323c36089723d4576e99f15ffbeb9d5b8f6c40bef05181a6bfbc685b5ae4ee2fc3076c77e8109c71230379912f080d2d5ace95176733f7eacf001807b3529097eadda4568828f334eae86ed72a64904977fe3de46218979ffb50f2a499823c8fb08071155d5f1fd8cfaf2a91b8d33711474454ef4a9ace09682cab9a3acbe39e74f10048466e9e4b6c7c4222fdd178605eb41b69bef38e5eb05eb8c7b585e0da694da5c15cb25b69debb52b16d5a1889d2bdd148101b468f096cdb42e987399de1310adf135e09002473cb9964e076fb97501516fcfbee533ee0b8819f46364fdfdd385bac809e282152e0c71b817e9cddc637e56b832402b88c49618b4d340a6b2731a9ae", 0x6) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000280), 0xffffffffffffffff) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x199e81, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000000040), 0xffffffffffffffff) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/bus/mei/uevent\x00', 0xe0281, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000000c0)='5', 0x1) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="ff0f0000", @ANYRES16=r4, @ANYBLOB="1b0026bd7000fddbdf25030000000400080018000380140003800f000a006f76735f7061636b6574000012000100898771f1c19f1779048590828847000004000280"], 0x48}, 0x1, 0x0, 0x0, 0x4000041}, 0xc800) ioctl$auto_TIOCSBRK2(r3, 0x5427, 0x0) r6 = gettid() prctl$auto(0x3e, 0x1, r6, 0x1, 0x0) sendmsg$auto_OVS_DP_CMD_NEW(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x2070bd26, 0x25dfdbff, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, r6}, @OVS_DP_ATTR_NAME={0x8, 0x1, ':fR\x00'}, @OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0x9}]}, 0x2c}, 0x1, 0x0, 0x0, 0x801}, 0x0) 3.017479379s ago: executing program 0 (id=375): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/cpuid/cpu0/uevent\x00', 0x20400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002140)=""/64, 0x40) r1 = memfd_create$auto(0x0, 0x9) write$auto(r1, 0x0, 0x5) finit_module$auto(0x3, 0xfffffffffffffffe, 0x0) sendmsg$auto_NL80211_CMD_GET_WOWLAN(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x0) setreuid$auto(0x0, 0x0) rseq$auto(&(0x7f0000000100)={0xe, 0x9, 0x0, 0x6, 0xffffffff, 0xffffff4d, "72c53335fbfa2eb3845b1e63c778855a687803e12d1eb2d43e0e6215fa"}, 0x8000, 0x0, 0x6) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/input/event0\x00', 0x3496c2, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_GET_MSRS(r2, 0x4140aecd, &(0x7f0000000040)={0x7}) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000000), r1) 2.97960548s ago: executing program 1 (id=376): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd12\x00', 0x480c2, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0xe983, 0xe3, 0x16, 0xffffffffffffffff, 0x7ffe) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r2, 0x0, 0x1ff) writev$auto(r1, &(0x7f0000000200)={0x0, 0x3}, 0x3) openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000640), 0x8382, 0x0) mmap$auto(0x0, 0x2020009, 0xfffffffffffffffb, 0xeb1, r0, 0x8000) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x1, 0xffff, 0xdf, 0x15, r0, 0x401) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r3 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8953, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x73) r4 = pipe2$auto(0x0, 0x0) r5 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mtd\x00', 0x100, 0x0) pread64$auto(r5, 0x0, 0x800003, 0x270) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f000000fc00), 0x3, 0x0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r4, 0x0, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r6 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x40401, 0x0) ioctl$auto_TIOCSETD2(r6, 0x5423, 0x0) ioctl$auto_TCFLSH2(r6, 0x540b, 0x0) 2.928386317s ago: executing program 3 (id=377): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x1, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x47, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0xc0402, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x0, 0x5, 0x0) r3 = socket(0x11, 0x80003, 0x300) r4 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) r5 = socket(0xa, 0x801, 0x6) socket(0x2, 0x801, 0x106) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_MACSEC_CMD_GET_TXSC(r4, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRESDEC=r5, @ANYRES16=r6, @ANYRESOCT=r3, @ANYRES32=r3, @ANYRESHEX, @ANYRES8=r7, @ANYBLOB="b6758a9057fb65", @ANYRES64=r1], 0x2a8}, 0x1, 0x0, 0x0, 0x8085}, 0x44) close_range$auto(0x2, 0x8, 0x0) r8 = socketcall$auto(0x8000, 0x0) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r8) 2.835618705s ago: executing program 2 (id=378): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xc7}) 2.63510092s ago: executing program 0 (id=379): mmap$auto(0x0, 0x4, 0xffffffffffffffff, 0x400eb1, 0xfffffffffffffffa, 0x8000) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/mnt\x00') openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/nbd3/queue/iosched/front_merges\x00', 0x8001, 0x0) mmap$auto(0x0, 0x10005, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000001a80)='/dev/bus/usb/031/001\x00', 0x208000, 0x0) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/stat\x00', 0xc0802, 0x0) read$auto(0x3, 0x0, 0x8080) read$auto(0x3, 0x0, 0x1f40) getsockopt$auto(0xffffffffffffffff, 0x114, 0x2718, 0xfffffffffffffffc, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00", 0x3ff, 0x408, 0xc, 0x400004, 0x200000000040000d}) ioctl$auto_BLKTRACETEARDOWN(r1, 0x1276, 0x0) madvise$auto(0x0, 0x5, 0x15) r2 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci1/power\x00', 0x217102, 0x0) recvmmsg$auto(r2, 0x0, 0xd, 0xc, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0xca, 0x0, 0x2d9) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, 0x0, 0x40800) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) adjtimex$auto(&(0x7f0000000000)={0x16, 0x0, 0x7, 0x0, 0x7fffffff, 0x4, 0x100, 0x0, 0x5, 0xffffffff7fff8000, 0x4, {0x3, 0xa}, 0xe5, 0x9, 0x9, 0xc, 0x0, 0x6, 0x6, 0x81, 0x20, 0xffffffffffff8472, 0x1000}) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x2, 0x8544, 0xaa) madvise$auto(0x0, 0x200007, 0x19) prctl$auto(0x43, 0x0, 0x0, 0xfffffffffffffffe, 0x5) syz_open_procfs$namespace(0x0, 0x0) 2.542095942s ago: executing program 2 (id=380): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x18, 0x5, 0x2) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(0xffffffffffffffff, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x20008041) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sg0\x00', 0x100, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xd4, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) openat$auto_dfs_sched_itmt_fops_itmt(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/netdevsim/netdevsim3/ports/1/ethtool/pause/report_stats_tx\x00', 0x0, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000005280), 0x0, 0x0) socketpair$auto(0x8, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4048aecb, 0x0) mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r2 = socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85) ioctl$auto_SNDRV_PCM_IOCTL_STATUS32(r2, 0x806c4120, 0x0) madvise$auto(0x0, 0x2003f0, 0x15) 2.359811618s ago: executing program 1 (id=381): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) r0 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r0, 0xc0686611, &(0x7f0000000080)={0x101, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x800, 0x101, 0x5, 0x207f93, 0xfffffffe, 0x7ffffffd, 0x3, 0x7, 0x5}) r1 = clone$auto(0x2000020003b4a, 0x6, 0x0, 0x0, 0x103) unshare$auto(0x40000080) r2 = socket(0xa, 0x5, 0x0) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r2, 0x7ffe) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/asound/card0/pcm0c/sub5/info\x00', 0x42642, 0x0) r4 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r3, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) close_range$auto(0x2, r4, 0x401) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000000300), 0x80000, 0x0) socket(0x2, 0x3, 0xa) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x2000007, 0xd, 0x9, 0x948b, 0x3, 0x15f0da0a, 0x4, 0x494, 0x62, 0x80000002, 0x7, 0x1, 0x9, 0x3, 0xfffffffffefffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x1000, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x8062, 0x80000001, 0x800, 0x6d3f, 0x9, 0x8, 0xfffffffffffffffe]}, 0x0) r5 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f00000001c0), 0x640000, 0x0) ioctl$auto_TUNSETVNETHDRSZ(r5, 0x400454d8, &(0x7f0000000140)=0xbc) r6 = socket(0x10, 0x2, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r7, &(0x7f00000030c0)={0x0, 0x0, &(0x7f0000003080)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000", @ANYBLOB="0456ed", @ANYRES16=r1], 0x14}, 0x1, 0x0, 0x0, 0x4854}, 0x40) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000003900), r7) r8 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), r7) sendmsg$auto_ETHTOOL_MSG_WOL_SET(r6, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f00000003c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010027bd7000fcdbdf250a9e00ff15000000140001"], 0x2c}, 0x1, 0x0, 0x0, 0x4801}, 0x0) select$auto(0xd, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000001ff, 0x4, 0xd, 0x1, 0x3, 0x9, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000023, 0x7, 0x6d3e, 0xd, 0xd, 0x1]}, 0x0) openat$auto_stats_fops_(0xffffffffffffff9c, &(0x7f0000000240), 0x40002, 0x0) 1.519254729s ago: executing program 2 (id=382): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r2, &(0x7f0000000000)='//\xf2\x00', 0x80000000) adjtimex$auto(0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) close_range$auto(0x0, 0x5, 0x0) r3 = socket(0x11, 0x80003, 0x300) r4 = socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) io_uring_setup$auto(0x1, 0x0) r5 = socket(0xa, 0x801, 0x6) socket(0x2, 0x801, 0x106) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr14/proto_down\x00', 0x82942, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x189401, 0x0) sendmsg$auto_MACSEC_CMD_GET_TXSC(r4, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYRESDEC=r5, @ANYRES16=r6, @ANYRESOCT=r3, @ANYRES32=r3, @ANYRESHEX, @ANYRES8=r7, @ANYBLOB="b6758a9057fb65", @ANYRES64=r1], 0x2a8}, 0x1, 0x0, 0x0, 0x8085}, 0x44) close_range$auto(0x2, 0x8, 0x0) r8 = socketcall$auto(0x8000, 0x0) r9 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r9, 0xae01, 0x0) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0xae41, r8) 803.661791ms ago: executing program 3 (id=383): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000ac0)='/proc/irq/default_smp_affinity\x00', 0x2, 0x0) r0 = open(&(0x7f0000000480)='./cgroup.cpu/cgroup.procs\x00', 0x42842, 0x95) read$auto(r0, 0x0, 0x1) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) r1 = socket(0xa, 0x801, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) r2 = socket(0xa, 0x5, 0x84) sendto$auto(r2, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba87e8000"}, 0x1c) futex$auto(&(0x7f0000000000)=0xf0fe, 0x5, 0x4, 0x0, &(0x7f0000000080)=0x9, 0x3000000) getsockopt$auto(r1, 0x84, 0x71, 0x0, &(0x7f0000000280)=0x22a) setsockopt$auto(0x3, 0x10000000084, 0x7b, 0x0, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x26, 0x3, 0x2) r3 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, &(0x7f0000003c00), 0x1a9901, 0x0) write$auto(r3, &(0x7f0000004240)='\x01', 0x10000000004) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) 749.636972ms ago: executing program 2 (id=384): close_range$auto(0x0, 0xfffffffffffff000, 0x2) mmap$auto(0x6, 0x20007, 0x8, 0xeb1, 0x401, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) setfsuid$auto(0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x280, 0x0) ioctl$auto(r2, 0xc040564a, r1) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x40342, 0x22) openat$auto_ftrace_event_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter\x00', 0x2, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r4 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r4, 0x0, 0x7) writev$auto(r3, &(0x7f0000000200)={0x0, 0xb}, 0x200000003) write$auto(0x3, 0x0, 0x5c8) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x80002, 0x73) setsockopt$auto(0x3, 0x0, 0x2b, 0x0, 0x108) sendmsg$auto_MAC802154_HWSIM_CMD_DEL_RADIO(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, 0x0, 0x8, 0x70bd2c, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x4010001}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xffff}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x100}]}, 0x34}, 0x1, 0x0, 0x0, 0x40804}, 0x10) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vbi18\x00', 0x280, 0x0) r5 = openat$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/bluetooth/hci0/force_devcoredump\x00', 0x2, 0x0) write$auto(r5, 0x0, 0xe) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0400, 0x0) ioctl$auto(0x3, 0xc02c5625, 0x38) r6 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/irq/9/spurious\x00', 0x28002, 0x0) pread64$auto(r6, 0x0, 0x800003, 0x270) 449.522987ms ago: executing program 2 (id=385): mmap$auto(0x0, 0x2020009, 0x10, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x85) madvise$auto(0x8000000, 0x2003f0, 0x15) 428.5405ms ago: executing program 0 (id=386): r0 = openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/bluetooth/hci3/hci3:200/power/control\x00', 0x50000, 0x0) connect$auto(r0, &(0x7f0000000040)=@generic={0x6, "8919cb84333a7e0e5e4b97925daa"}, 0x3) (async) r1 = waitid$auto_P_ALL(0x0, 0x2, &(0x7f0000000100)={@siginfo_0_0={0xcad, 0x5, 0x6, @_sigfault={&(0x7f0000000080)="176de469a0fa9329dd5fc4c0d548c32a816887ba8ba38f6c9a10984f82d53a6b67864dd49ae004f88de03025c8a798a7c8885db2b4cc051a80b9c2c5ab1b1e5c1587761a075e10218df3d4b558c4f44fb9ff31c00f0f6dabed34361f3797", @_addr_pkey={"4cebe5c1c7b31477", 0x401}}}}, 0x7e61, &(0x7f0000000180)={{0x7dd, 0x6}, {0x1c0000000, 0x6}, 0x1, 0x7, 0x0, 0x0, 0x183cb90d, 0x8, 0x1a2a, 0x9, 0xffffffffffffff71, 0x9, 0x7, 0x4, 0x2, 0x2}) (async) sendmsg$auto_IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000280)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400000}, 0xc, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x4000}, 0x20000000) (async) read$auto_rfcomm_sock_debugfs_fops_(r0, &(0x7f00000002c0)=""/73, 0x49) close_range$auto(r0, r0, 0xe2) read$auto_clk_summary_fops_(r0, &(0x7f0000000340)=""/16, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000003c0), r0) sendmsg$auto_NL80211_CMD_NEW_KEY(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x30, r3, 0x8, 0x7fff, 0x25dfdbfc, {}, [@NL80211_ATTR_TSID={0x5, 0xd2, 0x1}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x3}, @NL80211_ATTR_KEY_DATA={0xc, 0x7, "7fd161e928c5547d"}]}, 0x30}}, 0x4000000) (async) r4 = prctl$auto_PR_SYS_DISPATCH_ON(0x2, 0x1, r1, 0x8, 0x9) syz_genetlink_get_family_id$auto_vdpa(&(0x7f00000004c0), r4) (async) r5 = ioctl$auto_TUNDETACHFILTER(r4, 0x401054d6, &(0x7f0000000580)={0x6, &(0x7f0000000540)={0x0, 0xc1, 0x15, @raw=0x7}}) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000500), r5) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(r6, r0, 0x4) (async) sendmsg$auto_NL80211_CMD_START_NAN(r5, &(0x7f0000000680)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x804020}, 0xc, &(0x7f0000000640)={&(0x7f0000000600)={0x18, r3, 0x20, 0x70bd2c, 0x25dfdbff, {}, [@NL80211_ATTR_MLO_LINK_DISABLED={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x20040010) (async) ioctl$auto_KVM_GET_MSRS(r0, 0xc008ae88, &(0x7f00000006c0)={0x0, 0x0, [{0x9}, {0x10, 0x1ff, 0x80000000}, {0x80000001, 0x0, 0x1ff}, {0x3, 0x8, 0x6}, {0x8000, 0x1, 0x3}, {0x0, 0x7, 0x2}]}) (async) r7 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000780), r2) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r2, &(0x7f0000000980)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000940)={&(0x7f00000007c0)={0x178, r7, 0x100, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}]}, @ETHTOOL_A_STRSET_STRINGSETS={0x148, 0x2, 0x0, 0x1, [@nested={0xf9, 0x5, 0x0, 0x1, [@typed={0x8, 0x10e, 0x0, 0x0, @fd=r0}, @nested={0x4, 0xdf}, @generic="0cc2478ca555c3fc64394eaea8c8d3383df2d7e424379b2d1a66221cf462593c75f12d735935395fa133b97fb48a996dc7f1eb3cb372797b860b2d8af326bb97fd24f1799bcbc21bb9238b1592e9fbbbf8df40780f49009a9578d6961246ccfb145177adfd95508a3b4d4eb7e7b2eab9ac0189077f49a1702719bbaedaf7b9e851079f1598fc95f34ea0393718d381d2079f002c41854420efae9e35a5c886f1102a060813ca7d104c9d5b4d351d3fad705400f85d475ae22f8aed129157f436824228c35202203aa7c673595c", @nested={0x4, 0xe}, @nested={0x4, 0x86}, @typed={0x8, 0x125, 0x0, 0x0, @pid=r1}, @typed={0xc, 0xb1, 0x0, 0x0, @u64=0x3}]}, @typed={0x8, 0xd5, 0x0, 0x0, @fd=r6}, @generic="346719d1b4f47090b50d2a1f8fc9c463f47b0bfab97f491c851fda3145fabdb123d146dc303a80307b185f071df82b770f7883e8c5f7b137", @typed={0x8, 0x155, 0x0, 0x0, @uid=0xee01}]}]}, 0x178}, 0x1, 0x0, 0x0, 0x8000}, 0x20048000) (async) write$auto_vga_arb_device_fops_vgaarb(r5, &(0x7f00000009c0)="bd3887f2235647bddca03a75a3ffdfd45e1d064db7272252e5f83c90256e10373040e0f0499871f642aa758c84db0cda4bb667c7c47575e83f8909eb743392fb2a1edb5e9e8fa6c337a0a974f1606e089f407bbf715deeee550f099b726f993e64983ea8227b53018b90b09344630c20e3879bfde2e2a7b7a537184176627cb757f08359aaeddbc6e341a24658da3563b42a68601a70cc492dc271f307c3717a6c47e341ca6aa6b509e47bbbcf8d74b52d0ffd761f69ad2fcf5dc287c327a2c4fb1b68a3c84860ba960e2551ec3e95ea", 0xd0) (async) mmap$auto(0x101, 0x2, 0x10, 0x4bd0, r2, 0x2457) (async) ioctl$auto_KVM_GET_MSR_INDEX_LIST(r5, 0xc004ae02, &(0x7f0000000ac0)={0x8001, [0x7, 0x7]}) (async) sendmsg$auto_NL80211_CMD_NEW_MPATH(r4, &(0x7f0000001040)={&(0x7f0000000b00)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001000)={&(0x7f0000000b40)={0x4a4, r3, 0x4, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x46}, @NL80211_ATTR_SAE_PWE={0x5, 0x12a, 0xf}, @NL80211_ATTR_USE_RRM={0x4}, @NL80211_ATTR_TID_CONFIG={0x220, 0x11d, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x6}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x19c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x2}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x15c, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HT={0x38, 0x2, "30242bd2ce57b33a991947abad0d166daab4fca227962e68598d6065650e258b2374bc1a984a3c7f6edc90eeef98fcac7b6b94b5"}, @NL80211_TXRATE_VHT={0x27, 0x3, "8d83bc24a90cbdf6e34cc99d53adc817b39a52c529355866c14d7793d1df446abae4bc"}, @NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x7}, @NL80211_TXRATE_GI={0x5, 0x4, 0x3}, @NL80211_TXRATE_LEGACY={0x5, 0x1, "e7"}, @NL80211_TXRATE_VHT={0x65, 0x3, "84fc3acc81434aaea75669e9e8dbe0da3fb550250daaa4b823ac388d73dd5badea53e7ca9b9cecc9b28fd7b1ebc207ee5a5f865119b7c05701bc7fd034626c3dd8f3fbe11627ecdcbe3e27e36fad1ee49ba9b69810a1f55e5e2b3baab4d523e246"}, @NL80211_TXRATE_VHT={0x4}, @NL80211_TXRATE_VHT={0x63, 0x3, "168cf7d0224987081b94d3ad517125ca2e80e8e02de23b0ec3b570d8d43cee71f9ff4b09d0137c13f01c985e65c981d215f8b7d7517145b7171ea65c1130356ee319febd5454633495bee62bb3d6aed4be16ff0c42f1238d5c0eb0f7c2b308"}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x8b}, @NL80211_TXRATE_GI={0x5, 0x4, 0x9}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x81}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x4d}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0xf7}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x80}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0xbb}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x2}]}, {0x2c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x81}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x8}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0xfe}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x7}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xa}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x77}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x67}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x8}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x7}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x3}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5, 0x9, 0x2}]}]}, @NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST={0x6, 0xf7, {0x1, 0x7}}, @NL80211_ATTR_TID_CONFIG={0x1b0, 0x11d, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x4}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x2d}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x9}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x9}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x3}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x2}]}, {0x170, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x158, 0xd, 0x0, 0x1, [@NL80211_TXRATE_HE={0x95, 0x5, "e0ea941104e66ce09ee36cecca434e054137d0c7fe5c9e78347f4578ddefdc39c7202717d6739dc82c1b0419fbe8caa43f9af349088a8a7781e6ec5e36164a7c461af92e67f3a6471c6a53479971b9507c7f40ad00f7d6cd8759eb72ac3228dafc579a4454b4d35ebcd2de50594a66948fc922df31d64d9ae8e78bc004b92a3c6cee2f4ee5e18cf32887abef497f4af8e9"}, @NL80211_TXRATE_VHT={0xbc, 0x3, "912014c09562c3aa3f3bb8e4ae67ce820971599604f00fb9c6c5cbb7070e3ff595ecd6744c2daafe26cf6b0ed818057fb25600a65c3c3fe76c4efcb5825093460854be5ce6ffce3fb40201e933ac4e88ed3d3f78147a432ac94a169dae37051f50d08614501ee1f3439d72c5315216672026bb87675f3e9c0c269fd0c0c4db95419eb4e2792ebc67db6250e7c789b16544ee8285b6a351b9bd5ec78d6ee15767e1f94edea58f1392357cdd5990cce4d386c0276a170f3bd4"}]}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x6}]}]}, @NL80211_ATTR_S1G_CAPABILITY={0xa1, 0x128, "d932857c7bb5a4d93c511ec765718f6f18d8af3b7a02f1c9329bc78b5b1998c813c9cc616112571afddf5ddc6f5e353441e605c47d60c1d9a62c908bbe707906c8101b0dc4b8f0ba7db72bd8b62f99dcaf740d82fd904477f4de2f815056c7354a8173c28746acce7a008c6bc018b3206cff6febea9f551c71cc433c32f46aad50ee8b112c24af27e20bbcf32b90d14712c39fa686d2352f670022f3f9"}]}, 0x4a4}, 0x1, 0x0, 0x0, 0x20048091}, 0x40050) write$auto_sg_fops_sg(r4, &(0x7f0000001080)="c2ad99c90c5e12f53f721a4e531b9ae554511e3fc27e27750f6932554fe7ccb5a9e94e8b7ccba9c1908f070f41e8f779bc5c55ead3cb150db1cbf558a58112047246df3ce42d3845f4b35476ebbc6d7136bbd464a3234095afb8c09829a19643fa570ad651dc7b5d50580c16d27a2a22abd038be674fd35069067f71eb18957a0fc61d0be36d3b6b46ebd357dbab0b84a75261812d15cf3269ff838cffd60be6efbcb9a5f93f1394861bdb331e9f155a72712c25", 0xb4) (async) setfsuid$auto(0xee01) (async) mmap$auto(0xfffffffffffffffb, 0x5, 0x40, 0x12, r4, 0x3) (async) ioctl$auto_BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000001140)="00a47cf085280a5592118a859dbd89feb53ef0d447eaf333e5ea0ca6fa8e22f6cb5f5cd0ce2caee27c54c2392f475f38581a8271562a9e4e3196d09193ecf3f2547aa91366120d4876730836cba9c459caa324de9c380f0390378199aa5e3e70cb00b4c0934c0e3193d259e48a7df1ea4f8f4ba14876a900bc1ad0d0d3fd60eb8180ed699f75899e789556a6080a00b7b09747655b418158cde4bc244a276ab4417437ac7afc45eaa7c1edc5200d47d30f026bfa4a41df9c94cb11daa6fcb5") sendmsg$auto_NL802154_CMD_DEL_SEC_KEY(r5, &(0x7f00000012c0)={&(0x7f0000001200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001280)={&(0x7f0000001240)={0x24, 0x0, 0x400, 0x70bd26, 0x25dfdbff, {}, [@NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x5}, @NL802154_ATTR_PAN_ID={0x6, 0x9, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4041}, 0x10) (async) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000001380)={0x307, "05821a30714f3323c33d61a65d2bddfa21b01cd9b241399efc37d8818e7f7d8e", @inferred=r0}) 360.251547ms ago: executing program 1 (id=387): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nbd12\x00', 0x480c2, 0x0) mmap$auto(0xe, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x20000, 0x0) read$auto(r1, 0x0, 0x1ff) writev$auto(r0, &(0x7f0000000200)={0x0, 0x3}, 0x3) r2 = openat$auto_stats_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000640), 0x8382, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r3 = socket(0x11, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(r3, 0x8953, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0x800, 0x77) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(r2, 0x0, 0xfffc, 0x400, 0x0) openat$auto_lowpan_control_fops_6lowpan(0xffffffffffffff9c, &(0x7f0000000040), 0x2001, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{0x0, 0x84c, 0x0, 0x9, 0x0, 0x3, 0x10b}, 0x800008}, 0x1, 0x20000000) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x2, 0x4, 0x8201, 0x2, 0x8, 0xc, 0xe3, 0x4000000002, 0x3}, 0x6f4) bpf$auto(0xfffffffc, 0xffffffffffffffff, 0xffffffff) 0s ago: executing program 2 (id=388): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) r2 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r2) ioctl$auto_KVM_GET_MSRS(r0, 0x4068aea3, &(0x7f0000000080)={0xa3}) kernel console output (not intermixed with test programs): 1, probability 0, space 0, times 0 [ 129.061073][ T6356] CPU: 0 UID: 0 PID: 6356 Comm: syz.2.110 Not tainted syzkaller #0 PREEMPT(full) [ 129.061115][ T6356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 129.061134][ T6356] Call Trace: [ 129.061144][ T6356] [ 129.061156][ T6356] dump_stack_lvl+0x100/0x190 [ 129.061208][ T6356] should_fail_ex.cold+0x5/0xa [ 129.061245][ T6356] should_failslab+0xc2/0x120 [ 129.061284][ T6356] ? __seq_open_private+0x22/0xd0 [ 129.061333][ T6356] __kmalloc_noprof+0xf6/0x9c0 [ 129.061391][ T6356] ? __pfx_stats_fop_open+0x10/0x10 [ 129.061437][ T6356] ? __seq_open_private+0x22/0xd0 [ 129.061483][ T6356] ? __kasan_kmalloc+0xaa/0xb0 [ 129.061513][ T6356] __seq_open_private+0x22/0xd0 [ 129.061566][ T6356] sc_common_open+0x6b/0x200 [ 129.061614][ T6356] full_proxy_open_regular+0x1b6/0x370 [ 129.061653][ T6356] do_dentry_open+0x6d8/0x1660 [ 129.061687][ T6356] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 129.061741][ T6356] vfs_open+0x82/0x3f0 [ 129.061790][ T6356] path_openat+0x208c/0x31a0 [ 129.061837][ T6356] ? __pfx_path_openat+0x10/0x10 [ 129.061885][ T6356] do_file_open+0x20e/0x430 [ 129.061924][ T6356] ? __pfx_do_file_open+0x10/0x10 [ 129.061988][ T6356] ? alloc_fd+0x476/0x790 [ 129.062025][ T6356] ? do_getname+0x191/0x390 [ 129.062071][ T6356] do_sys_openat2+0x10d/0x1e0 [ 129.062116][ T6356] ? __pfx_do_sys_openat2+0x10/0x10 [ 129.062165][ T6356] ? __fget_files+0x21f/0x3d0 [ 129.062206][ T6356] __x64_sys_openat+0x12d/0x210 [ 129.062253][ T6356] ? __pfx___x64_sys_openat+0x10/0x10 [ 129.062314][ T6356] do_syscall_64+0x106/0xf80 [ 129.062342][ T6356] ? clear_bhb_loop+0x40/0x90 [ 129.062379][ T6356] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.062412][ T6356] RIP: 0033:0x7f8f97f9bf79 [ 129.062437][ T6356] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 129.062468][ T6356] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 129.062500][ T6356] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 129.062521][ T6356] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 129.062542][ T6356] RBP: 00007f8f980327e0 R08: 0000000000000000 R09: 0000000000000000 [ 129.062562][ T6356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.062580][ T6356] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 129.062622][ T6356] [ 130.123569][ T6364] tipc: Enabling of bearer <@):^\/\> rejected, media not registered [ 130.884730][ T30] audit: type=1326 audit(1770830645.743:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6383 comm="syz.2.117" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f97f9bf79 code=0x0 [ 131.232161][ T6399] FAULT_INJECTION: forcing a failure. [ 131.232161][ T6399] name failslab, interval 1, probability 0, space 0, times 0 [ 131.255196][ T6399] CPU: 0 UID: 0 PID: 6399 Comm: syz.0.123 Not tainted syzkaller #0 PREEMPT(full) [ 131.255244][ T6399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 131.255264][ T6399] Call Trace: [ 131.255276][ T6399] [ 131.255288][ T6399] dump_stack_lvl+0x100/0x190 [ 131.255344][ T6399] should_fail_ex.cold+0x5/0xa [ 131.255380][ T6399] ? __pfx_stats_fop_open+0x10/0x10 [ 131.255426][ T6399] should_failslab+0xc2/0x120 [ 131.255466][ T6399] kmem_cache_alloc_noprof+0x83/0x780 [ 131.255502][ T6399] ? trace_kmalloc+0x83/0xb0 [ 131.255539][ T6399] ? __kmalloc_noprof+0x365/0x9c0 [ 131.255593][ T6399] ? seq_open+0x55/0x170 [ 131.255657][ T6399] ? __pfx_stats_fop_open+0x10/0x10 [ 131.255703][ T6399] ? seq_open+0x55/0x170 [ 131.255745][ T6399] seq_open+0x55/0x170 [ 131.255791][ T6399] __seq_open_private+0x3e/0xd0 [ 131.255841][ T6399] sc_common_open+0x6b/0x200 [ 131.255888][ T6399] full_proxy_open_regular+0x1b6/0x370 [ 131.255926][ T6399] do_dentry_open+0x6d8/0x1660 [ 131.255959][ T6399] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 131.256004][ T6399] vfs_open+0x82/0x3f0 [ 131.256052][ T6399] path_openat+0x208c/0x31a0 [ 131.256102][ T6399] ? __pfx_path_openat+0x10/0x10 [ 131.256152][ T6399] do_file_open+0x20e/0x430 [ 131.256191][ T6399] ? __pfx_do_file_open+0x10/0x10 [ 131.256256][ T6399] ? alloc_fd+0x476/0x790 [ 131.256289][ T6399] ? do_getname+0x191/0x390 [ 131.256334][ T6399] do_sys_openat2+0x10d/0x1e0 [ 131.256372][ T6399] ? __pfx_do_sys_openat2+0x10/0x10 [ 131.256413][ T6399] ? __fget_files+0x21f/0x3d0 [ 131.256449][ T6399] __x64_sys_openat+0x12d/0x210 [ 131.256488][ T6399] ? __pfx___x64_sys_openat+0x10/0x10 [ 131.256525][ T6399] ? xfd_validate_state+0x129/0x190 [ 131.256571][ T6399] do_syscall_64+0x106/0xf80 [ 131.256602][ T6399] ? clear_bhb_loop+0x40/0x90 [ 131.256637][ T6399] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.256665][ T6399] RIP: 0033:0x7ff07639bf79 [ 131.256688][ T6399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 131.256714][ T6399] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 131.256740][ T6399] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 131.256758][ T6399] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 131.256776][ T6399] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 131.256792][ T6399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 131.256808][ T6399] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 131.256844][ T6399] [ 132.486483][ T6418] FAULT_INJECTION: forcing a failure. [ 132.486483][ T6418] name fail_futex, interval 1, probability 0, space 0, times 0 [ 132.522074][ T6418] CPU: 0 UID: 0 PID: 6418 Comm: syz.2.125 Not tainted syzkaller #0 PREEMPT(full) [ 132.522111][ T6418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 132.522131][ T6418] Call Trace: [ 132.522139][ T6418] [ 132.522147][ T6418] dump_stack_lvl+0x100/0x190 [ 132.522186][ T6418] should_fail_ex.cold+0x5/0xa [ 132.522209][ T6418] get_futex_key+0x295/0x1620 [ 132.522246][ T6418] ? __pfx_get_futex_key+0x10/0x10 [ 132.522277][ T6418] ? lock_acquire+0x17c/0x330 [ 132.522306][ T6418] futex_wake+0xea/0x530 [ 132.522354][ T6418] ? __pfx_futex_wake+0x10/0x10 [ 132.522389][ T6418] ? exit_mm_release+0x19/0x30 [ 132.522428][ T6418] do_futex+0x32b/0x350 [ 132.522455][ T6418] ? __pfx_do_futex+0x10/0x10 [ 132.522476][ T6418] ? __might_fault+0xc5/0x140 [ 132.522505][ T6418] mm_release+0x24a/0x2f0 [ 132.522541][ T6418] do_exit+0x675/0x2a30 [ 132.522576][ T6418] ? __pfx_do_exit+0x10/0x10 [ 132.522605][ T6418] ? do_raw_spin_lock+0x128/0x260 [ 132.522634][ T6418] ? find_held_lock+0x2b/0x80 [ 132.522663][ T6418] ? get_signal+0x7e0/0x21e0 [ 132.522702][ T6418] do_group_exit+0xd5/0x2a0 [ 132.522731][ T6418] get_signal+0x1ec7/0x21e0 [ 132.522775][ T6418] ? madvise_unlock+0xa9/0x220 [ 132.522808][ T6418] ? __pfx_get_signal+0x10/0x10 [ 132.522848][ T6418] ? do_futex+0x192/0x350 [ 132.522877][ T6418] arch_do_signal_or_restart+0x91/0x770 [ 132.522906][ T6418] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 132.522940][ T6418] ? __pfx___x64_sys_futex+0x10/0x10 [ 132.522964][ T6418] ? xfd_validate_state+0x129/0x190 [ 132.523004][ T6418] exit_to_user_mode_loop+0x86/0x4a0 [ 132.523031][ T6418] ? rcu_is_watching+0x12/0xc0 [ 132.523067][ T6418] do_syscall_64+0x668/0xf80 [ 132.523091][ T6418] ? clear_bhb_loop+0x40/0x90 [ 132.523125][ T6418] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.523154][ T6418] RIP: 0033:0x7f8f97f9bf79 [ 132.523183][ T6418] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 132.523206][ T6418] RSP: 002b:00007f8f98e2b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 132.523228][ T6418] RAX: fffffffffffffe00 RBX: 00007f8f98215fa8 RCX: 00007f8f97f9bf79 [ 132.523244][ T6418] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8f98215fa8 [ 132.523258][ T6418] RBP: 00007f8f98215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 132.523272][ T6418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 132.523286][ T6418] R13: 00007f8f98216038 R14: 00007ffc72802050 R15: 00007ffc72802138 [ 132.523317][ T6418] [ 133.509801][ T6443] FAULT_INJECTION: forcing a failure. [ 133.509801][ T6443] name fail_futex, interval 1, probability 0, space 0, times 0 [ 133.547081][ T6443] CPU: 0 UID: 0 PID: 6443 Comm: syz.3.131 Not tainted syzkaller #0 PREEMPT(full) [ 133.547127][ T6443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 133.547156][ T6443] Call Trace: [ 133.547164][ T6443] [ 133.547174][ T6443] dump_stack_lvl+0x100/0x190 [ 133.547217][ T6443] should_fail_ex.cold+0x5/0xa [ 133.547247][ T6443] get_futex_key+0x106f/0x1620 [ 133.547294][ T6443] ? __pfx_get_futex_key+0x10/0x10 [ 133.547334][ T6443] ? lock_acquire+0x17c/0x330 [ 133.547373][ T6443] futex_wake+0xea/0x530 [ 133.547408][ T6443] ? __pfx_futex_wake+0x10/0x10 [ 133.547441][ T6443] ? exit_mm_release+0x19/0x30 [ 133.547478][ T6443] do_futex+0x32b/0x350 [ 133.547505][ T6443] ? __pfx_do_futex+0x10/0x10 [ 133.547546][ T6443] ? __might_fault+0xc5/0x140 [ 133.547583][ T6443] mm_release+0x24a/0x2f0 [ 133.547628][ T6443] do_exit+0x675/0x2a30 [ 133.547669][ T6443] ? __pfx_do_exit+0x10/0x10 [ 133.547712][ T6443] ? do_raw_spin_lock+0x128/0x260 [ 133.547762][ T6443] ? find_held_lock+0x2b/0x80 [ 133.547800][ T6443] ? get_signal+0x7e0/0x21e0 [ 133.547847][ T6443] do_group_exit+0xd5/0x2a0 [ 133.547883][ T6443] get_signal+0x1ec7/0x21e0 [ 133.547940][ T6443] ? __pfx_get_signal+0x10/0x10 [ 133.547984][ T6443] ? do_futex+0x192/0x350 [ 133.548016][ T6443] arch_do_signal_or_restart+0x91/0x770 [ 133.548050][ T6443] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 133.548091][ T6443] ? __pfx___x64_sys_futex+0x10/0x10 [ 133.548124][ T6443] ? xfd_validate_state+0x129/0x190 [ 133.548166][ T6443] exit_to_user_mode_loop+0x86/0x4a0 [ 133.548195][ T6443] ? rcu_is_watching+0x12/0xc0 [ 133.548233][ T6443] do_syscall_64+0x668/0xf80 [ 133.548259][ T6443] ? clear_bhb_loop+0x40/0x90 [ 133.548295][ T6443] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.548324][ T6443] RIP: 0033:0x7f546e39bf79 [ 133.548347][ T6443] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 133.548373][ T6443] RSP: 002b:00007f546f1e00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 133.548401][ T6443] RAX: fffffffffffffe00 RBX: 00007f546e615fa8 RCX: 00007f546e39bf79 [ 133.548420][ T6443] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f546e615fa8 [ 133.548437][ T6443] RBP: 00007f546e615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 133.548455][ T6443] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 133.548472][ T6443] R13: 00007f546e616038 R14: 00007ffd5968b5a0 R15: 00007ffd5968b688 [ 133.548510][ T6443] [ 134.109077][ T6457] FAULT_INJECTION: forcing a failure. [ 134.109077][ T6457] name failslab, interval 1, probability 0, space 0, times 0 [ 134.179402][ T6457] CPU: 1 UID: 0 PID: 6457 Comm: syz.0.136 Not tainted syzkaller #0 PREEMPT(full) [ 134.179443][ T6457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 134.179462][ T6457] Call Trace: [ 134.179472][ T6457] [ 134.179483][ T6457] dump_stack_lvl+0x100/0x190 [ 134.179533][ T6457] should_fail_ex.cold+0x5/0xa [ 134.179567][ T6457] should_failslab+0xc2/0x120 [ 134.179605][ T6457] ? __seq_open_private+0x22/0xd0 [ 134.179651][ T6457] __kmalloc_noprof+0xf6/0x9c0 [ 134.179691][ T6457] ? __pfx_stats_fop_open+0x10/0x10 [ 134.179724][ T6457] ? __seq_open_private+0x22/0xd0 [ 134.179757][ T6457] ? __kasan_kmalloc+0xaa/0xb0 [ 134.179778][ T6457] __seq_open_private+0x22/0xd0 [ 134.179813][ T6457] sc_common_open+0x6b/0x200 [ 134.179846][ T6457] full_proxy_open_regular+0x1b6/0x370 [ 134.179872][ T6457] do_dentry_open+0x6d8/0x1660 [ 134.179895][ T6457] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 134.179925][ T6457] vfs_open+0x82/0x3f0 [ 134.179958][ T6457] path_openat+0x208c/0x31a0 [ 134.179991][ T6457] ? __pfx_path_openat+0x10/0x10 [ 134.180025][ T6457] do_file_open+0x20e/0x430 [ 134.180051][ T6457] ? __pfx_do_file_open+0x10/0x10 [ 134.180094][ T6457] ? alloc_fd+0x476/0x790 [ 134.180120][ T6457] ? do_getname+0x191/0x390 [ 134.180152][ T6457] do_sys_openat2+0x10d/0x1e0 [ 134.180183][ T6457] ? __pfx_do_sys_openat2+0x10/0x10 [ 134.180216][ T6457] ? __fget_files+0x21f/0x3d0 [ 134.180243][ T6457] __x64_sys_openat+0x12d/0x210 [ 134.180287][ T6457] ? __pfx___x64_sys_openat+0x10/0x10 [ 134.180321][ T6457] ? xfd_validate_state+0x129/0x190 [ 134.180357][ T6457] do_syscall_64+0x106/0xf80 [ 134.180375][ T6457] ? clear_bhb_loop+0x40/0x90 [ 134.180400][ T6457] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.180421][ T6457] RIP: 0033:0x7ff07639bf79 [ 134.180437][ T6457] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.180457][ T6457] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 134.180476][ T6457] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 134.180490][ T6457] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 134.180503][ T6457] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 134.180516][ T6457] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 134.180528][ T6457] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 134.180554][ T6457] [ 135.192563][ T6475] ima: policy update failed [ 135.245227][ T30] audit: type=1807 audit(1770830650.053:7): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 135.245289][ T30] audit: type=1802 audit(1770830650.053:8): pid=6475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.139" res=0 errno=0 [ 135.245341][ T30] audit: type=1802 audit(1770830650.053:9): pid=6475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.139" res=0 errno=0 [ 135.445358][ T6477] netlink: 28 bytes leftover after parsing attributes in process `syz.0.141'. [ 135.804162][ T6486] FAULT_INJECTION: forcing a failure. [ 135.804162][ T6486] name fail_futex, interval 1, probability 0, space 0, times 0 [ 135.843978][ T6486] CPU: 0 UID: 0 PID: 6486 Comm: syz.1.144 Not tainted syzkaller #0 PREEMPT(full) [ 135.844017][ T6486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 135.844034][ T6486] Call Trace: [ 135.844044][ T6486] [ 135.844055][ T6486] dump_stack_lvl+0x100/0x190 [ 135.844102][ T6486] should_fail_ex.cold+0x5/0xa [ 135.844137][ T6486] get_futex_key+0x295/0x1620 [ 135.844190][ T6486] ? __pfx_get_futex_key+0x10/0x10 [ 135.844235][ T6486] ? lock_acquire+0x17c/0x330 [ 135.844279][ T6486] futex_wake+0xea/0x530 [ 135.844326][ T6486] ? __pfx_futex_wake+0x10/0x10 [ 135.844363][ T6486] ? exit_mm_release+0x19/0x30 [ 135.844407][ T6486] do_futex+0x32b/0x350 [ 135.844438][ T6486] ? __pfx_do_futex+0x10/0x10 [ 135.844466][ T6486] ? __might_fault+0xc5/0x140 [ 135.844525][ T6486] mm_release+0x24a/0x2f0 [ 135.844575][ T6486] do_exit+0x675/0x2a30 [ 135.844617][ T6486] ? __pfx_do_exit+0x10/0x10 [ 135.844652][ T6486] ? do_raw_spin_lock+0x128/0x260 [ 135.844688][ T6486] ? find_held_lock+0x2b/0x80 [ 135.844731][ T6486] ? get_signal+0x7e0/0x21e0 [ 135.844786][ T6486] do_group_exit+0xd5/0x2a0 [ 135.844826][ T6486] get_signal+0x1ec7/0x21e0 [ 135.844899][ T6486] ? __pfx_get_signal+0x10/0x10 [ 135.844949][ T6486] ? do_futex+0x192/0x350 [ 135.844983][ T6486] arch_do_signal_or_restart+0x91/0x770 [ 135.845019][ T6486] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 135.845065][ T6486] ? __pfx___x64_sys_futex+0x10/0x10 [ 135.845095][ T6486] ? xfd_validate_state+0x129/0x190 [ 135.845143][ T6486] exit_to_user_mode_loop+0x86/0x4a0 [ 135.845174][ T6486] ? rcu_is_watching+0x12/0xc0 [ 135.845216][ T6486] do_syscall_64+0x668/0xf80 [ 135.845244][ T6486] ? clear_bhb_loop+0x40/0x90 [ 135.845290][ T6486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.845323][ T6486] RIP: 0033:0x7fa16d99bf79 [ 135.845347][ T6486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 135.845377][ T6486] RSP: 002b:00007fa16bbee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 135.845407][ T6486] RAX: fffffffffffffe00 RBX: 00007fa16dc15fa8 RCX: 00007fa16d99bf79 [ 135.845429][ T6486] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa16dc15fa8 [ 135.845448][ T6486] RBP: 00007fa16dc15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 135.845467][ T6486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 135.845485][ T6486] R13: 00007fa16dc16038 R14: 00007ffc1bac04a0 R15: 00007ffc1bac0588 [ 135.845526][ T6486] [ 136.312090][ T6496] FAULT_INJECTION: forcing a failure. [ 136.312090][ T6496] name failslab, interval 1, probability 0, space 0, times 0 [ 136.326217][ T6496] CPU: 0 UID: 0 PID: 6496 Comm: syz.3.148 Not tainted syzkaller #0 PREEMPT(full) [ 136.326257][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 136.326275][ T6496] Call Trace: [ 136.326285][ T6496] [ 136.326297][ T6496] dump_stack_lvl+0x100/0x190 [ 136.326345][ T6496] should_fail_ex.cold+0x5/0xa [ 136.326399][ T6496] should_failslab+0xc2/0x120 [ 136.326440][ T6496] __kmalloc_cache_noprof+0x80/0x810 [ 136.326491][ T6496] ? __debugfs_file_get+0x1fc/0x860 [ 136.326542][ T6496] ? sc_common_open+0x46/0x200 [ 136.326594][ T6496] ? __pfx_stats_fop_open+0x10/0x10 [ 136.326639][ T6496] ? sc_common_open+0x46/0x200 [ 136.326684][ T6496] sc_common_open+0x46/0x200 [ 136.326732][ T6496] full_proxy_open_regular+0x1b6/0x370 [ 136.326771][ T6496] do_dentry_open+0x6d8/0x1660 [ 136.326805][ T6496] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 136.326851][ T6496] vfs_open+0x82/0x3f0 [ 136.326909][ T6496] path_openat+0x208c/0x31a0 [ 136.326960][ T6496] ? __pfx_path_openat+0x10/0x10 [ 136.327012][ T6496] do_file_open+0x20e/0x430 [ 136.327052][ T6496] ? __pfx_do_file_open+0x10/0x10 [ 136.327118][ T6496] ? alloc_fd+0x476/0x790 [ 136.327154][ T6496] ? do_getname+0x191/0x390 [ 136.327202][ T6496] do_sys_openat2+0x10d/0x1e0 [ 136.327248][ T6496] ? __pfx_do_sys_openat2+0x10/0x10 [ 136.327297][ T6496] ? __fget_files+0x21f/0x3d0 [ 136.327338][ T6496] __x64_sys_openat+0x12d/0x210 [ 136.327387][ T6496] ? __pfx___x64_sys_openat+0x10/0x10 [ 136.327430][ T6496] ? xfd_validate_state+0x129/0x190 [ 136.327483][ T6496] do_syscall_64+0x106/0xf80 [ 136.327512][ T6496] ? clear_bhb_loop+0x40/0x90 [ 136.327552][ T6496] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 136.327584][ T6496] RIP: 0033:0x7f546e39bf79 [ 136.327610][ T6496] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 136.327645][ T6496] RSP: 002b:00007f546f1e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 136.327675][ T6496] RAX: ffffffffffffffda RBX: 00007f546e615fa0 RCX: 00007f546e39bf79 [ 136.327694][ T6496] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 136.327715][ T6496] RBP: 00007f546e4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 136.327736][ T6496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 136.327756][ T6496] R13: 00007f546e616038 R14: 00007f546e615fa0 R15: 00007ffd5968b688 [ 136.327800][ T6496] [ 137.777567][ T6533] FAULT_INJECTION: forcing a failure. [ 137.777567][ T6533] name fail_futex, interval 1, probability 0, space 0, times 0 [ 137.818263][ T6533] CPU: 1 UID: 0 PID: 6533 Comm: syz.3.155 Not tainted syzkaller #0 PREEMPT(full) [ 137.818299][ T6533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 137.818316][ T6533] Call Trace: [ 137.818325][ T6533] [ 137.818335][ T6533] dump_stack_lvl+0x100/0x190 [ 137.818381][ T6533] should_fail_ex.cold+0x5/0xa [ 137.818413][ T6533] get_futex_key+0x295/0x1620 [ 137.818464][ T6533] ? __pfx_get_futex_key+0x10/0x10 [ 137.818505][ T6533] ? lock_acquire+0x17c/0x330 [ 137.818546][ T6533] futex_wake+0xea/0x530 [ 137.818584][ T6533] ? __pfx_futex_wake+0x10/0x10 [ 137.818618][ T6533] ? exit_mm_release+0x19/0x30 [ 137.818658][ T6533] do_futex+0x32b/0x350 [ 137.818687][ T6533] ? __pfx_do_futex+0x10/0x10 [ 137.818712][ T6533] ? __might_fault+0xc5/0x140 [ 137.818748][ T6533] mm_release+0x24a/0x2f0 [ 137.818797][ T6533] do_exit+0x675/0x2a30 [ 137.818835][ T6533] ? __pfx_do_exit+0x10/0x10 [ 137.818866][ T6533] ? do_raw_spin_lock+0x128/0x260 [ 137.818899][ T6533] ? find_held_lock+0x2b/0x80 [ 137.818936][ T6533] ? get_signal+0x7e0/0x21e0 [ 137.818983][ T6533] do_group_exit+0xd5/0x2a0 [ 137.819019][ T6533] get_signal+0x1ec7/0x21e0 [ 137.819091][ T6533] ? madvise_unlock+0xa9/0x220 [ 137.819131][ T6533] ? __pfx_get_signal+0x10/0x10 [ 137.819187][ T6533] ? do_futex+0x192/0x350 [ 137.819239][ T6533] arch_do_signal_or_restart+0x91/0x770 [ 137.819275][ T6533] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 137.819318][ T6533] ? __pfx___x64_sys_futex+0x10/0x10 [ 137.819347][ T6533] ? xfd_validate_state+0x129/0x190 [ 137.819401][ T6533] exit_to_user_mode_loop+0x86/0x4a0 [ 137.819429][ T6533] ? rcu_is_watching+0x12/0xc0 [ 137.819465][ T6533] do_syscall_64+0x668/0xf80 [ 137.819490][ T6533] ? clear_bhb_loop+0x40/0x90 [ 137.819523][ T6533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.819551][ T6533] RIP: 0033:0x7f546e39bf79 [ 137.819573][ T6533] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 137.819601][ T6533] RSP: 002b:00007f546f1e00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 137.819627][ T6533] RAX: fffffffffffffe00 RBX: 00007f546e615fa8 RCX: 00007f546e39bf79 [ 137.819644][ T6533] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f546e615fa8 [ 137.819661][ T6533] RBP: 00007f546e615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 137.819677][ T6533] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.819691][ T6533] R13: 00007f546e616038 R14: 00007ffd5968b5a0 R15: 00007ffd5968b688 [ 137.819728][ T6533] [ 138.118820][ T30] audit: type=1326 audit(1770830652.963:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6535 comm="syz.1.157" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa16d99bf79 code=0x0 [ 138.202123][ T6540] FAULT_INJECTION: forcing a failure. [ 138.202123][ T6540] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 138.239177][ T6540] CPU: 1 UID: 0 PID: 6540 Comm: syz.3.158 Not tainted syzkaller #0 PREEMPT(full) [ 138.239220][ T6540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 138.239238][ T6540] Call Trace: [ 138.239248][ T6540] [ 138.239260][ T6540] dump_stack_lvl+0x100/0x190 [ 138.239310][ T6540] should_fail_ex.cold+0x5/0xa [ 138.239345][ T6540] _copy_to_user+0x32/0xd0 [ 138.239381][ T6540] simple_read_from_buffer+0xcb/0x170 [ 138.239435][ T6540] proc_fail_nth_read+0x1af/0x230 [ 138.239470][ T6540] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 138.239508][ T6540] ? rw_verify_area+0xce/0x6d0 [ 138.239555][ T6540] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 138.239590][ T6540] vfs_read+0x1e4/0xb30 [ 138.239625][ T6540] ? __pfx_vfs_read+0x10/0x10 [ 138.239655][ T6540] ? __fget_files+0x215/0x3d0 [ 138.239696][ T6540] ? __fget_files+0x21f/0x3d0 [ 138.239740][ T6540] ksys_read+0x12a/0x250 [ 138.239779][ T6540] ? __pfx_ksys_read+0x10/0x10 [ 138.239822][ T6540] do_syscall_64+0x106/0xf80 [ 138.239853][ T6540] ? clear_bhb_loop+0x40/0x90 [ 138.239891][ T6540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.239924][ T6540] RIP: 0033:0x7f546e35c84e [ 138.239948][ T6540] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 138.239979][ T6540] RSP: 002b:00007f546f1dffe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 138.240009][ T6540] RAX: ffffffffffffffda RBX: 00007f546f1e06c0 RCX: 00007f546e35c84e [ 138.240029][ T6540] RDX: 000000000000000f RSI: 00007f546f1e00a0 RDI: 0000000000000004 [ 138.240047][ T6540] RBP: 00007f546f1e0090 R08: 0000000000000000 R09: 0000000000000000 [ 138.240065][ T6540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 138.240083][ T6540] R13: 00007f546e616038 R14: 00007f546e615fa0 R15: 00007ffd5968b688 [ 138.240136][ T6540] [ 139.204747][ T6564] FAULT_INJECTION: forcing a failure. [ 139.204747][ T6564] name failslab, interval 1, probability 0, space 0, times 0 [ 139.257427][ T6564] CPU: 1 UID: 0 PID: 6564 Comm: syz.1.164 Not tainted syzkaller #0 PREEMPT(full) [ 139.257468][ T6564] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 139.257482][ T6564] Call Trace: [ 139.257490][ T6564] [ 139.257499][ T6564] dump_stack_lvl+0x100/0x190 [ 139.257536][ T6564] should_fail_ex.cold+0x5/0xa [ 139.257562][ T6564] should_failslab+0xc2/0x120 [ 139.257590][ T6564] kmem_cache_alloc_lru_noprof+0x8e/0x7d0 [ 139.257642][ T6564] ? lockdep_init_map_type+0x5c/0x250 [ 139.257678][ T6564] ? __d_alloc+0x34/0xa80 [ 139.257728][ T6564] ? __d_alloc+0x34/0xa80 [ 139.257764][ T6564] __d_alloc+0x34/0xa80 [ 139.257795][ T6564] d_alloc_pseudo+0x1c/0xc0 [ 139.257831][ T6564] alloc_file_pseudo+0xcf/0x230 [ 139.257865][ T6564] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 139.257898][ T6564] ? alloc_fd+0x476/0x790 [ 139.257927][ T6564] sock_alloc_file+0x50/0x210 [ 139.257960][ T6564] __sys_socket+0x1c0/0x260 [ 139.257979][ T6564] ? fput+0x79/0x100 [ 139.258007][ T6564] ? __pfx___sys_socket+0x10/0x10 [ 139.258027][ T6564] ? xfd_validate_state+0x129/0x190 [ 139.258064][ T6564] __x64_sys_socket+0x72/0xb0 [ 139.258084][ T6564] ? lockdep_hardirqs_on+0x78/0x100 [ 139.258123][ T6564] do_syscall_64+0x106/0xf80 [ 139.258144][ T6564] ? clear_bhb_loop+0x40/0x90 [ 139.258172][ T6564] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.258196][ T6564] RIP: 0033:0x7fa16d99bf79 [ 139.258214][ T6564] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.258236][ T6564] RSP: 002b:00007fa16bbee028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 139.258258][ T6564] RAX: ffffffffffffffda RBX: 00007fa16dc15fa0 RCX: 00007fa16d99bf79 [ 139.258274][ T6564] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010 [ 139.258288][ T6564] RBP: 00007fa16da327e0 R08: 0000000000000000 R09: 0000000000000000 [ 139.258302][ T6564] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.258327][ T6564] R13: 00007fa16dc16038 R14: 00007fa16dc15fa0 R15: 00007ffc1bac0588 [ 139.258355][ T6564] [ 139.760970][ T6571] FAULT_INJECTION: forcing a failure. [ 139.760970][ T6571] name fail_futex, interval 1, probability 0, space 0, times 0 [ 139.824707][ T6571] CPU: 1 UID: 0 PID: 6571 Comm: syz.1.167 Not tainted syzkaller #0 PREEMPT(full) [ 139.824747][ T6571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 139.824765][ T6571] Call Trace: [ 139.824776][ T6571] [ 139.824788][ T6571] dump_stack_lvl+0x100/0x190 [ 139.824838][ T6571] should_fail_ex.cold+0x5/0xa [ 139.824874][ T6571] get_futex_key+0x295/0x1620 [ 139.824928][ T6571] ? __pfx_get_futex_key+0x10/0x10 [ 139.824975][ T6571] ? lock_acquire+0x17c/0x330 [ 139.825021][ T6571] futex_wake+0xea/0x530 [ 139.825062][ T6571] ? __pfx_futex_wake+0x10/0x10 [ 139.825100][ T6571] ? exit_mm_release+0x19/0x30 [ 139.825145][ T6571] do_futex+0x32b/0x350 [ 139.825176][ T6571] ? __pfx_do_futex+0x10/0x10 [ 139.825204][ T6571] ? __might_fault+0xc5/0x140 [ 139.825244][ T6571] mm_release+0x24a/0x2f0 [ 139.825293][ T6571] do_exit+0x675/0x2a30 [ 139.825336][ T6571] ? __pfx_do_exit+0x10/0x10 [ 139.825371][ T6571] ? do_raw_spin_lock+0x128/0x260 [ 139.825408][ T6571] ? find_held_lock+0x2b/0x80 [ 139.825450][ T6571] ? get_signal+0x7e0/0x21e0 [ 139.825498][ T6571] do_group_exit+0xd5/0x2a0 [ 139.825537][ T6571] get_signal+0x1ec7/0x21e0 [ 139.825607][ T6571] ? __pfx_get_signal+0x10/0x10 [ 139.825668][ T6571] ? do_futex+0x192/0x350 [ 139.825719][ T6571] arch_do_signal_or_restart+0x91/0x770 [ 139.825752][ T6571] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 139.825793][ T6571] ? __pfx___x64_sys_futex+0x10/0x10 [ 139.825820][ T6571] ? xfd_validate_state+0x129/0x190 [ 139.825862][ T6571] exit_to_user_mode_loop+0x86/0x4a0 [ 139.825891][ T6571] ? rcu_is_watching+0x12/0xc0 [ 139.825929][ T6571] do_syscall_64+0x668/0xf80 [ 139.825954][ T6571] ? clear_bhb_loop+0x40/0x90 [ 139.825988][ T6571] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.826016][ T6571] RIP: 0033:0x7fa16d99bf79 [ 139.826038][ T6571] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 139.826065][ T6571] RSP: 002b:00007fa16bbee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 139.826092][ T6571] RAX: fffffffffffffe00 RBX: 00007fa16dc15fa8 RCX: 00007fa16d99bf79 [ 139.826109][ T6571] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa16dc15fa8 [ 139.826124][ T6571] RBP: 00007fa16dc15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 139.826140][ T6571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 139.826156][ T6571] R13: 00007fa16dc16038 R14: 00007ffc1bac04a0 R15: 00007ffc1bac0588 [ 139.826192][ T6571] [ 140.494303][ T6584] netlink: 28 bytes leftover after parsing attributes in process `syz.3.172'. [ 140.908107][ T6592] netlink: 8 bytes leftover after parsing attributes in process `syz.0.174'. [ 141.636421][ T6609] FAULT_INJECTION: forcing a failure. [ 141.636421][ T6609] name failslab, interval 1, probability 0, space 0, times 0 [ 141.708881][ T6609] CPU: 1 UID: 0 PID: 6609 Comm: syz.1.177 Not tainted syzkaller #0 PREEMPT(full) [ 141.708918][ T6609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 141.708933][ T6609] Call Trace: [ 141.708942][ T6609] [ 141.708953][ T6609] dump_stack_lvl+0x100/0x190 [ 141.708996][ T6609] should_fail_ex.cold+0x5/0xa [ 141.709026][ T6609] should_failslab+0xc2/0x120 [ 141.709058][ T6609] kmem_cache_alloc_noprof+0x83/0x780 [ 141.709089][ T6609] ? taskstats_exit+0x650/0xbd0 [ 141.709129][ T6609] ? taskstats_exit+0x650/0xbd0 [ 141.709160][ T6609] ? acct_update_integrals+0x2ce/0x4b0 [ 141.709193][ T6609] taskstats_exit+0x650/0xbd0 [ 141.709226][ T6609] ? __pfx_acct_update_integrals+0x10/0x10 [ 141.709263][ T6609] ? __pfx_taskstats_exit+0x10/0x10 [ 141.709299][ T6609] ? rcu_read_lock_any_held+0x6a/0xa0 [ 141.709335][ T6609] ? exit_signals+0x395/0xaf0 [ 141.709378][ T6609] do_exit+0x5ca/0x2a30 [ 141.709414][ T6609] ? __pfx_do_exit+0x10/0x10 [ 141.709443][ T6609] ? do_raw_spin_lock+0x128/0x260 [ 141.709477][ T6609] ? find_held_lock+0x2b/0x80 [ 141.709511][ T6609] ? get_signal+0x7e0/0x21e0 [ 141.709554][ T6609] do_group_exit+0xd5/0x2a0 [ 141.709587][ T6609] get_signal+0x1ec7/0x21e0 [ 141.709635][ T6609] ? madvise_unlock+0xa9/0x220 [ 141.709671][ T6609] ? __pfx_get_signal+0x10/0x10 [ 141.709722][ T6609] ? do_futex+0x192/0x350 [ 141.709752][ T6609] arch_do_signal_or_restart+0x91/0x770 [ 141.709783][ T6609] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 141.709821][ T6609] ? __pfx___x64_sys_futex+0x10/0x10 [ 141.709845][ T6609] ? xfd_validate_state+0x129/0x190 [ 141.709885][ T6609] exit_to_user_mode_loop+0x86/0x4a0 [ 141.709912][ T6609] ? rcu_is_watching+0x12/0xc0 [ 141.709947][ T6609] do_syscall_64+0x668/0xf80 [ 141.709972][ T6609] ? clear_bhb_loop+0x40/0x90 [ 141.710005][ T6609] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.710031][ T6609] RIP: 0033:0x7fa16d99bf79 [ 141.710053][ T6609] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 141.710078][ T6609] RSP: 002b:00007fa16bbee0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 141.710104][ T6609] RAX: fffffffffffffe00 RBX: 00007fa16dc15fa8 RCX: 00007fa16d99bf79 [ 141.710121][ T6609] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fa16dc15fa8 [ 141.710137][ T6609] RBP: 00007fa16dc15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 141.710153][ T6609] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.710168][ T6609] R13: 00007fa16dc16038 R14: 00007ffc1bac04a0 R15: 00007ffc1bac0588 [ 141.710221][ T6609] [ 143.193877][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.200603][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 146.519070][ T6699] FAULT_INJECTION: forcing a failure. [ 146.519070][ T6699] name failslab, interval 1, probability 0, space 0, times 0 [ 146.615869][ T6699] CPU: 1 UID: 0 PID: 6699 Comm: syz.3.198 Not tainted syzkaller #0 PREEMPT(full) [ 146.615911][ T6699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 146.615930][ T6699] Call Trace: [ 146.615940][ T6699] [ 146.615952][ T6699] dump_stack_lvl+0x100/0x190 [ 146.616001][ T6699] should_fail_ex.cold+0x5/0xa [ 146.616035][ T6699] should_failslab+0xc2/0x120 [ 146.616072][ T6699] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 146.616106][ T6699] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 146.616151][ T6699] ? zswap_store+0xc42/0x29d0 [ 146.616199][ T6699] ? zswap_store+0xc42/0x29d0 [ 146.616239][ T6699] zswap_store+0xc42/0x29d0 [ 146.616278][ T6699] ? rcu_is_cpu_rrupt_from_idle+0x211/0x270 [ 146.616339][ T6699] ? __pfx_zswap_store+0x10/0x10 [ 146.616382][ T6699] ? folio_free_swap+0x277/0x850 [ 146.616416][ T6699] ? folio_free_swap+0x277/0x850 [ 146.616452][ T6699] ? do_raw_spin_unlock+0x145/0x1e0 [ 146.616490][ T6699] ? _raw_spin_unlock+0x28/0x50 [ 146.616533][ T6699] ? folio_free_swap+0x39/0x850 [ 146.616568][ T6699] ? rcu_is_watching+0x12/0xc0 [ 146.616610][ T6699] swap_writeout+0x49d/0x12b0 [ 146.616659][ T6699] ? _raw_spin_unlock_irq+0x23/0x50 [ 146.616694][ T6699] shmem_writeout+0xe12/0x1520 [ 146.616721][ T6699] ? __pfx_shmem_writeout+0x10/0x10 [ 146.616746][ T6699] ? inode_to_bdi+0x9e/0x160 [ 146.616772][ T6699] ? folio_clear_dirty_for_io+0x178/0x820 [ 146.616806][ T6699] shrink_folio_list+0x3b72/0x6000 [ 146.616852][ T6699] ? __pfx_shrink_folio_list+0x10/0x10 [ 146.616891][ T6699] ? find_held_lock+0x2b/0x80 [ 146.616920][ T6699] ? unwind_next_frame+0x3be/0x1ea0 [ 146.616954][ T6699] ? unwind_next_frame+0x3be/0x1ea0 [ 146.616994][ T6699] ? exc_page_fault+0x6f/0xd0 [ 146.617031][ T6699] ? asm_exc_page_fault+0x26/0x30 [ 146.617052][ T6699] ? __kernel_text_address+0xd/0x30 [ 146.617079][ T6699] ? unwind_get_return_address+0x59/0xa0 [ 146.617116][ T6699] ? arch_stack_walk+0x88/0xf0 [ 146.617174][ T6699] ? __lock_acquire+0x4a5/0x2630 [ 146.617200][ T6699] reclaim_folio_list+0xdc/0x5a0 [ 146.617235][ T6699] ? __lock_acquire+0x4a5/0x2630 [ 146.617259][ T6699] ? __pfx_reclaim_folio_list+0x10/0x10 [ 146.617305][ T6699] ? lru_gen_update_size+0x431/0xe40 [ 146.617349][ T6699] ? lru_gen_del_folio+0x382/0x5f0 [ 146.617385][ T6699] reclaim_pages+0x428/0x5e0 [ 146.617407][ T6699] ? __pfx_reclaim_pages+0x10/0x10 [ 146.617426][ T6699] ? find_held_lock+0x2b/0x80 [ 146.617457][ T6699] ? madvise_cold_or_pageout_pte_range+0xb49/0x2710 [ 146.617494][ T6699] madvise_cold_or_pageout_pte_range+0x1635/0x2710 [ 146.617537][ T6699] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 146.617571][ T6699] ? __pfx_stack_trace_save+0x10/0x10 [ 146.617606][ T6699] ? css_rstat_updated+0x1ce/0x5a0 [ 146.617665][ T6699] ? look_up_lock_class+0x64/0x120 [ 146.617716][ T6699] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 146.617761][ T6699] walk_pgd_range+0xc04/0x1eb0 [ 146.617814][ T6699] ? __pfx_walk_pgd_range+0x10/0x10 [ 146.617840][ T6699] ? folios_put_refs+0x66d/0x840 [ 146.617868][ T6699] __walk_page_range+0x163/0x820 [ 146.617903][ T6699] walk_page_range_vma_unsafe+0x23f/0x960 [ 146.617933][ T6699] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 146.617963][ T6699] ? find_held_lock+0x2b/0x80 [ 146.617993][ T6699] ? mlock_drain_local+0x254/0x4e0 [ 146.618014][ T6699] ? mlock_drain_local+0x254/0x4e0 [ 146.618039][ T6699] walk_page_range_vma+0x63/0x90 [ 146.618066][ T6699] madvise_pageout+0x259/0x540 [ 146.618095][ T6699] ? __pfx_madvise_pageout+0x10/0x10 [ 146.618124][ T6699] ? finish_task_switch.isra.0+0x200/0xb80 [ 146.618170][ T6699] ? mtree_range_walk+0x6ce/0xcd0 [ 146.618204][ T6699] madvise_vma_behavior+0x3d8/0x2a40 [ 146.618236][ T6699] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 146.618274][ T6699] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 146.618305][ T6699] ? mas_prev+0x9b/0xf0 [ 146.618340][ T6699] ? __pfx_mas_prev+0x10/0x10 [ 146.618370][ T6699] ? find_vma_prev+0xd8/0x150 [ 146.618397][ T6699] ? futex_unqueue+0x133/0x2c0 [ 146.618433][ T6699] ? __pfx_find_vma_prev+0x10/0x10 [ 146.618470][ T6699] ? __futex_wait+0x256/0x300 [ 146.618503][ T6699] madvise_walk_vmas+0x2fe/0xa90 [ 146.618537][ T6699] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 146.618575][ T6699] madvise_do_behavior+0x1ea/0x510 [ 146.618608][ T6699] ? __pfx_madvise_do_behavior+0x10/0x10 [ 146.618639][ T6699] ? down_read+0x13b/0x460 [ 146.618675][ T6699] do_madvise+0x195/0x240 [ 146.618704][ T6699] ? __pfx_do_madvise+0x10/0x10 [ 146.618734][ T6699] ? do_futex+0x192/0x350 [ 146.618759][ T6699] ? find_held_lock+0x2b/0x80 [ 146.618799][ T6699] ? xfd_validate_state+0x129/0x190 [ 146.618825][ T6699] ? pipe_ioctl+0x226/0x2c0 [ 146.618851][ T6699] __x64_sys_madvise+0xa9/0x110 [ 146.618880][ T6699] ? lockdep_hardirqs_on+0x78/0x100 [ 146.618916][ T6699] do_syscall_64+0x106/0xf80 [ 146.618935][ T6699] ? clear_bhb_loop+0x40/0x90 [ 146.618962][ T6699] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.618984][ T6699] RIP: 0033:0x7f546e39bf79 [ 146.619002][ T6699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 146.619023][ T6699] RSP: 002b:00007f546f1e0028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 146.619044][ T6699] RAX: ffffffffffffffda RBX: 00007f546e615fa0 RCX: 00007f546e39bf79 [ 146.619058][ T6699] RDX: 0000000000000015 RSI: 00000000002003f0 RDI: 0000000000000000 [ 146.619071][ T6699] RBP: 00007f546e4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 146.619085][ T6699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.619098][ T6699] R13: 00007f546e616038 R14: 00007f546e615fa0 R15: 00007ffd5968b688 [ 146.619127][ T6699] [ 149.000654][ T6717] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 150.276891][ T6728] netlink: 342 bytes leftover after parsing attributes in process `syz.1.206'. [ 150.513354][ T6732] FAULT_INJECTION: forcing a failure. [ 150.513354][ T6732] name fail_futex, interval 1, probability 0, space 0, times 0 [ 150.529577][ T6732] CPU: 1 UID: 0 PID: 6732 Comm: syz.0.207 Not tainted syzkaller #0 PREEMPT(full) [ 150.529623][ T6732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 150.529644][ T6732] Call Trace: [ 150.529655][ T6732] [ 150.529668][ T6732] dump_stack_lvl+0x100/0x190 [ 150.529721][ T6732] should_fail_ex.cold+0x5/0xa [ 150.529752][ T6732] ? kasan_save_stack+0x30/0x50 [ 150.529791][ T6732] get_futex_key+0x1d2/0x1620 [ 150.529848][ T6732] ? __pfx_get_futex_key+0x10/0x10 [ 150.529915][ T6732] futex_wait_setup+0x81/0x500 [ 150.529969][ T6732] __futex_wait+0x19f/0x300 [ 150.530015][ T6732] ? __pfx___futex_wait+0x10/0x10 [ 150.530072][ T6732] ? __pfx_futex_wake_mark+0x10/0x10 [ 150.530120][ T6732] ? futex_hash+0x2c5/0x380 [ 150.530187][ T6732] futex_wait+0xed/0x380 [ 150.530230][ T6732] ? __pfx_futex_wait+0x10/0x10 [ 150.530285][ T6732] ? do_vfs_ioctl+0x226/0x13e0 [ 150.530343][ T6732] do_futex+0x1ef/0x350 [ 150.530377][ T6732] ? __pfx_do_futex+0x10/0x10 [ 150.530413][ T6732] ? find_held_lock+0x2b/0x80 [ 150.530467][ T6732] __x64_sys_futex+0x34f/0x4d0 [ 150.530505][ T6732] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.530552][ T6732] ? __pfx___x64_sys_futex+0x10/0x10 [ 150.530586][ T6732] ? pipe_ioctl+0x226/0x2c0 [ 150.530621][ T6732] ? fput+0x79/0x100 [ 150.530669][ T6732] do_syscall_64+0x106/0xf80 [ 150.530700][ T6732] ? clear_bhb_loop+0x40/0x90 [ 150.530742][ T6732] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.530776][ T6732] RIP: 0033:0x7ff07639bf79 [ 150.530801][ T6732] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 150.530833][ T6732] RSP: 002b:00007ff0772b10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 150.530865][ T6732] RAX: ffffffffffffffda RBX: 00007ff076615fa8 RCX: 00007ff07639bf79 [ 150.530887][ T6732] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff076615fa8 [ 150.530907][ T6732] RBP: 00007ff076615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 150.530926][ T6732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.530945][ T6732] R13: 00007ff076616038 R14: 00007ffe9371daa0 R15: 00007ffe9371db88 [ 150.530989][ T6732] [ 151.241265][ T6738] FAULT_INJECTION: forcing a failure. [ 151.241265][ T6738] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 151.290930][ T6738] CPU: 1 UID: 0 PID: 6738 Comm: syz.2.205 Not tainted syzkaller #0 PREEMPT(full) [ 151.290971][ T6738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 151.290996][ T6738] Call Trace: [ 151.291007][ T6738] [ 151.291019][ T6738] dump_stack_lvl+0x100/0x190 [ 151.291070][ T6738] should_fail_ex.cold+0x5/0xa [ 151.291107][ T6738] _copy_from_user+0x2e/0xd0 [ 151.291143][ T6738] copy_msghdr_from_user+0x9f/0x4f0 [ 151.291198][ T6738] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 151.291258][ T6738] ? __pfx__kstrtoull+0x10/0x10 [ 151.291310][ T6738] ___sys_sendmsg+0x106/0x1e0 [ 151.291364][ T6738] ? __pfx____sys_sendmsg+0x10/0x10 [ 151.291436][ T6738] ? find_held_lock+0x2b/0x80 [ 151.291506][ T6738] __sys_sendmmsg+0x205/0x430 [ 151.291553][ T6738] ? __pfx___sys_sendmmsg+0x10/0x10 [ 151.291607][ T6738] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 151.291657][ T6738] ? fput+0x79/0x100 [ 151.291698][ T6738] ? ksys_write+0x1ac/0x250 [ 151.291728][ T6738] ? __pfx_ksys_write+0x10/0x10 [ 151.291768][ T6738] __x64_sys_sendmmsg+0x9c/0x100 [ 151.291808][ T6738] ? lockdep_hardirqs_on+0x78/0x100 [ 151.291859][ T6738] do_syscall_64+0x106/0xf80 [ 151.291887][ T6738] ? clear_bhb_loop+0x40/0x90 [ 151.291927][ T6738] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.291959][ T6738] RIP: 0033:0x7f8f97f9bf79 [ 151.291991][ T6738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 151.292022][ T6738] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 151.292053][ T6738] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 151.292073][ T6738] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000003 [ 151.292092][ T6738] RBP: 00007f8f98e2b090 R08: 0000000000000000 R09: 0000000000000000 [ 151.292110][ T6738] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 151.292127][ T6738] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 151.292168][ T6738] [ 151.498820][ T6740] program syz.3.204 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 152.136903][ T6740] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 152.167373][ T6740] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 152.297480][ T6740] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 152.388456][ T6767] FAULT_INJECTION: forcing a failure. [ 152.388456][ T6767] name failslab, interval 1, probability 0, space 0, times 0 [ 152.414672][ T6740] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 152.439812][ T6740] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 152.446944][ T6767] CPU: 1 UID: 0 PID: 6767 Comm: syz.0.217 Not tainted syzkaller #0 PREEMPT(full) [ 152.446984][ T6767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 152.447003][ T6767] Call Trace: [ 152.447014][ T6767] [ 152.447025][ T6767] dump_stack_lvl+0x100/0x190 [ 152.447073][ T6767] should_fail_ex.cold+0x5/0xa [ 152.447108][ T6767] should_failslab+0xc2/0x120 [ 152.447145][ T6767] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 152.447181][ T6767] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 152.447227][ T6767] ? zswap_store+0xc42/0x29d0 [ 152.447278][ T6767] ? zswap_store+0xc42/0x29d0 [ 152.447319][ T6767] zswap_store+0xc42/0x29d0 [ 152.447360][ T6767] ? rcu_is_cpu_rrupt_from_idle+0x211/0x270 [ 152.447415][ T6767] ? __pfx_zswap_store+0x10/0x10 [ 152.447461][ T6767] ? folio_free_swap+0x277/0x850 [ 152.447495][ T6767] ? folio_free_swap+0x277/0x850 [ 152.447534][ T6767] ? do_raw_spin_unlock+0x145/0x1e0 [ 152.447574][ T6767] ? _raw_spin_unlock+0x28/0x50 [ 152.447620][ T6767] ? folio_free_swap+0x39/0x850 [ 152.447654][ T6767] ? rcu_is_watching+0x12/0xc0 [ 152.447697][ T6767] swap_writeout+0x49d/0x12b0 [ 152.447746][ T6767] ? _raw_spin_unlock_irq+0x23/0x50 [ 152.447793][ T6767] shmem_writeout+0xe12/0x1520 [ 152.447830][ T6767] ? __pfx_shmem_writeout+0x10/0x10 [ 152.447875][ T6767] ? inode_to_bdi+0x9e/0x160 [ 152.447917][ T6767] ? folio_clear_dirty_for_io+0x178/0x820 [ 152.447965][ T6767] shrink_folio_list+0x3b72/0x6000 [ 152.448028][ T6767] ? __pfx_shrink_folio_list+0x10/0x10 [ 152.448073][ T6767] ? find_held_lock+0x2b/0x80 [ 152.448111][ T6767] ? unwind_next_frame+0x3be/0x1ea0 [ 152.448155][ T6767] ? unwind_next_frame+0x3be/0x1ea0 [ 152.448208][ T6767] ? exc_page_fault+0x6f/0xd0 [ 152.448255][ T6767] ? asm_exc_page_fault+0x26/0x30 [ 152.448282][ T6767] ? __kernel_text_address+0xd/0x30 [ 152.448316][ T6767] ? unwind_get_return_address+0x59/0xa0 [ 152.448361][ T6767] ? arch_stack_walk+0x88/0xf0 [ 152.448456][ T6767] ? __lock_acquire+0x4a5/0x2630 [ 152.448491][ T6767] reclaim_folio_list+0xdc/0x5a0 [ 152.448537][ T6767] ? __lock_acquire+0x4a5/0x2630 [ 152.448569][ T6767] ? __pfx_reclaim_folio_list+0x10/0x10 [ 152.448634][ T6767] ? lru_gen_update_size+0x431/0xe40 [ 152.448689][ T6767] ? lru_gen_del_folio+0x382/0x5f0 [ 152.448739][ T6767] reclaim_pages+0x428/0x5e0 [ 152.448771][ T6767] ? __pfx_reclaim_pages+0x10/0x10 [ 152.448797][ T6767] ? find_held_lock+0x2b/0x80 [ 152.448839][ T6767] ? madvise_cold_or_pageout_pte_range+0xb49/0x2710 [ 152.448890][ T6767] madvise_cold_or_pageout_pte_range+0x1635/0x2710 [ 152.448960][ T6767] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 152.449007][ T6767] ? __pfx_stack_trace_save+0x10/0x10 [ 152.449054][ T6767] ? css_rstat_updated+0x1ce/0x5a0 [ 152.449098][ T6767] ? look_up_lock_class+0x64/0x120 [ 152.449150][ T6767] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 152.449197][ T6767] walk_pgd_range+0xc04/0x1eb0 [ 152.449254][ T6767] ? __pfx_walk_pgd_range+0x10/0x10 [ 152.449288][ T6767] ? folios_put_refs+0x66d/0x840 [ 152.449327][ T6767] __walk_page_range+0x163/0x820 [ 152.449376][ T6767] walk_page_range_vma_unsafe+0x23f/0x960 [ 152.449417][ T6767] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 152.449460][ T6767] ? find_held_lock+0x2b/0x80 [ 152.449500][ T6767] ? mlock_drain_local+0x254/0x4e0 [ 152.449529][ T6767] ? mlock_drain_local+0x254/0x4e0 [ 152.449564][ T6767] walk_page_range_vma+0x63/0x90 [ 152.449601][ T6767] madvise_pageout+0x259/0x540 [ 152.449641][ T6767] ? __pfx_madvise_pageout+0x10/0x10 [ 152.449680][ T6767] ? finish_task_switch.isra.0+0x200/0xb80 [ 152.449745][ T6767] ? mtree_range_walk+0x6ce/0xcd0 [ 152.449792][ T6767] madvise_vma_behavior+0x3d8/0x2a40 [ 152.449835][ T6767] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 152.449889][ T6767] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 152.449939][ T6767] ? mas_prev+0x9b/0xf0 [ 152.449970][ T6767] ? __pfx_mas_prev+0x10/0x10 [ 152.450012][ T6767] ? find_vma_prev+0xd8/0x150 [ 152.450050][ T6767] ? futex_unqueue+0x133/0x2c0 [ 152.450097][ T6767] ? __pfx_find_vma_prev+0x10/0x10 [ 152.450147][ T6767] ? __futex_wait+0x256/0x300 [ 152.450190][ T6767] madvise_walk_vmas+0x2fe/0xa90 [ 152.450238][ T6767] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 152.450291][ T6767] madvise_do_behavior+0x1ea/0x510 [ 152.450336][ T6767] ? __pfx_madvise_do_behavior+0x10/0x10 [ 152.450380][ T6767] ? down_read+0x13b/0x460 [ 152.450430][ T6767] do_madvise+0x195/0x240 [ 152.450471][ T6767] ? __pfx_do_madvise+0x10/0x10 [ 152.450512][ T6767] ? do_futex+0x192/0x350 [ 152.450548][ T6767] ? find_held_lock+0x2b/0x80 [ 152.450605][ T6767] ? pipe_ioctl+0x226/0x2c0 [ 152.450641][ T6767] __x64_sys_madvise+0xa9/0x110 [ 152.450682][ T6767] ? lockdep_hardirqs_on+0x78/0x100 [ 152.450732][ T6767] do_syscall_64+0x106/0xf80 [ 152.450758][ T6767] ? clear_bhb_loop+0x40/0x90 [ 152.450795][ T6767] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.450826][ T6767] RIP: 0033:0x7ff07639bf79 [ 152.450851][ T6767] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 152.450880][ T6767] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 152.450918][ T6767] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 152.450938][ T6767] RDX: 0000000000000015 RSI: 00000000002003f0 RDI: 0000000000000000 [ 152.450957][ T6767] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 152.450976][ T6767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.450993][ T6767] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 152.451034][ T6767] [ 153.009210][ T6740] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 153.033316][ T6770] syz.2.218 uses obsolete (PF_INET,SOCK_PACKET) [ 153.044177][ T6740] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.050934][ T6740] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.067956][ T6740] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.711232][ T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 153.757040][ T6785] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 0, inode_bitmap = 137 [ 153.809314][ T6785] EXT4-fs error (device sda1): ext4_validate_inode_bitmap:104: comm syz-executor: Corrupt inode bitmap - block_group = 1, inode_bitmap = 138 [ 153.840862][ T6785] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 153.967889][ T5842] Bluetooth: hci0: command 0x0c1a tx timeout [ 154.092481][ T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.439297][ T5144] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 154.448999][ T5144] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.455891][ T5144] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 154.468329][ T5144] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 154.476713][ T5144] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 154.484500][ T5144] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 154.533094][ T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 154.699378][ T6799] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 154.872747][ T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 155.173413][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.697105][ T13] bridge_slave_1: left allmulticast mode [ 155.716288][ T13] bridge_slave_1: left promiscuous mode [ 155.784582][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.844552][ T6799] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 155.893995][ T13] bridge_slave_0: left allmulticast mode [ 155.910615][ T13] bridge_slave_0: left promiscuous mode [ 155.926634][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.049039][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout [ 156.527931][ T5144] Bluetooth: hci3: command tx timeout [ 156.534266][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 156.981262][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 157.015735][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 157.040949][ T13] bond0 (unregistering): Released all slaves [ 157.099822][ T6788] chnl_net:caif_netlink_parms(): no params data found [ 157.252269][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.453011][ T6835] FAULT_INJECTION: forcing a failure. [ 157.453011][ T6835] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.524960][ T6835] CPU: 1 UID: 0 PID: 6835 Comm: syz.2.227 Not tainted syzkaller #0 PREEMPT(full) [ 157.525002][ T6835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 157.525021][ T6835] Call Trace: [ 157.525031][ T6835] [ 157.525043][ T6835] dump_stack_lvl+0x100/0x190 [ 157.525091][ T6835] should_fail_ex.cold+0x5/0xa [ 157.525125][ T6835] _copy_to_user+0x32/0xd0 [ 157.525161][ T6835] do_fcntl+0xfc1/0x1670 [ 157.525206][ T6835] ? __pfx_do_fcntl+0x10/0x10 [ 157.525247][ T6835] ? __fget_files+0x215/0x3d0 [ 157.525321][ T6835] ? tomoyo_file_fcntl+0x6c/0xc0 [ 157.525377][ T6835] __x64_sys_fcntl+0x163/0x200 [ 157.525431][ T6835] do_syscall_64+0x106/0xf80 [ 157.525461][ T6835] ? clear_bhb_loop+0x40/0x90 [ 157.525503][ T6835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.525537][ T6835] RIP: 0033:0x7f8f97f9bf79 [ 157.525564][ T6835] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 157.525596][ T6835] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 157.525640][ T6835] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 157.525661][ T6835] RDX: 000000000000556d RSI: 000000000000040b RDI: 0000000000000007 [ 157.525681][ T6835] RBP: 00007f8f980327e0 R08: 0000000000000000 R09: 0000000000000000 [ 157.525701][ T6835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 157.525720][ T6835] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 157.525763][ T6835] [ 157.934669][ T6788] bridge0: port 1(bridge_slave_0) entered blocking state [ 157.952835][ T6788] bridge0: port 1(bridge_slave_0) entered disabled state [ 157.968005][ T6788] bridge_slave_0: entered allmulticast mode [ 157.976065][ T6788] bridge_slave_0: entered promiscuous mode [ 157.988759][ T6788] bridge0: port 2(bridge_slave_1) entered blocking state [ 158.006147][ T6788] bridge0: port 2(bridge_slave_1) entered disabled state [ 158.020947][ T6788] bridge_slave_1: entered allmulticast mode [ 158.032543][ T6788] bridge_slave_1: entered promiscuous mode [ 158.131336][ T5144] Bluetooth: hci0: command 0x0c1a tx timeout [ 158.166188][ T6788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 158.248114][ T13] hsr_slave_0: left promiscuous mode [ 158.256802][ T13] hsr_slave_1: left promiscuous mode [ 158.264712][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 158.280901][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 158.325297][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 158.338973][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 158.406640][ T13] veth1_macvtap: left promiscuous mode [ 158.420494][ T13] veth0_macvtap: left promiscuous mode [ 158.432428][ T13] veth1_vlan: left promiscuous mode [ 158.448442][ T13] veth0_vlan: left promiscuous mode [ 158.608407][ T5144] Bluetooth: hci3: command tx timeout [ 158.614262][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 158.702024][ T6867] FAULT_INJECTION: forcing a failure. [ 158.702024][ T6867] name fail_futex, interval 1, probability 0, space 0, times 0 [ 158.755969][ T6867] CPU: 1 UID: 0 PID: 6867 Comm: syz.0.231 Not tainted syzkaller #0 PREEMPT(full) [ 158.756006][ T6867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 158.756023][ T6867] Call Trace: [ 158.756033][ T6867] [ 158.756044][ T6867] dump_stack_lvl+0x100/0x190 [ 158.756088][ T6867] should_fail_ex.cold+0x5/0xa [ 158.756121][ T6867] get_futex_key+0x295/0x1620 [ 158.756172][ T6867] ? __pfx_get_futex_key+0x10/0x10 [ 158.756214][ T6867] ? lock_acquire+0x17c/0x330 [ 158.756255][ T6867] futex_wake+0xea/0x530 [ 158.756294][ T6867] ? __pfx_futex_wake+0x10/0x10 [ 158.756329][ T6867] ? exit_mm_release+0x19/0x30 [ 158.756376][ T6867] do_futex+0x32b/0x350 [ 158.756404][ T6867] ? __pfx_do_futex+0x10/0x10 [ 158.756429][ T6867] ? __might_fault+0xc5/0x140 [ 158.756466][ T6867] mm_release+0x24a/0x2f0 [ 158.756511][ T6867] do_exit+0x675/0x2a30 [ 158.756549][ T6867] ? __pfx_do_exit+0x10/0x10 [ 158.756581][ T6867] ? do_raw_spin_lock+0x128/0x260 [ 158.756614][ T6867] ? find_held_lock+0x2b/0x80 [ 158.756652][ T6867] ? get_signal+0x7e0/0x21e0 [ 158.756699][ T6867] do_group_exit+0xd5/0x2a0 [ 158.756734][ T6867] get_signal+0x1ec7/0x21e0 [ 158.756809][ T6867] ? __pfx_get_signal+0x10/0x10 [ 158.756856][ T6867] ? do_futex+0x192/0x350 [ 158.756892][ T6867] arch_do_signal_or_restart+0x91/0x770 [ 158.756927][ T6867] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 158.756971][ T6867] ? __pfx___x64_sys_futex+0x10/0x10 [ 158.757001][ T6867] ? xfd_validate_state+0x129/0x190 [ 158.757046][ T6867] exit_to_user_mode_loop+0x86/0x4a0 [ 158.757077][ T6867] ? rcu_is_watching+0x12/0xc0 [ 158.757117][ T6867] do_syscall_64+0x668/0xf80 [ 158.757145][ T6867] ? clear_bhb_loop+0x40/0x90 [ 158.757183][ T6867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.757213][ T6867] RIP: 0033:0x7ff07639bf79 [ 158.757237][ T6867] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.757266][ T6867] RSP: 002b:00007ff0772b10e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 158.757295][ T6867] RAX: fffffffffffffe00 RBX: 00007ff076615fa8 RCX: 00007ff07639bf79 [ 158.757315][ T6867] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007ff076615fa8 [ 158.757332][ T6867] RBP: 00007ff076615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 158.757350][ T6867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.757375][ T6867] R13: 00007ff076616038 R14: 00007ffe9371daa0 R15: 00007ffe9371db88 [ 158.757416][ T6867] [ 159.343663][ T5144] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.395803][ T6875] FAULT_INJECTION: forcing a failure. [ 159.395803][ T6875] name failslab, interval 1, probability 0, space 0, times 0 [ 159.441915][ T6875] CPU: 1 UID: 0 PID: 6875 Comm: syz.0.234 Not tainted syzkaller #0 PREEMPT(full) [ 159.441952][ T6875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 159.441968][ T6875] Call Trace: [ 159.441977][ T6875] [ 159.441987][ T6875] dump_stack_lvl+0x100/0x190 [ 159.442033][ T6875] should_fail_ex.cold+0x5/0xa [ 159.442066][ T6875] should_failslab+0xc2/0x120 [ 159.442107][ T6875] ? tomoyo_realpath_from_path+0xb6/0x690 [ 159.442144][ T6875] __kmalloc_noprof+0xf6/0x9c0 [ 159.442186][ T6875] ? kfree+0x2a9/0x690 [ 159.442233][ T6875] ? tomoyo_realpath_from_path+0xb6/0x690 [ 159.442269][ T6875] tomoyo_realpath_from_path+0xb6/0x690 [ 159.442315][ T6875] tomoyo_path_number_perm+0x23c/0x580 [ 159.442344][ T6875] ? tomoyo_path_number_perm+0x22e/0x580 [ 159.442377][ T6875] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 159.442445][ T6875] ? find_held_lock+0x2b/0x80 [ 159.442502][ T6875] ? __fget_files+0x215/0x3d0 [ 159.442531][ T6875] ? hook_file_ioctl_common+0x146/0x410 [ 159.442573][ T6875] ? __fget_files+0x21f/0x3d0 [ 159.442611][ T6875] security_file_ioctl+0xd3/0x230 [ 159.442646][ T6875] __x64_sys_ioctl+0xb7/0x210 [ 159.442695][ T6875] do_syscall_64+0x106/0xf80 [ 159.442722][ T6875] ? clear_bhb_loop+0x40/0x90 [ 159.442754][ T6875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.442780][ T6875] RIP: 0033:0x7ff07639bf79 [ 159.442800][ T6875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.442824][ T6875] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 159.442848][ T6875] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 159.442865][ T6875] RDX: 0000200000000080 RSI: 000000004068aea3 RDI: 0000000000000004 [ 159.442881][ T6875] RBP: 00007ff0772b1090 R08: 0000000000000000 R09: 0000000000000000 [ 159.442896][ T6875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 159.442911][ T6875] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 159.442944][ T6875] [ 159.442958][ T6875] ERROR: Out of memory at tomoyo_realpath_from_path. [ 160.058714][ T13] team0 (unregistering): Port device team_slave_1 removed [ 160.090525][ T13] team0 (unregistering): Port device team_slave_0 removed [ 160.616712][ T6889] FAULT_INJECTION: forcing a failure. [ 160.616712][ T6889] name failslab, interval 1, probability 0, space 0, times 0 [ 160.630273][ T6889] CPU: 0 UID: 0 PID: 6889 Comm: syz.0.238 Not tainted syzkaller #0 PREEMPT(full) [ 160.630314][ T6889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 160.630332][ T6889] Call Trace: [ 160.630341][ T6889] [ 160.630352][ T6889] dump_stack_lvl+0x100/0x190 [ 160.630400][ T6889] should_fail_ex.cold+0x5/0xa [ 160.630435][ T6889] should_failslab+0xc2/0x120 [ 160.630474][ T6889] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 160.630509][ T6889] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 160.630555][ T6889] ? zswap_store+0xc42/0x29d0 [ 160.630605][ T6889] ? zswap_store+0xc42/0x29d0 [ 160.630646][ T6889] zswap_store+0xc42/0x29d0 [ 160.630687][ T6889] ? rcu_is_cpu_rrupt_from_idle+0x211/0x270 [ 160.630743][ T6889] ? __pfx_zswap_store+0x10/0x10 [ 160.630788][ T6889] ? folio_free_swap+0x277/0x850 [ 160.630823][ T6889] ? folio_free_swap+0x277/0x850 [ 160.630861][ T6889] ? do_raw_spin_unlock+0x145/0x1e0 [ 160.630900][ T6889] ? _raw_spin_unlock+0x28/0x50 [ 160.630945][ T6889] ? folio_free_swap+0x39/0x850 [ 160.630979][ T6889] ? rcu_is_watching+0x12/0xc0 [ 160.631044][ T6889] swap_writeout+0x49d/0x12b0 [ 160.631096][ T6889] ? _raw_spin_unlock_irq+0x23/0x50 [ 160.631147][ T6889] shmem_writeout+0xe12/0x1520 [ 160.631186][ T6889] ? __pfx_shmem_writeout+0x10/0x10 [ 160.631222][ T6889] ? inode_to_bdi+0x9e/0x160 [ 160.631267][ T6889] ? folio_clear_dirty_for_io+0x178/0x820 [ 160.631313][ T6889] shrink_folio_list+0x3b72/0x6000 [ 160.631371][ T6889] ? __pfx_shrink_folio_list+0x10/0x10 [ 160.631414][ T6889] ? find_held_lock+0x2b/0x80 [ 160.631450][ T6889] ? unwind_next_frame+0x3be/0x1ea0 [ 160.631490][ T6889] ? unwind_next_frame+0x3be/0x1ea0 [ 160.631539][ T6889] ? exc_page_fault+0x6f/0xd0 [ 160.631582][ T6889] ? asm_exc_page_fault+0x26/0x30 [ 160.631607][ T6889] ? __kernel_text_address+0xd/0x30 [ 160.631639][ T6889] ? unwind_get_return_address+0x59/0xa0 [ 160.631681][ T6889] ? arch_stack_walk+0x88/0xf0 [ 160.631752][ T6889] ? __lock_acquire+0x4a5/0x2630 [ 160.631783][ T6889] reclaim_folio_list+0xdc/0x5a0 [ 160.631846][ T6889] ? __lock_acquire+0x4a5/0x2630 [ 160.631875][ T6889] ? __pfx_reclaim_folio_list+0x10/0x10 [ 160.631934][ T6889] ? lru_gen_update_size+0x431/0xe40 [ 160.631984][ T6889] ? lru_gen_del_folio+0x382/0x5f0 [ 160.632027][ T6889] reclaim_pages+0x428/0x5e0 [ 160.632055][ T6889] ? __pfx_reclaim_pages+0x10/0x10 [ 160.632078][ T6889] ? find_held_lock+0x2b/0x80 [ 160.632114][ T6889] ? madvise_cold_or_pageout_pte_range+0xb49/0x2710 [ 160.632160][ T6889] madvise_cold_or_pageout_pte_range+0x1635/0x2710 [ 160.632212][ T6889] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 160.632278][ T6889] ? __pfx_stack_trace_save+0x10/0x10 [ 160.632322][ T6889] ? css_rstat_updated+0x1ce/0x5a0 [ 160.632364][ T6889] ? look_up_lock_class+0x64/0x120 [ 160.632412][ T6889] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 160.632454][ T6889] walk_pgd_range+0xc04/0x1eb0 [ 160.632506][ T6889] ? __pfx_walk_pgd_range+0x10/0x10 [ 160.632538][ T6889] ? folios_put_refs+0x66d/0x840 [ 160.632573][ T6889] __walk_page_range+0x163/0x820 [ 160.632635][ T6889] walk_page_range_vma_unsafe+0x23f/0x960 [ 160.632674][ T6889] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 160.632713][ T6889] ? find_held_lock+0x2b/0x80 [ 160.632751][ T6889] ? mlock_drain_local+0x254/0x4e0 [ 160.632778][ T6889] ? mlock_drain_local+0x254/0x4e0 [ 160.632811][ T6889] walk_page_range_vma+0x63/0x90 [ 160.632845][ T6889] madvise_pageout+0x259/0x540 [ 160.632881][ T6889] ? __pfx_madvise_pageout+0x10/0x10 [ 160.632918][ T6889] ? finish_task_switch.isra.0+0x200/0xb80 [ 160.632976][ T6889] ? mtree_range_walk+0x6ce/0xcd0 [ 160.633020][ T6889] madvise_vma_behavior+0x3d8/0x2a40 [ 160.633060][ T6889] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 160.633108][ T6889] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 160.633147][ T6889] ? mas_prev+0x9b/0xf0 [ 160.633175][ T6889] ? __pfx_mas_prev+0x10/0x10 [ 160.633211][ T6889] ? find_vma_prev+0xd8/0x150 [ 160.633251][ T6889] ? futex_unqueue+0x133/0x2c0 [ 160.633295][ T6889] ? __pfx_find_vma_prev+0x10/0x10 [ 160.633340][ T6889] ? __futex_wait+0x256/0x300 [ 160.633380][ T6889] madvise_walk_vmas+0x2fe/0xa90 [ 160.633424][ T6889] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 160.633483][ T6889] madvise_do_behavior+0x1ea/0x510 [ 160.633523][ T6889] ? __pfx_madvise_do_behavior+0x10/0x10 [ 160.633573][ T6889] ? down_read+0x13b/0x460 [ 160.633614][ T6889] do_madvise+0x195/0x240 [ 160.633647][ T6889] ? __pfx_do_madvise+0x10/0x10 [ 160.633680][ T6889] ? do_futex+0x192/0x350 [ 160.633709][ T6889] ? find_held_lock+0x2b/0x80 [ 160.633754][ T6889] ? xfd_validate_state+0x129/0x190 [ 160.633784][ T6889] ? pipe_ioctl+0x226/0x2c0 [ 160.633813][ T6889] __x64_sys_madvise+0xa9/0x110 [ 160.633847][ T6889] ? lockdep_hardirqs_on+0x78/0x100 [ 160.633888][ T6889] do_syscall_64+0x106/0xf80 [ 160.633909][ T6889] ? clear_bhb_loop+0x40/0x90 [ 160.633940][ T6889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.633965][ T6889] RIP: 0033:0x7ff07639bf79 [ 160.633987][ T6889] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 160.634012][ T6889] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 160.634036][ T6889] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 160.634053][ T6889] RDX: 0000000000000015 RSI: 00000000002003f0 RDI: 0000000000000000 [ 160.634068][ T6889] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 160.634083][ T6889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.634099][ T6889] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 160.634133][ T6889] [ 160.901394][ T5144] Bluetooth: hci3: command tx timeout [ 161.205531][ T6788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 161.275875][ T30] audit: type=1800 audit(1770830796.126:11): pid=6891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.239" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 161.416566][ T6788] team0: Port device team_slave_0 added [ 161.478471][ T6788] team0: Port device team_slave_1 added [ 161.551260][ T6788] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 161.568119][ T6788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 161.600097][ T6788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 161.660913][ T6788] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 161.680791][ T6788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 161.721081][ T6788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 161.954150][ T6788] hsr_slave_0: entered promiscuous mode [ 161.968960][ T6788] hsr_slave_1: entered promiscuous mode [ 161.986988][ T6788] debugfs: 'hsr0' already exists in 'hsr' [ 161.998147][ T6788] Cannot create hsr debugfs directory [ 162.122145][ T5144] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 163.247713][ T5144] Bluetooth: hci3: command tx timeout [ 164.060093][ T6950] FAULT_INJECTION: forcing a failure. [ 164.060093][ T6950] name fail_futex, interval 1, probability 0, space 0, times 0 [ 164.076111][ T6950] CPU: 0 UID: 0 PID: 6950 Comm: syz.2.253 Not tainted syzkaller #0 PREEMPT(full) [ 164.076150][ T6950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 164.076166][ T6950] Call Trace: [ 164.076176][ T6950] [ 164.076186][ T6950] dump_stack_lvl+0x100/0x190 [ 164.076232][ T6950] should_fail_ex.cold+0x5/0xa [ 164.076263][ T6950] get_futex_key+0x295/0x1620 [ 164.076314][ T6950] ? __pfx_get_futex_key+0x10/0x10 [ 164.076356][ T6950] ? lock_acquire+0x17c/0x330 [ 164.076397][ T6950] futex_wake+0xea/0x530 [ 164.076434][ T6950] ? __pfx_futex_wake+0x10/0x10 [ 164.076470][ T6950] ? exit_mm_release+0x19/0x30 [ 164.076509][ T6950] do_futex+0x32b/0x350 [ 164.076538][ T6950] ? __pfx_do_futex+0x10/0x10 [ 164.076563][ T6950] ? __might_fault+0xc5/0x140 [ 164.076618][ T6950] mm_release+0x24a/0x2f0 [ 164.076675][ T6950] do_exit+0x675/0x2a30 [ 164.076714][ T6950] ? __pfx_do_exit+0x10/0x10 [ 164.076745][ T6950] ? do_raw_spin_lock+0x128/0x260 [ 164.076779][ T6950] ? find_held_lock+0x2b/0x80 [ 164.076817][ T6950] ? get_signal+0x7e0/0x21e0 [ 164.076862][ T6950] do_group_exit+0xd5/0x2a0 [ 164.076898][ T6950] get_signal+0x1ec7/0x21e0 [ 164.076953][ T6950] ? __pfx_get_signal+0x10/0x10 [ 164.076997][ T6950] ? do_futex+0x192/0x350 [ 164.077034][ T6950] arch_do_signal_or_restart+0x91/0x770 [ 164.077063][ T6950] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 164.077096][ T6950] ? __pfx___x64_sys_futex+0x10/0x10 [ 164.077118][ T6950] ? xfd_validate_state+0x129/0x190 [ 164.077153][ T6950] exit_to_user_mode_loop+0x86/0x4a0 [ 164.077177][ T6950] ? rcu_is_watching+0x12/0xc0 [ 164.077209][ T6950] do_syscall_64+0x668/0xf80 [ 164.077231][ T6950] ? clear_bhb_loop+0x40/0x90 [ 164.077260][ T6950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.077283][ T6950] RIP: 0033:0x7f8f97f9bf79 [ 164.077302][ T6950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 164.077324][ T6950] RSP: 002b:00007f8f98e2b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 164.077347][ T6950] RAX: fffffffffffffe00 RBX: 00007f8f98215fa8 RCX: 00007f8f97f9bf79 [ 164.077363][ T6950] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8f98215fa8 [ 164.077377][ T6950] RBP: 00007f8f98215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 164.077391][ T6950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.077405][ T6950] R13: 00007f8f98216038 R14: 00007ffc72802050 R15: 00007ffc72802138 [ 164.077436][ T6950] [ 164.749024][ T6788] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 164.819691][ T5144] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 164.840103][ T6788] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 164.892655][ T6788] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 164.952892][ T6788] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 165.456795][ T6788] 8021q: adding VLAN 0 to HW filter on device bond0 [ 165.575057][ T6997] FAULT_INJECTION: forcing a failure. [ 165.575057][ T6997] name fail_futex, interval 1, probability 0, space 0, times 0 [ 165.629906][ T6997] CPU: 0 UID: 0 PID: 6997 Comm: syz.3.258 Not tainted syzkaller #0 PREEMPT(full) [ 165.629945][ T6997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 165.629964][ T6997] Call Trace: [ 165.629973][ T6997] [ 165.629984][ T6997] dump_stack_lvl+0x100/0x190 [ 165.630033][ T6997] should_fail_ex.cold+0x5/0xa [ 165.630067][ T6997] get_futex_key+0x295/0x1620 [ 165.630125][ T6997] ? __pfx_get_futex_key+0x10/0x10 [ 165.630158][ T6997] ? lock_acquire+0x17c/0x330 [ 165.630189][ T6997] futex_wake+0xea/0x530 [ 165.630218][ T6997] ? __pfx_futex_wake+0x10/0x10 [ 165.630245][ T6997] ? exit_mm_release+0x19/0x30 [ 165.630274][ T6997] do_futex+0x32b/0x350 [ 165.630295][ T6997] ? __pfx_do_futex+0x10/0x10 [ 165.630315][ T6997] ? __might_fault+0xc5/0x140 [ 165.630342][ T6997] mm_release+0x24a/0x2f0 [ 165.630376][ T6997] do_exit+0x675/0x2a30 [ 165.630404][ T6997] ? __pfx_do_exit+0x10/0x10 [ 165.630429][ T6997] ? do_raw_spin_lock+0x128/0x260 [ 165.630455][ T6997] ? find_held_lock+0x2b/0x80 [ 165.630484][ T6997] ? get_signal+0x7e0/0x21e0 [ 165.630520][ T6997] do_group_exit+0xd5/0x2a0 [ 165.630561][ T6997] get_signal+0x1ec7/0x21e0 [ 165.630602][ T6997] ? __pfx_get_signal+0x10/0x10 [ 165.630634][ T6997] ? do_futex+0x192/0x350 [ 165.630657][ T6997] arch_do_signal_or_restart+0x91/0x770 [ 165.630680][ T6997] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 165.630710][ T6997] ? __pfx___x64_sys_futex+0x10/0x10 [ 165.630729][ T6997] ? xfd_validate_state+0x129/0x190 [ 165.630761][ T6997] exit_to_user_mode_loop+0x86/0x4a0 [ 165.630782][ T6997] ? rcu_is_watching+0x12/0xc0 [ 165.630816][ T6997] do_syscall_64+0x668/0xf80 [ 165.630834][ T6997] ? clear_bhb_loop+0x40/0x90 [ 165.630859][ T6997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.630880][ T6997] RIP: 0033:0x7f546e39bf79 [ 165.630897][ T6997] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 165.630917][ T6997] RSP: 002b:00007f546f1e00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 165.630938][ T6997] RAX: fffffffffffffe00 RBX: 00007f546e615fa8 RCX: 00007f546e39bf79 [ 165.630951][ T6997] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f546e615fa8 [ 165.630964][ T6997] RBP: 00007f546e615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 165.630977][ T6997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.630989][ T6997] R13: 00007f546e616038 R14: 00007ffd5968b5a0 R15: 00007ffd5968b688 [ 165.631016][ T6997] [ 166.068138][ T6788] 8021q: adding VLAN 0 to HW filter on device team0 [ 166.090023][ T3030] bridge0: port 1(bridge_slave_0) entered blocking state [ 166.097171][ T3030] bridge0: port 1(bridge_slave_0) entered forwarding state [ 166.135164][ T3030] bridge0: port 2(bridge_slave_1) entered blocking state [ 166.142345][ T3030] bridge0: port 2(bridge_slave_1) entered forwarding state [ 166.302001][ T7006] Invalid ELF header magic: != ELF [ 166.606914][ T7014] Scaler: ================= START STATUS ================= [ 166.630395][ T7014] Scaler: ================== END STATUS ================== [ 167.172627][ T6788] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 167.480613][ T6788] veth0_vlan: entered promiscuous mode [ 167.692530][ T6788] veth1_vlan: entered promiscuous mode [ 167.703456][ T7037] FAULT_INJECTION: forcing a failure. [ 167.703456][ T7037] name fail_futex, interval 1, probability 0, space 0, times 0 [ 167.734571][ T7037] CPU: 0 UID: 0 PID: 7037 Comm: syz.2.264 Not tainted syzkaller #0 PREEMPT(full) [ 167.734611][ T7037] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 167.734630][ T7037] Call Trace: [ 167.734641][ T7037] [ 167.734651][ T7037] dump_stack_lvl+0x100/0x190 [ 167.734701][ T7037] should_fail_ex.cold+0x5/0xa [ 167.734736][ T7037] get_futex_key+0x295/0x1620 [ 167.734792][ T7037] ? __pfx_get_futex_key+0x10/0x10 [ 167.734839][ T7037] ? lock_acquire+0x17c/0x330 [ 167.734884][ T7037] futex_wake+0xea/0x530 [ 167.734925][ T7037] ? __pfx_futex_wake+0x10/0x10 [ 167.734962][ T7037] ? exit_mm_release+0x19/0x30 [ 167.735007][ T7037] do_futex+0x32b/0x350 [ 167.735038][ T7037] ? __pfx_do_futex+0x10/0x10 [ 167.735065][ T7037] ? __might_fault+0xc5/0x140 [ 167.735104][ T7037] mm_release+0x24a/0x2f0 [ 167.735155][ T7037] do_exit+0x675/0x2a30 [ 167.735196][ T7037] ? __pfx_do_exit+0x10/0x10 [ 167.735232][ T7037] ? do_raw_spin_lock+0x128/0x260 [ 167.735269][ T7037] ? find_held_lock+0x2b/0x80 [ 167.735310][ T7037] ? get_signal+0x7e0/0x21e0 [ 167.735362][ T7037] do_group_exit+0xd5/0x2a0 [ 167.735408][ T7037] get_signal+0x1ec7/0x21e0 [ 167.735466][ T7037] ? madvise_unlock+0xa9/0x220 [ 167.735510][ T7037] ? __pfx_get_signal+0x10/0x10 [ 167.735560][ T7037] ? do_futex+0x192/0x350 [ 167.735596][ T7037] arch_do_signal_or_restart+0x91/0x770 [ 167.735633][ T7037] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 167.735679][ T7037] ? __pfx___x64_sys_futex+0x10/0x10 [ 167.735720][ T7037] ? xfd_validate_state+0x129/0x190 [ 167.735765][ T7037] exit_to_user_mode_loop+0x86/0x4a0 [ 167.735795][ T7037] ? rcu_is_watching+0x12/0xc0 [ 167.735837][ T7037] do_syscall_64+0x668/0xf80 [ 167.735865][ T7037] ? clear_bhb_loop+0x40/0x90 [ 167.735903][ T7037] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.735935][ T7037] RIP: 0033:0x7f8f97f9bf79 [ 167.735959][ T7037] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 167.735989][ T7037] RSP: 002b:00007f8f98e2b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 167.736019][ T7037] RAX: fffffffffffffe00 RBX: 00007f8f98215fa8 RCX: 00007f8f97f9bf79 [ 167.736039][ T7037] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8f98215fa8 [ 167.736058][ T7037] RBP: 00007f8f98215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 167.736076][ T7037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.736093][ T7037] R13: 00007f8f98216038 R14: 00007ffc72802050 R15: 00007ffc72802138 [ 167.736143][ T7037] [ 168.341113][ T6788] veth0_macvtap: entered promiscuous mode [ 168.354442][ T7044] FAULT_INJECTION: forcing a failure. [ 168.354442][ T7044] name failslab, interval 1, probability 0, space 0, times 0 [ 168.355241][ T6788] veth1_macvtap: entered promiscuous mode [ 168.420358][ T7044] CPU: 1 UID: 0 PID: 7044 Comm: syz.2.267 Not tainted syzkaller #0 PREEMPT(full) [ 168.420406][ T7044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 168.420420][ T7044] Call Trace: [ 168.420428][ T7044] [ 168.420437][ T7044] dump_stack_lvl+0x100/0x190 [ 168.420475][ T7044] should_fail_ex.cold+0x5/0xa [ 168.420501][ T7044] should_failslab+0xc2/0x120 [ 168.420530][ T7044] ? constrain_params_by_rules+0x175/0xcc0 [ 168.420557][ T7044] __kmalloc_noprof+0xf6/0x9c0 [ 168.420592][ T7044] ? kernel_text_address+0x8d/0x100 [ 168.420621][ T7044] ? __kernel_text_address+0xd/0x30 [ 168.420656][ T7044] ? constrain_params_by_rules+0x175/0xcc0 [ 168.420682][ T7044] constrain_params_by_rules+0x175/0xcc0 [ 168.420716][ T7044] ? stack_trace_save+0x8e/0xc0 [ 168.420754][ T7044] ? __pfx_constrain_params_by_rules+0x10/0x10 [ 168.420788][ T7044] ? __kasan_kmalloc+0xaa/0xb0 [ 168.420811][ T7044] ? snd_pcm_oss_change_params_locked+0x81c/0x39f0 [ 168.420852][ T7044] ? snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 168.420892][ T7044] ? snd_pcm_oss_write+0x4bb/0xa30 [ 168.420924][ T7044] ? snd_interval_refine+0x2d0/0x580 [ 168.420960][ T7044] snd_pcm_hw_refine+0x7e7/0xad0 [ 168.420992][ T7044] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 168.421032][ T7044] ? snd_interval_refine+0x2d0/0x580 [ 168.421068][ T7044] snd_pcm_oss_change_params_locked+0xdb3/0x39f0 [ 168.421123][ T7044] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 168.421169][ T7044] ? try_to_wake_up+0x644/0x1a80 [ 168.421211][ T7044] ? futex_wake+0x456/0x530 [ 168.421242][ T7044] snd_pcm_oss_make_ready_locked+0xb7/0x130 [ 168.421286][ T7044] snd_pcm_oss_write+0x4bb/0xa30 [ 168.421311][ T7044] ? bpf_lsm_file_permission+0x9/0x10 [ 168.421349][ T7044] ? security_file_permission+0x76/0x210 [ 168.421384][ T7044] vfs_write+0x2aa/0x1070 [ 168.421420][ T7044] ? __pfx_snd_pcm_oss_write+0x10/0x10 [ 168.421445][ T7044] ? __pfx_vfs_write+0x10/0x10 [ 168.421465][ T7044] ? find_held_lock+0x2b/0x80 [ 168.421495][ T7044] ? __fget_files+0x215/0x3d0 [ 168.421516][ T7044] ? __fget_files+0x215/0x3d0 [ 168.421542][ T7044] ? __fget_files+0x21f/0x3d0 [ 168.421572][ T7044] ksys_write+0x12a/0x250 [ 168.421593][ T7044] ? __pfx_ksys_write+0x10/0x10 [ 168.421622][ T7044] do_syscall_64+0x106/0xf80 [ 168.421643][ T7044] ? clear_bhb_loop+0x40/0x90 [ 168.421669][ T7044] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.421692][ T7044] RIP: 0033:0x7f8f97f9bf79 [ 168.421708][ T7044] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 168.421730][ T7044] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 168.421751][ T7044] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 168.421766][ T7044] RDX: 0000000000000001 RSI: 0000200000000080 RDI: 0000000000000002 [ 168.421779][ T7044] RBP: 00007f8f980327e0 R08: 0000000000000000 R09: 0000000000000000 [ 168.421792][ T7044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 168.421805][ T7044] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 168.421833][ T7044] [ 168.740375][ T6788] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 168.750789][ T6788] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 169.000882][ T7047] netlink: 62 bytes leftover after parsing attributes in process `syz.2.267'. [ 169.069481][ T7054] random: crng reseeded on system resumption [ 169.153877][ T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.162888][ T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.241105][ T5942] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 169.250003][ T5942] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.290506][ T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.327311][ T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 169.439326][ T5942] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 169.447234][ T5942] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 169.825866][ T7070] net_ratelimit: 34 callbacks suppressed [ 169.825886][ T7070] netlink: zone id is out of range [ 169.878532][ T7073] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 169.896572][ T7070] netlink: zone id is out of range [ 169.908085][ T7070] netlink: zone id is out of range [ 169.913452][ T7070] netlink: zone id is out of range [ 169.937775][ T7070] netlink: zone id is out of range [ 169.945083][ T7070] netlink: zone id is out of range [ 169.964425][ T7070] netlink: zone id is out of range [ 169.984693][ T7070] netlink: zone id is out of range [ 170.012961][ T7070] netlink: zone id is out of range [ 170.046647][ T7070] netlink: zone id is out of range [ 170.476126][ T7085] netlink: 28 bytes leftover after parsing attributes in process `syz.1.273'. [ 170.608659][ T7085] veth0_macvtap: left promiscuous mode [ 171.040165][ T7100] FAULT_INJECTION: forcing a failure. [ 171.040165][ T7100] name failslab, interval 1, probability 0, space 0, times 0 [ 171.177808][ T7100] CPU: 1 UID: 0 PID: 7100 Comm: syz.1.274 Not tainted syzkaller #0 PREEMPT(full) [ 171.177850][ T7100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 171.177870][ T7100] Call Trace: [ 171.177879][ T7100] [ 171.177892][ T7100] dump_stack_lvl+0x100/0x190 [ 171.177943][ T7100] should_fail_ex.cold+0x5/0xa [ 171.177979][ T7100] should_failslab+0xc2/0x120 [ 171.178015][ T7100] ? tomoyo_realpath_from_path+0xb6/0x690 [ 171.178055][ T7100] __kmalloc_noprof+0xf6/0x9c0 [ 171.178100][ T7100] ? kfree+0x2a9/0x690 [ 171.178151][ T7100] ? tomoyo_realpath_from_path+0xb6/0x690 [ 171.178190][ T7100] tomoyo_realpath_from_path+0xb6/0x690 [ 171.178257][ T7100] tomoyo_check_open_permission+0x2af/0x3c0 [ 171.178294][ T7100] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 171.178375][ T7100] ? lock_acquire+0x17c/0x330 [ 171.178410][ T7100] ? find_held_lock+0x2b/0x80 [ 171.178467][ T7100] tomoyo_file_open+0x6b/0x90 [ 171.178516][ T7100] security_file_open+0xb5/0x1e0 [ 171.178555][ T7100] do_dentry_open+0x5aa/0x1660 [ 171.178603][ T7100] vfs_open+0x82/0x3f0 [ 171.178651][ T7100] path_openat+0x208c/0x31a0 [ 171.178712][ T7100] ? __pfx_path_openat+0x10/0x10 [ 171.178758][ T7100] do_file_open+0x20e/0x430 [ 171.178793][ T7100] ? __pfx_do_file_open+0x10/0x10 [ 171.178856][ T7100] ? alloc_fd+0x476/0x790 [ 171.178893][ T7100] ? do_getname+0x191/0x390 [ 171.178938][ T7100] do_sys_openat2+0x10d/0x1e0 [ 171.178982][ T7100] ? __pfx_do_sys_openat2+0x10/0x10 [ 171.179029][ T7100] ? __fget_files+0x21f/0x3d0 [ 171.179069][ T7100] __x64_sys_openat+0x12d/0x210 [ 171.179113][ T7100] ? __pfx___x64_sys_openat+0x10/0x10 [ 171.179156][ T7100] ? xfd_validate_state+0x129/0x190 [ 171.179208][ T7100] do_syscall_64+0x106/0xf80 [ 171.179238][ T7100] ? clear_bhb_loop+0x40/0x90 [ 171.179276][ T7100] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.179306][ T7100] RIP: 0033:0x7fe76519bf79 [ 171.179331][ T7100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.179370][ T7100] RSP: 002b:00007fe766039028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 171.179399][ T7100] RAX: ffffffffffffffda RBX: 00007fe765415fa0 RCX: 00007fe76519bf79 [ 171.179419][ T7100] RDX: 000000000000a001 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 171.179451][ T7100] RBP: 00007fe7652327e0 R08: 0000000000000000 R09: 0000000000000000 [ 171.179468][ T7100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.179483][ T7100] R13: 00007fe765416038 R14: 00007fe765415fa0 R15: 00007fffb53a66b8 [ 171.179521][ T7100] [ 171.179550][ T7100] ERROR: Out of memory at tomoyo_realpath_from_path. [ 171.535179][ T7109] FAULT_INJECTION: forcing a failure. [ 171.535179][ T7109] name fail_futex, interval 1, probability 0, space 0, times 0 [ 171.607227][ T7109] CPU: 1 UID: 0 PID: 7109 Comm: syz.3.275 Not tainted syzkaller #0 PREEMPT(full) [ 171.607265][ T7109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 171.607282][ T7109] Call Trace: [ 171.607291][ T7109] [ 171.607302][ T7109] dump_stack_lvl+0x100/0x190 [ 171.607348][ T7109] should_fail_ex.cold+0x5/0xa [ 171.607381][ T7109] get_futex_key+0x295/0x1620 [ 171.607431][ T7109] ? __pfx_get_futex_key+0x10/0x10 [ 171.607473][ T7109] ? lock_acquire+0x17c/0x330 [ 171.607515][ T7109] futex_wake+0xea/0x530 [ 171.607552][ T7109] ? __pfx_futex_wake+0x10/0x10 [ 171.607587][ T7109] ? exit_mm_release+0x19/0x30 [ 171.607629][ T7109] do_futex+0x32b/0x350 [ 171.607658][ T7109] ? __pfx_do_futex+0x10/0x10 [ 171.607682][ T7109] ? __might_fault+0xc5/0x140 [ 171.607717][ T7109] mm_release+0x24a/0x2f0 [ 171.607762][ T7109] do_exit+0x675/0x2a30 [ 171.607800][ T7109] ? __pfx_do_exit+0x10/0x10 [ 171.607832][ T7109] ? do_raw_spin_lock+0x128/0x260 [ 171.607866][ T7109] ? find_held_lock+0x2b/0x80 [ 171.607904][ T7109] ? get_signal+0x7e0/0x21e0 [ 171.607952][ T7109] do_group_exit+0xd5/0x2a0 [ 171.607988][ T7109] get_signal+0x1ec7/0x21e0 [ 171.608040][ T7109] ? madvise_unlock+0xa9/0x220 [ 171.608097][ T7109] ? __pfx_get_signal+0x10/0x10 [ 171.608143][ T7109] ? do_futex+0x192/0x350 [ 171.608173][ T7109] arch_do_signal_or_restart+0x91/0x770 [ 171.608207][ T7109] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 171.608247][ T7109] ? __pfx___x64_sys_futex+0x10/0x10 [ 171.608275][ T7109] ? xfd_validate_state+0x129/0x190 [ 171.608315][ T7109] exit_to_user_mode_loop+0x86/0x4a0 [ 171.608341][ T7109] ? rcu_is_watching+0x12/0xc0 [ 171.608374][ T7109] do_syscall_64+0x668/0xf80 [ 171.608398][ T7109] ? clear_bhb_loop+0x40/0x90 [ 171.608430][ T7109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 171.608456][ T7109] RIP: 0033:0x7f546e39bf79 [ 171.608477][ T7109] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 171.608505][ T7109] RSP: 002b:00007f546f1e00e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 171.608533][ T7109] RAX: fffffffffffffe00 RBX: 00007f546e615fa8 RCX: 00007f546e39bf79 [ 171.608551][ T7109] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f546e615fa8 [ 171.608568][ T7109] RBP: 00007f546e615fa0 R08: 0000000000000000 R09: 0000000000000000 [ 171.608585][ T7109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 171.608601][ T7109] R13: 00007f546e616038 R14: 00007ffd5968b5a0 R15: 00007ffd5968b688 [ 171.608639][ T7109] [ 172.057394][ T7119] netlink: 346 bytes leftover after parsing attributes in process `syz.0.277'. [ 172.223049][ T7127] random: crng reseeded on system resumption [ 172.230262][ T7119] netlink: 346 bytes leftover after parsing attributes in process `syz.0.277'. [ 172.534308][ T7134] netlink: 28 bytes leftover after parsing attributes in process `syz.2.280'. [ 172.544818][ T7134] veth1_vlan: entered allmulticast mode [ 172.630355][ T7137] FAULT_INJECTION: forcing a failure. [ 172.630355][ T7137] name failslab, interval 1, probability 0, space 0, times 0 [ 172.650732][ T7137] CPU: 0 UID: 0 PID: 7137 Comm: syz.0.281 Not tainted syzkaller #0 PREEMPT(full) [ 172.650774][ T7137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 172.650794][ T7137] Call Trace: [ 172.650805][ T7137] [ 172.650816][ T7137] dump_stack_lvl+0x100/0x190 [ 172.650884][ T7137] should_fail_ex.cold+0x5/0xa [ 172.650921][ T7137] should_failslab+0xc2/0x120 [ 172.650963][ T7137] ? __seq_open_private+0x22/0xd0 [ 172.651013][ T7137] __kmalloc_noprof+0xf6/0x9c0 [ 172.651073][ T7137] ? __pfx_stats_fop_open+0x10/0x10 [ 172.651120][ T7137] ? __seq_open_private+0x22/0xd0 [ 172.651170][ T7137] ? __kasan_kmalloc+0xaa/0xb0 [ 172.651202][ T7137] __seq_open_private+0x22/0xd0 [ 172.651262][ T7137] sc_common_open+0x6b/0x200 [ 172.651312][ T7137] full_proxy_open_regular+0x1b6/0x370 [ 172.651350][ T7137] do_dentry_open+0x6d8/0x1660 [ 172.651385][ T7137] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 172.651429][ T7137] vfs_open+0x82/0x3f0 [ 172.651480][ T7137] path_openat+0x208c/0x31a0 [ 172.651531][ T7137] ? __pfx_path_openat+0x10/0x10 [ 172.651581][ T7137] do_file_open+0x20e/0x430 [ 172.651623][ T7137] ? __pfx_do_file_open+0x10/0x10 [ 172.651690][ T7137] ? alloc_fd+0x476/0x790 [ 172.651729][ T7137] ? do_getname+0x191/0x390 [ 172.651779][ T7137] do_sys_openat2+0x10d/0x1e0 [ 172.651826][ T7137] ? __pfx_do_sys_openat2+0x10/0x10 [ 172.651878][ T7137] ? __fget_files+0x21f/0x3d0 [ 172.651922][ T7137] __x64_sys_openat+0x12d/0x210 [ 172.651970][ T7137] ? __pfx___x64_sys_openat+0x10/0x10 [ 172.652027][ T7137] ? xfd_validate_state+0x129/0x190 [ 172.652079][ T7137] do_syscall_64+0x106/0xf80 [ 172.652109][ T7137] ? clear_bhb_loop+0x40/0x90 [ 172.652150][ T7137] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.652183][ T7137] RIP: 0033:0x7ff07639bf79 [ 172.652208][ T7137] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 172.652237][ T7137] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 172.652273][ T7137] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 172.652293][ T7137] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 172.652313][ T7137] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 172.652331][ T7137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.652349][ T7137] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 172.652387][ T7137] [ 173.778235][ T7150] FAULT_INJECTION: forcing a failure. [ 173.778235][ T7150] name failslab, interval 1, probability 0, space 0, times 0 [ 173.817760][ T7150] CPU: 1 UID: 0 PID: 7150 Comm: syz.2.283 Not tainted syzkaller #0 PREEMPT(full) [ 173.817801][ T7150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 173.817820][ T7150] Call Trace: [ 173.817830][ T7150] [ 173.817842][ T7150] dump_stack_lvl+0x100/0x190 [ 173.817891][ T7150] should_fail_ex.cold+0x5/0xa [ 173.817937][ T7150] should_failslab+0xc2/0x120 [ 173.817980][ T7150] kmem_cache_alloc_noprof+0x83/0x780 [ 173.818015][ T7150] ? d_instantiate+0x90/0xb0 [ 173.818051][ T7150] ? alloc_empty_file+0x55/0x1c0 [ 173.818099][ T7150] ? alloc_empty_file+0x55/0x1c0 [ 173.818139][ T7150] alloc_empty_file+0x55/0x1c0 [ 173.818200][ T7150] alloc_file_pseudo+0x13a/0x230 [ 173.818248][ T7150] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 173.818305][ T7150] __shmem_file_setup+0x1a3/0x330 [ 173.818359][ T7150] shmem_zero_setup+0x93/0x1b0 [ 173.818405][ T7150] __mmap_region+0x2101/0x2820 [ 173.818462][ T7150] ? __pfx___mmap_region+0x10/0x10 [ 173.818525][ T7150] ? finish_task_switch.isra.0+0x205/0xb80 [ 173.818576][ T7150] ? lockdep_hardirqs_on+0x78/0x100 [ 173.818630][ T7150] ? finish_task_switch.isra.0+0x205/0xb80 [ 173.818755][ T7150] ? mm_get_unmapped_area_vmflags+0xd7/0x130 [ 173.818804][ T7150] ? rcu_is_watching+0x12/0xc0 [ 173.818857][ T7150] mmap_region+0x180/0x3e0 [ 173.818899][ T7150] do_mmap+0xc63/0x12f0 [ 173.818982][ T7150] ? __pfx_do_mmap+0x10/0x10 [ 173.819026][ T7150] ? __pfx_down_write_killable+0x10/0x10 [ 173.819074][ T7150] vm_mmap_pgoff+0x29e/0x470 [ 173.819126][ T7150] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 173.819179][ T7150] ? __x64_sys_futex+0x34f/0x4d0 [ 173.819211][ T7150] ? __x64_sys_futex+0x358/0x4d0 [ 173.819250][ T7150] ksys_mmap_pgoff+0x7d/0x5b0 [ 173.819301][ T7150] __x64_sys_mmap+0x125/0x190 [ 173.819347][ T7150] do_syscall_64+0x106/0xf80 [ 173.819378][ T7150] ? clear_bhb_loop+0x40/0x90 [ 173.819418][ T7150] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.819453][ T7150] RIP: 0033:0x7f8f97f9bf79 [ 173.819480][ T7150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.819513][ T7150] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 173.819545][ T7150] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 173.819580][ T7150] RDX: 0000000000000003 RSI: 0000000002020009 RDI: 0000000000000000 [ 173.819600][ T7150] RBP: 00007f8f980327e0 R08: ffffffffffffffff R09: 0000000000008000 [ 173.819621][ T7150] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 173.819639][ T7150] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 173.819692][ T7150] [ 174.729395][ T7172] tipc: Can't bind to reserved service type 0 [ 175.938546][ T7196] ima: policy update failed [ 175.958039][ T7196] serio: Serial port pty6 [ 175.971675][ T30] audit: type=1807 audit(1770830817.790:12): UNKNOWN=0"]$|1j0B|dӉO+/xWӦ^gq%ḦrO res=0 [ 176.005056][ T30] audit: type=1802 audit(1770830817.800:13): pid=7196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.296" res=0 errno=0 [ 176.035222][ T30] audit: type=1802 audit(1770830817.800:14): pid=7196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.296" res=0 errno=0 [ 176.179239][ T7183] No such timeout policy "" [ 176.184188][ T7183] net_ratelimit: 18 callbacks suppressed [ 176.184210][ T7183] netlink: Failed to associated timeout policy '' [ 176.200612][ T5144] Bluetooth: hci1: Malformed LE Event: 0x0b [ 176.578341][ T7205] netlink: zone id is out of range [ 176.597162][ T7205] netlink: zone id is out of range [ 176.618635][ T7205] netlink: zone id is out of range [ 176.644051][ T7205] netlink: zone id is out of range [ 176.658537][ T7205] netlink: zone id is out of range [ 176.669138][ T7205] netlink: zone id is out of range [ 176.692312][ T7205] netlink: zone id is out of range [ 176.704646][ T7205] netlink: zone id is out of range [ 176.722542][ T7205] netlink: zone id is out of range syzkaller syzkaller login: [ 177.103230][ T7213] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 177.125823][ T7213] FAULT_INJECTION: forcing a failure. [ 177.125823][ T7213] name failslab, interval 1, probability 0, space 0, times 0 [ 177.176185][ T7213] CPU: 0 UID: 0 PID: 7213 Comm: syz.0.301 Not tainted syzkaller #0 PREEMPT(full) [ 177.176226][ T7213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 177.176246][ T7213] Call Trace: [ 177.176256][ T7213] [ 177.176267][ T7213] dump_stack_lvl+0x100/0x190 [ 177.176317][ T7213] should_fail_ex.cold+0x5/0xa [ 177.176352][ T7213] should_failslab+0xc2/0x120 [ 177.176392][ T7213] __kvmalloc_node_noprof+0x101/0xac0 [ 177.176427][ T7213] ? alloc_fdtable+0x17f/0x2d0 [ 177.176466][ T7213] ? alloc_fdtable+0x17f/0x2d0 [ 177.176495][ T7213] alloc_fdtable+0x17f/0x2d0 [ 177.176527][ T7213] dup_fd+0x995/0xd10 [ 177.176567][ T7213] ? apparmor_task_alloc+0x2c1/0x3b0 [ 177.176621][ T7213] copy_process+0x2631/0x79b0 [ 177.176670][ T7213] ? __pfx_copy_process+0x10/0x10 [ 177.176719][ T7213] kernel_clone+0xfc/0x930 [ 177.176748][ T7213] ? __pfx_futex_wait+0x10/0x10 [ 177.176782][ T7213] ? madvise_unlock+0x172/0x220 [ 177.176824][ T7213] ? __pfx_kernel_clone+0x10/0x10 [ 177.176875][ T7213] __do_sys_clone+0xd9/0x120 [ 177.176906][ T7213] ? __pfx___do_sys_clone+0x10/0x10 [ 177.176943][ T7213] ? find_held_lock+0x2b/0x80 [ 177.177000][ T7213] ? xfd_validate_state+0x129/0x190 [ 177.177052][ T7213] do_syscall_64+0x106/0xf80 [ 177.177081][ T7213] ? clear_bhb_loop+0x40/0x90 [ 177.177119][ T7213] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 177.177151][ T7213] RIP: 0033:0x7ff07639bf79 [ 177.177176][ T7213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 177.177208][ T7213] RSP: 002b:00007ff0772b0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 177.177239][ T7213] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 177.177278][ T7213] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000004001000 [ 177.177298][ T7213] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 177.177319][ T7213] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 177.177335][ T7213] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 177.177375][ T7213] [ 177.918956][ T7233] netlink: 93 bytes leftover after parsing attributes in process `syz.0.305'. [ 177.968215][ T7231] netlink: 93 bytes leftover after parsing attributes in process `syz.0.305'. [ 178.026706][ T7233] netlink: 93 bytes leftover after parsing attributes in process `syz.0.305'. [ 178.174315][ T7237] binder: 7236:7237 ioctl c018620c 0 returned -1 [ 179.104171][ T7253] zswap: compressor not available [ 179.443380][ T7270] netlink: 'syz.0.315': attribute type 11 has an invalid length. [ 179.451435][ T7270] netlink: 'syz.0.315': attribute type 11 has an invalid length. [ 179.460889][ T7270] netlink: 140 bytes leftover after parsing attributes in process `syz.0.315'. [ 179.656638][ T7270] random: crng reseeded on system resumption [ 179.702168][ T7273] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input8 [ 180.435899][ T7293] capability: warning: `syz.0.319' uses 32-bit capabilities (legacy support in use) [ 181.657407][ T7305] ptp ptp0: new virtual clock ptp1 [ 181.706024][ T7305] ptp ptp0: guarantee physical clock free running [ 181.778337][ T7306] ptp ptp0: delete virtual clock ptp1 [ 181.941139][ T7306] ptp ptp0: only physical clock in use now [ 182.378495][ T7324] net_ratelimit: 78 callbacks suppressed [ 182.378518][ T7324] netlink: zone id is out of range [ 182.437755][ T7324] netlink: zone id is out of range [ 182.442903][ T7324] netlink: zone id is out of range [ 182.461712][ T7324] netlink: zone id is out of range [ 182.469192][ T7324] netlink: zone id is out of range [ 182.523891][ T7324] netlink: zone id is out of range [ 182.540185][ T7324] netlink: zone id is out of range [ 182.550282][ T7324] netlink: zone id is out of range [ 182.568585][ T7324] netlink: zone id is out of range [ 182.603797][ T7324] netlink: zone id is out of range [ 183.479886][ T7348] FAULT_INJECTION: forcing a failure. [ 183.479886][ T7348] name failslab, interval 1, probability 0, space 0, times 0 [ 183.496858][ T7348] CPU: 1 UID: 0 PID: 7348 Comm: syz.3.335 Not tainted syzkaller #0 PREEMPT(full) [ 183.496895][ T7348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 183.496911][ T7348] Call Trace: [ 183.496920][ T7348] [ 183.496930][ T7348] dump_stack_lvl+0x100/0x190 [ 183.496975][ T7348] should_fail_ex.cold+0x5/0xa [ 183.497008][ T7348] should_failslab+0xc2/0x120 [ 183.497043][ T7348] ? __seq_open_private+0x22/0xd0 [ 183.497085][ T7348] __kmalloc_noprof+0xf6/0x9c0 [ 183.497136][ T7348] ? __pfx_stats_fop_open+0x10/0x10 [ 183.497177][ T7348] ? __seq_open_private+0x22/0xd0 [ 183.497218][ T7348] ? __kasan_kmalloc+0xaa/0xb0 [ 183.497245][ T7348] __seq_open_private+0x22/0xd0 [ 183.497290][ T7348] sc_common_open+0x6b/0x200 [ 183.497332][ T7348] full_proxy_open_regular+0x1b6/0x370 [ 183.497366][ T7348] do_dentry_open+0x6d8/0x1660 [ 183.497396][ T7348] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 183.497442][ T7348] vfs_open+0x82/0x3f0 [ 183.497485][ T7348] path_openat+0x208c/0x31a0 [ 183.497528][ T7348] ? __pfx_path_openat+0x10/0x10 [ 183.497573][ T7348] do_file_open+0x20e/0x430 [ 183.497611][ T7348] ? __pfx_do_file_open+0x10/0x10 [ 183.497667][ T7348] ? alloc_fd+0x476/0x790 [ 183.497693][ T7348] ? do_getname+0x191/0x390 [ 183.497725][ T7348] do_sys_openat2+0x10d/0x1e0 [ 183.497759][ T7348] ? __pfx_do_sys_openat2+0x10/0x10 [ 183.497795][ T7348] ? __fget_files+0x21f/0x3d0 [ 183.497828][ T7348] __x64_sys_openat+0x12d/0x210 [ 183.497864][ T7348] ? __pfx___x64_sys_openat+0x10/0x10 [ 183.497899][ T7348] ? xfd_validate_state+0x129/0x190 [ 183.497942][ T7348] do_syscall_64+0x106/0xf80 [ 183.497964][ T7348] ? clear_bhb_loop+0x40/0x90 [ 183.497994][ T7348] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.498018][ T7348] RIP: 0033:0x7f546e39bf79 [ 183.498037][ T7348] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.498063][ T7348] RSP: 002b:00007f546f1e0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 183.498089][ T7348] RAX: ffffffffffffffda RBX: 00007f546e615fa0 RCX: 00007f546e39bf79 [ 183.498107][ T7348] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 183.498122][ T7348] RBP: 00007f546e4327e0 R08: 0000000000000000 R09: 0000000000000000 [ 183.498136][ T7348] R10: 000000000000ebff R11: 0000000000000246 R12: 0000000000000000 [ 183.498151][ T7348] R13: 00007f546e616038 R14: 00007f546e615fa0 R15: 00007ffd5968b688 [ 183.498185][ T7348] [ 183.995843][ T7349] random: crng reseeded on system resumption [ 184.410324][ T7364] FAULT_INJECTION: forcing a failure. [ 184.410324][ T7364] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 184.460643][ T7364] CPU: 1 UID: 0 PID: 7364 Comm: syz.0.338 Not tainted syzkaller #0 PREEMPT(full) [ 184.460705][ T7364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 184.460725][ T7364] Call Trace: [ 184.460734][ T7364] [ 184.460745][ T7364] dump_stack_lvl+0x100/0x190 [ 184.460814][ T7364] should_fail_ex.cold+0x5/0xa [ 184.460851][ T7364] _copy_from_user+0x2e/0xd0 [ 184.460887][ T7364] move_addr_to_kernel+0x65/0x170 [ 184.460943][ T7364] copy_msghdr_from_user+0x417/0x4f0 [ 184.460999][ T7364] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 184.461060][ T7364] ? try_to_wake_up+0x644/0x1a80 [ 184.461115][ T7364] ___sys_sendmsg+0x106/0x1e0 [ 184.461171][ T7364] ? __pfx____sys_sendmsg+0x10/0x10 [ 184.461232][ T7364] ? futex_private_hash_put+0x107/0x1c0 [ 184.461322][ T7364] __sys_sendmsg+0x170/0x220 [ 184.461368][ T7364] ? __pfx___sys_sendmsg+0x10/0x10 [ 184.461405][ T7364] ? __x64_sys_futex+0x34f/0x4d0 [ 184.461458][ T7364] do_syscall_64+0x106/0xf80 [ 184.461486][ T7364] ? clear_bhb_loop+0x40/0x90 [ 184.461524][ T7364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 184.461555][ T7364] RIP: 0033:0x7ff07639bf79 [ 184.461579][ T7364] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 184.461610][ T7364] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 184.461639][ T7364] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 184.461659][ T7364] RDX: 0000000000004085 RSI: 00002000000007c0 RDI: 0000000000000004 [ 184.461678][ T7364] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 184.461695][ T7364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 184.461713][ T7364] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 184.461751][ T7364] [ 185.007554][ T7374] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 185.029009][ T7379] netlink: 28 bytes leftover after parsing attributes in process `syz.2.342'. [ 185.148717][ T7379] veth0_macvtap: left promiscuous mode [ 185.220951][ T30] audit: type=1800 audit(1770830827.080:15): pid=7384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.344" name="dbroot" dev="configfs" ino=17316 res=0 errno=0 [ 185.322909][ T7386] netlink: 202 bytes leftover after parsing attributes in process `syz.1.344'. [ 185.372953][ T7387] FAULT_INJECTION: forcing a failure. [ 185.372953][ T7387] name failslab, interval 1, probability 0, space 0, times 0 [ 185.410182][ T7387] CPU: 1 UID: 0 PID: 7387 Comm: syz.0.346 Not tainted syzkaller #0 PREEMPT(full) [ 185.410231][ T7387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 185.410251][ T7387] Call Trace: [ 185.410262][ T7387] [ 185.410274][ T7387] dump_stack_lvl+0x100/0x190 [ 185.410328][ T7387] should_fail_ex.cold+0x5/0xa [ 185.410365][ T7387] should_failslab+0xc2/0x120 [ 185.410405][ T7387] __kmalloc_cache_noprof+0x80/0x810 [ 185.410455][ T7387] ? __debugfs_file_get+0x1fc/0x860 [ 185.410504][ T7387] ? sc_common_open+0x46/0x200 [ 185.410556][ T7387] ? __pfx_stats_fop_open+0x10/0x10 [ 185.410601][ T7387] ? sc_common_open+0x46/0x200 [ 185.410644][ T7387] sc_common_open+0x46/0x200 [ 185.410693][ T7387] full_proxy_open_regular+0x1b6/0x370 [ 185.410731][ T7387] do_dentry_open+0x6d8/0x1660 [ 185.410765][ T7387] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 185.410810][ T7387] vfs_open+0x82/0x3f0 [ 185.410859][ T7387] path_openat+0x208c/0x31a0 [ 185.410908][ T7387] ? __pfx_path_openat+0x10/0x10 [ 185.410960][ T7387] do_file_open+0x20e/0x430 [ 185.411000][ T7387] ? __pfx_do_file_open+0x10/0x10 [ 185.411073][ T7387] ? alloc_fd+0x476/0x790 [ 185.411117][ T7387] ? do_getname+0x191/0x390 [ 185.411155][ T7387] do_sys_openat2+0x10d/0x1e0 [ 185.411194][ T7387] ? __pfx_do_sys_openat2+0x10/0x10 [ 185.411232][ T7387] ? __fget_files+0x21f/0x3d0 [ 185.411263][ T7387] __x64_sys_openat+0x12d/0x210 [ 185.411301][ T7387] ? __pfx___x64_sys_openat+0x10/0x10 [ 185.411336][ T7387] ? xfd_validate_state+0x129/0x190 [ 185.411379][ T7387] do_syscall_64+0x106/0xf80 [ 185.411402][ T7387] ? clear_bhb_loop+0x40/0x90 [ 185.411432][ T7387] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.411458][ T7387] RIP: 0033:0x7ff07639bf79 [ 185.411478][ T7387] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 185.411503][ T7387] RSP: 002b:00007ff0772b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 185.411527][ T7387] RAX: ffffffffffffffda RBX: 00007ff076615fa0 RCX: 00007ff07639bf79 [ 185.411544][ T7387] RDX: 0000000000008382 RSI: 0000200000000640 RDI: ffffffffffffff9c [ 185.411560][ T7387] RBP: 00007ff0764327e0 R08: 0000000000000000 R09: 0000000000000000 [ 185.411576][ T7387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.411591][ T7387] R13: 00007ff076616038 R14: 00007ff076615fa0 R15: 00007ffe9371db88 [ 185.411636][ T7387] [ 185.865890][ T7392] block2mtd: illegal erase size [ 186.203530][ T7395] NFSD: Failed to start, no listeners configured. [ 187.551814][ T7422] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.351: iget: checksum invalid [ 187.611921][ T7422] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 187.765862][ T7422] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.351: iget: checksum invalid [ 187.804746][ T7422] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 187.857806][ T7422] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.351: iget: checksum invalid [ 187.892473][ T7422] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 187.908325][ T7422] EXT4-fs error (device sda1): ext4_lookup:1785: inode #274: comm syz.3.351: iget: checksum invalid [ 187.946526][ T7422] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 187.972432][ T7422] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 187.982394][ T7422] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 189.045852][ T7432] Invalid ELF header magic: != ELF [ 189.570945][ T30] audit: type=1326 audit(1770830831.430:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7458 comm="syz.2.361" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f97f9bf79 code=0x0 [ 189.638764][ T7462] FAULT_INJECTION: forcing a failure. [ 189.638764][ T7462] name failslab, interval 1, probability 0, space 0, times 0 [ 189.657759][ T7462] CPU: 0 UID: 0 PID: 7462 Comm: syz.2.361 Not tainted syzkaller #0 PREEMPT(full) [ 189.657789][ T7462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 189.657803][ T7462] Call Trace: [ 189.657811][ T7462] [ 189.657819][ T7462] dump_stack_lvl+0x100/0x190 [ 189.657855][ T7462] should_fail_ex.cold+0x5/0xa [ 189.657884][ T7462] should_failslab+0xc2/0x120 [ 189.657913][ T7462] kmem_cache_alloc_noprof+0x83/0x780 [ 189.657937][ T7462] ? stack_trace_save+0x8e/0xc0 [ 189.657967][ T7462] ? alloc_empty_file+0x55/0x1c0 [ 189.658002][ T7462] ? alloc_empty_file+0x55/0x1c0 [ 189.658030][ T7462] alloc_empty_file+0x55/0x1c0 [ 189.658060][ T7462] path_openat+0xe8/0x31a0 [ 189.658084][ T7462] ? kasan_save_track+0x14/0x30 [ 189.658106][ T7462] ? __kasan_slab_alloc+0x89/0x90 [ 189.658129][ T7462] ? kmem_cache_alloc_noprof+0x2ad/0x780 [ 189.658171][ T7462] ? do_getname+0x35/0x390 [ 189.658200][ T7462] ? do_sys_openat2+0xc5/0x1e0 [ 189.658232][ T7462] ? __x64_sys_openat+0x12d/0x210 [ 189.658264][ T7462] ? do_syscall_64+0x106/0xf80 [ 189.658292][ T7462] ? __pfx_path_openat+0x10/0x10 [ 189.658330][ T7462] do_file_open+0x20e/0x430 [ 189.658393][ T7462] ? __pfx_do_file_open+0x10/0x10 [ 189.658450][ T7462] ? alloc_fd+0x476/0x790 [ 189.658478][ T7462] ? do_getname+0x191/0x390 [ 189.658512][ T7462] do_sys_openat2+0x10d/0x1e0 [ 189.658546][ T7462] ? __pfx_do_sys_openat2+0x10/0x10 [ 189.658581][ T7462] ? blkcg_maybe_throttle_current+0x5df/0xeb0 [ 189.658622][ T7462] __x64_sys_openat+0x12d/0x210 [ 189.658656][ T7462] ? __pfx___x64_sys_openat+0x10/0x10 [ 189.658690][ T7462] ? xfd_validate_state+0x129/0x190 [ 189.658728][ T7462] do_syscall_64+0x106/0xf80 [ 189.658749][ T7462] ? clear_bhb_loop+0x40/0x90 [ 189.658778][ T7462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.658802][ T7462] RIP: 0033:0x7f8f97f9bf79 [ 189.658820][ T7462] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 189.658844][ T7462] RSP: 002b:00007f8f98e0a028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 189.658867][ T7462] RAX: ffffffffffffffda RBX: 00007f8f98216090 RCX: 00007f8f97f9bf79 [ 189.658888][ T7462] RDX: 0000000000101002 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 189.658903][ T7462] RBP: 00007f8f980327e0 R08: 0000000000000000 R09: 0000000000000000 [ 189.658918][ T7462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 189.658933][ T7462] R13: 00007f8f98216128 R14: 00007f8f98216090 R15: 00007ffc72802138 [ 189.658963][ T7462] [ 190.868266][ T7486] FAULT_INJECTION: forcing a failure. [ 190.868266][ T7486] name failslab, interval 1, probability 0, space 0, times 0 [ 190.887808][ T7486] CPU: 0 UID: 0 PID: 7486 Comm: syz.2.366 Not tainted syzkaller #0 PREEMPT(full) [ 190.887864][ T7486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 190.887884][ T7486] Call Trace: [ 190.887896][ T7486] [ 190.887908][ T7486] dump_stack_lvl+0x100/0x190 [ 190.887963][ T7486] should_fail_ex.cold+0x5/0xa [ 190.888001][ T7486] should_failslab+0xc2/0x120 [ 190.888045][ T7486] kmem_cache_alloc_node_noprof+0x8c/0x880 [ 190.888087][ T7486] ? percpu_ref_put_many.constprop.0+0xc4/0x2a0 [ 190.888140][ T7486] ? zswap_store+0xc42/0x29d0 [ 190.888199][ T7486] ? zswap_store+0xc42/0x29d0 [ 190.888247][ T7486] zswap_store+0xc42/0x29d0 [ 190.888295][ T7486] ? rcu_is_cpu_rrupt_from_idle+0x211/0x270 [ 190.888363][ T7486] ? __pfx_zswap_store+0x10/0x10 [ 190.888414][ T7486] ? folio_free_swap+0x277/0x850 [ 190.888453][ T7486] ? folio_free_swap+0x277/0x850 [ 190.888498][ T7486] ? do_raw_spin_unlock+0x145/0x1e0 [ 190.888543][ T7486] ? _raw_spin_unlock+0x28/0x50 [ 190.888595][ T7486] ? folio_free_swap+0x39/0x850 [ 190.888636][ T7486] ? rcu_is_watching+0x12/0xc0 [ 190.888687][ T7486] swap_writeout+0x49d/0x12b0 [ 190.888744][ T7486] ? _raw_spin_unlock_irq+0x23/0x50 [ 190.888802][ T7486] shmem_writeout+0xe12/0x1520 [ 190.888857][ T7486] ? __pfx_shmem_writeout+0x10/0x10 [ 190.888911][ T7486] ? inode_to_bdi+0x9e/0x160 [ 190.888952][ T7486] ? folio_clear_dirty_for_io+0x178/0x820 [ 190.889006][ T7486] shrink_folio_list+0x3b72/0x6000 [ 190.889078][ T7486] ? __pfx_shrink_folio_list+0x10/0x10 [ 190.889134][ T7486] ? find_held_lock+0x2b/0x80 [ 190.889180][ T7486] ? unwind_next_frame+0x3be/0x1ea0 [ 190.889233][ T7486] ? unwind_next_frame+0x3be/0x1ea0 [ 190.889296][ T7486] ? exc_page_fault+0x6f/0xd0 [ 190.889353][ T7486] ? asm_exc_page_fault+0x26/0x30 [ 190.889387][ T7486] ? __kernel_text_address+0xd/0x30 [ 190.889447][ T7486] ? unwind_get_return_address+0x59/0xa0 [ 190.889524][ T7486] ? arch_stack_walk+0x88/0xf0 [ 190.889618][ T7486] ? __lock_acquire+0x4a5/0x2630 [ 190.889661][ T7486] reclaim_folio_list+0xdc/0x5a0 [ 190.889719][ T7486] ? __lock_acquire+0x4a5/0x2630 [ 190.889758][ T7486] ? __pfx_reclaim_folio_list+0x10/0x10 [ 190.889842][ T7486] ? lru_gen_update_size+0x431/0xe40 [ 190.889909][ T7486] ? lru_gen_del_folio+0x382/0x5f0 [ 190.889969][ T7486] reclaim_pages+0x428/0x5e0 [ 190.890008][ T7486] ? __pfx_reclaim_pages+0x10/0x10 [ 190.890040][ T7486] ? find_held_lock+0x2b/0x80 [ 190.890090][ T7486] ? madvise_cold_or_pageout_pte_range+0xb49/0x2710 [ 190.890151][ T7486] madvise_cold_or_pageout_pte_range+0x1635/0x2710 [ 190.890221][ T7486] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 190.890278][ T7486] ? __pfx_stack_trace_save+0x10/0x10 [ 190.890335][ T7486] ? css_rstat_updated+0x1ce/0x5a0 [ 190.890387][ T7486] ? look_up_lock_class+0x64/0x120 [ 190.890449][ T7486] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 190.890504][ T7486] walk_pgd_range+0xc04/0x1eb0 [ 190.890572][ T7486] ? __pfx_walk_pgd_range+0x10/0x10 [ 190.890627][ T7486] ? folios_put_refs+0x66d/0x840 [ 190.890671][ T7486] __walk_page_range+0x163/0x820 [ 190.890729][ T7486] walk_page_range_vma_unsafe+0x23f/0x960 [ 190.890776][ T7486] ? __pfx_walk_page_range_vma_unsafe+0x10/0x10 [ 190.890833][ T7486] ? find_held_lock+0x2b/0x80 [ 190.890881][ T7486] ? mlock_drain_local+0x254/0x4e0 [ 190.890915][ T7486] ? mlock_drain_local+0x254/0x4e0 [ 190.890975][ T7486] walk_page_range_vma+0x63/0x90 [ 190.891020][ T7486] madvise_pageout+0x259/0x540 [ 190.891068][ T7486] ? __pfx_madvise_pageout+0x10/0x10 [ 190.891116][ T7486] ? finish_task_switch.isra.0+0x200/0xb80 [ 190.891192][ T7486] ? mtree_range_walk+0x6ce/0xcd0 [ 190.891249][ T7486] madvise_vma_behavior+0x3d8/0x2a40 [ 190.891301][ T7486] ? mas_prev_setup.constprop.0+0xb6/0x9c0 [ 190.891364][ T7486] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 190.891416][ T7486] ? mas_prev+0x9b/0xf0 [ 190.891452][ T7486] ? __pfx_mas_prev+0x10/0x10 [ 190.891501][ T7486] ? find_vma_prev+0xd8/0x150 [ 190.891545][ T7486] ? futex_unqueue+0x133/0x2c0 [ 190.891604][ T7486] ? __pfx_find_vma_prev+0x10/0x10 [ 190.891664][ T7486] ? __futex_wait+0x256/0x300 [ 190.891715][ T7486] madvise_walk_vmas+0x2fe/0xa90 [ 190.891769][ T7486] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 190.891835][ T7486] madvise_do_behavior+0x1ea/0x510 [ 190.891885][ T7486] ? __pfx_madvise_do_behavior+0x10/0x10 [ 190.891933][ T7486] ? down_read+0x13b/0x460 [ 190.891990][ T7486] do_madvise+0x195/0x240 [ 190.892034][ T7486] ? __pfx_do_madvise+0x10/0x10 [ 190.892078][ T7486] ? do_futex+0x192/0x350 [ 190.892129][ T7486] ? find_held_lock+0x2b/0x80 [ 190.892189][ T7486] ? xfd_validate_state+0x129/0x190 [ 190.892227][ T7486] ? pipe_ioctl+0x226/0x2c0 [ 190.892265][ T7486] __x64_sys_madvise+0xa9/0x110 [ 190.892310][ T7486] ? lockdep_hardirqs_on+0x78/0x100 [ 190.892362][ T7486] do_syscall_64+0x106/0xf80 [ 190.892390][ T7486] ? clear_bhb_loop+0x40/0x90 [ 190.892429][ T7486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.892461][ T7486] RIP: 0033:0x7f8f97f9bf79 [ 190.892486][ T7486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.892516][ T7486] RSP: 002b:00007f8f98e2b028 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 190.892547][ T7486] RAX: ffffffffffffffda RBX: 00007f8f98215fa0 RCX: 00007f8f97f9bf79 [ 190.892568][ T7486] RDX: 0000000000000015 RSI: 00000000002003f0 RDI: 0000000000000000 [ 190.892587][ T7486] RBP: 00007f8f980327e0 R08: 0000000000000000 R09: 0000000000000000 [ 190.892605][ T7486] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.892623][ T7486] R13: 00007f8f98216038 R14: 00007f8f98215fa0 R15: 00007ffc72802138 [ 190.892664][ T7486] [ 191.995831][ T7500] net_ratelimit: 19 callbacks suppressed [ 191.995850][ T7500] netlink: zone id is out of range [ 192.012639][ T7500] netlink: zone id is out of range [ 192.045665][ T7500] netlink: zone id is out of range [ 192.075547][ T7500] netlink: zone id is out of range [ 192.108256][ T7500] netlink: zone id is out of range [ 192.113670][ T7500] netlink: zone id is out of range [ 192.143736][ T7500] netlink: zone id is out of range [ 192.173072][ T7500] netlink: zone id is out of range [ 192.189246][ T7500] netlink: zone id is out of range [ 192.194436][ T7500] netlink: zone id is out of range [ 192.204964][ T7502] Invalid ELF header magic: != ELF [ 192.353143][ T7504] netlink: 28 bytes leftover after parsing attributes in process `syz.0.372'. [ 192.440831][ T7509] ksmbd: Unknown IPC event: 14, ignore. [ 192.463294][ T7506] synth uevent: /bus/mei: unknown uevent action string [ 192.473607][ T7506] netlink: 20 bytes leftover after parsing attributes in process `syz.3.373'. [ 193.264525][ T7529] FAULT_INJECTION: forcing a failure. [ 193.264525][ T7529] name fail_futex, interval 1, probability 0, space 0, times 0 [ 193.277558][ T7529] CPU: 0 UID: 0 PID: 7529 Comm: syz.2.380 Not tainted syzkaller #0 PREEMPT(full) [ 193.277588][ T7529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 193.277639][ T7529] Call Trace: [ 193.277649][ T7529] [ 193.277661][ T7529] dump_stack_lvl+0x100/0x190 [ 193.277713][ T7529] should_fail_ex.cold+0x5/0xa [ 193.277735][ T7529] ? kasan_save_stack+0x30/0x50 [ 193.277762][ T7529] get_futex_key+0x1d2/0x1620 [ 193.277803][ T7529] ? __pfx_get_futex_key+0x10/0x10 [ 193.277850][ T7529] futex_wait_setup+0x81/0x500 [ 193.277887][ T7529] __futex_wait+0x19f/0x300 [ 193.277918][ T7529] ? __pfx___futex_wait+0x10/0x10 [ 193.277951][ T7529] ? __pfx_futex_wake_mark+0x10/0x10 [ 193.277983][ T7529] ? futex_hash+0x2c5/0x380 [ 193.278028][ T7529] futex_wait+0xed/0x380 [ 193.278056][ T7529] ? __pfx_futex_wait+0x10/0x10 [ 193.278093][ T7529] ? do_vfs_ioctl+0x226/0x13e0 [ 193.278134][ T7529] do_futex+0x1ef/0x350 [ 193.278156][ T7529] ? __pfx_do_futex+0x10/0x10 [ 193.278181][ T7529] ? find_held_lock+0x2b/0x80 [ 193.278217][ T7529] __x64_sys_futex+0x34f/0x4d0 [ 193.278242][ T7529] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 193.278275][ T7529] ? __pfx___x64_sys_futex+0x10/0x10 [ 193.278298][ T7529] ? pipe_ioctl+0x226/0x2c0 [ 193.278322][ T7529] ? fput+0x79/0x100 [ 193.278355][ T7529] do_syscall_64+0x106/0xf80 [ 193.278377][ T7529] ? clear_bhb_loop+0x40/0x90 [ 193.278405][ T7529] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.278429][ T7529] RIP: 0033:0x7f8f97f9bf79 [ 193.278448][ T7529] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 193.278472][ T7529] RSP: 002b:00007f8f98e0a0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 193.278495][ T7529] RAX: ffffffffffffffda RBX: 00007f8f98216098 RCX: 00007f8f97f9bf79 [ 193.278510][ T7529] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8f98216098 [ 193.278525][ T7529] RBP: 00007f8f98216090 R08: 0000000000000000 R09: 0000000000000000 [ 193.278540][ T7529] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 193.278554][ T7529] R13: 00007f8f98216128 R14: 00007ffc72802050 R15: 00007ffc72802138 [ 193.278584][ T7529] [ 195.192861][ T7556] FAULT_INJECTION: forcing a failure. [ 195.192861][ T7556] name fail_futex, interval 1, probability 0, space 0, times 0 [ 195.247691][ T7556] CPU: 1 UID: 0 PID: 7556 Comm: syz.2.385 Not tainted syzkaller #0 PREEMPT(full) [ 195.247729][ T7556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 195.247746][ T7556] Call Trace: [ 195.247755][ T7556] [ 195.247775][ T7556] dump_stack_lvl+0x100/0x190 [ 195.247821][ T7556] should_fail_ex.cold+0x5/0xa [ 195.247853][ T7556] get_futex_key+0x295/0x1620 [ 195.247902][ T7556] ? __pfx_get_futex_key+0x10/0x10 [ 195.247944][ T7556] ? lock_acquire+0x17c/0x330 [ 195.247985][ T7556] futex_wake+0xea/0x530 [ 195.248023][ T7556] ? __pfx_futex_wake+0x10/0x10 [ 195.248058][ T7556] ? exit_mm_release+0x19/0x30 [ 195.248098][ T7556] do_futex+0x32b/0x350 [ 195.248127][ T7556] ? __pfx_do_futex+0x10/0x10 [ 195.248152][ T7556] ? __might_fault+0xc5/0x140 [ 195.248189][ T7556] mm_release+0x24a/0x2f0 [ 195.248242][ T7556] do_exit+0x675/0x2a30 [ 195.248280][ T7556] ? __pfx_do_exit+0x10/0x10 [ 195.248312][ T7556] ? do_raw_spin_lock+0x128/0x260 [ 195.248346][ T7556] ? find_held_lock+0x2b/0x80 [ 195.248383][ T7556] ? get_signal+0x7e0/0x21e0 [ 195.248430][ T7556] do_group_exit+0xd5/0x2a0 [ 195.248467][ T7556] get_signal+0x1ec7/0x21e0 [ 195.248518][ T7556] ? madvise_unlock+0xa9/0x220 [ 195.248558][ T7556] ? __pfx_get_signal+0x10/0x10 [ 195.248602][ T7556] ? do_futex+0x192/0x350 [ 195.248653][ T7556] arch_do_signal_or_restart+0x91/0x770 [ 195.248686][ T7556] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 195.248727][ T7556] ? __pfx___x64_sys_futex+0x10/0x10 [ 195.248755][ T7556] ? xfd_validate_state+0x129/0x190 [ 195.248798][ T7556] exit_to_user_mode_loop+0x86/0x4a0 [ 195.248827][ T7556] ? rcu_is_watching+0x12/0xc0 [ 195.248867][ T7556] do_syscall_64+0x668/0xf80 [ 195.248894][ T7556] ? clear_bhb_loop+0x40/0x90 [ 195.248948][ T7556] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 195.248980][ T7556] RIP: 0033:0x7f8f97f9bf79 [ 195.249003][ T7556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 195.249034][ T7556] RSP: 002b:00007f8f98e2b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 195.249082][ T7556] RAX: fffffffffffffe00 RBX: 00007f8f98215fa8 RCX: 00007f8f97f9bf79 [ 195.249119][ T7556] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f8f98215fa8 [ 195.249139][ T7556] RBP: 00007f8f98215fa0 R08: 0000000000000000 R09: 0000000000000000 [ 195.249158][ T7556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 195.249176][ T7556] R13: 00007f8f98216038 R14: 00007ffc72802050 R15: 00007ffc72802138 [ 195.249225][ T7556] [ 195.722715][ T7558] BUG: Bad rss-counter state mm:ffff88802f80d5c0 type:MM_FILEPAGES val:704 Comm:syz.1.387 Pid:7558 SYZFAIL: failed to send rpc fd=3 want=56 sent=0 n=-1 (errno 32: Broken pipe) [ 196.828837][ T5824] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 196.860438][ T5824] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 196.980431][ T5942] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.091230][ T5942] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.106136][ T7559] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.133461][ T7559] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.205697][ T5942] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.270565][ T7568] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.309247][ T5942] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 197.336712][ T7568] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.372553][ T7510] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.399885][ T7510] EXT4-fs error (device sda1) in ext4_free_inode:361: Corrupt filesystem [ 197.524309][ T7510] page: refcount:3 mapcount:1 mapping:ffff8880761f34d8 index:0xcd0 pfn:0x4f53e [ 197.534080][ T7510] memcg:ffff8880285e0d40 [ 197.538385][ T7510] aops:ext4_da_aops ino:7e5 [ 197.542954][ T7510] flags: 0xfff7800000022d(locked|referenced|uptodate|lru|workingset|node=0|zone=1|lastcpupid=0x7ff) [ 197.553789][ T7510] raw: 00fff7800000022d ffffea00013d4f48 ffffea00013d4fc8 ffff8880761f34d8 [ 197.562457][ T7510] raw: 0000000000000cd0 0000000000000000 0000000300000000 ffff8880285e0d40 [ 197.571096][ T7510] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio)) [ 197.578413][ T7510] page_owner tracks the page as allocated [ 197.584986][ T7510] page last allocated via order 0, migratetype Movable, gfp_mask 0x152c4a(GFP_NOFS|__GFP_HIGHMEM|__GFP_MOVABLE|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 6097, tgid 6097 (syz.2.41), ts 114829680895, free_ts 35359448216 [ 197.607533][ T7510] post_alloc_hook+0x1e1/0x250 [ 197.612353][ T7510] get_page_from_freelist+0x111d/0x3140 [ 197.617954][ T7510] __alloc_frozen_pages_noprof+0x26c/0x2410 [ 197.623878][ T7510] alloc_pages_mpol+0x1fb/0x550 [ 197.628758][ T7510] folio_alloc_noprof+0x22/0x330 [ 197.633735][ T7510] filemap_alloc_folio_noprof.part.0+0x377/0x450 [ 197.640127][ T7510] filemap_alloc_folio_noprof+0x5e/0x80 [ 197.645720][ T7510] ractl_alloc_folio+0x1d/0x100 [ 197.650593][ T7510] page_cache_ra_unbounded+0x31a/0x940 [ 197.656077][ T7510] page_cache_ra_order+0xcdc/0xfe0 [ 197.661213][ T7510] page_cache_async_ra+0x7bb/0xce0 [ 197.666363][ T7510] filemap_fault+0xfa6/0x37c0 [ 197.671081][ T7510] __do_fault+0x10d/0x550 [ 197.675447][ T7510] do_fault+0xaf9/0x1990 [ 197.679734][ T7510] __handle_mm_fault+0x1807/0x2b50 [ 197.684892][ T7510] handle_mm_fault+0x36d/0xa20 [ 197.689705][ T7510] page last free pid 1 tgid 1 stack trace: [ 197.695543][ T7510] __free_frozen_pages+0x822/0x1130 [ 197.700793][ T7510] free_contig_range+0x1a3/0x520 [ 197.705791][ T7510] destroy_args+0xa8/0x7a0 [ 197.710233][ T7510] debug_vm_pgtable+0x1b66/0x34b0 [ 197.715287][ T7510] do_one_initcall+0x11d/0x690 [ 197.720080][ T7510] kernel_init_freeable+0x6e5/0x790 [ 197.725324][ T7510] kernel_init+0x1f/0x1e0 [ 197.729694][ T7510] ret_from_fork+0x754/0xd80 [ 197.734322][ T7510] ret_from_fork_asm+0x1a/0x30 [ 197.739328][ T7510] ------------[ cut here ]------------ [ 197.744800][ T7510] kernel BUG at mm/filemap.c:155! [ 197.749864][ T7510] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI [ 197.756143][ T7510] CPU: 0 UID: 0 PID: 7510 Comm: syz.0.372 Not tainted syzkaller #0 PREEMPT(full) [ 197.765384][ T7510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 [ 197.775465][ T7510] RIP: 0010:filemap_unaccount_folio+0x728/0xb30 [ 197.781748][ T7510] Code: 00 48 8b b5 a0 01 00 00 48 89 df e8 b2 7d 03 00 e9 3c fd ff ff e8 98 3e c7 ff 48 c7 c6 40 22 9d 8b 48 89 df e8 89 9a 12 00 90 <0f> 0b e8 81 3e c7 ff 48 c7 c6 e0 1c 9d 8b 48 89 df e8 72 9a 12 00 [ 197.801415][ T7510] RSP: 0018:ffffc90003dbf2f8 EFLAGS: 00010093 [ 197.807502][ T7510] RAX: 0000000000000000 RBX: ffffea00013d4f80 RCX: ffffc90003dbf1dc [ 197.815504][ T7510] RDX: ffff888026250000 RSI: ffffffff82520068 RDI: ffff888026250484 [ 197.823497][ T7510] RBP: ffffea00013d4fb0 R08: 0000000000000001 R09: 0000000000000000 [ 197.831491][ T7510] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880761f34d8 [ 197.839492][ T7510] R13: ffffea00013d4f88 R14: 0000000000000001 R15: ffffc90003dbf6f0 [ 197.847487][ T7510] FS: 0000000000000000(0000) GS:ffff8881245bd000(0000) knlGS:0000000000000000 [ 197.856443][ T7510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.863066][ T7510] CR2: 00007ffd5ec43dc8 CR3: 000000007d45e000 CR4: 00000000003526f0 [ 197.871070][ T7510] Call Trace: [ 197.874373][ T7510] [ 197.877329][ T7510] delete_from_page_cache_batch+0x1db/0xc60 [ 197.883255][ T7510] ? unmap_mapping_folio+0x250/0x450 [ 197.888615][ T7510] ? __pfx_delete_from_page_cache_batch+0x10/0x10 [ 197.895088][ T7510] ? __pfx_unmap_mapping_folio+0x10/0x10 [ 197.900773][ T7510] ? folio_mapping+0x11a/0x250 [ 197.905574][ T7510] truncate_inode_pages_range+0x276/0x1050 [ 197.911426][ T7510] ? __pfx_truncate_inode_pages_range+0x10/0x10 [ 197.917737][ T7510] ? truncate_inode_pages_final+0x62/0x90 [ 197.923490][ T7510] ? truncate_inode_pages_final+0x62/0x90 [ 197.929239][ T7510] ? rcu_is_watching+0x12/0xc0 [ 197.934048][ T7510] ? _raw_spin_unlock_irq+0x23/0x50 [ 197.939282][ T7510] ? lockdep_hardirqs_on+0x78/0x100 [ 197.944534][ T7510] ext4_evict_inode+0x3c1/0x1760 [ 197.949510][ T7510] ? __pfx_inode_wait_for_writeback+0x10/0x10 [ 197.955630][ T7510] ? __pfx_ext4_evict_inode+0x10/0x10 [ 197.961047][ T7510] ? evict+0x37e/0xad0 [ 197.965148][ T7510] ? evict+0x37e/0xad0 [ 197.969285][ T7510] ? __pfx_ext4_evict_inode+0x10/0x10 [ 197.974700][ T7510] evict+0x3c2/0xad0 [ 197.978646][ T7510] ? find_held_lock+0x2b/0x80 [ 197.983363][ T7510] ? __pfx_evict+0x10/0x10 [ 197.987818][ T7510] ? iput.part.0+0x5fd/0xf50 [ 197.992455][ T7510] iput.part.0+0x605/0xf50 [ 197.996926][ T7510] ? __pfx_ext4_drop_inode+0x10/0x10 [ 198.002246][ T7510] iput+0x35/0x40 [ 198.005919][ T7510] dentry_unlink_inode+0x2a1/0x490 [ 198.011063][ T7510] __dentry_kill+0x1d0/0x600 [ 198.015687][ T7510] finish_dput+0x76/0x480 [ 198.020091][ T7510] dput.part.0+0x456/0x570 [ 198.024630][ T7510] dput+0x1f/0x30 [ 198.028297][ T7510] __fput+0x519/0xb40 [ 198.032318][ T7510] task_work_run+0x150/0x240 [ 198.036932][ T7510] ? __pfx_task_work_run+0x10/0x10 [ 198.042075][ T7510] do_exit+0x829/0x2a30 [ 198.046278][ T7510] ? __pfx_do_exit+0x10/0x10 [ 198.050893][ T7510] ? __pfx_proc_coredump_connector+0x10/0x10 [ 198.056907][ T7510] do_group_exit+0xd5/0x2a0 [ 198.061443][ T7510] get_signal+0x1ec7/0x21e0 [ 198.065984][ T7510] ? __pfx_get_signal+0x10/0x10 [ 198.070890][ T7510] arch_do_signal_or_restart+0x91/0x770 [ 198.076477][ T7510] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 198.082663][ T7510] ? do_user_addr_fault+0x8d6/0x12f0 [ 198.088083][ T7510] irqentry_exit+0x1f8/0x670 [ 198.092709][ T7510] asm_exc_page_fault+0x26/0x30 [ 198.097595][ T7510] RIP: 0033:0x401000 [ 198.101544][ T7510] Code: Unable to access opcode bytes at 0x400fd6. [ 198.108061][ T7510] RSP: 002b:000000000000000a EFLAGS: 00010202 [ 198.114154][ T7510] RAX: 0000000000000000 RBX: 00007ff076616090 RCX: 00007ff07639bf79 [ 198.122155][ T7510] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000020003b46 [ 198.130153][ T7510] RBP: 00007ff0764327e0 R08: 0000000000000002 R09: 0000000000000000 [ 198.138151][ T7510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.146142][ T7510] R13: 00007ff076616128 R14: 00007ff076616090 R15: 00007ffe9371db88 [ 198.154145][ T7510] [ 198.157203][ T7510] Modules linked in: [ 198.161157][ T7510] ---[ end trace 0000000000000000 ]--- [ 198.166638][ T7510] RIP: 0010:filemap_unaccount_folio+0x728/0xb30 [ 198.173022][ T7510] Code: 00 48 8b b5 a0 01 00 00 48 89 df e8 b2 7d 03 00 e9 3c fd ff ff e8 98 3e c7 ff 48 c7 c6 40 22 9d 8b 48 89 df e8 89 9a 12 00 90 <0f> 0b e8 81 3e c7 ff 48 c7 c6 e0 1c 9d 8b 48 89 df e8 72 9a 12 00 [ 198.192666][ T7510] RSP: 0018:ffffc90003dbf2f8 EFLAGS: 00010093 [ 198.198768][ T7510] RAX: 0000000000000000 RBX: ffffea00013d4f80 RCX: ffffc90003dbf1dc [ 198.206767][ T7510] RDX: ffff888026250000 RSI: ffffffff82520068 RDI: ffff888026250484 [ 198.214768][ T7510] RBP: ffffea00013d4fb0 R08: 0000000000000001 R09: 0000000000000000 [ 198.222771][ T7510] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8880761f34d8 [ 198.230768][ T7510] R13: ffffea00013d4f88 R14: 0000000000000001 R15: ffffc90003dbf6f0 [ 198.238763][ T7510] FS: 0000000000000000(0000) GS:ffff8881245bd000(0000) knlGS:0000000000000000 [ 198.247750][ T7510] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 198.254356][ T7510] CR2: 00007ffd5ec43dc8 CR3: 000000007d45e000 CR4: 00000000003526f0 [ 198.262376][ T7510] Kernel panic - not syncing: Fatal exception [ 198.269070][ T7510] Kernel Offset: disabled [ 198.273408][ T7510] Rebooting in 86400 seconds..