last executing test programs: 5.486407702s ago: executing program 3 (id=2291): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x2, 0x1, 0x0) r2 = syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$auto_KSMBD_EVENT_LOGOUT_REQUEST(r1, &(0x7f0000000380)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)={0x14, r2, 0x100, 0x70bd27, 0x25dfdbfe, {}, ["", ""]}, 0x14}}, 0x0) sendmsg$auto_KSMBD_EVENT_RPC_RESPONSE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r2, 0x800, 0x70bd29, 0x25dfdbfb, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x20000851) sendmsg$auto_KSMBD_EVENT_LOGIN_REQUEST_EXT(r0, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x14, r2, 0x200, 0x70bd2c, 0x25dfdbff, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x1) msgget$auto(0xc, 0x6e) 5.295805658s ago: executing program 2 (id=2292): openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x41, 0x0) mmap$auto(0x0, 0x400008, 0xfffffffffffffff9, 0x9b70, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/snd/pcmC1D1c\x00', 0x0, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(r0, 0xc1004111, 0x0) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, &(0x7f00000001c0)='/dev/virtual_nci\x00', 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) mmap$auto(0x0, 0xfffffffffffffffb, 0xb, 0x16, 0x2, 0x7fff) close_range$auto(r1, 0xffffffffffffffff, 0xff) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/audio1\x00', 0x80502, 0x0) r2 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC1\x00', 0x20400, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(r2, 0xc4c85512, &(0x7f00000012c0)={{@raw=0x3, 0x1, 0x6d2e99e8, 0x6, "0582a820061b5c51a65a6dd72b0b15addbdf55cb4b0f2381f2673e3a1ebe21e1bf1b26f0db7b62b67bd764f9"}, 0x0, @integer64=@value_ptr=0x0, "72ad000cac2d45bdaacfc82245992af763188bf00ab57d5d73b094925a872857fd2f672f85343275f80200000000000000ab45f7259ed959a79a789527276d90375018fc08050559d8936b8d72087a5689d4338da78b8b8bdcea8188ca43202fb78dacb3fea1258074885c899d75cd52751f9be959d90fa5c200"}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptyt3\x00', 0x20181, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) memfd_create$auto(0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) finit_module$auto(0x3, 0xfffffffffffffffe, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) r3 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @broadcast}, 0x68) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/smt/control\x00', 0x2ab42, 0x0) write$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f0000000040)='1\x00', 0x2) 5.149320326s ago: executing program 3 (id=2294): rseq$auto(&(0x7f0000000340)={0xe, 0x401, 0x20, 0x806, 0x9, 0x2}, 0x8000, 0x0, 0x8000006) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40802, 0x0) lsm_set_self_attr$auto(0x1, &(0x7f0000000100)={0x9, 0x8, 0x80}, 0x80, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/ram9/queue/write_zeroes_max_bytes\x00', 0x20400, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000000c0)=""/255, 0xff) seccomp$auto_SECCOMP_SET_MODE_FILTER(0x1, 0x3, &(0x7f0000002c80)) 4.854418755s ago: executing program 2 (id=2297): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0xfff, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r2}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r0}, @NETDEV_A_DMABUF_QUEUES={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020005, 0x2, 0x110, r0, 0x7fff) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x9, 0x2, 0x2, 0x8001, 0xb2, 0x9, 0x922, 0x7, 0x9, 0x5, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8000000000000]}, 0x1fe, 0x17f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r5 = socket(0x2b, 0x1, 0x1) ioctl$auto(r5, 0x8901, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r6 = socket(0xa, 0x1, 0x84) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) capset$auto(0x0, 0x0) 4.815221677s ago: executing program 1 (id=2298): r0 = openat$auto_tracing_mark_raw_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/trace_marker_raw\x00', 0x20001, 0x0) bpf$auto_BPF_TOKEN_CREATE(0x24, &(0x7f0000000080)=@batch={0x7, 0x10000, 0x8, 0x100000001, 0x0, r0, 0x9, 0x4}, 0x9) r1 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000340), 0x400, 0x0) lsm_list_modules$auto(0x0, 0x0, 0x7) ioctl$auto_TUNSETOFFLOAD(r1, 0x400454d0, &(0x7f0000000000)=0x10000) 4.316527834s ago: executing program 2 (id=2299): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_macsec(0x0, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = socket(0xa, 0x2, 0x3a) r2 = syz_clone(0x20a08200, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x600002, 0x0) ptrace$auto(0x10, r2, 0x4, 0x8000040006) ptrace$auto(0xf, r2, 0xfffffffffffffffe, 0x8000000000000000) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x101000, 0x0) read$auto(r3, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) setsockopt$auto(r1, 0x29, 0x39, 0x0, 0x110) r4 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcsa\x00', 0x0, 0x0) pread64$auto(r4, &(0x7f0000000040)='\x00', 0xc721, 0x1) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r5 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000004400)='/dev/dsp1\x00', 0x1, 0x0) ioctl$auto_SNDCTL_DSP_GETTRIGGER(r5, 0x80045010, &(0x7f0000000280)="00f7ffffffffffffffd911d67fe69a566500211000") openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/net/afs/rootcell\x00', 0x1cb842, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="44110000", @ANYRES16=0x0, @ANYBLOB="000225bd7000fddbdf2503000000271107804a81ee9b24c7cb8a95fdc61ea446945174a6d90513a99f2f91dba2bfb28eb87f1d47edf4e4c7bb7bfaf8a4f7076f1cc9d0aaef367035a16cfee03f758fd007b2529544dc2884ff20eab7c4b5cce49940c5ac63eb945c31dfaae81df5e61b18991b1dd645195b041f559134d5af57d390195fe64939eb2ca5b43890fdcba41f795dff342ca683afba887f09e021ad6a6ce0c3a376e1426bb205df9c0ee40c86e307a4a142f2148fe73926cd433de8053b668c678e0d256f74704386b05541201c0f5cee6d0ec0b2d960bd0dede473410f10a45c5ce37b9dc4729d17d0f1eeb025e13b91cc74ba646b123f39c90eb6ea39d99176186fb1440ea0383b9a2f42218569d8a44cc28e64d002c06ed4055ceb818140a783ecdabcdfb04d1baf55f89b3c305bd620c139939a4223bcbd61d40e5aa27858d161eaac3d5bad5be44aee4b64c9d95a49a53b2d444447e206b7825f88b73e9f3b6ae42c779a47879a3fa392dcb7a6788e0244696fc50172f16dc52f27f675ef4c0e075fd26641d8f1c477a71ee8a407f4640a11fc13ef40013b2889f204467c7f97eb42870fc67be48758df56131970bcbcbb483a93b016e7b48c1cb7b0b63742e4ff06db524fdd72c3aac18eaafeebce05297ad5856c61cfaba319abd143cf7164b444a8c4ee398490fe1966b2e989bab693d382ee52456e9db15f54ec2b71bda08d53c669e9b92afcae2d21b1798d27a05c42e799345b52d65d8b325d9c1a014743b21b99cb6b5be8d47542690f48f3fab2998ee0240f5970e9f3f63b4e540ee9c881841107399c6130bc40b58b6e966874d5f5f826a2e1aa4b64efcb3e9c866a79af8189d92d3a297abbaa0aa6dac402366fc27561662ce0d3f5068390ac8b38a273fb4b67c1258025444c6fe36ad313ca825acb0a39e060e14077c9d8db7729067710dc5364cfd143dbdc884822a503970b2c3fd37c47c82198a40377050519ed9bf222b1a5fc02cc2538d587fb509ee81f5c6d86258cca973bdbed914824ba31ce2e0d156a2d73cb1d76aa057076f5136fcd27cece5a31fb6bfa2a565f6bfd2145d9618a612a7a249467f98d6e64d230748ded362cf71302ea94ae18079b4d0fd1b22b1fe5b193f67a9a8f4b0a29c1fa1c12d8a7b850cf2ae385e6c66c2b6e98760b2bf8f50147200ed531cd1ac8c84d3493c44bd148524c6995d22ba3de48ac83752d34c0d223cbd0cdc76f8a5e15ce49b241f8ae329715fc3cebb129c69fbf15200f9110bb247c0f256159b16ec5cc3db51e072522f98e80e7c5c8b4cbbec008dd0726ef83ceac450950232281b3574abb57be591c5231cc921b27848d8a300fa574c66ebceb5bfd4f4b7b050749835c60f495a212c132f41baec4d30a57fdbb859d4577e90371b52480f585ac2fcb2de11d4d16a556fdbd21bd27840761379b7f93a2b255b211517e149a121b27455bd889777115b697db451d30d05364d80cc6ddcaa9f0a2d59095929ae70dc4c7e4571f8dee9155aca24bdd5ebd6fde06a2e100112c494fe991966e6f8123bf421a655e716692b2a775fa01a38abb561c139d7d7e76cdf77f6e1b0e5f52443b8a931caa89869730affd2d6ae270d2a2c7e9e37dac5396060c57664c33a42479384ef6441eea80a418734b74b5689a3646504fbc58a38752b6cf3572335e1c4093b50004aa0899ce329b1047edaa8cfa63d8d49585f982960ddbd638f5eb87c3f9f28406daf34f8fe06180e0f7073eaabc7ea7c8b5ba2238067e63ff1898e7d4d958878fd726d8ca43e97efc5b6cafb3a6db0935811de7e831da466adfcd889e6d64da5310ea7b764bb555f5199f2c09c2377e892f7474e1dbcfb0cc19806e3c8334794d02577387deb07d26dabfa13e93f5f16c89ba625c72234d514ed5b3834ed3caafce6c5e44bae3bbeccddb7e45041c7befbf9ce0b6470e6e876f085cebcaaa01d4aa758ad0e1141c3416fba0530d3cbf3c8f3a1a8daa498d79750b32cdbfd9c28b36fc23c1ea923d2db95f13bcf04479ee391f31a1b3eda4188f7e31e76ada149a8ea0f6d3bc4ca1601611a7c8c409e235c57c2c649f00637fd24cbf5a44151acc43b79097924ac78862bc8a46d9190115179617cb9f06c3da9165cc0ae7719cafeed7b4b1b8ed442bb4e356a7dcb760ae7f5af4840f4d39a21fdd2007fd6232c88e9e6f19b4c4f56dee6d57b8ad12d8a1c1ccd5d6749b01d1fb21e9af65232c142c4236a6d5f77d74a024d86cf709d2bec4eb5ae53d023073ac87ee6c6c74123f822f10601a94e074d65536ea1ecd676d61231f6f9639f856ffe902c3a1dda5f361d45277928c2c9f58c36c35f79188cb7e9b185f6077a6b61b23bf6737645c4c2b2090c730f527ec36e4ea3870a0d9d4b77f4b0c528001adaedc1f56d755a2eb55ccd2d917adee48a34ad44efb085893115b987641d75b01b35a4d315ce0b36cbc5cacdb62cc6b45f0a5ee86442893c620dabe9ceff996fb2d8635c294cf5e1f00983b303eeb7a78422c9c135b362ef553752a6a81ee60778ad024ea5cddbc0ab6182927201f95264dabd884e0d2f7b7c111347df58bfceb59753150aa3219b294115cb638f47bf9d839cba52d0dece1ce4f7a3d2539f6960c87f8b1c47f99a9e49cb59ecebcff8ce05b3b954776aa945c6a17423a60fec0425ef4a44ff9217757dd9a6a25eb2e12f62bf2c5fb2067d568d6b62e474259451fc6fff06970df8a22f122f610de9e8176bd62525d29d0e6078e7d03ea7d4775c1ea67380b3a50a84115c306f00e6ccf892c22237253456187358319e785355e50ff369ff9fcdd02089b2c7a8a5e0c71fc54ad5a6e1c1d43a6d6ea5624f046e0512272ae6007b3c9c3439ca82f2d26505a414326070ebe983f3139ee1de30409f7741407ee70d1bc964949e7b6224f76893199e8f33f128187e27dc927849f67720d061c9afa9e3b6f51a9c7c7bc145ea7e4bb0a6aac483048acdcfcbcfbcf0d5fa543b217cabddab98301332b6965aa7a632fd569252d1804d921c5eb085f1e69006338f77a3e3832cc83cc0630ceed2d9917a2b7289ae3442db30e0526bc2a33dfda58e8273493179f7c8c25c5b7fa69f732f7f93c2fa3767dd760f840514a096429cfc77068531518ef9897cbf21dcbf8d5860673a7b1cb60845a3fe9646bb88bf0c3011847a736daad15a613258d21bd342d3181c85b9d20fb8cf131152795bbbce5beca694964379e1a4c4cdc7dc53b5be24f3adb6b490f50ee2830dad42c79971a7ba9f91465110a519b0c2ca754cbc20f0f4603e2182ebf8bbe122403d0d663f6c9a6abcede33bddf9693c9900c61944b452dc0bf162dee98c05eb742e5dda750dac8cc48c884dc1be736731239fbb89ee946c01050e3ee82228be1ef7b9e4d8cb3252fe4312e0042e4812facca4185430bef32004a67497858031b27625feac1d5d0db2ef4a1e3eb03811f9563fe840866d40903e292dca2c51c5bc48262a9f77693e514402c1ca61cf8cd31a644f971467105c5bd2d5a29f8958b347cbf9c247f27eaff8e66cba9466efb5a97ab50ece368edaf7dec08f457ff59445321ae9e9e100beb4dc0170b6b8fb28be4f80e190f8eb070d8e13a899794c19e672d74671c9fe21c800d1641fd95ff63014f9d0a6dc10b8149e82af2d6d06b7da78a6abc0ced490b7e44a849eaca8320577e31d113e7ea52a5c88ae2cfdc731bb27f10f452f8f78402b2d61dc5e6ae12842803ae5e99610b7a0272faffec406a864d02a60eba0256599acaa5a571026b21158740cbc5a7b6c7aef728c684e8a2b9d05e1f3da92aa251f32e11356d61c20b1e69546e1d0123dbd19da0e6d28e7e3aa7b19cd323afc286e4c6070b2ac7d527b138131ca4abeaed61f108ae7b163632097df0ec85aa389141fa615ac682b9cd9362534c1a0a2f2d4275d0d002982e397104391418fb054ff9782eb90efac33c8618a8dbcdb3826825210f4bbcdabcf00ec7d58a77e2c689c779d15489b18c963cb37adac450ae7d0567552a6101b8eff2129e22b568415bf7fdd106fb5e8c3bdcb89b3dd548e62c79d1997a00f219db1364ef9c7c304e8a43e3d72eac5938570e615f2e2d64409453a0ff4ea0bbdb8c1c427f5757adc61d85530d062c949536495d12ec119d1b84182589b7c974d342840c51e7779485ea858e8dbb9014f5044d1ba34cfe6840cf408bef6fecb046a0b26e441d3a66caa7b7ed85d75ae4c87af3469ae2933300a67466e893ed1a4274753deb394c88dc18eea4d689de28e078b74c88e01e85f49fdbba526475eee518b85537242749ffd0102e7852ef98fc2dbe7a6b0e1d1bde972b9b3e4a15d37c26e67e8f3bc0e2f3ae84cb3d0819ee8100e97f0e478f3da0f3e3f17267e0be2d4c336032a2c5c3df1448afadc426bc986440def6070f65e52e63ec55d05f40b1adea7b56ab49c096a743853c292d8cd711e92d737e4dec0830c4cc7a6bf04ac065cb757efe104ae44daa949e944d04bc2a2926b04062d8f7af48772ade72a93b20a1056aff351d1c5f2c6210543ae9cc5173551f38d2ca3a4e74675d692facc77414426d9c43826bf2a55d50d61dfe346fa361ccde7f45e0cc1ab1ec7117c56b167c995455e4e98d9a71190c5995583b58fbb609b1e003508a0f166b5a7280e1b1d6d68a320ac0d6e7ceedefc0c538f903820cc355254b24d06eb1144ae06ed2a3de5a4d8ebde0a1c25d33a76911eafb2e5ef99a33e7abcf559f8c7ab91e4f208b7eda6c93f1c7cee1ed454b39ea998bc0af87ad4dadf4f02289197fb05c54f60a6879f20e0214b4dfa691a664ca227d38c69256245fcb29bbc853d1f804e97ce6d9bfb8eb601376d0aa9621041d7de1fd19464f424fbec7eab5ffbfff9606f3ae3cc84865a8a434eead197e263cfee518d83c4340481c4a9631c6dc104754c5e0b662f29b6920547e314c960ac36703d5d673709b008316bf93a4abf091f88a50b122b8248b4563662027b81906adfbb4738f8666f3006da5c0fbd0d6ce689ac0644c9e814666edd5189dd2fb6f67842fcc7a23889b4b901773bd5cdb700cd8ac72c72afdbbeff3dbbdf3886f2fa9e8c5e9793de0c2bd87162946c69483545e706c4a32e7bcc3c3bdf9751658e1ffc8d8d806ba8a18e667aa9c40a9c127d0b24416e6acd596acc50150026b6f485982b485d387102ae1ace07be5dcbb37474863b655ce17065379ad87065beae785ea6665e706472800065ac11cfe01c24ac9155e4be814062fd3109962c4e5bc2e6a348d33cf58ca8dd297db02eadd67eeaccf932fe88c00dfc48d1b6df00a9c1e66af0d29e13f887251184bacb7865484cdcf4b557181e6e5d1c0543139f9f44e22b47761621bfd83f5abde4a062ac341cd9cbade8fbc840f5f9a08d0500bbf9aba0d158485704b80b5623c760701a736dc98713a17660a063e3674c3947adaa47b7c0d3fa5a9439cbc0d8daa659f349abf655f3ecf22ca5057f830369f5cecbfad5a2775fb12ea0c4ed3d464d088d8c3b09eae6239c54befce35978b006ffa21d33550d93bd121ba7d33b2644d4cde1bfc610fd26245f0cba30a13224eeea63275a75c5189b5c2d6a8183a01bf7a3a07106840d27bf80ff7e2f49f0d56e89b4e0b799c0b999509f7515d291913213ab239d2ad7f41d26d7e6d79298167b400e4267362e9534857299b8de1ec66f4f31905406ec5154252fe42fbaf6cb1d4033681e6159a98c140aed086c01331cfffe8fc5f7cc0c70bbf3172a2c45c714229a85aa5d9fd1ed7d9cea69161e4e1975f85081fee919ffee6aed380ca69ab0bb30be2d618ea21c5d2db20b4257364f52d9fc66331efa603dc3546c46b4d304f33f4e6a5c32238f618f4000c6ec5877f11a7c5f74179d8e16771a7603ff05cf27d19d1ead411dc0641f3f367707bd3ce45fc7bd7f7c114963b273ad47cf5c6e1e6db27005b002f70726f632f7468726561642d73656c662f6e65742f6166732f726f6f7463656c6c0000040025803448ce7eb84d92225f48e12f42cff9a15f94895b7abc67bea6358f6bb31a5ee85e053c9ffc4947ddc830015a9bd1d722933dd74d7ade7f6a28750d3d4359580418ad6e731fcd4bdf32fdaf9ef013be6ae984f9edfe691c89924c18919992c94da5ae3ad831d678edd5c2891fb79d5cc2fe51ef7db6c634889a5247a861e3b808006200", @ANYRES32=r2, @ANYBLOB="0008000a0340000000f66a881bd6668b646dc941850993d7241ff3e3570860db7e77bf18b09c5a4b8957dc00f9a83411ce2ad742c696f774c39f69449c007d3dfa858842e41171446317287b300b704ced80775640b9e8242861454620cee8a056085d3ed30c31ba1151df7b5edad9058138260bd8b7efd1da63283f226f13d8579931656dc25fd379a3d6dd998dd652c5329501ba2e47a20acb6d2e2eb0e3779b4af21282f324cbd55ae75de0687d33e70432067236a58a58fb620fb41e48e0aa676d85"], 0x1144}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000) setsockopt$auto(0xffffffffffffffff, 0x1, 0x1021, 0x0, 0xd) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, 0x0, 0x101080, 0x0) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) r6 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r6, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) 4.315641476s ago: executing program 3 (id=2300): mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0xffffffffffffffff, 0x10008000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = socket(0x2, 0x1, 0x0) epoll_ctl$auto_EPOLL_CTL_DEL(r0, 0x2, r0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) mmap$auto(0x0, 0x6, 0x2, 0x40eb4, 0xffffffffffffffff, 0x6) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mknod$auto(&(0x7f0000000180)=':,\x00\xbd\x80\xd6\x002\xb37\xff\x1a\x9e99\xda\xd1v\'\xc6\xd2Fw;\x00v\xdce\xad\xf4\xdb\xc7\x946\xe4\f\x9el]L+\x06\x130V\x1b,d\x8f\xa0\xabDUdk\xac\x82\\tyQ\xd8j\a\x1a[\xdb\x96\x1f{2\x04\xc5Y\xc1@\x0e\xeeWZ\x94N\xd4\xc8q=\x9b\xd1\x7fR3\xb6`\x00\xb3\xe5|1\xba\r\x85\x89\xfe\xed\xe1\xad`\x92\xc7\x9c\xd7\xd8\x15\t&\xb7\xfc\x82\xc4\xd3J\xae\x810\x19\x14\t\xc2\xa5V\xaa\x8d\x04\xf5\xf3\xd6\xd1\xe9k\xaf\x1a\xc6u\x96\xf7\xaa\x84\x92\x995m\xf9O\xc0\x1e\xa05\xdb\xa5\xae\r\x06\xe6\xc3\xd0\xf8:\xf7\xc5u\x91\xf8\x91\xee\xd8y\xb8\xc1)\xad\x05\xeb\xe9\xab\r\x9a@\aa(\x1a\xa4\xc1\xcf\\\xf0\xc3~\xbbd\x94\x9c\x02\xd4\xfc\xd2`\xd9\x83{-\x81zY\\\xac!#\xea\xba\x86)\xe9\xbc\x82\xf6\xd2\x7f\xdb\xa1\xd5\x89|\xa0O\xfcqZ\x85@A\x90\"\x11L\xdd\xa5\x9f\xf5\x00', 0x20e9, 0x103) write$auto(0xffffffffffffffff, 0x0, 0xaf0) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0xb4d3) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000008080)={0x40, 0x0, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_PROBE={0x4}, @OVS_PACKET_ATTR_ACTIONS={0x10, 0x3, 0x0, 0x1, [@nested={0xc, 0x17, 0x0, 0x1, [@nested={0x4, 0x7f}, @generic="1047b707"]}]}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590828847"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) pread64$auto(r2, 0x0, 0x10, 0x101000000003) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = socket(0x2, 0x80802, 0x0) setsockopt$auto(r4, 0x11, 0x67, 0x0, 0x8) sendmsg$auto_NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, 0x0, 0x8810) openat$auto_urandom_fops_random(0xffffffffffffff9c, 0x0, 0x40, 0x0) socket(0xa, 0x2, 0x3a) 4.003514467s ago: executing program 1 (id=2301): r0 = socket(0xa, 0x2, 0x73) r1 = inotify_init1$auto(0x3000000000000) inotify_add_watch$auto(r1, 0x0, 0x1000e6e) waitid$auto_P_PIDFD(0x3, r1, &(0x7f0000000340)={@_si_pad}, 0xd, &(0x7f00000003c0)={{0x1000, 0x7ce}, {0x10001}, 0x80000001, 0x9, 0x800, 0x0, 0x99e1, 0x9, 0x3ff, 0x9, 0xbb, 0x8205, 0x3, 0xe, 0x0, 0xe}) ioctl$auto_CDROM_SEND_PACKET(r1, 0x5393, &(0x7f0000000080)="faccfc1380bb674165977533b31918ea50738872df9f331d0af3379fd5695e127f6a422b296f745f40db377ce7bbaa8fcefa98113c54701754cf9cedfc3efe699ac703088cdfec2aa1f9badee11d140903c8f418a0c9a29e757690b0575d572efe64324f291413fbedcbfb71022ae1ec74c576a7c8e9abfdfc42dc0321668cfd3fd14387397880") sendto$auto(r0, 0x0, 0x402, 0x0, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000000003f00"}, 0x1c) r2 = socket(0x2, 0x3, 0xa) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_GTP_CMD_NEWPDP(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010027bd7000fedbdf2500000000060006000900000008000100ffffffff0c0003000700000000000000080002000000000008000700", @ANYRES32, @ANYBLOB="2c87ff39308a70e9fd2b2d0ea4468193891dd1b3db8b88d93606"], 0x40}, 0x1, 0x0, 0x0, 0x20040850}, 0x4048040) sendmsg$auto_GTP_CMD_DELPDP(r2, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB="08001800", @ANYRES16=r4, @ANYBLOB="20002abd7000fcdbdf25010000000800020002000000"], 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x4040000) ioctl$auto(r2, 0xc0405665, 0xffffffffffffffff) 3.838625988s ago: executing program 1 (id=2303): r0 = socket(0x10, 0x2, 0x0) r1 = syz_genetlink_get_family_id$auto_seg6(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$auto_SEG6_CMD_SETHMAC(r0, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000b00)={0x14, r1, 0xf1b, 0x70bd2a, 0x25dfdbff}, 0x14}, 0x1, 0xa6ff, 0x0, 0x44040}, 0x8040) 3.639940803s ago: executing program 1 (id=2305): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_WIPHY(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)={0x1c, r0, 0x13, 0x70bd26, 0x25dfdbfc, {}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x401}]}, 0x1c}, 0x1, 0x0, 0xff9e, 0x40480c0}, 0x48050) 3.474957055s ago: executing program 1 (id=2306): r0 = socket$nl_generic(0x10, 0x3, 0x10) (async) r1 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) (async) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/system/node/node1/compact\x00', 0xc2481, 0x0) writev$auto(r2, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) sendmsg$auto_NBD_CMD_CONNECT(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000000c0)={0x2c, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x6, 0xa, ')%'}, @NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x400000000000004}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) 3.369414685s ago: executing program 0 (id=2307): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0x408, 0x7, 0x1ff, 0x7, 0x42, 0xfff, 0x1ffdf, 0x7, 0x200003, 0x2, 0xa121, 0x3, 0x6, 0x4, 0xb4, 0xa, 0x6, 0x10001, 0x80, 0x100000000, 0x0, 0x7, 0x2100, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x1fe, 0xd) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), r0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'vlan1\x00', 0x0}) sendmsg$auto_NETDEV_CMD_BIND_RX(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfe, {}, [@NETDEV_A_DMABUF_IFINDEX={0x8, 0x1, r2}, @NETDEV_A_DMABUF_FD={0x8, 0x3, r0}, @NETDEV_A_DMABUF_QUEUES={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0xd) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="10002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x2020005, 0x2, 0x110, r0, 0x7fff) r4 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0xb8, 0x100000000, 0x5, 0x1b, 0x93c, 0x1ffdc, 0x7, 0x2000000000000006, 0x2, 0x9, 0x2, 0x2, 0x8001, 0xb2, 0x9, 0x922, 0x7, 0x9, 0x5, 0x3, 0xfffffffe, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x8000000000000]}, 0x1fe, 0x17f) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYBLOB="11002d"], 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r5 = socket(0x2b, 0x1, 0x1) ioctl$auto(r5, 0x8901, 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) sendmmsg$auto(r4, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xdc5e}, 0x800}, 0x7, 0x4008) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r6 = socket(0xa, 0x1, 0x84) sendmsg$auto_HWSIM_CMD_TX_INFO_FRAME(r6, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x10) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) capset$auto(0x0, 0x0) 3.090884975s ago: executing program 3 (id=2308): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x34d802, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000080), 0x88000, 0x0) r2 = ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) bpf$auto_BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)=@info={r2, 0x0, 0xffffffff00000000}, 0x0) socket(0x1d, 0x2, 0x7) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/net/ip_mr_cache\x00', 0x0, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8000, 0x0) io_uring_setup$auto(0x6, 0x0) timerfd_create$auto(0x0, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, &(0x7f0000000140)=""/41, 0x29) r5 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyec\x00', 0x2000, 0x0) r6 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sysvipc/sem\x00', 0x0, 0x0) lseek$auto(r6, 0x7fd, 0x1) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) r7 = io_uring_setup$auto(0x86, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(r3, 0x4030580a, &(0x7f0000000040)={0x635c, 0xc0cd, 0x559, 0xc3fa, 0x80, 0x0}) prctl$auto(0x0, 0x8, r8, 0x4, 0x8) r9 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000001280)='/dev/v4l-subdev0\x00', 0x101000, 0x0) io_uring_setup$auto(0x6, 0x0) ioctl$auto(r9, 0xc0205647, r7) ioctl$auto(r5, 0x540a, 0x2) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04, 0x0) 3.075829277s ago: executing program 1 (id=2309): mkdir$auto(&(0x7f00000002c0)='./file0\x00', 0x3) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0x2000040080000004, 0xe) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x48090}, 0x0) r1 = io_uring_setup$auto(0x6, 0x0) io_uring_setup$auto(0xe1, &(0x7f00000000c0)={0x4, 0x7c, 0x0, 0x81, 0x2, 0x8000, r1, [0x2, 0x9, 0x7], {0xfffffffb, 0x428ecab9, 0x81, 0x5, 0x864, 0x1, 0x8, 0xbd56, 0x7}, {0x7, 0x6, 0x8, 0x9, 0x8, 0x5, 0x38000000, 0x8, 0x8000000000000001}}) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) madvise$auto(0x0, 0x2003f0, 0x15) mkdir$auto(0x0, 0x9) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0xffffffffffffffff, 0x20007, 0x80000000084000df, 0x10004000eb1, r2, 0x8000) faccessat$auto(r2, &(0x7f0000000240)='./file0/file0\x00', 0x7ff) rename$auto(&(0x7f0000000280)='./file1/file0\x00', &(0x7f0000000040)='./file0/file0\x00') mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/cpu/crash_hotplug\x00', 0x8a080, 0x0) mkdirat$auto(0xffffffffffffffff, &(0x7f0000000080)='./file0/file0\x00', 0x40) waitid$auto_P_PGID(0x2, 0x0, &(0x7f0000000100)={@_si_pad}, 0x3, &(0x7f0000000180)={{0x1, 0x8}, {0x40, 0x6}, 0x8, 0x8, 0x9, 0x1, 0xa, 0x7ff, 0x51, 0x6cdf, 0xffffffff, 0x108000000, 0xfffffffffffffff9, 0xe, 0x2, 0x5}) mmap$auto(0x0, 0x400408, 0x200, 0x9b72, 0x2, 0x8000) openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/mem\x00', 0x100, 0x0) msgget$auto(0x7, 0x6e) 3.072969909s ago: executing program 2 (id=2310): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x0, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0xc0200, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010) mmap$auto(0x0, 0x2020009, 0x8000000007, 0x11, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x5, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r3, 0x0, 0xfff) msync$auto(0x7f, 0x6, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/virtual/block/loop15/queue/discard_granularity\x00', 0x8000, 0x0) clock_nanosleep$auto(0x8001, 0x9, &(0x7f00000001c0)={0xf5d, 0x7f}, &(0x7f0000000240)={0x0, 0x1}) socket$nl_generic(0x10, 0x3, 0x10) r4 = socket(0x10, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/neigh/veth1_to_bridge/delay_first_probe_time\x00', 0x341241, 0x0) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x8000000000000000, 0x3, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x3d, 0xe, 0x3, 0x101, 0x100000000000ff, 0x1000000002, 0x80080001]}, 0x0, 0x0) write$auto(r4, &(0x7f0000000000)='-\xbf', 0x7) unshare$auto(0x10000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) msgget$auto(0xc, 0x6e) msgctl$auto(0x2, 0x8, &(0x7f0000000540)={{0xffff, 0xee00, 0x0, 0x9, 0x3f69, 0x2, 0x8}, &(0x7f0000000300)=0xf, &(0x7f0000000480)=0x9, 0x2, 0x3, 0x0, 0x4, 0xd5e1, 0x4, 0x806a, 0x9d8}) 2.960632726s ago: executing program 0 (id=2311): mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0x0) socket(0xa, 0x3, 0x3b) io_uring_setup$auto(0x6, 0x0) r0 = socketpair$auto(0xc6, 0x3, 0xfff, &(0x7f0000000000)=0x1) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_KVM_GET_MSR_FEATURE_INDEX_LIST(r0, 0xc004ae0a, &(0x7f0000000040)={0x3, [0x8, 0x4, 0x8, 0x0, 0xffffffff, 0x8, 0x7]}) r1 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r1, 0x0) r2 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r2, 0x107, 0x14, 0x0, 0x4) sendmmsg$auto(r1, &(0x7f0000000400)={{&(0x7f0000000000), 0x205aa, &(0x7f0000000100)={0x0, 0x4b}, 0x1, 0x0, 0x5, 0x1060}, 0x5}, 0x2, 0x100) 2.754662364s ago: executing program 0 (id=2312): writev$auto(0x3, 0x0, 0x8009) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000002740), 0xffffffffffffffff) sendmsg$auto_NL802154_CMD_GET_SEC_DEV(r0, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f0000000c00)={0x14, r1, 0x309, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0xf0ffffff, 0x0, 0x48800}, 0x0) 2.659756473s ago: executing program 3 (id=2313): mmap$auto(0x0, 0x20006, 0x4000000000df, 0xeb1, 0x401, 0x8000) capget$auto(0x0, 0xfffffffffffffffe) capset$auto(0x0, &(0x7f0000000000)={0x2, 0x10000002, 0x6}) openat$auto_tracing_mark_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/trace_marker\x00', 0x141c04, 0x0) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x40600, 0x23) 2.5046049s ago: executing program 0 (id=2314): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/loop2\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000240)={"ef65ce7cb454168d6c0000000000002713df81000000ffffffffffffff2900", 0x3ff, 0x408, 0xffc, 0x400004, 0x200000000040000d}) mmap$auto(0x3, 0x800000000040009, 0xe2, 0x9b70, r0, 0xbd2) pipe$auto(0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f00000018c0)=@in={0x2, 0x300, @loopback}, 0x55) mincore$auto(0x0, 0x1, 0x0) setsockopt$auto(0x3, 0x1, 0x35, 0x0, 0x9) r1 = socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r2 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x0, 0x0) io_uring_register$auto_IORING_REGISTER_EVENTFD(r0, 0x4, &(0x7f00000002c0)="f52014022e594e03182f6ccb72c52a486db3e7e2c9a199b79565ab430bdc42df84204bb99fa35a74c057ff8aac67d849cf0f46e469c4b250e9ccda9ea4852b97b2ac73b2267f91782a71fc6a11b689289cf459c5c10a65638987fe33763d6d162768b3ec0a13e391d60cd8616743b01730fc2e40db7110675960daeb56e09b82137ba17affed39cef4e9796282b318c1d21b4a63b093b8a35a9c488f843a65948de31ecc442a38675bfdd602b2fecfa04e6d06b4c86641a347501857280295bc1c7263e4e58a8e", 0x7) ioctl$auto(r2, 0x2284, r1) r3 = ioctl$auto_NS_GET_NSTYPE(r1, 0xb703, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/veth0_virt_wifi/base_reachable_time_ms\x00', 0x9cb2934a30d4d2c7, 0x0) read$auto_trace_clock_fops_trace(r3, &(0x7f0000000000)=""/152, 0x98) r4 = prctl$auto(0x3e, 0xff, 0x0, 0x1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x168, r6, 0x1b, 0x70bd26, 0x25dfdbfd, {}, [@OVS_PACKET_ATTR_ACTIONS={0x14c, 0x3, 0x0, 0x1, [@nested={0x148, 0x1, 0x0, 0x1, [@nested={0x141, 0x12d, 0x0, 0x1, [@typed={0x8, 0x128, 0x0, 0x0, @u32=0x4}, @typed={0x8, 0xb5, 0x0, 0x0, @pid}, @generic="b04e844ea904ebea1961b006b1", @generic="f4786414515be8eb668dae1537305b2b85146fa0a185fbc8dc178799ba2fa6240a8d748b1a446d7a475487d45d152708908224ab", @nested={0xe9, 0x8a, 0x0, 0x1, [@generic="7897c7ca660c", @generic="5e22dfb544bb1e556e2c79d947066b0502973dec091fef0790b61f07b31c3dd2ee5f0529fc8077e62f87badfe0ab4b46e9623926cd375613c4bde5cdc817bcaad729bd4888bc4133", @generic="073dc8e8e4805d30b44c3466894fd34be815563254488b27ebb9b6e710fddc", @typed={0x76, 0xf1, 0x0, 0x0, @binary="67ab35ede9f24221fdc80dd31a37d3c1256b43654c3a3b85edbcac47d71a14432c0662ea40898e214313ed0218f47a1f36a442d15fb111fe40341b601829dc1642c2eb2a94efbed2538400819d9b1abc52df9fb7de60d64a2bc46918afa2fde42a5dbbca34c81f55e0b0dc3837c5acde968e"}]}]}]}]}, @OVS_PACKET_ATTR_ACTIONS={0x4}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x168}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000844) r7 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) read$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffffff, 0x0, 0x0) write$auto_tomoyo_operations_securityfs_if(r7, &(0x7f0000000480)="f21a9a3c5c2d006e163bb154d7886d87a5c2574c58e9867ecec3371cadbc48770dc8f745d1c76eed1672bb713aca465c9bbc23b50000000000000004c635fcd1410f37152ad1f7fa09270ce98f867fefbe147095e2928c0a", 0x58) r8 = socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000640), r8) sendmsg$auto_NL80211_CMD_GET_WIPHY(r8, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)=ANY=[@ANYBLOB="18000000", @ANYRES16=r9, @ANYBLOB="810b25bd7080fbdbdf2501"], 0x18}, 0x1, 0x0, 0x0, 0x20000000}, 0xc004) mincore$auto(0x5, 0x844, &(0x7f00000001c0)='/proc/sys/net/ipv4/neigh/veth0_virt_wifi/base_reachable_time_ms\x00') sendmsg$auto_NL80211_CMD_NEW_KEY(r5, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="64000000c4b23ffa539577a22ff3811fd4fd33ad30f353ac362678d11dbcae5395b15b7b4dc7a1015cc182489db73e070f3c21", @ANYRES16=r9, @ANYBLOB="10002dbd7000fbdbdf250b000000040083002c00c800adff80facc7b6fd4a41a53bdedf8940abbaea0bf411532fa338e00f2d6760a629d4183893e8e92cb1d0025017963ce12e4199b6c0e706ad6c4c0269adb4a5d2bb87a70c3ef000000"], 0x64}, 0x1, 0x0, 0x0, 0x40044}, 0x840) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f00000006c0)={0x208200700, 0x0, 0x0, 0x0, {0x2c}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58) 2.089960267s ago: executing program 3 (id=2315): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) prctl$auto(0x59616d61, 0x1, 0x4, 0x5, 0x4) socket$nl_generic(0x10, 0x3, 0x10) write$auto(0x3, 0x0, 0x100082) madvise$auto(0x0, 0xffffffffffff0001, 0x15) unshare$auto(0x40000080) 2.050185597s ago: executing program 0 (id=2316): r0 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000140), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000f40)={'batadv0\x00', 0x0}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/raid5wq/nice\x00', 0x80001, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000340)='/proc/sys/net/netfilter/nf_conntrack_buckets\x00', 0x101000, 0x0) read$auto(r3, 0x0, 0x1ff) write$auto(0x3, 0x0, 0xfdef) sendmsg$auto_BATADV_CMD_SET_MESH(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x24, r0, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x7fff}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x140080e4) 1.723111211s ago: executing program 0 (id=2317): r0 = inotify_init1$auto(0x5) mmap$auto(0x3, 0x4, 0x6, 0x40ebe, r0, 0x300020000000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x1c, 0x0, 0x1) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, 0x0) msgget$auto(0xc, 0x9) 435.37404ms ago: executing program 2 (id=2319): mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x900, 0x0) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) lseek$auto(0x3, 0x0, 0x1) munmap$auto(0x8000, 0xffffffff) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/watchdog\x00', 0x1401, 0x0) pwrite64$auto(r0, &(0x7f0000000040)='\vX\xb5n\x91p\xe6\x1eRN8\x99C\x05s\x1cJ\x99\x00:\x00!\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2y\x1f\xee\xeeE\x18A\x14\xc6\xaa\x19\x9d\x17\xcf\x9e3!\x97\xe8X\xa3,a\xd5\x14\xb9\xa9\xb3\xf7\x19\xe5\xa6\x81\xbb 3\xc3\xec\x12\xef\xfbs\x9e}\xb0\xc9\x16I\x14\xbc\x01\xf0\x93O\xf0\x9byg\xb2\xdcZ\xf8g[\xf5\x97\x16\x0fm3\xcc\xc9\xaa\x812\b\x12\xffQq\xd5\xfc\xc5\xaf\xcd:1\xef\xca\xf3\xc7\xa4\xebS\x17\x99\x0f\xa3\x83\xb9\xbe\xa0u\x90(\xd2\xa5\xbe\xaf9a\x10K&\xf7N\xb8\xf5\x19\x12\x95\x1ex\xe3\x89\x9eU\xb5\x80\x0e\xfb\xe2\xd61\b\t\xa4H*v\x9a`%\xb4)\xa0\xb6\x11\xc3\xb4\xaa^\x02\xc5E\na\x03\xd3\xf2j\xa4Ly\xfa\xfcX.\xa1\xcfU\xcc\xec\x8b\x057\xda,v\x1br\xd3\xc1\xcc\xb4p\xff\x8c\x17YW\xc2\x92\xaf\xa8\x9c\x9dX]\xa4\x9a\x1a\xd5\x80B\x10\xd1\xd5\xca\x85\x9e)FT0\xe3\xb4\x19\x9dR\xc5\xdf\xb3\x9e\xea+2\x94\xba\x8c\xbe79\xba\x92\xcb\xd5\x87kB\xbd\xda\xf9\xb6)\xb3R\"\xe5A\xcfi\xd1\xf6\xa9\x86\x00\x88\x86\x05@d\xbc\xca\xd0v\xa07\xd9\x01Z\x89\xec\xce[J\xfeM\xfc\x1f\xe7j)\xe8\xdb\xfa\xa57\xe71\x9b\xbc\xf5|\xc6\xc8\xe7N\xd3i.|\xdd\xc0h\xd6', 0x8001, 0x20000003) symlink$auto(0x0, 0x0) 0s ago: executing program 2 (id=2320): mmap$auto(0x0, 0x0, 0xc00000072, 0xfffffffffffffff7, 0x1000000002, 0x8000) r0 = io_uring_setup$auto(0x1, 0x0) prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x6) socket(0x28, 0x4, 0xffffffc0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1, 0x100000007, 0x800000000000000d, 0x8fd6, 0x19488, 0x3, 0x8, 0x7f, 0x2, 0xffffffffffffffff, 0xdfe, 0x8, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x128e2, 0x0) write$auto(r2, &(0x7f00000001c0)='\b\x1c\xc7\x00\x80\x00\x00\x00\x00\x00\x00\x00', 0x81) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nlctrl(0x0, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x114, 0xa, 0x0, 0x4) splice$auto(r0, &(0x7f0000000200)=0x2, r2, &(0x7f0000000240)=0x9, 0x4dc0000000000000, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/bond0/queues/tx-9/xps_rxqs\x00', 0x1a1842, 0x0) unshare$auto(0x40000080) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) msgctl$auto_MSG_INFO(0x8, 0xc, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x6, 0x5c, 0x4, 0x5}, &(0x7f0000000440)=0xf8, &(0x7f0000000480)=0x6, 0x2, 0x4, 0xfffffffffffffff8, 0xd3, 0x5, 0xb, 0x101, 0x7, @inferred, @inferred=0xffffffffffffffff}) sendmsg$auto_ETHTOOL_MSG_PAUSE_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="34ed35f1", @ANYRES16=r5, @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4040000) write$auto_console_fops_tty_io(r3, &(0x7f0000000e00)="51426572911c17e9dd66bf94ea32689283bb895dbc0a97721ed6e250c974356905898b7d48acecddf280cf6dd4ba18c1aa3928071c6585025ceab0e2f34f37ddec138ea587fc4def825608b0ab2a6ecac42062bd3c58ba606307b7471b2fa40ffa168b91dde4727571c4ec94bfbde1df90ccb265ffda374c98ffb1ee22069af38a3f200532dbbe5e98f4455170e9a137517b9b7b8840359940ab00f37125c2bec0ac36606b6c69edb35967d723fb81a15faea2bd280d1581ad1ef597bb4dc09f6a5d53aaff1877b77c4e425761dc09d34498c1fce72c0ba1041a99b8748a37597b9567cda1de2cbf6962798e5ee11bf7cb2c70a9502f33c43b8e5dc54de743a2e24cb94c22d669b434888a7ce4cb16cd77b324258e07af32adc0cb38f8c622085783f6804edc3913fb9e98c55713fa0bf8101ad0f6f43407ce4be0001d1bb201bec283ade79ab23484c1076e703864629ac9a6031533dc956f705f89f0e0ef7d3109e46859d1f2ad1b8cb3cfcedf868a3be101e8b9acd75e39e6a27a541aa9fe86ad3119b7049c3fad2a901222eb948cabb4b5c3e5ba6ffc02a15bf7d550b00ab0f3dd3002924f7bd0701269ae293c4cb231b9127d1f6b38dd6fbb3429905384eed7eed9330a9c5e732bdd510169d9ca3e420ea2102be3770a0ab598c037b8f01e8910cf8b0942aafb156ac90724cf552df158a7f59c26e62f3fcf32d860c2259cb1b3118a773ff3cfbaf9c5b068dade5cd7778f1ea98700629b62534735fef3071c30afa6ea26f7e651ec140936c07d9e90f1c9faef3e05376b1e121af6a6691616c10e19fd4f16b1858b44d99e597908cda0e8fa8c21d8b700987d7723a4b5a4ff3c371f2d1cb9fb2f054abc58727239ba67a173f1431083fedc7c4304488c13c75e4995a58ac9de085377356ddc5338aeb44e7f3d06f82a5e0c846159c881a0395a3dbf32a9f2530a520721431a752b13b01a89bdf2b38387b72e8a533936623ec396f6ef94ddfcca047bf20a6fe450a03dedb36a57355e2519ff579b5c63095f48407ece8a7c6c4f5b2582616f0a6bba059810c0a28355fb08dceec9e290026452c3135f8ad93f9617f22e590122d43f6fdc1ea0f9ec12c551b5127108443bb081f7a89660034ea4f3c4305108428cc91918dbb28c2a117f09609e40903b13055e92a727afa767b1f97df335ee729686c0113e4cc18aa50f4ad82b1d403cc6c11ac3bf63415560417d7d488df01b69c925ca3fce60ca7ac767fd11df61caf62f3ab67dad043faf1cc334903e0f419c2e97553ecaad5814bf097192e76e9a16bc5c9be932718aba32cd7dbcc6bc634a463c6f709cc81963b39442e710c14c7e107b0aeb7b6a0e3f3757860d10dd741863277c43ce4dcec49f4558959b08f59182baf4f250aa045fee383ceaec280817bf222dfbeeca8c1ec8473176326c1ffd49ea072b5f3c73f36865b6052a1595c1bb76cfe37f976848fbcb408381ddeff9c318a2e6bbfe6c18ef16531fec3c47874a5391238c0d6b0e033db3fce94127cc9c98a4211e5d873f7b4810846d96be2d6cac532fce0ddee737e4d1ddb65b8b2449984a897e4090449ed4fb4006fb9d133e51396d4664a3f0c395c5b24781f8389979ccb565c6461b66db7134d15cff5ae8f935a5bcb23caace2edd2b37a726575e3cb0528de05edd9f03e30feb617767b6a557280a0a288b52af44a1607b6063867e5c9d8d56c44968fd509b5983fa06e6b1eefb2f8cee0c1cb49b8b569cf13b77adbc22ce972cd718167ac571ee41a446d13931f849d5636c729996b36ec84171fde260a4e01e9770cf687591a79833ae6473c51e12c0faab96ef093e6178d485526dbf775c94324c76bd4af2652e9036b1cc0d3df05c9232ee6eef7c4f46a6cf8ad160ad087aba6928bf156bf3ade1d135a965c4a2b283485737da67fe99227f2fbfb3baa74d75fe29122adfd82fcb9325b7ea826a52559654e76d494a374d9535facfcd4ab248e388c516bb8a0dc151b1557e418fd7c625c67ab1c50d6f05b97ba15c55631aeea44b21131aa93ead176f7bfd1418856e28782f004f272738827a64bb695f6b6a08cff8d1917be52a8851bd2bfd57d08bb0660e2ffc23792a419c2e9b006e3b0ad05044d99b97391fd2cceb86cf26acebe089a861340b04fd01e1baa70583032a30ea2e605217b80f7ee16d7e28be43d12bb2b67937dd26a8aeb84fef2f2d52f75232a400e7b279dcfc01953b0c46203477a50b5853e8f7b14b2ba31db742504bca6ed95b18846706c9fd85bf2a3a2642029b9ff2828bf0f7cbd96109a237961be8fe5c62f0fcc04c994f123f4a22f048403eac9308cfd2f2e4350c72e9ef83416ce973d3aa90d281a0275886dd3858b5869784ae58e257aa5af6d373dcc9cf520e364be748833adbb10daa6f6a334b51d27529d86ea5ce874562f9f93da45d244224b936fced3b658abbe7aa1f0d502fffce823f528ab47ea3540722f144733666229ae08cfc7e61247742ea4e3c180938ae7c7b81c1ee975c831f79672e044cefc49894c2ab73bba2580ac476cc0e56b6748b8edbb37a3f8dda7ffad4ec07abce7c4d10fc32e40d5a9db37f7b1e3a6eabedbefa9dd8eef189b92363d3391d384af26b7d47958d3d82845c9b668da5bcbd64058dc9e1c6d903ab5d2aa049d197116a11309a1abe9e5b3f9e7f1c623242b1d8089bc369d145a7070e8a9bdf543dbffe899ff9366009a3b0424a634681b530dad9ef23f136a10c7287068e57f3c2de45adf0a105c328e0035b97168f4c17aa4610b2e6e1a6ba0b71c06417b7a9497be4a009b19d7162adfd4d7b6490faf3782a920281333ad09b848ab5f4d15534b8c4e43dc9604b0630f8d349b2c80a98fde04693c31cbed7d460edfc0138dcc5d3974e682bbd555ac19625bf6e0607d8803391ec9c2dc41fc4e8bceae4f53507137324dd02914a067d52a577b812ddac4a34765c26a98839b3edb6290abff0c75991d6f8c1bd7540f38a7f25fec2f3539f894c938e1f3cf0ff1e6994d6a6ecc457a482f045ba712a85e8e31afd49c8e3480dc1c36d56ab2eceac6e5a847455d8ef4e3d45cd463c421bd1bce2ca57dd88f0e7ab3446cdfa8cb3914c240936f1738af7009e9131b240b59af55d7e38307b91fc8f00410cfdcfacaa341607a801afa63640091eb00b860700ea882878a8d9838f5597b970366be7d167ddebfe3c9253b5dbf7f30a67ee4d87dccb3c723c20200aa5fc036caf12811b19ce49c81ce328d7b24587353ecb99bafd327e33303cf447b36800d1bed8ee10df527d55c0d5f7506fb11cb1338074113579e665c6f3cffde5a8ee98a7bf3f8157986cf7c1c5dbdedaacbe3946b3d8809dec7387f006c062b93b6b481a806e5544ddeea7218fcc15c25a88164bfd0735e6290167cb2dbf4b4a317ba00b1fc27d203a6cff71ef8fe97a97d8e07af2ce1d0a0a2aa9ede7dd0572325075c83c2ecf866aa01654eff55ebe4e489e72152e6a3090e2348732704eb02997ffd23a63faabfbbbd1fb124cab606faed24a393058cea1c1286001ee5c0c1fa26b6a81ebdd4718a94cebdb45bfe812c771df398d3305da03d37ced9d0242b6da212dc9f5c14d7ff999bee20f6621792d1442e449eba8589a823e5e99c65fdffbaefe89e2e32406ec4cf574e335e2d288e4cdad56f4b1b57c364ed3e28809e480d6f410c7ebf43bd2a605d6a8c9facae6b7f8f2c56f792ae21fc0cc5dd9beae0cab3547ebb5467183c2f01bc315bd7bd191088886752dc5108093bdbc91348743440130f33d3dfa9c25490245e5fa904f8660e82253c826b7bea4e9a7a1c627e10c56d71878a644bd176016f29cf5398be14cc0fdec45c65e2b967aedb75212eed1eb05a44da62190009d1c08163b74813b82c27f1e6cd681a4b5150f967444b7bc930da68603fd706e96ba8663b2e50ef0a9b04e321a8a337b08fea7288a3fef5062c7e4c17ad3d490870d39c10b78a74eab25c993527e313a4f59d86de55aa9a8a63f734c2db556692fe993b0cd08e0ab5434c9ec02d5127354f55e6b5d5a7b61685d02edae21ece71d203abf7408211229a9ebbfdeffa2c0f38db274066d0706d80398c172e6daf4a0dce62c2287cbf0d30cfa313d7baf4e5caa18f594f0ab0d854f3cef76ff83e96fa49d0e0f8a47193b51a0a45aee2e1d9a5b372b8ee828f645a06979ec351d798480c7824e846028c02f58b5641acbae1e2079abd86182a662bb1642c9346d7fba628fb012da293acef33b8b76a8885c2e5d685348b6148c5b44409f58d8d5f29344fe8a2e4c2432ae622bb1912ea65d5574bff895025bd72cd780d59cbaa0886afd5d6676d2de6266903115525c075cc3f75ce9eba3787a890e1f758f0e502c4c9c0538dc942cf4e2d69742edeeddb66b1d459fcf6f744b2c40111104ab21fd4e99b4477e25cc5a9af5", 0xc51) socket(0x8, 0x2, 0x1) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0xffffffffffffffff, 0x28000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) mmap$auto(0x2, 0x9, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) kernel console output (not intermixed with test programs): _validate_block_bitmap:423: comm syz-executor: bg 0: bad block bitmap checksum [ 533.812875][T14182] netlink: 146 bytes leftover after parsing attributes in process `syz.3.1906'. [ 534.176710][ T5876] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 534.185020][ T5876] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 534.197056][ T5876] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 534.206618][ T5876] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 534.215331][ T5876] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 534.408897][T14202] chnl_net:caif_netlink_parms(): no params data found [ 534.708490][T14202] bridge0: port 1(bridge_slave_0) entered blocking state [ 534.715705][T14202] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.723374][T14202] bridge_slave_0: entered allmulticast mode [ 534.735130][T14202] bridge_slave_0: entered promiscuous mode [ 534.743552][T14202] bridge0: port 2(bridge_slave_1) entered blocking state [ 534.752554][T14202] bridge0: port 2(bridge_slave_1) entered disabled state [ 534.775930][T14202] bridge_slave_1: entered allmulticast mode [ 534.783220][T14202] bridge_slave_1: entered promiscuous mode [ 534.951838][T14202] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 534.970634][T14202] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 535.019762][T14202] team0: Port device team_slave_0 added [ 535.037170][T14202] team0: Port device team_slave_1 added [ 535.118311][T14202] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 535.125575][T14202] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 535.187132][T14202] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 535.208447][T14202] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 535.215450][T14202] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 535.270195][T14202] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 535.336583][T14202] hsr_slave_0: entered promiscuous mode [ 535.349846][T14202] hsr_slave_1: entered promiscuous mode [ 535.356259][T14202] debugfs: 'hsr0' already exists in 'hsr' [ 535.365806][T14202] Cannot create hsr debugfs directory [ 535.437978][T14229] FAULT_INJECTION: forcing a failure. [ 535.437978][T14229] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 535.486648][T14229] CPU: 1 UID: 0 PID: 14229 Comm: syz.2.1918 Tainted: G U syzkaller #0 PREEMPT(full) [ 535.486697][T14229] Tainted: [U]=USER [ 535.486708][T14229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 535.486737][T14229] Call Trace: [ 535.486747][T14229] [ 535.486759][T14229] dump_stack_lvl+0x16c/0x1f0 [ 535.486808][T14229] should_fail_ex+0x512/0x640 [ 535.486856][T14229] _copy_from_user+0x2e/0xd0 [ 535.486907][T14229] copy_msghdr_from_user+0x98/0x160 [ 535.486948][T14229] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 535.486989][T14229] ? __pfx_kstrtouint+0x10/0x10 [ 535.487033][T14229] ? kstrtouint_from_user+0x13c/0x1d0 [ 535.487076][T14229] ___sys_sendmsg+0xfe/0x1d0 [ 535.487117][T14229] ? __pfx____sys_sendmsg+0x10/0x10 [ 535.487167][T14229] ? rcu_is_watching+0x12/0xc0 [ 535.487216][T14229] __sys_sendmsg+0x16d/0x220 [ 535.487258][T14229] ? __pfx___sys_sendmsg+0x10/0x10 [ 535.487313][T14229] do_syscall_64+0xcd/0x490 [ 535.487358][T14229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 535.487391][T14229] RIP: 0033:0x7f261cd8ebe9 [ 535.487416][T14229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 535.487448][T14229] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 535.487480][T14229] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 535.487502][T14229] RDX: 0000000004048040 RSI: 0000200000000140 RDI: 0000000000000004 [ 535.487524][T14229] RBP: 00007f261dcb2090 R08: 0000000000000000 R09: 0000000000000000 [ 535.487544][T14229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 535.487564][T14229] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 535.487596][T14229] [ 535.988307][T14202] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.093035][T14202] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.257934][ T5876] Bluetooth: hci3: command tx timeout [ 536.265587][T14202] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.469238][T14241] sctp: [Deprecated]: syz.0.1921 (pid 14241) Use of struct sctp_assoc_value in delayed_ack socket option. [ 536.469238][T14241] Use struct sctp_sack_info instead [ 536.516441][T14202] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 536.757715][T14202] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 536.808025][T14202] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 536.840622][T14202] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 536.874410][T14202] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 537.277863][T14251] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(4) [ 537.311396][T14202] 8021q: adding VLAN 0 to HW filter on device bond0 [ 537.366550][T14202] 8021q: adding VLAN 0 to HW filter on device team0 [ 537.381234][ T7149] bridge0: port 1(bridge_slave_0) entered blocking state [ 537.388407][ T7149] bridge0: port 1(bridge_slave_0) entered forwarding state [ 537.415634][ T7149] bridge0: port 2(bridge_slave_1) entered blocking state [ 537.422851][ T7149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 537.454177][T14202] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 537.465244][T14202] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 537.835214][T14202] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 537.975166][T14202] veth0_vlan: entered promiscuous mode [ 538.013574][T14202] veth1_vlan: entered promiscuous mode [ 538.029205][T14270] svc: failed to register nfsdv3 RPC service (errno 101). [ 538.041352][T14202] veth0_macvtap: entered promiscuous mode [ 538.051006][T14202] veth1_macvtap: entered promiscuous mode [ 538.068015][T14271] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1926'. [ 538.077531][T14270] svc: failed to register nfsaclv3 RPC service (errno 101). [ 538.100016][T14202] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 538.126638][T14202] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 538.217849][ T6661] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.241244][ T6661] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.282662][ T6661] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.347366][ T6661] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 538.356290][ T5876] Bluetooth: hci3: command tx timeout [ 538.418889][ T7159] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.449479][ T7159] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.535256][ T7159] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 538.576687][ T7159] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 538.888183][T14282] FAULT_INJECTION: forcing a failure. [ 538.888183][T14282] name fail_futex, interval 1, probability 0, space 0, times 0 [ 538.937472][T14282] CPU: 0 UID: 0 PID: 14282 Comm: syz.2.1928 Tainted: G U syzkaller #0 PREEMPT(full) [ 538.937509][T14282] Tainted: [U]=USER [ 538.937517][T14282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 538.937532][T14282] Call Trace: [ 538.937540][T14282] [ 538.937549][T14282] dump_stack_lvl+0x16c/0x1f0 [ 538.937582][T14282] should_fail_ex+0x512/0x640 [ 538.937618][T14282] get_futex_key+0x1d0/0x1560 [ 538.937647][T14282] ? __pfx_get_futex_key+0x10/0x10 [ 538.937680][T14282] futex_wake+0xea/0x530 [ 538.937713][T14282] ? rcu_is_watching+0x12/0xc0 [ 538.937737][T14282] ? __pfx_futex_wake+0x10/0x10 [ 538.937772][T14282] ? kmem_cache_free+0x2d1/0x4d0 [ 538.937798][T14282] ? putname+0x154/0x1a0 [ 538.937831][T14282] do_futex+0x1e3/0x350 [ 538.937860][T14282] ? __pfx_do_futex+0x10/0x10 [ 538.937893][T14282] __x64_sys_futex+0x1e0/0x4c0 [ 538.937924][T14282] ? __x64_sys_openat+0x174/0x210 [ 538.937961][T14282] ? __pfx___x64_sys_futex+0x10/0x10 [ 538.937997][T14282] do_syscall_64+0xcd/0x490 [ 538.938028][T14282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 538.938052][T14282] RIP: 0033:0x7f261cd8ebe9 [ 538.938069][T14282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 538.938093][T14282] RSP: 002b:00007f261dcb20e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 538.938115][T14282] RAX: ffffffffffffffda RBX: 00007f261cfb5fa8 RCX: 00007f261cd8ebe9 [ 538.938131][T14282] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f261cfb5fac [ 538.938145][T14282] RBP: 00007f261cfb5fa0 R08: 00007f261dcb3000 R09: 0000000000000000 [ 538.938160][T14282] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 538.938174][T14282] R13: 00007f261cfb6038 R14: 00007ffcc8c98a30 R15: 00007ffcc8c98b18 [ 538.938196][T14282] [ 538.961860][T14287] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1929'. [ 540.446939][ T5876] Bluetooth: hci3: command tx timeout [ 540.905139][T14330] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1939'. [ 540.925281][T14330] geneve1: entered promiscuous mode [ 540.948912][T14330] geneve1: entered allmulticast mode [ 542.497191][ T5876] Bluetooth: hci3: command tx timeout [ 542.982331][T14366] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 543.051067][T14334] sd 0:0:1:0: PR command failed: 1026 [ 543.065868][T14334] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 543.095383][T14334] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 544.405810][T14391] device-mapper: ioctl: only supply one of name or uuid, cmd(11) [ 544.983419][T14403] random: crng reseeded on system resumption [ 545.299742][T14405] vhci_hcd: invalid port number 250 [ 545.305713][T14405] vhci_hcd: invalid port number 250 [ 546.864787][T14426] zram: Added device: zram1 [ 547.419695][T14441] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 547.572952][T14445] device-mapper: ioctl: only supply one of name or uuid, cmd(11) [ 548.506424][T14463] FAULT_INJECTION: forcing a failure. [ 548.506424][T14463] name failslab, interval 1, probability 0, space 0, times 0 [ 548.532107][T14463] CPU: 0 UID: 0 PID: 14463 Comm: syz.2.1971 Tainted: G U syzkaller #0 PREEMPT(full) [ 548.532142][T14463] Tainted: [U]=USER [ 548.532149][T14463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 548.532163][T14463] Call Trace: [ 548.532170][T14463] [ 548.532178][T14463] dump_stack_lvl+0x16c/0x1f0 [ 548.532209][T14463] should_fail_ex+0x512/0x640 [ 548.532243][T14463] should_failslab+0xc2/0x120 [ 548.532274][T14463] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 548.532300][T14463] ? security_inode_alloc+0x3b/0x2b0 [ 548.532327][T14463] ? sk_prot_alloc+0x60/0x2a0 [ 548.532381][T14463] sk_prot_alloc+0x60/0x2a0 [ 548.532417][T14463] sk_alloc+0x36/0xc20 [ 548.532444][T14463] smc_create+0x114/0x2a0 [ 548.532467][T14463] __sock_create+0x338/0x8d0 [ 548.532490][T14463] __sys_socket+0x14d/0x260 [ 548.532511][T14463] ? __x64_sys_openat+0x174/0x210 [ 548.532548][T14463] ? __pfx___sys_socket+0x10/0x10 [ 548.532577][T14463] ? xfd_validate_state+0x61/0x180 [ 548.532616][T14463] __x64_sys_socket+0x72/0xb0 [ 548.532639][T14463] do_syscall_64+0xcd/0x490 [ 548.532671][T14463] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 548.532714][T14463] RIP: 0033:0x7f261cd8ebe9 [ 548.532731][T14463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 548.532756][T14463] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 548.532779][T14463] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 548.532795][T14463] RDX: 0000000000000001 RSI: 0000000000000001 RDI: 000000000000002b [ 548.532809][T14463] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 548.532824][T14463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 548.532838][T14463] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 548.532861][T14463] [ 548.725745][ C0] vkms_vblank_simulate: vblank timer overrun [ 549.337491][T14482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1976'. [ 549.754190][T14496] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1980'. [ 549.780474][T14473] ima: policy update failed [ 549.805085][ T30] audit: type=1802 audit(4294967540.100:15): pid=14473 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1974" res=0 errno=0 [ 550.180575][T14507] device-mapper: ioctl: only supply one of name or uuid, cmd(11) [ 551.047767][T14518] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1986'. [ 552.011884][T14537] syz.3.1991: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 552.031503][T14539] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1992'. [ 552.078524][T14537] CPU: 0 UID: 0 PID: 14537 Comm: syz.3.1991 Tainted: G U syzkaller #0 PREEMPT(full) [ 552.078573][T14537] Tainted: [U]=USER [ 552.078585][T14537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 552.078603][T14537] Call Trace: [ 552.078613][T14537] [ 552.078623][T14537] dump_stack_lvl+0x16c/0x1f0 [ 552.078668][T14537] warn_alloc+0x248/0x3a0 [ 552.078704][T14537] ? __pfx_warn_alloc+0x10/0x10 [ 552.078749][T14537] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 552.078797][T14537] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 552.078846][T14537] ? __pfx___might_resched+0x10/0x10 [ 552.078881][T14537] ? rcu_is_watching+0x12/0xc0 [ 552.078914][T14537] ? trace_contention_end+0xdd/0x130 [ 552.078958][T14537] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 552.079009][T14537] ? tomoyo_path_number_perm+0x295/0x580 [ 552.079049][T14537] ? rcu_is_watching+0x12/0xc0 [ 552.079081][T14537] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 552.079112][T14537] ? __pfx___mutex_lock+0x10/0x10 [ 552.079160][T14537] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 552.079211][T14537] __vmalloc_node_noprof+0xad/0xf0 [ 552.079240][T14537] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 552.079294][T14537] dvb_demux_do_ioctl+0x54e/0x12f0 [ 552.079361][T14537] ? do_vfs_ioctl+0x128/0x14f0 [ 552.079414][T14537] dvb_usercopy+0x167/0x340 [ 552.079456][T14537] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 552.079506][T14537] ? __pfx_dvb_usercopy+0x10/0x10 [ 552.079556][T14537] ? __fget_files+0x20e/0x3c0 [ 552.079594][T14537] dvb_demux_ioctl+0x29/0x40 [ 552.079640][T14537] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 552.079686][T14537] __x64_sys_ioctl+0x18e/0x210 [ 552.079736][T14537] do_syscall_64+0xcd/0x490 [ 552.079777][T14537] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.079811][T14537] RIP: 0033:0x7f335778ebe9 [ 552.079835][T14537] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 552.079868][T14537] RSP: 002b:00007f335858f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 552.079898][T14537] RAX: ffffffffffffffda RBX: 00007f33579b5fa0 RCX: 00007f335778ebe9 [ 552.079918][T14537] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 552.079938][T14537] RBP: 00007f3357811e19 R08: 0000000000000000 R09: 0000000000000000 [ 552.079959][T14537] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 552.079980][T14537] R13: 00007f33579b6038 R14: 00007f33579b5fa0 R15: 00007ffc3a01eb38 [ 552.080010][T14537] [ 552.084523][T14537] Mem-Info: [ 552.373661][T14537] active_anon:11891 inactive_anon:2613 isolated_anon:0 [ 552.373661][T14537] active_file:15860 inactive_file:40539 isolated_file:0 [ 552.373661][T14537] unevictable:768 dirty:615 writeback:0 [ 552.373661][T14537] slab_reclaimable:11957 slab_unreclaimable:94526 [ 552.373661][T14537] mapped:25395 shmem:1357 pagetables:1285 [ 552.373661][T14537] sec_pagetables:0 bounce:0 [ 552.373661][T14537] kernel_misc_reclaimable:0 [ 552.373661][T14537] free:1303521 free_pcp:16453 free_cma:0 [ 552.489506][T14552] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(4.131072.4294967293), cmd(3) [ 552.522625][T14537] Node 0 active_anon:47464kB inactive_anon:8852kB active_file:63436kB inactive_file:162028kB unevictable:1536kB isolated(anon):2000kB isolated(file):0kB mapped:105580kB dirty:2460kB writeback:0kB shmem:3892kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11256kB pagetables:4788kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 552.555110][ C0] vkms_vblank_simulate: vblank timer overrun [ 552.570562][T14555] scsi_strcpy_devinfo: vendor string 'íÙ/&cžÀ~n] ò | [ 552.570562][T14555] MÅ' is too long [ 552.581891][T14555] scsi_strcpy_devinfo: model string '’Dd5‚ ÕK€2bÛ [ 552.581891][T14555] ††½WÏõ›ú «ú' is too long [ 552.630570][T14537] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 552.660449][ C0] vkms_vblank_simulate: vblank timer overrun [ 552.670600][T14557] FAULT_INJECTION: forcing a failure. [ 552.670600][T14557] name failslab, interval 1, probability 0, space 0, times 0 [ 552.697047][T14557] CPU: 0 UID: 0 PID: 14557 Comm: syz.0.1996 Tainted: G U syzkaller #0 PREEMPT(full) [ 552.697099][T14557] Tainted: [U]=USER [ 552.697111][T14557] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 552.697131][T14557] Call Trace: [ 552.697153][T14557] [ 552.697164][T14557] dump_stack_lvl+0x16c/0x1f0 [ 552.697208][T14557] should_fail_ex+0x512/0x640 [ 552.697254][T14557] should_failslab+0xc2/0x120 [ 552.697294][T14557] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 552.697330][T14557] ? skb_clone+0x190/0x3f0 [ 552.697389][T14557] skb_clone+0x190/0x3f0 [ 552.697431][T14557] netlink_deliver_tap+0xabd/0xd30 [ 552.697487][T14557] netlink_unicast+0x64c/0x870 [ 552.697530][T14557] ? __pfx_netlink_unicast+0x10/0x10 [ 552.697570][T14557] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 552.697616][T14557] netlink_sendmsg+0x8d1/0xdd0 [ 552.697658][T14557] ? __pfx_netlink_sendmsg+0x10/0x10 [ 552.697700][T14557] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 552.697735][T14557] __sys_sendto+0x4a3/0x520 [ 552.697768][T14557] ? __pfx___sys_sendto+0x10/0x10 [ 552.697809][T14557] ? handle_mm_fault+0x2ab/0xd10 [ 552.697837][T14557] ? rcu_is_watching+0x12/0xc0 [ 552.697874][T14557] ? rcu_watching_snap_stopped_since+0x101/0x110 [ 552.697913][T14557] __x64_sys_sendto+0xe0/0x1c0 [ 552.697947][T14557] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 552.698007][T14557] do_syscall_64+0xcd/0x490 [ 552.698051][T14557] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 552.698082][T14557] RIP: 0033:0x7efc89b90a7c [ 552.698105][T14557] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 552.698137][T14557] RSP: 002b:00007efc8a93aec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 552.698166][T14557] RAX: ffffffffffffffda RBX: 00007efc8a93afc0 RCX: 00007efc89b90a7c [ 552.698188][T14557] RDX: 0000000000000020 RSI: 00007efc8a93b010 RDI: 0000000000000009 [ 552.698208][T14557] RBP: 0000000000000000 R08: 00007efc8a93af14 R09: 000000000000000c [ 552.698228][T14557] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000009 [ 552.698249][T14557] R13: 00007efc8a93af68 R14: 00007efc8a93b010 R15: 0000000000000000 [ 552.698276][T14557] [ 552.766990][T14537] Node 0 [ 552.896724][T14561] device-mapper: ioctl: only supply one of name or uuid, cmd(11) [ 552.928982][T14537] DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 553.008120][T14537] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 553.014037][T14537] Node 0 DMA32 free:1302616kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:47420kB inactive_anon:10252kB active_file:62188kB inactive_file:161956kB unevictable:1536kB writepending:2760kB present:3129332kB managed:2539600kB mlocked:0kB bounce:0kB free_pcp:41816kB local_pcp:16800kB free_cma:0kB [ 553.060103][T14537] lowmem_reserve[]: 0 0 1 1 1 [ 553.077461][T14537] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1248kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 553.124624][T14537] lowmem_reserve[]: 0 0 0 0 0 [ 553.141760][T14537] Node 1 Normal free:3895640kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:24140kB local_pcp:18872kB free_cma:0kB [ 553.184607][T14537] lowmem_reserve[]: 0 0 0 0 0 [ 553.190876][T14537] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 553.204858][T14537] Node 0 DMA32: 1254*4kB (M) 1429*8kB (M) 1411*16kB (UME) 1037*32kB (M) 565*64kB (ME) 300*128kB (UME) 131*256kB (UME) 88*512kB (UME) 37*1024kB (UM) 12*2048kB (UME) 248*4096kB (UM) = 1303632kB [ 553.226319][T14537] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 553.239201][T14537] Node 1 Normal: 128*4kB (UME) 55*8kB (UME) 44*16kB (UME) 139*32kB (UME) 58*64kB (UME) 12*128kB (UME) 5*256kB (UME) 0*512kB 4*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3895640kB [ 553.243177][T14551] bond0: option xmit_hash_policy: invalid value (0x00060000) [ 553.257336][T14537] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 553.257370][T14537] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB [ 553.257397][T14537] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 553.257426][T14537] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 553.257451][T14537] 57788 total pagecache pages [ 553.257465][T14537] 37 pages in swap cache [ 553.312607][T14537] Free swap = 124848kB [ 553.318266][T14537] Total swap = 124996kB [ 553.322469][T14537] 2097051 pages RAM [ 553.326591][T14537] 0 pages HighMem/MovableOnly [ 553.331859][T14537] 430189 pages reserved [ 553.336103][T14537] 0 pages cma reserved [ 553.768965][T14569] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1999'. [ 553.807627][T14569] netlink: 294 bytes leftover after parsing attributes in process `syz.3.1999'. [ 554.025429][T14575] FAULT_INJECTION: forcing a failure. [ 554.025429][T14575] name failslab, interval 1, probability 0, space 0, times 0 [ 554.105961][T14575] CPU: 1 UID: 0 PID: 14575 Comm: syz.3.1999 Tainted: G U syzkaller #0 PREEMPT(full) [ 554.106025][T14575] Tainted: [U]=USER [ 554.106036][T14575] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 554.106055][T14575] Call Trace: [ 554.106067][T14575] [ 554.106079][T14575] dump_stack_lvl+0x16c/0x1f0 [ 554.106124][T14575] should_fail_ex+0x512/0x640 [ 554.106173][T14575] should_failslab+0xc2/0x120 [ 554.106218][T14575] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 554.106263][T14575] ? trace_kmem_cache_alloc+0x28/0xc0 [ 554.106313][T14575] ? key_alloc+0x43e/0x1330 [ 554.106356][T14575] kmemdup_noprof+0x29/0x60 [ 554.106395][T14575] key_alloc+0x43e/0x1330 [ 554.106445][T14575] ? __pfx_key_alloc+0x10/0x10 [ 554.106487][T14575] ? __pfx_key_default_cmp+0x10/0x10 [ 554.106536][T14575] ? __pfx_keyring_search_iterator+0x10/0x10 [ 554.106587][T14575] keyring_alloc+0x44/0xc0 [ 554.106635][T14575] look_up_user_keyrings+0x510/0x760 [ 554.106676][T14575] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 554.106716][T14575] ? __pfx_futex_wake+0x10/0x10 [ 554.106762][T14575] ? lock_release+0x201/0x2f0 [ 554.106819][T14575] lookup_user_key+0x1a3/0x1300 [ 554.106859][T14575] ? __pfx_lookup_user_key+0x10/0x10 [ 554.106896][T14575] ? do_futex+0x122/0x350 [ 554.106939][T14575] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 554.106982][T14575] ? fput+0x9b/0xd0 [ 554.107027][T14575] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 554.107075][T14575] keyctl_keyring_clear+0x24/0x1a0 [ 554.107109][T14575] __do_sys_keyctl+0x355/0x590 [ 554.107147][T14575] do_syscall_64+0xcd/0x490 [ 554.107192][T14575] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.107225][T14575] RIP: 0033:0x7f335778ebe9 [ 554.107249][T14575] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 554.107282][T14575] RSP: 002b:00007f335856e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 554.107312][T14575] RAX: ffffffffffffffda RBX: 00007f33579b6090 RCX: 00007f335778ebe9 [ 554.107334][T14575] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 554.107354][T14575] RBP: 00007f3357811e19 R08: 0000000000000008 R09: 0000000000000000 [ 554.107384][T14575] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 554.107403][T14575] R13: 00007f33579b6128 R14: 00007f33579b6090 R15: 00007ffc3a01eb38 [ 554.107431][T14575] [ 554.357204][T14584] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 555.090471][T14601] can: request_module (can-proto-3) failed. [ 555.303300][T14608] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 555.851766][T14614] device-mapper: ioctl: only supply one of name or uuid, cmd(11) [ 556.162863][T14622] vhci_hcd: invalid port number 21 [ 556.208470][T14620] vivid-007: ================= START STATUS ================= [ 556.216169][T14620] vivid-007: Generate PTS: true [ 556.327478][T14620] vivid-007: Generate SCR: true [ 556.340249][T14620] tpg source WxH: 320x240 (Y'CbCr) [ 556.356035][T14620] tpg field: 1 [ 556.360931][T14620] tpg crop: (0,0)/320x240 [ 556.366344][T14620] tpg compose: (0,0)/320x240 [ 556.375755][T14620] tpg colorspace: 8 [ 556.416026][T14620] tpg transfer function: 0/0 [ 556.508887][T14620] tpg Y'CbCr encoding: 0/0 [ 556.542500][T14620] tpg quantization: 0/0 [ 556.558572][T14620] tpg RGB range: 0/2 [ 556.578313][T14620] vivid-007: ================== END STATUS ================== [ 557.710071][T14650] FAULT_INJECTION: forcing a failure. [ 557.710071][T14650] name failslab, interval 1, probability 0, space 0, times 0 [ 557.731507][T14653] FAULT_INJECTION: forcing a failure. [ 557.731507][T14653] name failslab, interval 1, probability 0, space 0, times 0 [ 557.774931][T14650] CPU: 0 UID: 0 PID: 14650 Comm: syz.0.2019 Tainted: G U syzkaller #0 PREEMPT(full) [ 557.774987][T14650] Tainted: [U]=USER [ 557.774999][T14650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.775021][T14650] Call Trace: [ 557.775032][T14650] [ 557.775044][T14650] dump_stack_lvl+0x16c/0x1f0 [ 557.775093][T14650] should_fail_ex+0x512/0x640 [ 557.775150][T14650] should_failslab+0xc2/0x120 [ 557.775196][T14650] __kmalloc_cache_noprof+0x6a/0x3e0 [ 557.775232][T14650] ? tty_alloc_file+0x3f/0xa0 [ 557.775277][T14650] ? __pfx_ptmx_open+0x10/0x10 [ 557.775314][T14650] tty_alloc_file+0x3f/0xa0 [ 557.775357][T14650] ptmx_open+0x61/0x360 [ 557.775389][T14650] ? __pfx_ptmx_open+0x10/0x10 [ 557.775420][T14650] chrdev_open+0x231/0x6a0 [ 557.775456][T14650] ? __pfx_apparmor_file_open+0x10/0x10 [ 557.775498][T14650] ? __pfx_chrdev_open+0x10/0x10 [ 557.775537][T14650] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 557.775574][T14650] do_dentry_open+0x97f/0x1530 [ 557.775609][T14650] ? __pfx_chrdev_open+0x10/0x10 [ 557.775650][T14650] vfs_open+0x82/0x3f0 [ 557.775692][T14650] path_openat+0x1de4/0x2cb0 [ 557.775731][T14650] ? __pfx_path_openat+0x10/0x10 [ 557.775770][T14650] do_filp_open+0x20b/0x470 [ 557.775803][T14650] ? __pfx_do_filp_open+0x10/0x10 [ 557.775861][T14650] ? alloc_fd+0x471/0x7d0 [ 557.775893][T14650] do_sys_openat2+0x11b/0x1d0 [ 557.775934][T14650] ? __pfx_do_sys_openat2+0x10/0x10 [ 557.775983][T14650] __x64_sys_openat+0x174/0x210 [ 557.776025][T14650] ? __pfx___x64_sys_openat+0x10/0x10 [ 557.776076][T14650] do_syscall_64+0xcd/0x490 [ 557.776114][T14650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.776143][T14650] RIP: 0033:0x7efc89b8ebe9 [ 557.776164][T14650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.776194][T14650] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 557.776221][T14650] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 557.776240][T14650] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 557.776260][T14650] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.776278][T14650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.776295][T14650] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 557.776324][T14650] [ 557.776342][T14653] CPU: 1 UID: 0 PID: 14653 Comm: syz.1.2021 Tainted: G U syzkaller #0 PREEMPT(full) [ 557.776389][T14653] Tainted: [U]=USER [ 557.776403][T14653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 557.776423][T14653] Call Trace: [ 557.776433][T14653] [ 557.776443][T14653] dump_stack_lvl+0x16c/0x1f0 [ 557.776481][T14653] should_fail_ex+0x512/0x640 [ 557.776528][T14653] should_failslab+0xc2/0x120 [ 557.776570][T14653] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 557.776627][T14653] ? do_raw_spin_unlock+0x172/0x230 [ 557.776676][T14653] ? prepare_kernel_cred+0x35/0x750 [ 557.776724][T14653] ? _raw_spin_unlock+0x28/0x50 [ 557.776769][T14653] prepare_kernel_cred+0x35/0x750 [ 557.776821][T14653] _request_firmware+0x3ae/0x1470 [ 557.776863][T14653] ? assign_fw+0x1cb/0x640 [ 557.776901][T14653] ? _request_firmware+0x957/0x1470 [ 557.776949][T14653] ? __pfx__request_firmware+0x10/0x10 [ 557.777002][T14653] request_firmware+0x35/0x50 [ 557.777048][T14653] valid_regdb+0x184/0x590 [ 557.777091][T14653] ? __pfx___mutex_lock+0x10/0x10 [ 557.777142][T14653] ? __pfx_valid_regdb+0x10/0x10 [ 557.777191][T14653] reg_reload_regdb+0x11a/0x460 [ 557.777241][T14653] ? __pfx_reg_reload_regdb+0x10/0x10 [ 557.777294][T14653] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 557.777333][T14653] ? nl80211_pre_doit+0x1b0/0xb10 [ 557.777373][T14653] genl_family_rcv_msg_doit+0x206/0x2f0 [ 557.777434][T14653] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 557.777491][T14653] ? rcu_is_watching+0x12/0xc0 [ 557.777536][T14653] ? bpf_lsm_capable+0x9/0x10 [ 557.777571][T14653] ? security_capable+0x7e/0x260 [ 557.777611][T14653] genl_rcv_msg+0x55c/0x800 [ 557.777669][T14653] ? __pfx_genl_rcv_msg+0x10/0x10 [ 557.777727][T14653] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 557.777774][T14653] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 557.777835][T14653] ? __pfx_nl80211_post_doit+0x10/0x10 [ 557.777895][T14653] netlink_rcv_skb+0x155/0x420 [ 557.777942][T14653] ? __pfx_genl_rcv_msg+0x10/0x10 [ 557.777998][T14653] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 557.778056][T14653] ? netlink_deliver_tap+0x1ae/0xd30 [ 557.778105][T14653] genl_rcv+0x28/0x40 [ 557.778156][T14653] netlink_unicast+0x5aa/0x870 [ 557.778206][T14653] ? __pfx_netlink_unicast+0x10/0x10 [ 557.778255][T14653] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 557.778310][T14653] netlink_sendmsg+0x8d1/0xdd0 [ 557.778366][T14653] ? __pfx_netlink_sendmsg+0x10/0x10 [ 557.778418][T14653] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 557.778480][T14653] ____sys_sendmsg+0xa95/0xc70 [ 557.778541][T14653] ? copy_msghdr_from_user+0x10a/0x160 [ 557.778589][T14653] ? __pfx_____sys_sendmsg+0x10/0x10 [ 557.778654][T14653] ? __pfx_futex_wake_mark+0x10/0x10 [ 557.778714][T14653] ___sys_sendmsg+0x134/0x1d0 [ 557.778865][T14653] ? __pfx____sys_sendmsg+0x10/0x10 [ 557.778915][T14653] ? futex_private_hash_put+0x11c/0x300 [ 557.778969][T14653] ? rcu_is_watching+0x12/0xc0 [ 557.779021][T14653] __sys_sendmsg+0x16d/0x220 [ 557.779070][T14653] ? __pfx___sys_sendmsg+0x10/0x10 [ 557.779115][T14653] ? __x64_sys_futex+0x1e0/0x4c0 [ 557.779175][T14653] do_syscall_64+0xcd/0x490 [ 557.779226][T14653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.779264][T14653] RIP: 0033:0x7fd3d498ebe9 [ 557.779291][T14653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 557.779327][T14653] RSP: 002b:00007fd3d58b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 557.779365][T14653] RAX: ffffffffffffffda RBX: 00007fd3d4bb5fa0 RCX: 00007fd3d498ebe9 [ 557.779392][T14653] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000006 [ 557.779416][T14653] RBP: 00007fd3d4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 557.779438][T14653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 557.779460][T14653] R13: 00007fd3d4bb6038 R14: 00007fd3d4bb5fa0 R15: 00007fff31d651f8 [ 557.779496][T14653] [ 558.498480][T14658] FAULT_INJECTION: forcing a failure. [ 558.498480][T14658] name failslab, interval 1, probability 0, space 0, times 0 [ 558.515044][T14658] CPU: 0 UID: 0 PID: 14658 Comm: syz.2.2022 Tainted: G U syzkaller #0 PREEMPT(full) [ 558.515094][T14658] Tainted: [U]=USER [ 558.515105][T14658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 558.515125][T14658] Call Trace: [ 558.515135][T14658] [ 558.515147][T14658] dump_stack_lvl+0x16c/0x1f0 [ 558.515191][T14658] should_fail_ex+0x512/0x640 [ 558.515237][T14658] ? apply_wqattrs_prepare+0xf8/0xbd0 [ 558.515273][T14658] should_failslab+0xc2/0x120 [ 558.515316][T14658] __kmalloc_noprof+0xd2/0x510 [ 558.515357][T14658] apply_wqattrs_prepare+0xf8/0xbd0 [ 558.515399][T14658] workqueue_apply_unbound_cpumask+0x17e/0x4f0 [ 558.515441][T14658] ? __pfx_workqueue_apply_unbound_cpumask+0x10/0x10 [ 558.515493][T14658] ? bitmap_parse+0x327/0x410 [ 558.515531][T14658] cpumask_store+0x1ad/0x220 [ 558.515567][T14658] ? __pfx_cpumask_store+0x10/0x10 [ 558.515605][T14658] ? sysfs_file_kobj+0xe4/0x290 [ 558.515639][T14658] ? rcu_is_watching+0x12/0xc0 [ 558.515675][T14658] ? __pfx_cpumask_store+0x10/0x10 [ 558.515711][T14658] dev_attr_store+0x58/0x80 [ 558.515760][T14658] ? __pfx_dev_attr_store+0x10/0x10 [ 558.515809][T14658] sysfs_kf_write+0xf2/0x150 [ 558.515847][T14658] kernfs_fop_write_iter+0x354/0x510 [ 558.515878][T14658] ? __pfx_sysfs_kf_write+0x10/0x10 [ 558.515916][T14658] vfs_write+0x7d0/0x11d0 [ 558.515955][T14658] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 558.515989][T14658] ? __pfx___mutex_lock+0x10/0x10 [ 558.516033][T14658] ? __pfx_vfs_write+0x10/0x10 [ 558.516084][T14658] ksys_write+0x12a/0x250 [ 558.516121][T14658] ? __pfx_ksys_write+0x10/0x10 [ 558.516165][T14658] do_syscall_64+0xcd/0x490 [ 558.516209][T14658] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 558.516243][T14658] RIP: 0033:0x7f261cd8ebe9 [ 558.516268][T14658] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 558.516301][T14658] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 558.516333][T14658] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 558.516356][T14658] RDX: 0000000000000005 RSI: 0000200000000180 RDI: 0000000000000004 [ 558.516376][T14658] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 558.516395][T14658] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 558.516414][T14658] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 558.516443][T14658] [ 558.991712][T14674] FAULT_INJECTION: forcing a failure. [ 558.991712][T14674] name failslab, interval 1, probability 0, space 0, times 0 [ 559.005183][T14674] CPU: 0 UID: 0 PID: 14674 Comm: syz.0.2027 Tainted: G U syzkaller #0 PREEMPT(full) [ 559.005237][T14674] Tainted: [U]=USER [ 559.005250][T14674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 559.005272][T14674] Call Trace: [ 559.005283][T14674] [ 559.005295][T14674] dump_stack_lvl+0x16c/0x1f0 [ 559.005343][T14674] should_fail_ex+0x512/0x640 [ 559.005395][T14674] should_failslab+0xc2/0x120 [ 559.005441][T14674] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 559.005493][T14674] ? create_new_namespaces+0x30/0xa90 [ 559.005536][T14674] create_new_namespaces+0x30/0xa90 [ 559.005575][T14674] ? bpf_lsm_capable+0x9/0x10 [ 559.005606][T14674] ? security_capable+0x7e/0x260 [ 559.005641][T14674] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 559.005683][T14674] ksys_unshare+0x45b/0xa40 [ 559.005730][T14674] ? __pfx_ksys_unshare+0x10/0x10 [ 559.005778][T14674] ? xfd_validate_state+0x61/0x180 [ 559.005835][T14674] __x64_sys_unshare+0x31/0x40 [ 559.005882][T14674] do_syscall_64+0xcd/0x490 [ 559.005928][T14674] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 559.005963][T14674] RIP: 0033:0x7efc89b8ebe9 [ 559.005989][T14674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 559.006024][T14674] RSP: 002b:00007efc8a93c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 559.006057][T14674] RAX: ffffffffffffffda RBX: 00007efc89db6090 RCX: 00007efc89b8ebe9 [ 559.006080][T14674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 559.006113][T14674] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 559.006134][T14674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 559.006155][T14674] R13: 00007efc89db6128 R14: 00007efc89db6090 R15: 00007ffddc983b68 [ 559.006205][T14674] [ 559.301909][T14679] tc_dump_action: action bad kind [ 559.383153][T14672] zswap: compressor not available [ 560.358271][T14707] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2038'. [ 560.828604][T14720] FAULT_INJECTION: forcing a failure. [ 560.828604][T14720] name failslab, interval 1, probability 0, space 0, times 0 [ 560.919146][T14720] CPU: 1 UID: 0 PID: 14720 Comm: syz.0.2042 Tainted: G U syzkaller #0 PREEMPT(full) [ 560.919192][T14720] Tainted: [U]=USER [ 560.919203][T14720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 560.919267][T14720] Call Trace: [ 560.919275][T14720] [ 560.919283][T14720] dump_stack_lvl+0x16c/0x1f0 [ 560.919316][T14720] should_fail_ex+0x512/0x640 [ 560.919352][T14720] ? iter_file_splice_write+0x1cc/0x12e0 [ 560.919378][T14720] should_failslab+0xc2/0x120 [ 560.919408][T14720] __kmalloc_noprof+0xd2/0x510 [ 560.919438][T14720] iter_file_splice_write+0x1cc/0x12e0 [ 560.919463][T14720] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 560.919502][T14720] ? kfree+0x2b4/0x4d0 [ 560.919525][T14720] ? copy_splice_read+0x89c/0xc20 [ 560.919547][T14720] ? __pfx_iter_file_splice_write+0x10/0x10 [ 560.919574][T14720] ? __pfx_copy_splice_read+0x10/0x10 [ 560.919598][T14720] ? look_up_lock_class+0x59/0x150 [ 560.919629][T14720] ? __pfx___might_resched+0x10/0x10 [ 560.919652][T14720] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 560.919680][T14720] ? __pfx_iter_file_splice_write+0x10/0x10 [ 560.919706][T14720] direct_splice_actor+0x192/0x6c0 [ 560.919732][T14720] splice_direct_to_actor+0x345/0xa30 [ 560.919756][T14720] ? __pfx_direct_splice_actor+0x10/0x10 [ 560.919782][T14720] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 560.919810][T14720] do_splice_direct+0x174/0x240 [ 560.919833][T14720] ? __pfx_do_splice_direct+0x10/0x10 [ 560.919860][T14720] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 560.919883][T14720] ? bpf_lsm_file_permission+0x9/0x10 [ 560.919916][T14720] ? security_file_permission+0x71/0x210 [ 560.919948][T14720] ? rw_verify_area+0xcf/0x6c0 [ 560.919977][T14720] do_sendfile+0xb06/0xe50 [ 560.920003][T14720] ? __pfx_do_sendfile+0x10/0x10 [ 560.920028][T14720] ? __fget_files+0x20e/0x3c0 [ 560.920056][T14720] __x64_sys_sendfile64+0x1d8/0x220 [ 560.920087][T14720] ? ksys_write+0x1ac/0x250 [ 560.920112][T14720] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 560.920148][T14720] do_syscall_64+0xcd/0x490 [ 560.920178][T14720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 560.920202][T14720] RIP: 0033:0x7efc89b8ebe9 [ 560.920227][T14720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 560.920251][T14720] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 560.920272][T14720] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 560.920287][T14720] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 560.920300][T14720] RBP: 00007efc8a95d090 R08: 0000000000000000 R09: 0000000000000000 [ 560.920314][T14720] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000001 [ 560.920328][T14720] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 560.920349][T14720] [ 561.488496][T14724] random: crng reseeded on system resumption [ 561.806576][T14730] bond0: option xmit_hash_policy: invalid value () [ 562.294910][T14745] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2048'. [ 562.320259][T14749] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2049'. [ 562.516000][ T5876] Bluetooth: hci3: unexpected subevent 0x12 length: 123 > 5 [ 562.529242][T14755] FAULT_INJECTION: forcing a failure. [ 562.529242][T14755] name failslab, interval 1, probability 0, space 0, times 0 [ 562.568116][T14755] CPU: 0 UID: 0 PID: 14755 Comm: syz.0.2051 Tainted: G U syzkaller #0 PREEMPT(full) [ 562.568181][T14755] Tainted: [U]=USER [ 562.568199][T14755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 562.568220][T14755] Call Trace: [ 562.568232][T14755] [ 562.568248][T14755] dump_stack_lvl+0x16c/0x1f0 [ 562.568299][T14755] should_fail_ex+0x512/0x640 [ 562.568356][T14755] should_failslab+0xc2/0x120 [ 562.568422][T14755] __kmalloc_cache_noprof+0x6a/0x3e0 [ 562.568460][T14755] ? ptmx_open+0xdb/0x360 [ 562.568494][T14755] ? rcu_is_watching+0x12/0xc0 [ 562.568527][T14755] ? alloc_tty_struct+0x96/0x8c0 [ 562.568576][T14755] alloc_tty_struct+0x96/0x8c0 [ 562.568626][T14755] ? __pfx___mutex_lock+0x10/0x10 [ 562.568672][T14755] ? __pfx_alloc_tty_struct+0x10/0x10 [ 562.568727][T14755] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 562.568777][T14755] tty_init_dev.part.0+0x1e/0x500 [ 562.568831][T14755] tty_init_dev+0x60/0x80 [ 562.568878][T14755] ? __pfx_ptmx_open+0x10/0x10 [ 562.568917][T14755] ptmx_open+0x10d/0x360 [ 562.568956][T14755] ? __pfx_ptmx_open+0x10/0x10 [ 562.568992][T14755] chrdev_open+0x231/0x6a0 [ 562.569038][T14755] ? __pfx_apparmor_file_open+0x10/0x10 [ 562.569093][T14755] ? __pfx_chrdev_open+0x10/0x10 [ 562.569160][T14755] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 562.569210][T14755] do_dentry_open+0x97f/0x1530 [ 562.569257][T14755] ? __pfx_chrdev_open+0x10/0x10 [ 562.569311][T14755] vfs_open+0x82/0x3f0 [ 562.569380][T14755] path_openat+0x1de4/0x2cb0 [ 562.569429][T14755] ? __pfx_path_openat+0x10/0x10 [ 562.569478][T14755] do_filp_open+0x20b/0x470 [ 562.569516][T14755] ? __pfx_do_filp_open+0x10/0x10 [ 562.569573][T14755] ? alloc_fd+0x471/0x7d0 [ 562.569617][T14755] do_sys_openat2+0x11b/0x1d0 [ 562.569671][T14755] ? __pfx_do_sys_openat2+0x10/0x10 [ 562.569735][T14755] __x64_sys_openat+0x174/0x210 [ 562.569786][T14755] ? __pfx___x64_sys_openat+0x10/0x10 [ 562.569844][T14755] do_syscall_64+0xcd/0x490 [ 562.569887][T14755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.569919][T14755] RIP: 0033:0x7efc89b8ebe9 [ 562.569943][T14755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.569974][T14755] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 562.570006][T14755] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 562.570034][T14755] RDX: 0000000000006180 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 562.570057][T14755] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 562.570090][T14755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.570111][T14755] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 562.570149][T14755] [ 562.864913][T14755] warn_alloc: 1 callbacks suppressed [ 562.864933][T14755] syz.0.2051: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 562.884784][T14755] CPU: 0 UID: 0 PID: 14755 Comm: syz.0.2051 Tainted: G U syzkaller #0 PREEMPT(full) [ 562.884834][T14755] Tainted: [U]=USER [ 562.884846][T14755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 562.884869][T14755] Call Trace: [ 562.884881][T14755] [ 562.884894][T14755] dump_stack_lvl+0x16c/0x1f0 [ 562.884943][T14755] warn_alloc+0x248/0x3a0 [ 562.884983][T14755] ? __pfx_warn_alloc+0x10/0x10 [ 562.885034][T14755] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 562.885091][T14755] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 562.885136][T14755] ? __pfx___might_resched+0x10/0x10 [ 562.885173][T14755] ? rcu_is_watching+0x12/0xc0 [ 562.885208][T14755] ? trace_contention_end+0xdd/0x130 [ 562.885257][T14755] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 562.885314][T14755] ? tomoyo_path_number_perm+0x295/0x580 [ 562.885356][T14755] ? rcu_is_watching+0x12/0xc0 [ 562.885392][T14755] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 562.885426][T14755] ? __pfx___mutex_lock+0x10/0x10 [ 562.885478][T14755] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 562.885531][T14755] __vmalloc_node_noprof+0xad/0xf0 [ 562.885562][T14755] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 562.885615][T14755] dvb_demux_do_ioctl+0x54e/0x12f0 [ 562.885668][T14755] ? do_vfs_ioctl+0x128/0x14f0 [ 562.885723][T14755] dvb_usercopy+0x167/0x340 [ 562.885769][T14755] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 562.885835][T14755] ? __pfx_dvb_usercopy+0x10/0x10 [ 562.885887][T14755] ? __fget_files+0x20e/0x3c0 [ 562.885925][T14755] dvb_demux_ioctl+0x29/0x40 [ 562.885972][T14755] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 562.886020][T14755] __x64_sys_ioctl+0x18e/0x210 [ 562.886072][T14755] do_syscall_64+0xcd/0x490 [ 562.886116][T14755] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 562.886160][T14755] RIP: 0033:0x7efc89b8ebe9 [ 562.886187][T14755] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 562.886220][T14755] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 562.886251][T14755] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 562.886274][T14755] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 562.886295][T14755] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 562.886317][T14755] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 562.886337][T14755] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 562.886368][T14755] [ 562.886379][T14755] Mem-Info: [ 563.150131][T14755] active_anon:11870 inactive_anon:29098 isolated_anon:0 [ 563.150131][T14755] active_file:15811 inactive_file:40724 isolated_file:0 [ 563.150131][T14755] unevictable:778 dirty:926 writeback:0 [ 563.150131][T14755] slab_reclaimable:11961 slab_unreclaimable:95201 [ 563.150131][T14755] mapped:43807 shmem:28834 pagetables:1337 [ 563.150131][T14755] sec_pagetables:0 bounce:0 [ 563.150131][T14755] kernel_misc_reclaimable:0 [ 563.150131][T14755] free:1270941 free_pcp:23385 free_cma:0 [ 563.150212][T14755] Node 0 active_anon:47480kB inactive_anon:116392kB active_file:63240kB inactive_file:162768kB unevictable:1576kB isolated(anon):0kB isolated(file):0kB mapped:175228kB dirty:3704kB writeback:0kB shmem:113800kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11400kB pagetables:5196kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.150272][T14755] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 563.150327][T14755] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 563.150392][T14755] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 563.150431][T14755] Node 0 DMA32 free:1172052kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:47436kB inactive_anon:116392kB active_file:61992kB inactive_file:162696kB unevictable:1576kB writepending:3704kB present:3129332kB managed:2539600kB mlocked:40kB bounce:0kB free_pcp:69820kB local_pcp:34568kB free_cma:0kB [ 563.150499][T14755] lowmem_reserve[]: 0 0 1 1 1 [ 563.150536][T14755] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1248kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:8kB free_cma:0kB [ 563.150600][T14755] lowmem_reserve[]: 0 0 0 0 0 [ 563.150637][T14755] Node 1 Normal free:3896344kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:23704kB local_pcp:4576kB free_cma:0kB [ 563.150702][T14755] lowmem_reserve[]: 0 0 0 0 0 [ 563.150740][T14755] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 563.150869][T14755] Node 0 DMA32: 13*4kB (UE) 24*8kB (UE) 12*16kB (UE) 77*32kB (U) 7*64kB (UME) 318*128kB (UME) 128*256kB (UME) 95*512kB (UME) 40*1024kB (UM) 11*2048kB (UE) 240*4096kB (UM) = 1171988kB [ 563.151055][T14755] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB [ 563.151172][T14755] Node 1 Normal: 127*4kB (UME) 54*8kB (UE) 44*16kB (UME) 139*32kB (UME) 58*64kB (UME) 12*128kB (UME) 6*256kB (UME) 1*512kB (M) 4*1024kB (UME) 2*2048kB (UE) 946*4096kB (M) = 3896396kB [ 563.151351][T14755] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 563.151370][T14755] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB [ 563.151389][T14755] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 563.151407][T14755] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 563.151425][T14755] 85386 total pagecache pages [ 563.151433][T14755] 21 pages in swap cache [ 563.151442][T14755] Free swap = 124836kB [ 563.151450][T14755] Total swap = 124996kB [ 563.151459][T14755] 2097051 pages RAM [ 563.151467][T14755] 0 pages HighMem/MovableOnly [ 563.151475][T14755] 430189 pages reserved [ 563.151483][T14755] 0 pages cma reserved [ 564.413169][T14774] FAULT_INJECTION: forcing a failure. [ 564.413169][T14774] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 564.474396][T14774] CPU: 1 UID: 0 PID: 14774 Comm: syz.1.2056 Tainted: G U syzkaller #0 PREEMPT(full) [ 564.474447][T14774] Tainted: [U]=USER [ 564.474459][T14774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 564.474480][T14774] Call Trace: [ 564.474491][T14774] [ 564.474503][T14774] dump_stack_lvl+0x16c/0x1f0 [ 564.474548][T14774] should_fail_ex+0x512/0x640 [ 564.474596][T14774] _copy_to_user+0x32/0xd0 [ 564.474632][T14774] simple_read_from_buffer+0xcb/0x170 [ 564.474665][T14774] proc_fail_nth_read+0x197/0x240 [ 564.474699][T14774] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 564.474732][T14774] ? security_file_permission+0x71/0x210 [ 564.474779][T14774] ? rw_verify_area+0xcf/0x6c0 [ 564.474810][T14774] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 564.474844][T14774] vfs_read+0x1e4/0xcf0 [ 564.474881][T14774] ? __pfx___mutex_lock+0x10/0x10 [ 564.474931][T14774] ? __pfx_vfs_read+0x10/0x10 [ 564.474967][T14774] ? __fget_files+0x204/0x3c0 [ 564.475000][T14774] ? rcu_is_watching+0x12/0xc0 [ 564.475036][T14774] ? __fget_files+0x20e/0x3c0 [ 564.475067][T14774] ? ipc_obtain_object_check+0xe0/0x190 [ 564.475121][T14774] ksys_read+0x12a/0x250 [ 564.475156][T14774] ? __pfx_ksys_read+0x10/0x10 [ 564.475196][T14774] do_syscall_64+0xcd/0x490 [ 564.475239][T14774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.475273][T14774] RIP: 0033:0x7fd3d498d5fc [ 564.475297][T14774] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 564.475329][T14774] RSP: 002b:00007fd3d58b7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 564.475359][T14774] RAX: ffffffffffffffda RBX: 00007fd3d4bb5fa0 RCX: 00007fd3d498d5fc [ 564.475379][T14774] RDX: 000000000000000f RSI: 00007fd3d58b70a0 RDI: 0000000000000003 [ 564.475403][T14774] RBP: 00007fd3d58b7090 R08: 0000000000000000 R09: 0000000000000000 [ 564.475423][T14774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 564.475441][T14774] R13: 00007fd3d4bb6038 R14: 00007fd3d4bb5fa0 R15: 00007fff31d651f8 [ 564.475471][T14774] [ 564.821991][T14782] random: crng reseeded on system resumption [ 564.829501][T14783] FAULT_INJECTION: forcing a failure. [ 564.829501][T14783] name failslab, interval 1, probability 0, space 0, times 0 [ 564.880419][T14783] CPU: 1 UID: 0 PID: 14783 Comm: syz.0.2058 Tainted: G U syzkaller #0 PREEMPT(full) [ 564.880468][T14783] Tainted: [U]=USER [ 564.880479][T14783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 564.880499][T14783] Call Trace: [ 564.880509][T14783] [ 564.880520][T14783] dump_stack_lvl+0x16c/0x1f0 [ 564.880566][T14783] should_fail_ex+0x512/0x640 [ 564.880613][T14783] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 564.880660][T14783] should_failslab+0xc2/0x120 [ 564.880703][T14783] __kmalloc_noprof+0xd2/0x510 [ 564.880745][T14783] tomoyo_realpath_from_path+0xc2/0x6e0 [ 564.880793][T14783] ? tomoyo_profile+0x47/0x60 [ 564.880824][T14783] tomoyo_path_number_perm+0x245/0x580 [ 564.880863][T14783] ? tomoyo_path_number_perm+0x237/0x580 [ 564.880916][T14783] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 564.880962][T14783] ? preempt_count_add+0x76/0x150 [ 564.881019][T14783] ? rcu_is_watching+0x12/0xc0 [ 564.881052][T14783] ? __fget_files+0x204/0x3c0 [ 564.881085][T14783] ? hook_file_ioctl_common+0x145/0x410 [ 564.881129][T14783] ? lock_release+0x201/0x2f0 [ 564.881174][T14783] ? __fget_files+0x20e/0x3c0 [ 564.881212][T14783] security_file_ioctl+0x9b/0x240 [ 564.881255][T14783] __x64_sys_ioctl+0xb7/0x210 [ 564.881309][T14783] do_syscall_64+0xcd/0x490 [ 564.881354][T14783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 564.881387][T14783] RIP: 0033:0x7efc89b8ebe9 [ 564.881412][T14783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 564.881446][T14783] RSP: 002b:00007efc8a93c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 564.881475][T14783] RAX: ffffffffffffffda RBX: 00007efc89db6090 RCX: 00007efc89b8ebe9 [ 564.881498][T14783] RDX: 0000000000000000 RSI: 0000000000005609 RDI: 0000000000000007 [ 564.881518][T14783] RBP: 00007efc8a93c090 R08: 0000000000000000 R09: 0000000000000000 [ 564.881538][T14783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 564.881559][T14783] R13: 00007efc89db6128 R14: 00007efc89db6090 R15: 00007ffddc983b68 [ 564.881591][T14783] [ 564.881778][T14783] ERROR: Out of memory at tomoyo_realpath_from_path. [ 565.147164][T14793] futex_wake_op: syz.3.2060 tries to shift op by -9; fix this program [ 566.409067][T14822] ima: policy update failed [ 566.450210][T14822] netlink: 25 bytes leftover after parsing attributes in process `syz.1.2065'. [ 566.470786][ T30] audit: type=1802 audit(4294967556.750:16): pid=14822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2065" res=0 errno=0 [ 567.413561][T14844] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2071'. [ 567.423585][T14844] bridge_slave_1: left allmulticast mode [ 567.442921][T14844] bridge_slave_1: left promiscuous mode [ 567.477324][T14844] bridge0: port 2(bridge_slave_1) entered disabled state [ 567.591296][T14844] bridge_slave_0: left allmulticast mode [ 567.638506][T14844] bridge_slave_0: left promiscuous mode [ 567.654972][T14844] bridge0: port 1(bridge_slave_0) entered disabled state [ 567.777483][T14850] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2073'. [ 567.797560][T14850] netlink: 294 bytes leftover after parsing attributes in process `syz.2.2073'. [ 568.067033][T14852] FAULT_INJECTION: forcing a failure. [ 568.067033][T14852] name fail_futex, interval 1, probability 0, space 0, times 0 [ 568.135158][T14852] CPU: 0 UID: 0 PID: 14852 Comm: syz.2.2073 Tainted: G U syzkaller #0 PREEMPT(full) [ 568.135210][T14852] Tainted: [U]=USER [ 568.135220][T14852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 568.135240][T14852] Call Trace: [ 568.135250][T14852] [ 568.135262][T14852] dump_stack_lvl+0x16c/0x1f0 [ 568.135306][T14852] should_fail_ex+0x512/0x640 [ 568.135353][T14852] get_futex_key+0x293/0x1560 [ 568.135393][T14852] ? __pfx_get_futex_key+0x10/0x10 [ 568.135432][T14852] ? __mutex_trylock_common+0xe9/0x250 [ 568.135475][T14852] ? __pfx___mutex_trylock_common+0x10/0x10 [ 568.135521][T14852] futex_wake+0xea/0x530 [ 568.135568][T14852] ? __pfx_futex_wake+0x10/0x10 [ 568.135610][T14852] ? rcu_is_watching+0x12/0xc0 [ 568.135643][T14852] ? rcu_is_watching+0x12/0xc0 [ 568.135675][T14852] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 568.135719][T14852] do_futex+0x1e3/0x350 [ 568.135747][T14852] ? __pfx_do_futex+0x10/0x10 [ 568.135775][T14852] ? lock_release+0x201/0x2f0 [ 568.135807][T14852] mm_release+0x24e/0x300 [ 568.135840][T14852] do_exit+0x68e/0x2bf0 [ 568.135875][T14852] ? __pfx_do_exit+0x10/0x10 [ 568.135907][T14852] ? do_raw_spin_lock+0x12c/0x2b0 [ 568.135943][T14852] ? get_signal+0x8f5/0x26d0 [ 568.135969][T14852] ? rcu_is_watching+0x12/0xc0 [ 568.135993][T14852] do_group_exit+0xd3/0x2a0 [ 568.136027][T14852] get_signal+0x2673/0x26d0 [ 568.136054][T14852] ? do_raw_spin_lock+0x12c/0x2b0 [ 568.136091][T14852] ? key_payload_reserve+0x2df/0x480 [ 568.136123][T14852] ? __pfx_get_signal+0x10/0x10 [ 568.136149][T14852] ? do_futex+0x122/0x350 [ 568.136177][T14852] ? __pfx_do_futex+0x10/0x10 [ 568.136208][T14852] arch_do_signal_or_restart+0x8f/0x790 [ 568.136239][T14852] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 568.136275][T14852] ? syscall_user_dispatch+0x78/0x140 [ 568.136315][T14852] exit_to_user_mode_loop+0x84/0x110 [ 568.136350][T14852] do_syscall_64+0x3f6/0x490 [ 568.136382][T14852] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.136406][T14852] RIP: 0033:0x7f261cd8ebe9 [ 568.136424][T14852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.136447][T14852] RSP: 002b:00007f261dc910e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 568.136470][T14852] RAX: fffffffffffffe00 RBX: 00007f261cfb6098 RCX: 00007f261cd8ebe9 [ 568.136486][T14852] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f261cfb6098 [ 568.136501][T14852] RBP: 00007f261cfb6090 R08: 0000000000000000 R09: 0000000000000000 [ 568.136515][T14852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.136550][T14852] R13: 00007f261cfb6128 R14: 00007ffcc8c98a30 R15: 00007ffcc8c98b18 [ 568.136577][T14852] [ 568.619442][T14862] FAULT_INJECTION: forcing a failure. [ 568.619442][T14862] name failslab, interval 1, probability 0, space 0, times 0 [ 568.663990][T14856] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2075'. [ 568.701081][T14862] CPU: 1 UID: 0 PID: 14862 Comm: syz.2.2077 Tainted: G U syzkaller #0 PREEMPT(full) [ 568.701120][T14862] Tainted: [U]=USER [ 568.701127][T14862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 568.701142][T14862] Call Trace: [ 568.701150][T14862] [ 568.701159][T14862] dump_stack_lvl+0x16c/0x1f0 [ 568.701193][T14862] should_fail_ex+0x512/0x640 [ 568.701230][T14862] should_failslab+0xc2/0x120 [ 568.701263][T14862] __kmalloc_cache_noprof+0x6a/0x3e0 [ 568.701288][T14862] ? tty_alloc_file+0x3f/0xa0 [ 568.701322][T14862] ? __pfx_ptmx_open+0x10/0x10 [ 568.701348][T14862] tty_alloc_file+0x3f/0xa0 [ 568.701380][T14862] ptmx_open+0x61/0x360 [ 568.701404][T14862] ? __pfx_ptmx_open+0x10/0x10 [ 568.701430][T14862] chrdev_open+0x231/0x6a0 [ 568.701460][T14862] ? __pfx_apparmor_file_open+0x10/0x10 [ 568.701487][T14862] ? __pfx_chrdev_open+0x10/0x10 [ 568.701518][T14862] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 568.701551][T14862] do_dentry_open+0x97f/0x1530 [ 568.701579][T14862] ? __pfx_chrdev_open+0x10/0x10 [ 568.701611][T14862] vfs_open+0x82/0x3f0 [ 568.701646][T14862] path_openat+0x1de4/0x2cb0 [ 568.701678][T14862] ? __pfx_path_openat+0x10/0x10 [ 568.701727][T14862] do_filp_open+0x20b/0x470 [ 568.701755][T14862] ? __pfx_do_filp_open+0x10/0x10 [ 568.701801][T14862] ? alloc_fd+0x471/0x7d0 [ 568.701830][T14862] do_sys_openat2+0x11b/0x1d0 [ 568.701866][T14862] ? __pfx_do_sys_openat2+0x10/0x10 [ 568.701909][T14862] __x64_sys_openat+0x174/0x210 [ 568.701947][T14862] ? __pfx___x64_sys_openat+0x10/0x10 [ 568.701991][T14862] do_syscall_64+0xcd/0x490 [ 568.702023][T14862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 568.702047][T14862] RIP: 0033:0x7f261cd8ebe9 [ 568.702065][T14862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 568.702089][T14862] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 568.702112][T14862] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 568.702128][T14862] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 568.702143][T14862] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 568.702158][T14862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 568.702173][T14862] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 568.702196][T14862] [ 569.768143][T14876] netlink: zone id is out of range [ 569.773375][T14876] netlink: zone id is out of range [ 569.802652][T14876] netlink: zone id is out of range [ 569.812342][T14876] netlink: zone id is out of range [ 569.837236][T14876] netlink: zone id is out of range [ 569.847510][T14876] netlink: zone id is out of range [ 569.852793][T14876] netlink: zone id is out of range [ 569.858290][T14876] netlink: zone id is out of range [ 569.866168][T14876] netlink: zone id is out of range [ 569.907803][T14876] netlink: zone id is out of range [ 571.063995][T14899] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2087'. [ 571.201978][ T24] smpboot: CPU 0 is now offline [ 572.514363][T14919] nbd: must specify an index to disconnect [ 573.205460][T14932] FAULT_INJECTION: forcing a failure. [ 573.205460][T14932] name failslab, interval 1, probability 0, space 0, times 0 [ 573.242057][T14932] CPU: 1 UID: 0 PID: 14932 Comm: syz.0.2096 Tainted: G U syzkaller #0 PREEMPT(full) [ 573.242096][T14932] Tainted: [U]=USER [ 573.242104][T14932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 573.242118][T14932] Call Trace: [ 573.242127][T14932] [ 573.242135][T14932] dump_stack_lvl+0x16c/0x1f0 [ 573.242191][T14932] should_fail_ex+0x512/0x640 [ 573.242229][T14932] should_failslab+0xc2/0x120 [ 573.242262][T14932] __kmalloc_cache_noprof+0x6a/0x3e0 [ 573.242289][T14932] ? rfkill_fop_open+0x1b6/0x750 [ 573.242313][T14932] rfkill_fop_open+0x1b6/0x750 [ 573.242337][T14932] ? __pfx_rfkill_fop_open+0x10/0x10 [ 573.242360][T14932] misc_open+0x35a/0x420 [ 573.242385][T14932] ? __pfx_misc_open+0x10/0x10 [ 573.242411][T14932] chrdev_open+0x231/0x6a0 [ 573.242442][T14932] ? __pfx_apparmor_file_open+0x10/0x10 [ 573.242469][T14932] ? __pfx_chrdev_open+0x10/0x10 [ 573.242502][T14932] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 573.242533][T14932] do_dentry_open+0x97f/0x1530 [ 573.242565][T14932] ? __pfx_chrdev_open+0x10/0x10 [ 573.242599][T14932] vfs_open+0x82/0x3f0 [ 573.242637][T14932] path_openat+0x1de4/0x2cb0 [ 573.242669][T14932] ? __pfx_path_openat+0x10/0x10 [ 573.242702][T14932] do_filp_open+0x20b/0x470 [ 573.242730][T14932] ? __pfx_do_filp_open+0x10/0x10 [ 573.242769][T14932] ? alloc_fd+0x471/0x7d0 [ 573.242798][T14932] do_sys_openat2+0x11b/0x1d0 [ 573.242835][T14932] ? __pfx_do_sys_openat2+0x10/0x10 [ 573.242879][T14932] __x64_sys_openat+0x174/0x210 [ 573.242919][T14932] ? __pfx___x64_sys_openat+0x10/0x10 [ 573.242964][T14932] do_syscall_64+0xcd/0x490 [ 573.242997][T14932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.243022][T14932] RIP: 0033:0x7efc89b8ebe9 [ 573.243040][T14932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.243065][T14932] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 573.243092][T14932] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 573.243109][T14932] RDX: 0000000000000400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 573.243143][T14932] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 573.243163][T14932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 573.243178][T14932] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 573.243201][T14932] [ 573.615935][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.622987][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 574.563777][ C1] sd 0:0:1:0: [sda] tag#725 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_OK cmd_age=0s [ 574.574146][ C1] sd 0:0:1:0: [sda] tag#725 CDB: Write(6) 0a 00 00 00 0b 00 00 00 00 00 00 00 [ 574.721855][T14964] tc_dump_action: action bad kind [ 575.902065][T14987] FAULT_INJECTION: forcing a failure. [ 575.902065][T14987] name failslab, interval 1, probability 0, space 0, times 0 [ 575.973055][T14987] CPU: 1 UID: 0 PID: 14987 Comm: syz.1.2110 Tainted: G U syzkaller #0 PREEMPT(full) [ 575.973095][T14987] Tainted: [U]=USER [ 575.973103][T14987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 575.973119][T14987] Call Trace: [ 575.973127][T14987] [ 575.973137][T14987] dump_stack_lvl+0x16c/0x1f0 [ 575.973171][T14987] should_fail_ex+0x512/0x640 [ 575.973208][T14987] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 575.973249][T14987] should_failslab+0xc2/0x120 [ 575.973282][T14987] __kmalloc_noprof+0xd2/0x510 [ 575.973309][T14987] ? __pfx___mutex_trylock_common+0x10/0x10 [ 575.973346][T14987] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 575.973390][T14987] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 575.973428][T14987] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 575.973465][T14987] ? genl_get_cmd+0x194/0x580 [ 575.973502][T14987] ? __radix_tree_lookup+0x21f/0x2c0 [ 575.973532][T14987] genl_rcv_msg+0x55c/0x800 [ 575.973569][T14987] ? __pfx_genl_rcv_msg+0x10/0x10 [ 575.973606][T14987] ? __pfx_ctrl_getfamily+0x10/0x10 [ 575.973648][T14987] netlink_rcv_skb+0x155/0x420 [ 575.973680][T14987] ? __pfx_genl_rcv_msg+0x10/0x10 [ 575.973716][T14987] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 575.973755][T14987] ? netlink_deliver_tap+0x1ae/0xd30 [ 575.973786][T14987] genl_rcv+0x28/0x40 [ 575.973819][T14987] netlink_unicast+0x5aa/0x870 [ 575.973853][T14987] ? __pfx_netlink_unicast+0x10/0x10 [ 575.973893][T14987] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 575.973929][T14987] netlink_sendmsg+0x8d1/0xdd0 [ 575.973964][T14987] ? __pfx_netlink_sendmsg+0x10/0x10 [ 575.973998][T14987] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 575.974027][T14987] __sys_sendto+0x4a3/0x520 [ 575.974055][T14987] ? __pfx___sys_sendto+0x10/0x10 [ 575.974088][T14987] ? handle_mm_fault+0x2ab/0xd10 [ 575.974115][T14987] ? rcu_is_watching+0x12/0xc0 [ 575.974150][T14987] ? rcu_watching_snap_stopped_since+0x101/0x110 [ 575.974181][T14987] __x64_sys_sendto+0xe0/0x1c0 [ 575.974209][T14987] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 575.974247][T14987] do_syscall_64+0xcd/0x490 [ 575.974281][T14987] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 575.974306][T14987] RIP: 0033:0x7fd3d4990a7c [ 575.974324][T14987] Code: 2a 5f 02 00 44 8b 4c 24 2c 4c 8b 44 24 20 89 c5 44 8b 54 24 28 48 8b 54 24 18 b8 2c 00 00 00 48 8b 74 24 10 8b 7c 24 08 0f 05 <48> 3d 00 f0 ff ff 77 34 89 ef 48 89 44 24 08 e8 70 5f 02 00 48 8b [ 575.974349][T14987] RSP: 002b:00007fd3d58b5ec0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c [ 575.974372][T14987] RAX: ffffffffffffffda RBX: 00007fd3d58b5fc0 RCX: 00007fd3d4990a7c [ 575.974388][T14987] RDX: 0000000000000020 RSI: 00007fd3d58b6010 RDI: 0000000000000006 [ 575.974403][T14987] RBP: 0000000000000000 R08: 00007fd3d58b5f14 R09: 000000000000000c [ 575.974419][T14987] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006 [ 575.974434][T14987] R13: 00007fd3d58b5f68 R14: 00007fd3d58b6010 R15: 0000000000000000 [ 575.974456][T14987] [ 576.522010][T14997] FAULT_INJECTION: forcing a failure. [ 576.522010][T14997] name failslab, interval 1, probability 0, space 0, times 0 [ 576.536919][T14997] CPU: 1 UID: 0 PID: 14997 Comm: syz.1.2114 Tainted: G U syzkaller #0 PREEMPT(full) [ 576.536961][T14997] Tainted: [U]=USER [ 576.536968][T14997] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 576.536983][T14997] Call Trace: [ 576.536990][T14997] [ 576.536999][T14997] dump_stack_lvl+0x16c/0x1f0 [ 576.537032][T14997] should_fail_ex+0x512/0x640 [ 576.537069][T14997] should_failslab+0xc2/0x120 [ 576.537101][T14997] __kvmalloc_node_noprof+0x137/0x620 [ 576.537128][T14997] ? kstrtouint_from_user+0x13c/0x1d0 [ 576.537156][T14997] ? seq_read_iter+0x826/0x12c0 [ 576.537181][T14997] ? seq_read_iter+0x826/0x12c0 [ 576.537201][T14997] seq_read_iter+0x826/0x12c0 [ 576.537221][T14997] ? lock_release+0x201/0x2f0 [ 576.537252][T14997] ? __mutex_trylock_common+0xe9/0x250 [ 576.537288][T14997] kernfs_fop_read_iter+0x40f/0x5a0 [ 576.537310][T14997] ? rw_verify_area+0xcf/0x6c0 [ 576.537334][T14997] vfs_read+0x8bf/0xcf0 [ 576.537361][T14997] ? __pfx___mutex_lock+0x10/0x10 [ 576.537392][T14997] ? __pfx_vfs_read+0x10/0x10 [ 576.537426][T14997] ksys_read+0x12a/0x250 [ 576.537451][T14997] ? __pfx_ksys_read+0x10/0x10 [ 576.537482][T14997] do_syscall_64+0xcd/0x490 [ 576.537513][T14997] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 576.537537][T14997] RIP: 0033:0x7fd3d498ebe9 [ 576.537555][T14997] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 576.537578][T14997] RSP: 002b:00007fd3d58b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 576.537600][T14997] RAX: ffffffffffffffda RBX: 00007fd3d4bb5fa0 RCX: 00007fd3d498ebe9 [ 576.537616][T14997] RDX: 0000000000001000 RSI: 0000200000001b40 RDI: 0000000000000003 [ 576.537630][T14997] RBP: 00007fd3d58b7090 R08: 0000000000000000 R09: 0000000000000000 [ 576.537644][T14997] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 576.537659][T14997] R13: 00007fd3d4bb6038 R14: 00007fd3d4bb5fa0 R15: 00007fff31d651f8 [ 576.537681][T14997] [ 577.557930][T15013] FAULT_INJECTION: forcing a failure. [ 577.557930][T15013] name failslab, interval 1, probability 0, space 0, times 0 [ 577.636560][T15013] CPU: 1 UID: 0 PID: 15013 Comm: syz.1.2118 Tainted: G U syzkaller #0 PREEMPT(full) [ 577.636597][T15013] Tainted: [U]=USER [ 577.636605][T15013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 577.636619][T15013] Call Trace: [ 577.636627][T15013] [ 577.636636][T15013] dump_stack_lvl+0x16c/0x1f0 [ 577.636669][T15013] should_fail_ex+0x512/0x640 [ 577.636705][T15013] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 577.636745][T15013] should_failslab+0xc2/0x120 [ 577.636781][T15013] __kmalloc_noprof+0xd2/0x510 [ 577.636808][T15013] ? __pfx___might_resched+0x10/0x10 [ 577.636834][T15013] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 577.636882][T15013] ? __mutex_lock+0x1c5/0x1060 [ 577.636913][T15013] genl_family_rcv_msg_doit+0xbf/0x2f0 [ 577.636950][T15013] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 577.636986][T15013] ? rcu_is_watching+0x12/0xc0 [ 577.637015][T15013] ? bpf_lsm_capable+0x9/0x10 [ 577.637036][T15013] ? security_capable+0x7e/0x260 [ 577.637062][T15013] genl_rcv_msg+0x55c/0x800 [ 577.637099][T15013] ? __pfx_genl_rcv_msg+0x10/0x10 [ 577.637135][T15013] ? __pfx_gtp_genl_new_pdp+0x10/0x10 [ 577.637172][T15013] netlink_rcv_skb+0x155/0x420 [ 577.637204][T15013] ? __pfx_genl_rcv_msg+0x10/0x10 [ 577.637240][T15013] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 577.637278][T15013] ? netlink_deliver_tap+0x1ae/0xd30 [ 577.637309][T15013] genl_rcv+0x28/0x40 [ 577.637341][T15013] netlink_unicast+0x5aa/0x870 [ 577.637374][T15013] ? __pfx_netlink_unicast+0x10/0x10 [ 577.637405][T15013] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 577.637441][T15013] netlink_sendmsg+0x8d1/0xdd0 [ 577.637474][T15013] ? __pfx_netlink_sendmsg+0x10/0x10 [ 577.637507][T15013] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 577.637534][T15013] ____sys_sendmsg+0xa95/0xc70 [ 577.637570][T15013] ? copy_msghdr_from_user+0x10a/0x160 [ 577.637600][T15013] ? __pfx_____sys_sendmsg+0x10/0x10 [ 577.637634][T15013] ? __pfx_kstrtouint+0x10/0x10 [ 577.637665][T15013] ? kstrtouint_from_user+0x13c/0x1d0 [ 577.637695][T15013] ___sys_sendmsg+0x134/0x1d0 [ 577.637724][T15013] ? __pfx____sys_sendmsg+0x10/0x10 [ 577.637759][T15013] ? rcu_is_watching+0x12/0xc0 [ 577.637791][T15013] __sys_sendmsg+0x16d/0x220 [ 577.637821][T15013] ? __pfx___sys_sendmsg+0x10/0x10 [ 577.637864][T15013] do_syscall_64+0xcd/0x490 [ 577.637895][T15013] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.637919][T15013] RIP: 0033:0x7fd3d498ebe9 [ 577.637936][T15013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.637960][T15013] RSP: 002b:00007fd3d58b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 577.637984][T15013] RAX: ffffffffffffffda RBX: 00007fd3d4bb5fa0 RCX: 00007fd3d498ebe9 [ 577.638000][T15013] RDX: 0000000004048040 RSI: 0000200000000140 RDI: 0000000000000004 [ 577.638016][T15013] RBP: 00007fd3d58b7090 R08: 0000000000000000 R09: 0000000000000000 [ 577.638031][T15013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 577.638046][T15013] R13: 00007fd3d4bb6038 R14: 00007fd3d4bb5fa0 R15: 00007fff31d651f8 [ 577.638069][T15013] [ 578.167691][T15028] __vm_enough_memory: pid: 15028, comm: syz.3.2121, bytes: 4398046511104 not enough memory for the allocation [ 578.183768][T15026] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2120'. [ 580.817587][T15097] netlink: 338 bytes leftover after parsing attributes in process `syz.1.2134'. [ 581.096081][T15095] FAULT_INJECTION: forcing a failure. [ 581.096081][T15095] name failslab, interval 1, probability 0, space 0, times 0 [ 581.141214][T15095] CPU: 1 UID: 0 PID: 15095 Comm: syz.2.2138 Tainted: G U syzkaller #0 PREEMPT(full) [ 581.141252][T15095] Tainted: [U]=USER [ 581.141260][T15095] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 581.141275][T15095] Call Trace: [ 581.141282][T15095] [ 581.141290][T15095] dump_stack_lvl+0x16c/0x1f0 [ 581.141325][T15095] should_fail_ex+0x512/0x640 [ 581.141360][T15095] ? kvm_set_irq_routing+0xf3/0x970 [ 581.141393][T15095] should_failslab+0xc2/0x120 [ 581.141424][T15095] __kmalloc_noprof+0xd2/0x510 [ 581.141454][T15095] kvm_set_irq_routing+0xf3/0x970 [ 581.141487][T15095] ? kvm_ioapic_init+0x445/0x590 [ 581.141515][T15095] kvm_arch_vm_ioctl+0x8e8/0x1860 [ 581.141547][T15095] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 581.141582][T15095] ? lock_release+0x201/0x2f0 [ 581.141614][T15095] ? ima_match_policy+0x803/0x22e0 [ 581.141651][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141675][T15095] ? unwind_next_frame+0x3f4/0x20a0 [ 581.141706][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141730][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141754][T15095] ? unwind_next_frame+0x3f4/0x20a0 [ 581.141777][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141802][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141825][T15095] ? unwind_next_frame+0x3f4/0x20a0 [ 581.141847][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.141873][T15095] ? lock_release+0x201/0x2f0 [ 581.141902][T15095] ? bpf_ksym_find+0x124/0x1c0 [ 581.141922][T15095] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 581.141951][T15095] ? is_bpf_text_address+0x94/0x1a0 [ 581.141980][T15095] ? kernel_text_address+0x8d/0x100 [ 581.142001][T15095] ? __kernel_text_address+0xd/0x40 [ 581.142021][T15095] ? unwind_get_return_address+0x59/0xa0 [ 581.142045][T15095] ? arch_stack_walk+0xa6/0x100 [ 581.142075][T15095] ? stack_trace_save+0x8e/0xc0 [ 581.142100][T15095] ? __pfx_stack_trace_save+0x10/0x10 [ 581.142125][T15095] ? kasan_save_stack+0x42/0x60 [ 581.142152][T15095] ? stack_depot_save_flags+0x29/0x9c0 [ 581.142185][T15095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 581.142221][T15095] ? kasan_save_stack+0x42/0x60 [ 581.142246][T15095] ? kasan_save_stack+0x33/0x60 [ 581.142271][T15095] ? kasan_save_track+0x14/0x30 [ 581.142297][T15095] ? kasan_save_free_info+0x3b/0x60 [ 581.142317][T15095] ? __kasan_slab_free+0x60/0x70 [ 581.142344][T15095] ? kfree+0x2b4/0x4d0 [ 581.142366][T15095] kvm_vm_ioctl+0x1a91/0x4000 [ 581.142394][T15095] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 581.142437][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.142461][T15095] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 581.142519][T15095] ? tomoyo_path_number_perm+0x295/0x580 [ 581.142550][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.142574][T15095] ? lock_release+0x201/0x2f0 [ 581.142607][T15095] ? tomoyo_path_number_perm+0x18d/0x580 [ 581.142639][T15095] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 581.142674][T15095] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 581.142717][T15095] ? do_vfs_ioctl+0x128/0x14f0 [ 581.142754][T15095] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 581.142795][T15095] ? rcu_is_watching+0x12/0xc0 [ 581.142819][T15095] ? __fget_files+0x204/0x3c0 [ 581.142844][T15095] ? hook_file_ioctl_common+0x145/0x410 [ 581.142878][T15095] ? __fget_files+0x20e/0x3c0 [ 581.142905][T15095] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 581.142929][T15095] __x64_sys_ioctl+0x18e/0x210 [ 581.142966][T15095] do_syscall_64+0xcd/0x490 [ 581.142999][T15095] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 581.143023][T15095] RIP: 0033:0x7f261cd8ebe9 [ 581.143041][T15095] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 581.143065][T15095] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 581.143088][T15095] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 581.143105][T15095] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 581.143124][T15095] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 581.143140][T15095] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 581.143154][T15095] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 581.143177][T15095] [ 582.468713][T15118] block2mtd: Using custom MTD label '' for dev [ 582.538006][T15118] block2mtd: error: cannot open device [ 583.060594][T15134] ima: policy update failed [ 583.086305][ T30] audit: type=1802 audit(4294967573.380:17): pid=15134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2146" res=0 errno=0 [ 583.456279][T15141] FAULT_INJECTION: forcing a failure. [ 583.456279][T15141] name failslab, interval 1, probability 0, space 0, times 0 [ 583.500687][T15141] CPU: 1 UID: 0 PID: 15141 Comm: syz.0.2149 Tainted: G U syzkaller #0 PREEMPT(full) [ 583.500726][T15141] Tainted: [U]=USER [ 583.500735][T15141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 583.500750][T15141] Call Trace: [ 583.500758][T15141] [ 583.500767][T15141] dump_stack_lvl+0x16c/0x1f0 [ 583.500801][T15141] should_fail_ex+0x512/0x640 [ 583.500838][T15141] should_failslab+0xc2/0x120 [ 583.500871][T15141] __kmalloc_cache_noprof+0x6a/0x3e0 [ 583.500896][T15141] ? tty_alloc_file+0x3f/0xa0 [ 583.500930][T15141] ? __pfx_ptmx_open+0x10/0x10 [ 583.500956][T15141] tty_alloc_file+0x3f/0xa0 [ 583.500989][T15141] ptmx_open+0x61/0x360 [ 583.501014][T15141] ? __pfx_ptmx_open+0x10/0x10 [ 583.501039][T15141] chrdev_open+0x231/0x6a0 [ 583.501069][T15141] ? __pfx_apparmor_file_open+0x10/0x10 [ 583.501096][T15141] ? __pfx_chrdev_open+0x10/0x10 [ 583.501127][T15141] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 583.501158][T15141] do_dentry_open+0x97f/0x1530 [ 583.501192][T15141] ? __pfx_chrdev_open+0x10/0x10 [ 583.501226][T15141] vfs_open+0x82/0x3f0 [ 583.501263][T15141] path_openat+0x1de4/0x2cb0 [ 583.501295][T15141] ? __pfx_path_openat+0x10/0x10 [ 583.501327][T15141] do_filp_open+0x20b/0x470 [ 583.501354][T15141] ? __pfx_do_filp_open+0x10/0x10 [ 583.501392][T15141] ? alloc_fd+0x471/0x7d0 [ 583.501420][T15141] do_sys_openat2+0x11b/0x1d0 [ 583.501457][T15141] ? __pfx_do_sys_openat2+0x10/0x10 [ 583.501505][T15141] __x64_sys_openat+0x174/0x210 [ 583.501543][T15141] ? __pfx___x64_sys_openat+0x10/0x10 [ 583.501587][T15141] do_syscall_64+0xcd/0x490 [ 583.501621][T15141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 583.501646][T15141] RIP: 0033:0x7efc89b8ebe9 [ 583.501664][T15141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 583.501687][T15141] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 583.501709][T15141] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 583.501725][T15141] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 583.501740][T15141] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 583.501755][T15141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 583.501770][T15141] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 583.501792][T15141] [ 584.003305][T15141] syz.0.2149: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 584.036862][T15141] CPU: 1 UID: 0 PID: 15141 Comm: syz.0.2149 Tainted: G U syzkaller #0 PREEMPT(full) [ 584.036896][T15141] Tainted: [U]=USER [ 584.036904][T15141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 584.036917][T15141] Call Trace: [ 584.036924][T15141] [ 584.036932][T15141] dump_stack_lvl+0x16c/0x1f0 [ 584.036963][T15141] warn_alloc+0x248/0x3a0 [ 584.036990][T15141] ? __pfx_warn_alloc+0x10/0x10 [ 584.037022][T15141] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 584.037058][T15141] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 584.037080][T15141] ? __pfx___might_resched+0x10/0x10 [ 584.037103][T15141] ? rcu_is_watching+0x12/0xc0 [ 584.037125][T15141] ? trace_contention_end+0xdd/0x130 [ 584.037155][T15141] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 584.037191][T15141] ? tomoyo_path_number_perm+0x295/0x580 [ 584.037218][T15141] ? rcu_is_watching+0x12/0xc0 [ 584.037262][T15141] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 584.037285][T15141] ? __pfx___mutex_lock+0x10/0x10 [ 584.037320][T15141] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 584.037356][T15141] __vmalloc_node_noprof+0xad/0xf0 [ 584.037377][T15141] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 584.037416][T15141] dvb_demux_do_ioctl+0x54e/0x12f0 [ 584.037455][T15141] ? do_vfs_ioctl+0x128/0x14f0 [ 584.037493][T15141] dvb_usercopy+0x167/0x340 [ 584.037525][T15141] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 584.037563][T15141] ? __pfx_dvb_usercopy+0x10/0x10 [ 584.037600][T15141] ? __fget_files+0x20e/0x3c0 [ 584.037627][T15141] dvb_demux_ioctl+0x29/0x40 [ 584.037659][T15141] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 584.037693][T15141] __x64_sys_ioctl+0x18e/0x210 [ 584.037729][T15141] do_syscall_64+0xcd/0x490 [ 584.037761][T15141] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 584.037785][T15141] RIP: 0033:0x7efc89b8ebe9 [ 584.037802][T15141] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 584.037825][T15141] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 584.037846][T15141] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 584.037862][T15141] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 584.037877][T15141] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 584.037892][T15141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 584.037906][T15141] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 584.037928][T15141] [ 584.037936][T15141] Mem-Info: [ 584.503391][T15146] net_ratelimit: 672 callbacks suppressed [ 584.503407][T15146] openvswitch: netlink: VXLAN extension 64 out of range max 1 [ 584.922521][T15141] active_anon:11243 inactive_anon:24176 isolated_anon:0 [ 584.922521][T15141] active_file:18029 inactive_file:38589 isolated_file:0 [ 584.922521][T15141] unevictable:768 dirty:32 writeback:0 [ 584.922521][T15141] slab_reclaimable:12192 slab_unreclaimable:95291 [ 584.922521][T15141] mapped:28057 shmem:21737 pagetables:1191 [ 584.922521][T15141] sec_pagetables:0 bounce:0 [ 584.922521][T15141] kernel_misc_reclaimable:0 [ 584.922521][T15141] free:1273967 free_pcp:24911 free_cma:0 [ 585.149012][T15157] netlink: 342 bytes leftover after parsing attributes in process `syz.2.2148'. [ 585.228024][T15141] Node 0 active_anon:44940kB inactive_anon:84692kB active_file:71496kB inactive_file:154080kB unevictable:1536kB isolated(anon):44kB isolated(file):0kB mapped:112840kB dirty:340kB writeback:0kB shmem:69484kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11440kB pagetables:4448kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 585.423365][T15139] netlink: 294 bytes leftover after parsing attributes in process `syz.2.2148'. [ 585.483990][T15141] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 585.619539][T15141] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 585.787165][T15141] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 585.808730][T15141] Node 0 DMA32 free:1208948kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44896kB inactive_anon:58744kB active_file:69248kB inactive_file:153476kB unevictable:1536kB writepending:964kB present:3129332kB managed:2539600kB mlocked:0kB bounce:0kB free_pcp:94636kB local_pcp:94636kB free_cma:0kB [ 585.861478][T15162] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2153'. [ 585.976379][T15141] lowmem_reserve[]: 0 0 1 1 1 [ 585.994997][T15141] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1248kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 586.126008][T15141] lowmem_reserve[]: 0 0 0 0 0 [ 586.167761][T15167] ima: policy update failed [ 586.172402][T15141] Node 1 Normal free:3901104kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:18764kB local_pcp:18764kB free_cma:0kB [ 586.204112][ T30] audit: type=1802 audit(4294967576.470:18): pid=15167 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.2155" res=0 errno=0 [ 586.223712][T15157] FAULT_INJECTION: forcing a failure. [ 586.223712][T15157] name fail_futex, interval 1, probability 0, space 0, times 0 [ 586.309347][T15157] CPU: 1 UID: 0 PID: 15157 Comm: syz.2.2148 Tainted: G U syzkaller #0 PREEMPT(full) [ 586.309380][T15157] Tainted: [U]=USER [ 586.309387][T15157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 586.309400][T15157] Call Trace: [ 586.309407][T15157] [ 586.309414][T15157] dump_stack_lvl+0x16c/0x1f0 [ 586.309445][T15157] should_fail_ex+0x512/0x640 [ 586.309476][T15157] get_futex_key+0xff0/0x1560 [ 586.309503][T15157] ? __pfx_get_futex_key+0x10/0x10 [ 586.309527][T15157] ? __mutex_trylock_common+0xe9/0x250 [ 586.309556][T15157] ? __pfx___mutex_trylock_common+0x10/0x10 [ 586.309587][T15157] futex_wake+0xea/0x530 [ 586.309618][T15157] ? __pfx_futex_wake+0x10/0x10 [ 586.309648][T15157] ? rcu_is_watching+0x12/0xc0 [ 586.309670][T15157] ? rcu_is_watching+0x12/0xc0 [ 586.309692][T15157] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 586.309721][T15157] do_futex+0x1e3/0x350 [ 586.309747][T15157] ? __pfx_do_futex+0x10/0x10 [ 586.309773][T15157] ? lock_release+0x201/0x2f0 [ 586.309802][T15157] mm_release+0x24e/0x300 [ 586.309826][T15157] do_exit+0x68e/0x2bf0 [ 586.309857][T15157] ? __pfx_do_exit+0x10/0x10 [ 586.309885][T15157] ? do_raw_spin_lock+0x12c/0x2b0 [ 586.309918][T15157] ? get_signal+0x8f5/0x26d0 [ 586.309941][T15157] ? rcu_is_watching+0x12/0xc0 [ 586.309962][T15157] do_group_exit+0xd3/0x2a0 [ 586.309993][T15157] get_signal+0x2673/0x26d0 [ 586.310069][T15157] ? rcu_is_watching+0x12/0xc0 [ 586.310093][T15157] ? __pfx___might_resched+0x10/0x10 [ 586.310117][T15157] ? __pfx_get_signal+0x10/0x10 [ 586.310144][T15157] ? do_futex+0x122/0x350 [ 586.310172][T15157] ? __pfx_do_futex+0x10/0x10 [ 586.310202][T15157] arch_do_signal_or_restart+0x8f/0x790 [ 586.310237][T15157] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 586.310273][T15157] ? syscall_user_dispatch+0x78/0x140 [ 586.310315][T15157] exit_to_user_mode_loop+0x84/0x110 [ 586.310350][T15157] do_syscall_64+0x3f6/0x490 [ 586.310383][T15157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 586.310406][T15157] RIP: 0033:0x7f261cd8ebe9 [ 586.310424][T15157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 586.310448][T15157] RSP: 002b:00007f261dc910e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 586.310470][T15157] RAX: fffffffffffffe00 RBX: 00007f261cfb6098 RCX: 00007f261cd8ebe9 [ 586.310486][T15157] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f261cfb6098 [ 586.310501][T15157] RBP: 00007f261cfb6090 R08: 0000000000000000 R09: 0000000000000000 [ 586.310515][T15157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 586.310530][T15157] R13: 00007f261cfb6128 R14: 00007ffcc8c98a30 R15: 00007ffcc8c98b18 [ 586.310552][T15157] [ 586.598469][T15141] lowmem_reserve[]: 0 0 0 0 0 [ 586.603271][T15141] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 586.616063][T15141] Node 0 DMA32: 2767*4kB (UM) 1518*8kB (UM) 764*16kB (UME) 264*32kB (UM) 63*64kB (UME) 125*128kB (UME) 163*256kB (UME) 100*512kB (UME) 41*1024kB (UM) 10*2048kB (UE) 246*4096kB (UM) = 1226924kB [ 586.635255][T15141] Node 0 Normal: 2*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 586.647630][T15141] Node 1 Normal: 94*4kB (UME) 57*8kB (UME) 47*16kB (UME) 192*32kB (UME) 74*64kB (UME) 14*128kB (UME) 5*256kB (UME) 1*512kB (M) 4*1024kB (UME) 3*2048kB (UME) 946*4096kB (M) = 3901104kB [ 586.666333][T15141] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 586.676570][T15141] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB [ 586.686226][T15141] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 586.695845][T15141] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 586.705214][T15141] 65524 total pagecache pages [ 586.709993][T15141] 17 pages in swap cache [ 586.714270][T15141] Free swap = 124920kB [ 586.718476][T15141] Total swap = 124996kB [ 586.722668][T15141] 2097051 pages RAM [ 586.726527][T15141] 0 pages HighMem/MovableOnly [ 586.731255][T15141] 430189 pages reserved [ 586.735441][T15141] 0 pages cma reserved [ 587.036387][T15179] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 588.012441][T15198] HfR: entered promiscuous mode [ 588.209623][T15168] ima: policy update failed [ 588.216185][ T30] audit: type=1802 audit(4294967578.510:19): pid=15168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.2156" res=0 errno=0 [ 588.471306][T15209] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.567649][T15204] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.602660][T15204] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.660665][T15209] netlink: 242 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.711713][T15204] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.863523][T15204] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2166'. [ 588.888376][T15224] blktrace: Concurrent blktraces are not allowed on loop2 [ 588.955009][T15221] FAULT_INJECTION: forcing a failure. [ 588.955009][T15221] name failslab, interval 1, probability 0, space 0, times 0 [ 588.993156][T15224] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2172'. [ 589.111686][T15221] CPU: 1 UID: 0 PID: 15221 Comm: syz.1.2166 Tainted: G U syzkaller #0 PREEMPT(full) [ 589.111722][T15221] Tainted: [U]=USER [ 589.111735][T15221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 589.111749][T15221] Call Trace: [ 589.111756][T15221] [ 589.111764][T15221] dump_stack_lvl+0x16c/0x1f0 [ 589.111796][T15221] should_fail_ex+0x512/0x640 [ 589.111829][T15221] should_failslab+0xc2/0x120 [ 589.111860][T15221] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 589.111886][T15221] ? alloc_empty_file+0x55/0x1e0 [ 589.111919][T15221] alloc_empty_file+0x55/0x1e0 [ 589.111952][T15221] path_openat+0xda/0x2cb0 [ 589.111975][T15221] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.112002][T15221] ? __pfx_path_openat+0x10/0x10 [ 589.112030][T15221] do_filp_open+0x20b/0x470 [ 589.112055][T15221] ? __pfx_do_filp_open+0x10/0x10 [ 589.112089][T15221] ? alloc_fd+0x471/0x7d0 [ 589.112115][T15221] do_sys_openat2+0x11b/0x1d0 [ 589.112148][T15221] ? __pfx_do_sys_openat2+0x10/0x10 [ 589.112186][T15221] __x64_sys_openat+0x174/0x210 [ 589.112221][T15221] ? __pfx___x64_sys_openat+0x10/0x10 [ 589.112256][T15221] ? syscall_user_dispatch+0x78/0x140 [ 589.112295][T15221] do_syscall_64+0xcd/0x490 [ 589.112324][T15221] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 589.112346][T15221] RIP: 0033:0x7fd3d498ebe9 [ 589.112362][T15221] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 589.112383][T15221] RSP: 002b:00007fd3d5875038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 589.112404][T15221] RAX: ffffffffffffffda RBX: 00007fd3d4bb6180 RCX: 00007fd3d498ebe9 [ 589.112418][T15221] RDX: 0000000000040302 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 589.112432][T15221] RBP: 00007fd3d4a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 589.112445][T15221] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 589.112458][T15221] R13: 00007fd3d4bb6218 R14: 00007fd3d4bb6180 R15: 00007fff31d651f8 [ 589.112479][T15221] [ 589.812712][T15237] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 590.545370][T15253] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 590.714459][T15253] RDS: rds_bind could not find a transport for ::ffff:172.20.20.187, load rds_tcp or rds_rdma? [ 590.781166][T15258] __nla_validate_parse: 1 callbacks suppressed [ 590.781185][T15258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2179'. [ 591.309080][T15272] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 591.878146][T15277] FAULT_INJECTION: forcing a failure. [ 591.878146][T15277] name failslab, interval 1, probability 0, space 0, times 0 [ 591.960448][T15277] CPU: 1 UID: 0 PID: 15277 Comm: syz.2.2182 Tainted: G U syzkaller #0 PREEMPT(full) [ 591.960562][T15277] Tainted: [U]=USER [ 591.960571][T15277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 591.960585][T15277] Call Trace: [ 591.960593][T15277] [ 591.960602][T15277] dump_stack_lvl+0x16c/0x1f0 [ 591.960634][T15277] should_fail_ex+0x512/0x640 [ 591.960666][T15277] ? kobject_get_path+0xd2/0x2a0 [ 591.960694][T15277] should_failslab+0xc2/0x120 [ 591.960724][T15277] __kmalloc_noprof+0xd2/0x510 [ 591.960754][T15277] kobject_get_path+0xd2/0x2a0 [ 591.960785][T15277] kobject_uevent_env+0x289/0x1870 [ 591.960824][T15277] nfs_netns_sysfs_setup+0x16f/0x1f0 [ 591.960849][T15277] nfs_net_init+0x10a/0x340 [ 591.960876][T15277] ? __pfx_nfs_net_init+0x10/0x10 [ 591.960901][T15277] ops_init+0x1df/0x5f0 [ 591.960931][T15277] setup_net+0x10f/0x380 [ 591.960959][T15277] ? lockdep_init_map_type+0x5c/0x280 [ 591.960990][T15277] ? __pfx_setup_net+0x10/0x10 [ 591.961020][T15277] ? debug_mutex_init+0x37/0x70 [ 591.961041][T15277] copy_net_ns+0x2a6/0x5f0 [ 591.961075][T15277] create_new_namespaces+0x3ea/0xa90 [ 591.961103][T15277] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 591.961130][T15277] ksys_unshare+0x45b/0xa40 [ 591.961160][T15277] ? __pfx_ksys_unshare+0x10/0x10 [ 591.961190][T15277] ? xfd_validate_state+0x61/0x180 [ 591.961227][T15277] __x64_sys_unshare+0x31/0x40 [ 591.961256][T15277] do_syscall_64+0xcd/0x490 [ 591.961285][T15277] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 591.961307][T15277] RIP: 0033:0x7f261cd8ebe9 [ 591.961324][T15277] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 591.961345][T15277] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 591.961365][T15277] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 591.961380][T15277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 591.961393][T15277] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 591.961407][T15277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 591.961420][T15277] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 591.961458][T15277] [ 592.328942][T15288] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2183'. [ 592.339267][T15288] netlink: 242 bytes leftover after parsing attributes in process `syz.0.2183'. [ 592.392023][T15288] FAULT_INJECTION: forcing a failure. [ 592.392023][T15288] name failslab, interval 1, probability 0, space 0, times 0 [ 592.404742][T15288] CPU: 1 UID: 0 PID: 15288 Comm: syz.0.2183 Tainted: G U syzkaller #0 PREEMPT(full) [ 592.404779][T15288] Tainted: [U]=USER [ 592.404788][T15288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 592.404802][T15288] Call Trace: [ 592.404810][T15288] [ 592.404819][T15288] dump_stack_lvl+0x16c/0x1f0 [ 592.404852][T15288] should_fail_ex+0x512/0x640 [ 592.404889][T15288] should_failslab+0xc2/0x120 [ 592.404922][T15288] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 592.404952][T15288] ? alloc_empty_file+0x55/0x1e0 [ 592.404992][T15288] alloc_empty_file+0x55/0x1e0 [ 592.405029][T15288] path_openat+0xda/0x2cb0 [ 592.405056][T15288] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.405086][T15288] ? __pfx_path_openat+0x10/0x10 [ 592.405119][T15288] do_filp_open+0x20b/0x470 [ 592.405147][T15288] ? __pfx_do_filp_open+0x10/0x10 [ 592.405186][T15288] ? alloc_fd+0x471/0x7d0 [ 592.405215][T15288] do_sys_openat2+0x11b/0x1d0 [ 592.405253][T15288] ? __pfx_do_sys_openat2+0x10/0x10 [ 592.405297][T15288] __x64_sys_openat+0x174/0x210 [ 592.405335][T15288] ? __pfx___x64_sys_openat+0x10/0x10 [ 592.405375][T15288] ? syscall_user_dispatch+0x78/0x140 [ 592.405420][T15288] do_syscall_64+0xcd/0x490 [ 592.405453][T15288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 592.405484][T15288] RIP: 0033:0x7efc89b8ebe9 [ 592.405502][T15288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 592.405526][T15288] RSP: 002b:00007efc8a95d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 592.405549][T15288] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8ebe9 [ 592.405565][T15288] RDX: 0000000000008000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 592.405581][T15288] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 592.405596][T15288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 592.405611][T15288] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 592.405634][T15288] [ 592.786637][T15293] __vm_enough_memory: pid: 15293, comm: syz.1.2185, bytes: 4398046511104 not enough memory for the allocation [ 593.328395][T15307] FAULT_INJECTION: forcing a failure. [ 593.328395][T15307] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 593.403194][T15307] CPU: 1 UID: 0 PID: 15307 Comm: syz.0.2189 Tainted: G U syzkaller #0 PREEMPT(full) [ 593.403233][T15307] Tainted: [U]=USER [ 593.403241][T15307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 593.403255][T15307] Call Trace: [ 593.403263][T15307] [ 593.403271][T15307] dump_stack_lvl+0x16c/0x1f0 [ 593.403305][T15307] should_fail_ex+0x512/0x640 [ 593.403340][T15307] _copy_to_user+0x32/0xd0 [ 593.403362][T15307] simple_read_from_buffer+0xcb/0x170 [ 593.403386][T15307] proc_fail_nth_read+0x197/0x240 [ 593.403410][T15307] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 593.403441][T15307] ? security_file_permission+0x71/0x210 [ 593.403475][T15307] ? rw_verify_area+0xcf/0x6c0 [ 593.403497][T15307] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 593.403521][T15307] vfs_read+0x1e4/0xcf0 [ 593.403548][T15307] ? __pfx___mutex_lock+0x10/0x10 [ 593.403579][T15307] ? __pfx_vfs_read+0x10/0x10 [ 593.403604][T15307] ? __fget_files+0x204/0x3c0 [ 593.403628][T15307] ? rcu_is_watching+0x12/0xc0 [ 593.403655][T15307] ? __fget_files+0x20e/0x3c0 [ 593.403683][T15307] ksys_read+0x12a/0x250 [ 593.403709][T15307] ? __pfx_ksys_read+0x10/0x10 [ 593.403739][T15307] do_syscall_64+0xcd/0x490 [ 593.403771][T15307] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 593.403795][T15307] RIP: 0033:0x7efc89b8d5fc [ 593.403812][T15307] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 593.403836][T15307] RSP: 002b:00007efc8a95d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 593.403859][T15307] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8d5fc [ 593.403875][T15307] RDX: 000000000000000f RSI: 00007efc8a95d0a0 RDI: 0000000000000004 [ 593.403890][T15307] RBP: 00007efc8a95d090 R08: 0000000000000000 R09: 0000000000000000 [ 593.403905][T15307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 593.403920][T15307] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 593.403943][T15307] [ 593.828346][T15309] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2190'. [ 595.788539][T15357] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input46 [ 596.027039][T15343] vivid-003: ================= START STATUS ================= [ 596.063694][T15343] vivid-003: Radio HW Seek Mode: Bounded [ 596.108124][T15343] vivid-003: Radio Programmable HW Seek: false [ 596.167729][T15343] vivid-003: RDS Rx I/O Mode: Block I/O [ 596.259734][T15343] vivid-003: Generate RBDS Instead of RDS: false [ 596.333537][T15343] vivid-003: RDS Reception: true [ 596.358623][T15343] vivid-003: RDS Program Type: 0 inactive [ 596.419031][T15364] __vm_enough_memory: pid: 15364, comm: syz.0.2203, bytes: 4398046511104 not enough memory for the allocation [ 596.463669][T15343] vivid-003: RDS PS Name: inactive [ 596.550279][T15359] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input47 [ 596.562622][T15343] vivid-003: RDS Radio Text: inactive [ 596.644525][T15343] vivid-003: RDS Traffic Announcement: false inactive [ 596.710111][T15343] vivid-003: RDS Traffic Program: false inactive [ 596.763277][T15343] vivid-003: RDS Music: false inactive [ 596.807271][T15343] vivid-003: ================== END STATUS ================== [ 597.325418][T15380] Invalid ELF header magic: != ELF [ 597.396436][T15380] qrtr: Invalid version 5 [ 598.568179][T15409] uvcvideo: [Deprecated]: nodrop parameter will be eventually removed. [ 598.683620][T15412] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2213'. [ 599.540429][T15433] FAULT_INJECTION: forcing a failure. [ 599.540429][T15433] name failslab, interval 1, probability 0, space 0, times 0 [ 599.678192][T15433] CPU: 1 UID: 0 PID: 15433 Comm: syz.2.2219 Tainted: G U syzkaller #0 PREEMPT(full) [ 599.678226][T15433] Tainted: [U]=USER [ 599.678233][T15433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 599.678245][T15433] Call Trace: [ 599.678252][T15433] [ 599.678260][T15433] dump_stack_lvl+0x16c/0x1f0 [ 599.678290][T15433] should_fail_ex+0x512/0x640 [ 599.678322][T15433] should_failslab+0xc2/0x120 [ 599.678351][T15433] __kmalloc_cache_noprof+0x6a/0x3e0 [ 599.678372][T15433] ? tty_alloc_file+0x3f/0xa0 [ 599.678402][T15433] ? __pfx_ptmx_open+0x10/0x10 [ 599.678425][T15433] tty_alloc_file+0x3f/0xa0 [ 599.678453][T15433] ptmx_open+0x61/0x360 [ 599.678474][T15433] ? __pfx_ptmx_open+0x10/0x10 [ 599.678495][T15433] chrdev_open+0x231/0x6a0 [ 599.678521][T15433] ? __pfx_apparmor_file_open+0x10/0x10 [ 599.678544][T15433] ? __pfx_chrdev_open+0x10/0x10 [ 599.678571][T15433] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 599.678597][T15433] do_dentry_open+0x97f/0x1530 [ 599.678622][T15433] ? __pfx_chrdev_open+0x10/0x10 [ 599.678650][T15433] vfs_open+0x82/0x3f0 [ 599.678681][T15433] path_openat+0x1de4/0x2cb0 [ 599.678709][T15433] ? __pfx_path_openat+0x10/0x10 [ 599.678735][T15433] do_filp_open+0x20b/0x470 [ 599.678769][T15433] ? __pfx_do_filp_open+0x10/0x10 [ 599.678807][T15433] ? alloc_fd+0x471/0x7d0 [ 599.678832][T15433] do_sys_openat2+0x11b/0x1d0 [ 599.678863][T15433] ? __pfx_do_sys_openat2+0x10/0x10 [ 599.678900][T15433] __x64_sys_openat+0x174/0x210 [ 599.678932][T15433] ? __pfx___x64_sys_openat+0x10/0x10 [ 599.678970][T15433] do_syscall_64+0xcd/0x490 [ 599.678999][T15433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.679020][T15433] RIP: 0033:0x7f261cd8ebe9 [ 599.679036][T15433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.679074][T15433] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 599.679112][T15433] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 599.679128][T15433] RDX: 0000000000040001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 599.679143][T15433] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 599.679157][T15433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.679171][T15433] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 599.679193][T15433] [ 599.935967][T15433] syz.2.2219: vmalloc error: size 4503599627371522, exceeds total pages, mode:0xcc0(GFP_KERNEL), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 599.950443][T15433] CPU: 1 UID: 0 PID: 15433 Comm: syz.2.2219 Tainted: G U syzkaller #0 PREEMPT(full) [ 599.950481][T15433] Tainted: [U]=USER [ 599.950488][T15433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 599.950504][T15433] Call Trace: [ 599.950511][T15433] [ 599.950520][T15433] dump_stack_lvl+0x16c/0x1f0 [ 599.950554][T15433] warn_alloc+0x248/0x3a0 [ 599.950582][T15433] ? __pfx_warn_alloc+0x10/0x10 [ 599.950617][T15433] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 599.950658][T15433] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 599.950682][T15433] ? __pfx___might_resched+0x10/0x10 [ 599.950707][T15433] ? rcu_is_watching+0x12/0xc0 [ 599.950731][T15433] ? trace_contention_end+0xdd/0x130 [ 599.950764][T15433] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 599.950810][T15433] ? tomoyo_path_number_perm+0x295/0x580 [ 599.950839][T15433] ? rcu_is_watching+0x12/0xc0 [ 599.950863][T15433] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 599.950886][T15433] ? __pfx___mutex_lock+0x10/0x10 [ 599.950921][T15433] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 599.950957][T15433] __vmalloc_node_noprof+0xad/0xf0 [ 599.950978][T15433] ? dvb_demux_do_ioctl+0x54e/0x12f0 [ 599.951016][T15433] dvb_demux_do_ioctl+0x54e/0x12f0 [ 599.951053][T15433] ? do_vfs_ioctl+0x128/0x14f0 [ 599.951091][T15433] dvb_usercopy+0x167/0x340 [ 599.951142][T15433] ? __pfx_dvb_demux_do_ioctl+0x10/0x10 [ 599.951181][T15433] ? __pfx_dvb_usercopy+0x10/0x10 [ 599.951220][T15433] ? __fget_files+0x20e/0x3c0 [ 599.951248][T15433] dvb_demux_ioctl+0x29/0x40 [ 599.951282][T15433] ? __pfx_dvb_demux_ioctl+0x10/0x10 [ 599.951318][T15433] __x64_sys_ioctl+0x18e/0x210 [ 599.951356][T15433] do_syscall_64+0xcd/0x490 [ 599.951389][T15433] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 599.951413][T15433] RIP: 0033:0x7f261cd8ebe9 [ 599.951431][T15433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 599.951455][T15433] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 599.951477][T15433] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 599.951493][T15433] RDX: 0010000000000402 RSI: 0000000000006f2d RDI: 0000000000000003 [ 599.951508][T15433] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 599.951523][T15433] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 599.951537][T15433] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 599.951560][T15433] [ 599.951569][T15433] Mem-Info: [ 600.306433][T15433] active_anon:11239 inactive_anon:51563 isolated_anon:0 [ 600.306433][T15433] active_file:19506 inactive_file:38559 isolated_file:0 [ 600.306433][T15433] unevictable:768 dirty:747 writeback:0 [ 600.306433][T15433] slab_reclaimable:11911 slab_unreclaimable:95899 [ 600.306433][T15433] mapped:58872 shmem:50145 pagetables:1295 [ 600.306433][T15433] sec_pagetables:0 bounce:0 [ 600.306433][T15433] kernel_misc_reclaimable:0 [ 600.306433][T15433] free:1258128 free_pcp:14288 free_cma:0 [ 600.586828][T15433] Node 0 active_anon:44956kB inactive_anon:221848kB active_file:78028kB inactive_file:154108kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:247768kB dirty:2996kB writeback:0kB shmem:211444kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11056kB pagetables:5216kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 600.756842][T15433] Node 1 active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 601.048320][T15433] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 601.372569][T15433] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 601.419593][T15433] Node 0 DMA32 free:1089324kB boost:0kB min:34076kB low:42592kB high:51108kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44912kB inactive_anon:217168kB active_file:76780kB inactive_file:154296kB unevictable:1536kB writepending:3048kB present:3129332kB managed:2539600kB mlocked:0kB bounce:0kB free_pcp:56064kB local_pcp:56064kB free_cma:0kB [ 601.487681][T15453] netlink: 93 bytes leftover after parsing attributes in process `syz.1.2224'. [ 601.703071][T15433] lowmem_reserve[]: 0 0 1 1 1 [ 601.742311][T15433] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:1248kB inactive_file:72kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB [ 602.011003][T15433] lowmem_reserve[]: 0 0 0 0 0 [ 602.040511][T15433] Node 1 Normal free:3901104kB boost:0kB min:55804kB low:69752kB high:83700kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:4kB inactive_file:128kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:18872kB local_pcp:18872kB free_cma:0kB [ 602.345033][T15433] lowmem_reserve[]: 0 0 0 0 0 [ 602.380497][T15433] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 602.470954][T15433] Node 0 DMA32: 0*4kB 1*8kB (M) 49*16kB (U) 100*32kB (UE) 17*64kB (U) 12*128kB (UME) 38*256kB (UE) 49*512kB (UME) 27*1024kB (U) 10*2048kB (UE) 244*4096kB (UM) = 1088984kB [ 602.591940][T15433] Node 0 Normal: 2*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 602.701180][T15433] Node 1 Normal: 76*4kB (UME) 56*8kB (UME) 46*16kB (UME) 191*32kB (UME) 76*64kB (UME) 14*128kB (UME) 5*256kB (UME) 1*512kB (M) 4*1024kB (UME) 3*2048kB (UME) 946*4096kB (M) = 3901104kB [ 602.769200][T15382] delete_channel: no stack [ 602.868413][T15433] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 602.967985][T15433] Node 0 hugepages_total=6 hugepages_free=5 hugepages_surp=2 hugepages_size=2048kB [ 603.050718][T15480] netlink: zone id is out of range [ 603.066211][T15433] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 603.087542][T15480] netlink: zone id is out of range [ 603.122465][T15480] netlink: zone id is out of range [ 603.161518][T15433] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 603.216686][T15480] netlink: zone id is out of range [ 603.258634][T15433] 107648 total pagecache pages [ 603.288467][T15480] netlink: zone id is out of range [ 603.332227][T15433] 17 pages in swap cache [ 603.352656][T15433] Free swap = 124920kB [ 603.369990][T15480] netlink: zone id is out of range [ 603.404321][T15433] Total swap = 124996kB [ 603.441177][T15433] 2097051 pages RAM [ 603.453088][T15480] netlink: zone id is out of range [ 603.476120][T15433] 0 pages HighMem/MovableOnly [ 603.504295][T15480] netlink: zone id is out of range [ 603.512778][T15433] 430189 pages reserved [ 603.542189][T15433] 0 pages cma reserved [ 603.554993][T15480] netlink: zone id is out of range [ 603.615871][T15480] netlink: zone id is out of range [ 604.100968][T15488] ima: policy update failed [ 604.106044][ T30] audit: type=1802 audit(4294967594.400:20): pid=15488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2234" res=0 errno=0 [ 604.902376][T15513] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2241'. [ 606.832409][T15511] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 607.621734][T15581] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2261'. [ 607.838589][T15587] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2263'. [ 608.184342][T15596] netlink: 93 bytes leftover after parsing attributes in process `syz.3.2266'. [ 608.298669][T15601] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2267'. [ 608.353999][T15601] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2267'. [ 608.784463][T15610] FAULT_INJECTION: forcing a failure. [ 608.784463][T15610] name failslab, interval 1, probability 0, space 0, times 0 [ 608.848768][T15610] CPU: 1 UID: 0 PID: 15610 Comm: syz.2.2269 Tainted: G U syzkaller #0 PREEMPT(full) [ 608.848806][T15610] Tainted: [U]=USER [ 608.848814][T15610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 608.848829][T15610] Call Trace: [ 608.848836][T15610] [ 608.848845][T15610] dump_stack_lvl+0x16c/0x1f0 [ 608.848878][T15610] should_fail_ex+0x512/0x640 [ 608.848914][T15610] ? __pfx_stats_fop_open+0x10/0x10 [ 608.848948][T15610] should_failslab+0xc2/0x120 [ 608.848980][T15610] __kmalloc_cache_noprof+0x6a/0x3e0 [ 608.849011][T15610] ? __pfx___debugfs_file_get+0x10/0x10 [ 608.849067][T15610] ? sc_common_open+0x46/0x200 [ 608.849101][T15610] ? __pfx_apparmor_file_open+0x10/0x10 [ 608.849129][T15610] ? __pfx_stats_fop_open+0x10/0x10 [ 608.849164][T15610] sc_common_open+0x46/0x200 [ 608.849199][T15610] full_proxy_open_regular+0x1b6/0x360 [ 608.849236][T15610] do_dentry_open+0x97f/0x1530 [ 608.849265][T15610] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 608.849291][T15610] vfs_open+0x82/0x3f0 [ 608.849325][T15610] path_openat+0x1de4/0x2cb0 [ 608.849357][T15610] ? __pfx_path_openat+0x10/0x10 [ 608.849387][T15610] do_filp_open+0x20b/0x470 [ 608.849414][T15610] ? __pfx_do_filp_open+0x10/0x10 [ 608.849451][T15610] ? alloc_fd+0x471/0x7d0 [ 608.849478][T15610] do_sys_openat2+0x11b/0x1d0 [ 608.849513][T15610] ? __pfx_do_sys_openat2+0x10/0x10 [ 608.849554][T15610] __x64_sys_openat+0x174/0x210 [ 608.849591][T15610] ? __pfx___x64_sys_openat+0x10/0x10 [ 608.849634][T15610] do_syscall_64+0xcd/0x490 [ 608.849666][T15610] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 608.849690][T15610] RIP: 0033:0x7f261cd8ebe9 [ 608.849707][T15610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 608.849731][T15610] RSP: 002b:00007f261dcb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 608.849753][T15610] RAX: ffffffffffffffda RBX: 00007f261cfb5fa0 RCX: 00007f261cd8ebe9 [ 608.849769][T15610] RDX: 0000000000145440 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 608.849784][T15610] RBP: 00007f261ce11e19 R08: 0000000000000000 R09: 0000000000000000 [ 608.849799][T15610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 608.849813][T15610] R13: 00007f261cfb6038 R14: 00007f261cfb5fa0 R15: 00007ffcc8c98b18 [ 608.849835][T15610] [ 609.446944][T15615] Unable to find swap-space signature [ 609.926260][T15628] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2277'. [ 610.030917][T15629] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2277'. [ 610.544599][T15636] net_ratelimit: 672 callbacks suppressed [ 610.544618][T15636] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 611.614650][T15649] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 612.307799][T15672] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2287'. [ 612.341027][T15672] netlink: 242 bytes leftover after parsing attributes in process `syz.1.2287'. [ 613.407363][T15694] FAULT_INJECTION: forcing a failure. [ 613.407363][T15694] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 613.461059][T15694] CPU: 1 UID: 0 PID: 15694 Comm: syz.0.2296 Tainted: G U syzkaller #0 PREEMPT(full) [ 613.461094][T15694] Tainted: [U]=USER [ 613.461102][T15694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 613.461115][T15694] Call Trace: [ 613.461123][T15694] [ 613.461131][T15694] dump_stack_lvl+0x16c/0x1f0 [ 613.461164][T15694] should_fail_ex+0x512/0x640 [ 613.461198][T15694] _copy_to_user+0x32/0xd0 [ 613.461218][T15694] simple_read_from_buffer+0xcb/0x170 [ 613.461241][T15694] proc_fail_nth_read+0x197/0x240 [ 613.461265][T15694] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 613.461287][T15694] ? security_file_permission+0x71/0x210 [ 613.461318][T15694] ? rw_verify_area+0xcf/0x6c0 [ 613.461339][T15694] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 613.461362][T15694] vfs_read+0x1e4/0xcf0 [ 613.461387][T15694] ? __pfx___mutex_lock+0x10/0x10 [ 613.461416][T15694] ? __pfx_vfs_read+0x10/0x10 [ 613.461440][T15694] ? __fget_files+0x204/0x3c0 [ 613.461462][T15694] ? rcu_is_watching+0x12/0xc0 [ 613.461487][T15694] ? __fget_files+0x20e/0x3c0 [ 613.461513][T15694] ksys_read+0x12a/0x250 [ 613.461537][T15694] ? __pfx_ksys_read+0x10/0x10 [ 613.461566][T15694] do_syscall_64+0xcd/0x490 [ 613.461595][T15694] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.461624][T15694] RIP: 0033:0x7efc89b8d5fc [ 613.461641][T15694] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 613.461664][T15694] RSP: 002b:00007efc8a95d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 613.461685][T15694] RAX: ffffffffffffffda RBX: 00007efc89db5fa0 RCX: 00007efc89b8d5fc [ 613.461700][T15694] RDX: 000000000000000f RSI: 00007efc8a95d0a0 RDI: 0000000000000003 [ 613.461714][T15694] RBP: 00007efc8a95d090 R08: 0000000000000000 R09: 0000000000000000 [ 613.461728][T15694] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 613.461741][T15694] R13: 00007efc89db6038 R14: 00007efc89db5fa0 R15: 00007ffddc983b68 [ 613.461762][T15694] [ 613.672689][T15697] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2297'. [ 613.683492][T15697] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2297'. [ 614.037032][T15701] ptrace attach of "./syz-executor exec"[15703] was attempted by "./syz-executor exec"[15701] [ 614.509339][T15712] tc_dump_action: action bad kind [ 615.019224][T15722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2307'. [ 615.078759][T15722] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2307'. [ 616.087292][T15743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2314'. [ 618.159463][T14088] ------------[ cut here ]------------ [ 618.164977][T14088] ODEBUG: free active (active state 0) object: ffff8880341b5358 object type: timer_list hint: hci_devcd_timeout+0x0/0x2e0 [ 618.252645][T14088] WARNING: CPU: 1 PID: 14088 at lib/debugobjects.c:612 debug_print_object+0x1a2/0x2b0 [ 618.262481][T14088] Modules linked in: [ 618.266390][T14088] CPU: 1 UID: 0 PID: 14088 Comm: syz.0.1880 Tainted: G U syzkaller #0 PREEMPT(full) [ 618.277380][T14088] Tainted: [U]=USER [ 618.281179][T14088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 618.291732][T14088] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 618.298267][T14088] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3d 16 8c 4c 89 e6 48 c7 c7 60 32 16 8c e8 ff 0a 92 fc 90 <0f> 0b 90 90 58 83 05 16 b2 c3 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 618.318428][T14088] RSP: 0018:ffffc90004b17768 EFLAGS: 00010286 [ 618.324627][T14088] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a02c8 [ 618.333521][T14088] RDX: ffff88802c7c3c00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 618.341656][T14088] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 618.349689][T14088] R10: 0000000000000001 R11: fffffffffffe7d28 R12: ffffffff8c163900 [ 618.357742][T14088] R13: ffffffff8bafeb80 R14: ffffffff8a9a5710 R15: ffffc90004b17868 [ 618.365747][T14088] FS: 0000000000000000(0000) GS:ffff8881247c4000(0000) knlGS:0000000000000000 [ 618.374724][T14088] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 618.381494][T14088] CR2: 00007f24d63ece50 CR3: 0000000075248000 CR4: 00000000003526f0 [ 618.389584][T14088] Call Trace: [ 618.392867][T14088] [ 618.396260][T14088] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 618.402119][T14088] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 618.408161][T14088] debug_check_no_obj_freed+0x4b7/0x600 [ 618.413744][T14088] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 618.420367][T14088] ? rcu_is_watching+0x12/0xc0 [ 618.425158][T14088] ? kmem_cache_free+0x2d1/0x4d0 [ 618.430569][T14088] ? kfree_skbmem+0x1a4/0x1f0 [ 618.435262][T14088] kfree+0x28f/0x4d0 [ 618.439237][T14088] ? hci_release_dev+0x4ef/0x610 [ 618.444187][T14088] hci_release_dev+0x4ef/0x610 [ 618.449067][T14088] ? __pfx_hci_release_dev+0x10/0x10 [ 618.454355][T14088] ? rcu_is_watching+0x12/0xc0 [ 618.459240][T14088] ? kfree+0x24f/0x4d0 [ 618.463313][T14088] bt_host_release+0x6a/0xb0 [ 618.467929][T14088] ? __pfx_bt_host_release+0x10/0x10 [ 618.473224][T14088] device_release+0xa1/0x240 [ 618.477836][T14088] kobject_put+0x1e7/0x5a0 [ 618.482260][T14088] ? __pfx_vhci_release+0x10/0x10 [ 618.487318][T14088] put_device+0x1f/0x30 [ 618.491488][T14088] vhci_release+0x81/0xf0 [ 618.496282][T14088] __fput+0x3ff/0xb70 [ 618.500644][T14088] task_work_run+0x14d/0x240 [ 618.505259][T14088] ? __pfx_task_work_run+0x10/0x10 [ 618.510532][T14088] do_exit+0x86f/0x2bf0 [ 618.514718][T14088] ? do_raw_spin_lock+0x12c/0x2b0 [ 618.520164][T14088] ? __pfx_do_exit+0x10/0x10 [ 618.524790][T14088] ? cgroup_update_frozen_flag+0x107/0x210 [ 618.531048][T14088] ? get_signal+0x1d05/0x26d0 [ 618.535738][T14088] ? rcu_is_watching+0x12/0xc0 [ 618.540573][T14088] do_group_exit+0xd3/0x2a0 [ 618.545095][T14088] get_signal+0x2673/0x26d0 [ 618.549639][T14088] ? hrtimer_nanosleep+0x187/0x380 [ 618.554760][T14088] ? __pfx_get_signal+0x10/0x10 [ 618.559649][T14088] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 618.564873][T14088] arch_do_signal_or_restart+0x8f/0x790 [ 618.570459][T14088] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 618.576627][T14088] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 618.582809][T14088] exit_to_user_mode_loop+0x84/0x110 [ 618.588155][T14088] do_syscall_64+0x3f6/0x490 [ 618.592763][T14088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 618.599112][T14088] RIP: 0033:0x7efc89bc14a5 [ 618.603560][T14088] Code: Unable to access opcode bytes at 0x7efc89bc147b. [ 618.610908][T14088] RSP: 002b:00007efc8a93bf80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 618.619449][T14088] RAX: fffffffffffffdfc RBX: 00007efc89db6090 RCX: 00007efc89bc14a5 [ 618.628057][T14088] RDX: 00007efc8a93bfc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 618.636053][T14088] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 618.644438][T14088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 618.652479][T14088] R13: 00007efc89db6128 R14: 00007efc89db6090 R15: 00007ffddc983b68 [ 618.660548][T14088] [ 618.663573][T14088] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 618.670855][T14088] CPU: 1 UID: 0 PID: 14088 Comm: syz.0.1880 Tainted: G U syzkaller #0 PREEMPT(full) [ 618.681887][T14088] Tainted: [U]=USER [ 618.685708][T14088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 618.695768][T14088] Call Trace: [ 618.699048][T14088] [ 618.701982][T14088] dump_stack_lvl+0x3d/0x1f0 [ 618.706589][T14088] vpanic+0x6e8/0x7a0 [ 618.710586][T14088] ? __pfx_vpanic+0x10/0x10 [ 618.715110][T14088] ? debug_print_object+0x1a2/0x2b0 [ 618.720330][T14088] panic+0xca/0xd0 [ 618.724078][T14088] ? __pfx_panic+0x10/0x10 [ 618.728515][T14088] ? check_panic_on_warn+0x1f/0xb0 [ 618.733645][T14088] check_panic_on_warn+0xab/0xb0 [ 618.738613][T14088] __warn+0xf6/0x3c0 [ 618.742524][T14088] ? debug_print_object+0x1a2/0x2b0 [ 618.747746][T14088] report_bug+0x3c3/0x580 [ 618.752086][T14088] ? debug_print_object+0x1a2/0x2b0 [ 618.757288][T14088] handle_bug+0x184/0x210 [ 618.761636][T14088] exc_invalid_op+0x17/0x50 [ 618.766158][T14088] asm_exc_invalid_op+0x1a/0x20 [ 618.771028][T14088] RIP: 0010:debug_print_object+0x1a2/0x2b0 [ 618.776841][T14088] Code: fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 54 41 56 48 8b 14 dd e0 3d 16 8c 4c 89 e6 48 c7 c7 60 32 16 8c e8 ff 0a 92 fc 90 <0f> 0b 90 90 58 83 05 16 b2 c3 0b 01 48 83 c4 18 5b 5d 41 5c 41 5d [ 618.796451][T14088] RSP: 0018:ffffc90004b17768 EFLAGS: 00010286 [ 618.802513][T14088] RAX: 0000000000000000 RBX: 0000000000000003 RCX: ffffffff817a02c8 [ 618.810481][T14088] RDX: ffff88802c7c3c00 RSI: ffffffff817a02d5 RDI: 0000000000000001 [ 618.818541][T14088] RBP: 0000000000000001 R08: 0000000000000001 R09: 0000000000000000 [ 618.826598][T14088] R10: 0000000000000001 R11: fffffffffffe7d28 R12: ffffffff8c163900 [ 618.834601][T14088] R13: ffffffff8bafeb80 R14: ffffffff8a9a5710 R15: ffffc90004b17868 [ 618.842578][T14088] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 618.848153][T14088] ? __warn_printk+0x198/0x350 [ 618.853021][T14088] ? __warn_printk+0x1a5/0x350 [ 618.857894][T14088] ? debug_print_object+0x1a1/0x2b0 [ 618.863097][T14088] ? __pfx_hci_devcd_timeout+0x10/0x10 [ 618.868578][T14088] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 618.874582][T14088] debug_check_no_obj_freed+0x4b7/0x600 [ 618.880145][T14088] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 618.886311][T14088] ? rcu_is_watching+0x12/0xc0 [ 618.891087][T14088] ? kmem_cache_free+0x2d1/0x4d0 [ 618.896043][T14088] ? kfree_skbmem+0x1a4/0x1f0 [ 618.900735][T14088] kfree+0x28f/0x4d0 [ 618.904634][T14088] ? hci_release_dev+0x4ef/0x610 [ 618.909600][T14088] hci_release_dev+0x4ef/0x610 [ 618.914385][T14088] ? __pfx_hci_release_dev+0x10/0x10 [ 618.919673][T14088] ? rcu_is_watching+0x12/0xc0 [ 618.924443][T14088] ? kfree+0x24f/0x4d0 [ 618.928536][T14088] bt_host_release+0x6a/0xb0 [ 618.933140][T14088] ? __pfx_bt_host_release+0x10/0x10 [ 618.938461][T14088] device_release+0xa1/0x240 [ 618.943067][T14088] kobject_put+0x1e7/0x5a0 [ 618.947623][T14088] ? __pfx_vhci_release+0x10/0x10 [ 618.952666][T14088] put_device+0x1f/0x30 [ 618.956858][T14088] vhci_release+0x81/0xf0 [ 618.961257][T14088] __fput+0x3ff/0xb70 [ 618.965268][T14088] task_work_run+0x14d/0x240 [ 618.969881][T14088] ? __pfx_task_work_run+0x10/0x10 [ 618.975017][T14088] do_exit+0x86f/0x2bf0 [ 618.979219][T14088] ? do_raw_spin_lock+0x12c/0x2b0 [ 618.984263][T14088] ? __pfx_do_exit+0x10/0x10 [ 618.988865][T14088] ? cgroup_update_frozen_flag+0x107/0x210 [ 618.994702][T14088] ? get_signal+0x1d05/0x26d0 [ 618.999390][T14088] ? rcu_is_watching+0x12/0xc0 [ 619.004166][T14088] do_group_exit+0xd3/0x2a0 [ 619.008699][T14088] get_signal+0x2673/0x26d0 [ 619.013210][T14088] ? hrtimer_nanosleep+0x187/0x380 [ 619.018322][T14088] ? __pfx_get_signal+0x10/0x10 [ 619.023181][T14088] ? __pfx_hrtimer_wakeup+0x10/0x10 [ 619.028504][T14088] arch_do_signal_or_restart+0x8f/0x790 [ 619.034065][T14088] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 619.040239][T14088] ? __pfx___x64_sys_clock_nanosleep+0x10/0x10 [ 619.046400][T14088] exit_to_user_mode_loop+0x84/0x110 [ 619.051701][T14088] do_syscall_64+0x3f6/0x490 [ 619.056323][T14088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 619.062219][T14088] RIP: 0033:0x7efc89bc14a5 [ 619.066643][T14088] Code: Unable to access opcode bytes at 0x7efc89bc147b. [ 619.073657][T14088] RSP: 002b:00007efc8a93bf80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6 [ 619.082073][T14088] RAX: fffffffffffffdfc RBX: 00007efc89db6090 RCX: 00007efc89bc14a5 [ 619.090050][T14088] RDX: 00007efc8a93bfc0 RSI: 0000000000000000 RDI: 0000000000000000 [ 619.098018][T14088] RBP: 00007efc89c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 619.105997][T14088] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 619.114060][T14088] R13: 00007efc89db6128 R14: 00007efc89db6090 R15: 00007ffddc983b68 [ 619.122047][T14088] [ 619.125138][T14088] Kernel Offset: disabled [ 619.129470][T14088] Rebooting in 86400 seconds..