last executing test programs: 5.291790812s ago: executing program 2 (id=4064): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000380)='/sys/kernel/security/tomoyo/exception_policy\x00', 0x40802, 0x0) read$auto(r0, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 4.945325788s ago: executing program 2 (id=4065): open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) r0 = open(&(0x7f0000000080)='./file0\x00', 0xeee00, 0x31) mmap$auto(0xf000, 0x1, 0x3ff, 0x12, r0, 0x0) 4.747665897s ago: executing program 2 (id=4066): r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyrd\x00', 0x4000, 0x0) read$auto(r0, 0x0, 0x42) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sysfs$auto(0x2, 0x10000000000000e, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) sendfile$auto(0x1, 0x3, 0x0, 0xc01) r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/018/001\x00', 0x802, 0x0) ioctl$auto_USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000040)={0x23, 0x1, 0x2, 0xc, 0x0, 0x7fb, 0x0}) mmap$auto(0x0, 0x38, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) quotactl_fd$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff, 0x0) setpgid$auto(0x0, 0x0) getdents64$auto(0xffffffffffffffff, 0x0, 0x400) madvise$auto(0x0, 0x8000000000000000, 0x15) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) write$auto(0x3, 0x0, 0xfdef) read$auto(0x3, 0x0, 0x1f40) read$auto(0x3, 0x0, 0x1f40) 4.257572293s ago: executing program 2 (id=4068): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200), 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_flow(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_NEW(r1, &(0x7f0000001280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x40) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) io_uring_setup$auto(0x4, 0x0) bpf$auto(0x5, 0x0, 0x102) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0) write$auto(r4, &(0x7f0000000140)='7\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0xa, 0x6, 0xf, 0x29f, 0x103, 0x7f, 0x101, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x40, 0x76c5, 0x8, 0x100000000}}) madvise$auto(0x0, 0x400053, 0x9) read$auto(r3, 0x0, 0xb4d3) 2.946534501s ago: executing program 2 (id=4074): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r1 = socket(0x2, 0x1, 0x106) read$auto(r1, &(0x7f0000000180)='/dev/snd/midiC2D0\x00', 0x4) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) io_uring_setup$auto(0x6, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, 0x0, 0x40001, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x400000000008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) socket(0x2b, 0x1, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/sys/kernel/sched_rt_period_us\x00', 0x101202, 0x0) sendfile$auto(r4, r4, 0x0, 0x15) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x9, 0x6, 0x63, 0x0, 0x0, 0x0, 0xac, 0x200, 0xa, 0x40000402, 0x9, 0x9, 0xffffffffffbfffff, 0x6, 0x6, 0x200000100103}) sendmsg$auto_OVS_DP_CMD_NEW(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="0f"], 0x24}, 0x1, 0x0, 0x0, 0x20000800}, 0x4) socket(0x10, 0x2, 0x6) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) statx$auto(r2, 0x0, 0x6d7, 0x80000008, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mlock$auto(0x112, 0x80006) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) 2.376292328s ago: executing program 1 (id=4078): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0x5}, 0x2, 0x0, 0x4000000000007, 0x1e78}, 0x800}, 0x4, 0x4008) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x6}, 0xfffffff9, 0x10, 0x0) r1 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0) ioctl$auto_USB_RAW_IOCTL_EP_ENABLE(r1, 0x40095505, 0x0) 2.131655761s ago: executing program 0 (id=4082): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x4) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000240)={0x0, 0x7}, 0x3) sendmsg$auto_NL802154_CMD_SET_ACKREQ_DEFAULT(0xffffffffffffffff, 0x0, 0x40040) getsockopt$auto_SO_REUSEADDR(0xffffffffffffffff, 0x40, 0x2, 0x0, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000000380)='/dev/cuse\x00', 0x0, 0x0) 2.05014455s ago: executing program 3 (id=4083): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x59, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto(r0, 0x545c, 0xffffffffffffffff) 1.907867023s ago: executing program 2 (id=4084): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) r2 = waitid$auto_P_PGID(0x2, 0xffffffffffffffff, &(0x7f0000000340)={@siginfo_0_0={0x101, 0x2, 0x8000, @_sigsys={&(0x7f0000000240)="b089237097b88e40064c533331bb0ef0f3871bb6271d7c7ebbe31d346d27fcd831cda35f211ad5adaa038e646c925d67cb31086631f969ce129b0382463779415e39b70fdf797cdb0eca20afbf1e054a9d1bf9b9fa44a34ce03f43ec9f1a78f74d9ccfca985bd58f840af3597c60703d4620907775a0081ef431f8be10d6c7e35ff52ec27aa3d1eadd29fe6529475538b872e0ee7197cf928e9dff0c41514b651f787dcf714aff7f2ec83d8412b0ad30a25b00075552903ebc130811936d5bd79f1741067769d3a50baa767782d8d0426cfc", 0x9, 0x2}}}, 0x3ff, &(0x7f00000003c0)={{0x3, 0x1000000007}, {0xc, 0x4}, 0xc4, 0x5, 0x7f, 0xfffffffffeffffff, 0x9, 0x5, 0x3ff, 0x6, 0xa511, 0x100, 0x8, 0x6, 0xbdf6, 0x819b}) r3 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x10a) open_by_handle_at$auto(r3, &(0x7f0000000040)={0x8, 0xb, "0600000200000000"}, 0xc) kcmp$auto_KCMP_FILE(r2, 0xffffffffffffffff, 0x0, r1, r0) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) ioctl$auto_BLKFLSBUF(r1, 0x1261, 0x0) r4 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, 0x0, 0x20800, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) unshare$auto(0x40000080) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) eventfd$auto(0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/module/snd_hda_intel/parameters/power_save\x00', 0x80002, 0x0) write$auto(0x3, 0x0, 0xfdef) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) statmount$auto(0x0, &(0x7f0000000680)={0x0, 0x2, 0x5ae, 0x5, 0x7, 0x7, 0x10000, 0x1, 0xa, 0x8, 0x6, 0x9, 0x5, 0x4, 0x1ff, 0x2, 0x8, 0x10000, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x44a2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7f13, 0x0, 0x0, 0x0, 0x4, 0x0, 0x3, 0x8], "076bdc36d5804f668c51d9a5dc65b31abcc1861e151e73e42627aa772c5213fca9da13594316c1d918d74ffeac27317aece9e4f58251bbecb39dfdc155c0cebbd8e4"}, 0x6, 0x1000000) bpf$auto(0x12, &(0x7f0000000040)=@link_update={0xffffffffffffffff, @new_map_fd=r4, 0x49, @old_map_fd=r4}, 0x26) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001180)='/sys/devices/virtual/block/zram0/compact\x00', 0x20001, 0x0) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r5, 0x0, 0x1) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x3, 0x7) 1.906985594s ago: executing program 0 (id=4092): socket(0x2, 0x1, 0x106) shutdown$auto(0x200000003, 0x2) recvmmsg$auto(0x3, &(0x7f0000000100)={{0x0, 0x9, &(0x7f0000000080)={0x0, 0x9}, 0x7, 0x0, 0x1, 0x4}, 0x4}, 0x10000, 0x300, 0x0) listen$auto(0x3, 0x400000) msgctl$auto_IPC_SET(0xad4e, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 1.729918604s ago: executing program 0 (id=4085): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$auto(0x0, 0x6, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = socket(0x2, 0x80002, 0x0) setsockopt$auto_SO_MARK(r0, 0x0, 0x24, 0x0, 0x3) write$auto(0x3, 0x0, 0x3f00) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x128009, 0x9, 0x100000eb1, 0x401, 0x8080) io_uring_setup$auto(0x6, 0x0) r1 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r1, 0x6b, 0x2, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe$auto(0x0) socketpair$auto(0x5, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) r2 = socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) r5 = ioctl$auto_KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r4) ioctl$auto_KVM_CREATE_VM(r3, 0x4008ae9c, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x40}, 0x7) r6 = pidfd_getfd$auto(r0, r5, 0x1) r7 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000100), r2) r8 = getpgid(0x0) sendmsg$auto_OVS_DP_CMD_DEL(r6, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="50000000ea8d657fd1c72ba6e005eec4271c3fd1d8a1e3f2e140bdd355aa32b85183b8d811451b492a4ec3254ff6ccd0a4c3d47268eca067aaafe113ef83bd163e2c03dc552ae3a36183cfbea836be98d79eff751ab3ceb7", @ANYRES16=r7, @ANYBLOB="00042abd7000fcdbdf250200000008000200", @ANYRES32=r8, @ANYBLOB="1c0001002f6465762f67616467657466732f64756d6d795f75646300080005000700000008000500070000000800070000000080"], 0x50}, 0x1, 0x0, 0x0, 0x4000810}, 0x5) 1.47401992s ago: executing program 0 (id=4086): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/pcrypt/pencrypt/parallel_cpumask\x00', 0x80302, 0x0) openat$auto_ep0_operations_inode(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mmap$auto(0x0, 0x6, 0x10000000000df, 0xeb2, 0x401, 0x8000) r1 = socket(0x2, 0x80002, 0x0) setsockopt$auto_SO_MARK(r1, 0x0, 0x24, 0x0, 0x3) write$auto(0x3, 0x0, 0x3f00) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) mmap$auto(0x0, 0x1, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x128009, 0x9, 0x100000eb1, 0x401, 0x8080) io_uring_setup$auto(0x6, 0x0) r2 = socket(0x1d, 0x2, 0x7) getsockopt$auto(r2, 0x6b, 0x2, 0xfffffffffffffffe, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) pipe$auto(0x0) socketpair$auto(0x5, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8000, 0x0) r3 = socket(0x2, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r4 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r5) ioctl$auto_KVM_CREATE_VM(r4, 0x4008ae9c, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x40}, 0x7) sendfile$auto(r0, r0, 0x0, 0x7ffff000) r6 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000100), r3) r7 = getpgid(0x0) sendmsg$auto_OVS_DP_CMD_DEL(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="50000000ea8d657fd1c72ba6e005eec4271c3fd1d8a1e3f2e140bdd355aa32b85183b8d811451b492a4ec3254ff6ccd0a4c3d47268eca067aaafe113ef83bd163e2c03dc552ae3a36183cfbea836be98d79eff751ab3ceb7", @ANYRES16=r6, @ANYBLOB="00042abd7000fcdbdf250200000008000200", @ANYRES32=r7, @ANYBLOB="1c0001002f6465762f67616467657466732f64756d6d795f75646300080005000700000008000500070000000800070000000080"], 0x50}, 0x1, 0x0, 0x0, 0x4000810}, 0x5) 1.372203757s ago: executing program 1 (id=4087): openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) shmctl$auto_SHM_INFO(0x3, 0xe, 0x0) 1.152403061s ago: executing program 0 (id=4088): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_genetlink_get_family_id$auto_ovs_ct_limit(0x0, 0xffffffffffffffff) sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, 0x0, 0x840) madvise$auto(0x0, 0x8000000000000000, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(0xffffffffffffffff, 0x0, 0x4) 1.088818582s ago: executing program 3 (id=4089): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x848000000015, 0x805, 0x0) socket(0xa, 0x3, 0x100) socketpair$auto(0xb, 0xd, 0xfffffffd, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x88000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TCFLSH2(r0, 0x8924, 0x0) 983.177193ms ago: executing program 1 (id=4090): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x101202, 0x0) mmap$auto(0x0, 0x99, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0xd, 0x0) r0 = fsopen$auto(0x0, 0x1) fsconfig$auto(r0, 0x8, 0x0, 0x0, 0x0) r1 = fsopen$auto(0x0, 0x1) fsconfig$auto(r1, 0x8, 0x0, 0x0, 0x0) 720.835067ms ago: executing program 3 (id=4091): openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) socket(0x2, 0x1, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, 0x0, 0x20008810) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40001) getsockopt$auto(0xffffffffffffffff, 0x114, 0x2720, 0xfffffffffffffffc, 0x0) r0 = getpid() r1 = gettid() rt_tgsigqueueinfo$auto(r0, r1, 0x21, 0x0) 626.699837ms ago: executing program 1 (id=4093): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/adsp1\x00', 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x8000000000000001) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x9, 0x0) r2 = socket(0xa, 0x2, 0x0) ioctl$auto(0x3, 0x5411, 0x38) r3 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r3, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) close_range$auto(0x2, r1, 0x10000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x129102, 0x0) r4 = socket$auto(0x200, 0x1, 0xe) ioctl$auto_TUNSETDEBUG(r4, 0x400454c9, &(0x7f00000000c0)=0x8) r5 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000bc0)='/dev/binderfs/binder0\x00', 0x102, 0x0) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x1) ioctl$auto_BINDER_SET_CONTEXT_MGR(r5, 0x40046207, 0x0) r6 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9482, 0x0) read$auto_state_fops_(r6, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), r2) 607.383913ms ago: executing program 3 (id=4094): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000100)='/proc/kpageflags\x00', 0x2, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto_KVM_GET_MSRS(0xffffffffffffffff, 0x4400ae8f, 0x0) ioctl$auto(0x3, 0x40a0ae49, 0x38) close_range$auto(0x2, 0x8, 0x0) 269.976628ms ago: executing program 3 (id=4095): r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0xc) openat$auto_debugfs_devm_entry_ops_file(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/cec/cec6/status\x00', 0x100, 0x0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="18000000", @ANYRES8=r2, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x4000050) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 168.638799ms ago: executing program 1 (id=4096): mmap$auto(0x0, 0x8, 0x2, 0x9b72, 0x5, 0x0) mkdir$auto(&(0x7f0000000100)='}[,&*}\x00', 0x8001) chdir$auto(&(0x7f0000000000)='}[,&*}\x00') getcwd$auto(0x0, 0xffffffffffffffff) unlinkat$auto(0xffffffffffffffff, 0x0, 0x200) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000480)='/sys/power/resume\x00', 0x189002, 0x0) sendfile$auto(r0, r0, 0x0, 0x4265) 112.383146ms ago: executing program 0 (id=4097): close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x602, 0x1) open(&(0x7f0000000000)='./file1\x00', 0x1652c2, 0xe1d2b27bdc14aa98) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/vlan/config\x00', 0xc0000, 0x0) readv$auto(0x3, &(0x7f0000000040)={&(0x7f0000000000), 0x36a}, 0x6) 45.994833ms ago: executing program 3 (id=4098): chdir$auto(&(0x7f0000000040)='./cgroup\x00') r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/module/block2mtd/parameters/block2mtd\x00', 0x601, 0x0) r1 = eventfd2$auto(0x6, 0x4) mmap$auto(0x8008d1, 0x100000001, 0xdf, 0x7fff, r1, 0x8000) ioctl$auto_BCH_IOCTL_FS_USAGE(r1, 0xc040bc0b, &(0x7f0000000100)={0x0, 0x4, 0x0, '\x00', 0x7, 0x0, [{0x0, {0x6, 0x74, 0xa, "ed89701def650f4533c94d859792f8af3637d210bd0f52c4887252d2627c14c2ff99e1686aecabe2c1496d91246e902f2a385deca93fff47b8451befd37a569fd12c880d214609c22f882071020edcb519cb7a931e2c9fa09b2e04cf7956e7b654d7c09ed4ee8b0176650170ece825110b2f6d21"}}]}) select$auto(0x7, 0x0, 0x0, 0x0, &(0x7f0000001000)={0xffffffffffffffff, 0x3}) write$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000000)="e7696e5891a9bccbf2a814c2b1c2da6a4642e71e423e55bb3bdfb80fb3496c6bac2c476942", 0x25) mkdir$auto(&(0x7f0000000080)='./cgroup\x00', 0x0) 0s ago: executing program 1 (id=4099): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x59, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) ioctl$auto(r0, 0x545c, 0xffffffffffffffff) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.142' (ED25519) to the list of known hosts. [ 81.962474][ T5817] cgroup: Unknown subsys name 'net' [ 82.112259][ T5817] cgroup: Unknown subsys name 'cpuset' [ 82.121267][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.649420][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.756299][ T52] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.765594][ T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.774364][ T52] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.782351][ T52] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.799445][ T52] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.807323][ T52] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.816975][ T5833] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.830550][ T5833] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.838913][ T5833] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.846733][ T5833] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.883410][ T5833] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.891865][ T5833] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.900159][ T5833] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.909155][ T5833] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.919522][ T5833] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.984630][ T5833] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.998843][ T5833] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 86.006649][ T5833] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 86.026622][ T5833] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 86.035387][ T5833] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 86.329007][ T5830] chnl_net:caif_netlink_parms(): no params data found [ 86.537416][ T5826] chnl_net:caif_netlink_parms(): no params data found [ 86.611362][ T5830] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.618744][ T5830] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.626211][ T5830] bridge_slave_0: entered allmulticast mode [ 86.633992][ T5830] bridge_slave_0: entered promiscuous mode [ 86.642850][ T5830] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.650132][ T5830] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.657328][ T5830] bridge_slave_1: entered allmulticast mode [ 86.664450][ T5830] bridge_slave_1: entered promiscuous mode [ 86.725093][ T5835] chnl_net:caif_netlink_parms(): no params data found [ 86.769535][ T5830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.798953][ T5830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.832149][ T5838] chnl_net:caif_netlink_parms(): no params data found [ 86.940971][ T5826] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.948493][ T5826] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.955711][ T5826] bridge_slave_0: entered allmulticast mode [ 86.964211][ T5826] bridge_slave_0: entered promiscuous mode [ 86.990946][ T5830] team0: Port device team_slave_0 added [ 87.018028][ T5826] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.026190][ T5826] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.034521][ T5826] bridge_slave_1: entered allmulticast mode [ 87.043470][ T5826] bridge_slave_1: entered promiscuous mode [ 87.100856][ T5830] team0: Port device team_slave_1 added [ 87.137752][ T5826] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.156972][ T5826] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.229829][ T5835] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.237594][ T5835] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.244898][ T5835] bridge_slave_0: entered allmulticast mode [ 87.251985][ T5835] bridge_slave_0: entered promiscuous mode [ 87.295027][ T5826] team0: Port device team_slave_0 added [ 87.301366][ T5835] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.308735][ T5835] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.315901][ T5835] bridge_slave_1: entered allmulticast mode [ 87.323757][ T5835] bridge_slave_1: entered promiscuous mode [ 87.331346][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.338747][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.364755][ T5830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.392975][ T5826] team0: Port device team_slave_1 added [ 87.411100][ T5830] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.418057][ T5830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.445054][ T5830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.465456][ T5838] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.472794][ T5838] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.480394][ T5838] bridge_slave_0: entered allmulticast mode [ 87.487380][ T5838] bridge_slave_0: entered promiscuous mode [ 87.523503][ T5835] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.536573][ T5835] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.546119][ T5838] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.553324][ T5838] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.560708][ T5838] bridge_slave_1: entered allmulticast mode [ 87.567683][ T5838] bridge_slave_1: entered promiscuous mode [ 87.623635][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.631248][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.658114][ T5826] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.703072][ T5826] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.710447][ T5826] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.736721][ T5826] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.764456][ T5830] hsr_slave_0: entered promiscuous mode [ 87.771181][ T5830] hsr_slave_1: entered promiscuous mode [ 87.779159][ T5835] team0: Port device team_slave_0 added [ 87.787946][ T5838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.801310][ T5838] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.827693][ T5835] team0: Port device team_slave_1 added [ 87.869315][ T5833] Bluetooth: hci0: command tx timeout [ 87.875069][ T5833] Bluetooth: hci1: command tx timeout [ 87.908890][ T5838] team0: Port device team_slave_0 added [ 87.927003][ T5826] hsr_slave_0: entered promiscuous mode [ 87.934238][ T5826] hsr_slave_1: entered promiscuous mode [ 87.940606][ T5826] debugfs: 'hsr0' already exists in 'hsr' [ 87.946406][ T5826] Cannot create hsr debugfs directory [ 87.952893][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 87.960253][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 87.986566][ T5835] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 87.999553][ T5838] team0: Port device team_slave_1 added [ 88.022629][ T5835] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.029787][ T5835] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.030792][ T5833] Bluetooth: hci2: command tx timeout [ 88.056728][ T5835] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.103079][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.110187][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.118568][ T5833] Bluetooth: hci3: command tx timeout [ 88.143249][ T5838] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.184956][ T5838] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.192474][ T5838] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.218597][ T5838] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.328006][ T5835] hsr_slave_0: entered promiscuous mode [ 88.334487][ T5835] hsr_slave_1: entered promiscuous mode [ 88.341081][ T5835] debugfs: 'hsr0' already exists in 'hsr' [ 88.346813][ T5835] Cannot create hsr debugfs directory [ 88.401185][ T5838] hsr_slave_0: entered promiscuous mode [ 88.407444][ T5838] hsr_slave_1: entered promiscuous mode [ 88.414246][ T5838] debugfs: 'hsr0' already exists in 'hsr' [ 88.420265][ T5838] Cannot create hsr debugfs directory [ 88.680581][ T5830] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 88.693693][ T5830] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 88.720183][ T5830] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 88.731473][ T5830] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 88.840323][ T5826] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 88.853933][ T5826] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 88.887693][ T5826] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 88.900816][ T5826] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 88.970066][ T5835] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 88.985584][ T5835] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 88.996515][ T5835] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 89.007999][ T5835] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 89.122208][ T5838] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 89.132844][ T5838] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 89.144115][ T5838] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 89.157031][ T5838] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 89.186206][ T5830] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.253256][ T5830] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.272747][ T5826] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.283474][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.290786][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.313797][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.320972][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.393680][ T5826] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.413826][ T5835] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.435273][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.442794][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.483606][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.490750][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.514534][ T5835] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.604486][ T5838] 8021q: adding VLAN 0 to HW filter on device bond0 [ 89.617925][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.625173][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.635948][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.643192][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.683602][ T5826] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 89.754271][ T5838] 8021q: adding VLAN 0 to HW filter on device team0 [ 89.786565][ T3481] bridge0: port 1(bridge_slave_0) entered blocking state [ 89.793775][ T3481] bridge0: port 1(bridge_slave_0) entered forwarding state [ 89.817098][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 89.824315][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 89.892061][ T5830] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 89.952287][ T5829] Bluetooth: hci0: command tx timeout [ 89.957821][ T5833] Bluetooth: hci1: command tx timeout [ 90.099651][ T5830] veth0_vlan: entered promiscuous mode [ 90.112698][ T5833] Bluetooth: hci2: command tx timeout [ 90.147039][ T5830] veth1_vlan: entered promiscuous mode [ 90.188619][ T5833] Bluetooth: hci3: command tx timeout [ 90.213598][ T5826] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.301442][ T5835] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.314977][ T5830] veth0_macvtap: entered promiscuous mode [ 90.326388][ T5830] veth1_macvtap: entered promiscuous mode [ 90.382799][ T5838] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 90.395997][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.413409][ T5830] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.445953][ T65] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.455608][ T65] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.481083][ T65] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.490312][ T65] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.504783][ T5826] veth0_vlan: entered promiscuous mode [ 90.515737][ T5835] veth0_vlan: entered promiscuous mode [ 90.550505][ T5826] veth1_vlan: entered promiscuous mode [ 90.577381][ T5835] veth1_vlan: entered promiscuous mode [ 90.635861][ T5838] veth0_vlan: entered promiscuous mode [ 90.665474][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.681667][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.690691][ T5838] veth1_vlan: entered promiscuous mode [ 90.747932][ T5826] veth0_macvtap: entered promiscuous mode [ 90.760353][ T5835] veth0_macvtap: entered promiscuous mode [ 90.768992][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.776844][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.780301][ T5826] veth1_macvtap: entered promiscuous mode [ 90.809009][ T5835] veth1_macvtap: entered promiscuous mode [ 90.816304][ T5838] veth0_macvtap: entered promiscuous mode [ 90.852156][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.865562][ T5826] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.874509][ T5838] veth1_macvtap: entered promiscuous mode [ 90.913472][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 90.925318][ T49] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.931468][ T5830] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 90.950557][ T49] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.965222][ T5835] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 90.985522][ T49] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 90.994795][ T49] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.013450][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 91.031386][ T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.054916][ T5838] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 91.073757][ T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.108890][ T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.117683][ T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.140728][ T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.185636][ T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.205910][ T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.246940][ T5917] Console: switching to colour VGA+ 80x25 [ 91.253836][ T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 91.330445][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.330486][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.353288][ T5917] Console: switching to colour frame buffer device 128x48 [ 91.408107][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.408133][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.467624][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.482516][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.513925][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.528235][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.567473][ T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.612461][ T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.620324][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 91.629713][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 91.967175][ T43] cfg80211: failed to load regulatory.db [ 92.029713][ T5829] Bluetooth: hci0: command tx timeout [ 92.035305][ T5833] Bluetooth: hci1: command tx timeout [ 92.102840][ T5929] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 92.112978][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.121840][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.130650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.139494][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.148045][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.163015][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.188712][ T5833] Bluetooth: hci2: command tx timeout [ 92.265389][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.271827][ T5833] Bluetooth: hci3: command tx timeout [ 92.399217][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.182727][ T5930] ALSA: mixer_oss: invalid OSS volume '0' [ 93.193443][ T5930] ALSA: mixer_oss: invalid OSS volume 'PHONET' [ 93.201581][ T5930] ALSA: mixer_oss: invalid OSS volume 'L2TP/IPv6' [ 93.218748][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.238607][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.440316][ T5948] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 94.111186][ T5833] Bluetooth: hci1: command tx timeout [ 94.116664][ T5833] Bluetooth: hci0: command tx timeout [ 94.269238][ T5833] Bluetooth: hci2: command tx timeout [ 94.358902][ T5833] Bluetooth: hci3: command tx timeout [ 724.026137][T17739] FAULT_INJECTION: forcing a failure. [ 724.026137][T17739] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 724.040875][T17739] CPU: 1 UID: 0 PID: 17739 Comm: syz.3.3045 Not tainted syzkaller #0 PREEMPT(full) [ 724.040911][T17739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 724.040927][T17739] Call Trace: [ 724.040934][T17739] [ 724.040944][T17739] dump_stack_lvl+0x16c/0x1f0 [ 724.040977][T17739] should_fail_ex+0x512/0x640 [ 724.041019][T17739] should_fail_alloc_page+0xe7/0x130 [ 724.041054][T17739] prepare_alloc_pages+0x3c2/0x610 [ 724.041086][T17739] ? rcu_is_watching+0x12/0xc0 [ 724.041116][T17739] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 724.041146][T17739] ? __lock_acquire+0xb8a/0x1c90 [ 724.041192][T17739] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 724.041215][T17739] ? do_raw_spin_lock+0x12c/0x2b0 [ 724.041255][T17739] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 724.041292][T17739] ? find_held_lock+0x2b/0x80 [ 724.041331][T17739] ? __lock_acquire+0xb8a/0x1c90 [ 724.041362][T17739] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 724.041403][T17739] ? policy_nodemask+0xea/0x4e0 [ 724.041433][T17739] alloc_pages_mpol+0x1fb/0x550 [ 724.041466][T17739] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 724.041506][T17739] folio_alloc_mpol_noprof+0x36/0x2f0 [ 724.041540][T17739] shmem_alloc_folio+0x135/0x160 [ 724.041573][T17739] shmem_alloc_and_add_folio+0x499/0xc20 [ 724.041619][T17739] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 724.041660][T17739] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 724.041695][T17739] shmem_get_folio_gfp+0x67f/0x1610 [ 724.041730][T17739] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 724.041756][T17739] ? filemap_map_pages+0xe01/0x1b70 [ 724.041789][T17739] shmem_fault+0x1fe/0xa30 [ 724.041817][T17739] ? __pfx_shmem_fault+0x10/0x10 [ 724.041850][T17739] ? __pfx_filemap_map_pages+0x10/0x10 [ 724.041886][T17739] ? __pfx_filemap_map_pages+0x10/0x10 [ 724.041908][T17739] __do_fault+0x10d/0x490 [ 724.041938][T17739] ? __pfx_filemap_map_pages+0x10/0x10 [ 724.041960][T17739] do_pte_missing+0xf4a/0x3ba0 [ 724.041998][T17739] ? find_held_lock+0x2b/0x80 [ 724.042024][T17739] ? __handle_mm_fault+0x1529/0x2aa0 [ 724.042064][T17739] __handle_mm_fault+0x1556/0x2aa0 [ 724.042105][T17739] ? mt_find+0x3e2/0xa20 [ 724.042134][T17739] ? __pfx___handle_mm_fault+0x10/0x10 [ 724.042171][T17739] ? __pfx_mt_find+0x10/0x10 [ 724.042222][T17739] ? find_vma+0xbf/0x140 [ 724.042259][T17739] ? __pfx_find_vma+0x10/0x10 [ 724.042293][T17739] handle_mm_fault+0x589/0xd10 [ 724.042329][T17739] ? __pkru_allows_pkey+0x11/0xb0 [ 724.042368][T17739] do_user_addr_fault+0x7a6/0x1370 [ 724.042395][T17739] ? rcu_is_watching+0x12/0xc0 [ 724.042425][T17739] exc_page_fault+0x64/0xc0 [ 724.042452][T17739] asm_exc_page_fault+0x26/0x30 [ 724.042476][T17739] RIP: 0010:rep_movs_alternative+0x4a/0x90 [ 724.042511][T17739] Code: 3c 04 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48 [ 724.042540][T17739] RSP: 0018:ffffc90004b07438 EFLAGS: 00050202 [ 724.042560][T17739] RAX: 0000000000000001 RBX: 000000000000ff04 RCX: 0000000000002f04 [ 724.042574][T17739] RDX: ffffed10100f5fe3 RSI: 000000000000d000 RDI: ffff8880807ad010 [ 724.042589][T17739] RBP: 000000000000ff04 R08: 0000000000000001 R09: ffffed10100f5fe2 [ 724.042602][T17739] R10: ffff8880807aff13 R11: 0000000000000000 R12: 0000000000000000 [ 724.042617][T17739] R13: ffffc90004b07b50 R14: ffff8880807a0010 R15: 0000000000000000 [ 724.042653][T17739] _copy_from_iter+0x4eb/0x1720 [ 724.042701][T17739] ? __pfx__copy_from_iter+0x10/0x10 [ 724.042738][T17739] ? sctp_addto_chunk+0xfa/0x2a0 [ 724.042764][T17739] ? __asan_memcpy+0x3c/0x60 [ 724.042791][T17739] ? sctp_make_datafrag_empty+0x1c3/0x240 [ 724.042820][T17739] ? __pfx_sctp_make_datafrag_empty+0x10/0x10 [ 724.042852][T17739] sctp_user_addto_chunk+0x84/0x240 [ 724.042884][T17739] sctp_datamsg_from_user+0x5b6/0x1330 [ 724.042941][T17739] sctp_sendmsg_to_asoc+0xae2/0x1bd0 [ 724.042972][T17739] ? sctp_assoc_set_primary+0x177/0x300 [ 724.043005][T17739] ? sctp_assoc_add_peer+0x252/0x1550 [ 724.043044][T17739] ? __pfx_sctp_sendmsg_to_asoc+0x10/0x10 [ 724.043073][T17739] ? sctp_connect_new_asoc+0x41e/0x770 [ 724.043109][T17739] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 724.043145][T17739] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 724.043181][T17739] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 724.043224][T17739] sctp_sendmsg+0xe99/0x1e00 [ 724.043277][T17739] ? __pfx_sctp_sendmsg+0x10/0x10 [ 724.043310][T17739] ? __pfx___might_resched+0x10/0x10 [ 724.043346][T17739] ? aa_sk_perm+0x2f4/0xb10 [ 724.043375][T17739] ? __pfx_aa_sk_perm+0x10/0x10 [ 724.043410][T17739] ? __pfx_sctp_sendmsg+0x10/0x10 [ 724.043445][T17739] inet_sendmsg+0x11c/0x140 [ 724.043480][T17739] ____sys_sendmsg+0x973/0xc70 [ 724.043515][T17739] ? __pfx_____sys_sendmsg+0x10/0x10 [ 724.043551][T17739] ? find_held_lock+0x2b/0x80 [ 724.043578][T17739] ? futex_unqueue+0x133/0x2c0 [ 724.043615][T17739] ___sys_sendmsg+0x134/0x1d0 [ 724.043642][T17739] ? __pfx____sys_sendmsg+0x10/0x10 [ 724.043699][T17739] ? find_held_lock+0x2b/0x80 [ 724.043749][T17739] __sys_sendmmsg+0x200/0x420 [ 724.043779][T17739] ? __pfx___sys_sendmmsg+0x10/0x10 [ 724.043815][T17739] ? __pfx_do_futex+0x10/0x10 [ 724.043844][T17739] ? rcu_is_watching+0x12/0xc0 [ 724.043892][T17739] ? xfd_validate_state+0x61/0x180 [ 724.043924][T17739] ? __sys_setsockopt+0x140/0x1a0 [ 724.043966][T17739] __x64_sys_sendmmsg+0x9c/0x100 [ 724.043990][T17739] ? lockdep_hardirqs_on+0x7c/0x110 [ 724.044017][T17739] do_syscall_64+0xcd/0xfa0 [ 724.044047][T17739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.044072][T17739] RIP: 0033:0x7f95bfb8efc9 [ 724.044093][T17739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.044118][T17739] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 724.044146][T17739] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 724.044164][T17739] RDX: 0000000000000008 RSI: 0000200000000140 RDI: 0000000000000003 [ 724.044180][T17739] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 724.044197][T17739] R10: 0000000000000311 R11: 0000000000000246 R12: 0000000000000000 [ 724.044213][T17739] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 724.044257][T17739] [ 724.649631][ C1] vkms_vblank_simulate: vblank timer overrun [ 725.943543][T17754] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3049'. [ 727.003139][T17754] team0 (unregistering): Port device team_slave_0 removed [ 727.104784][T17754] team0 (unregistering): Port device team_slave_1 removed [ 727.258240][T17768] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 727.425657][T17768] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 727.544659][T17768] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 727.552329][T17768] page_type: f5(slab) [ 727.556596][T17768] raw: 00fff00000000040 ffff88813ffa7280 ffffea0000924000 0000000000000004 [ 727.565317][T17768] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 727.574088][T17768] head: 00fff00000000040 ffff88813ffa7280 ffffea0000924000 0000000000000004 [ 727.582900][T17768] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 727.591801][T17768] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 727.606842][T17768] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 727.621961][T17768] page dumped because: unmovable page [ 727.627862][T17768] page_owner tracks the page as allocated [ 727.654150][T17768] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x528c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP), pid 17034, tgid 17030 (syz.3.2889), ts 686436639113, free_ts 686334047668 [ 727.733766][T17768] post_alloc_hook+0x1c0/0x230 [ 727.738620][T17768] get_page_from_freelist+0x10a3/0x3a30 [ 727.833043][T17768] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 727.860621][T17768] alloc_pages_mpol+0x1fb/0x550 [ 727.882769][T17768] new_slab+0x24a/0x360 [ 727.887018][T17768] ___slab_alloc+0xdc4/0x1ae0 [ 727.891741][T17768] __slab_alloc.constprop.0+0x63/0x110 [ 727.899430][T17768] __kvmalloc_node_noprof+0x5aa/0x9c0 [ 727.905001][T17768] netlink_alloc_large_skb+0x9b/0x140 [ 727.956885][T17768] netlink_sendmsg+0x698/0xdd0 [ 727.961733][T17768] ____sys_sendmsg+0xa98/0xc70 [ 727.967115][T17768] ___sys_sendmsg+0x134/0x1d0 [ 727.971844][T17768] __sys_sendmmsg+0x200/0x420 [ 727.977576][T17768] __x64_sys_sendmmsg+0x9c/0x100 [ 727.985370][T17768] do_syscall_64+0xcd/0xfa0 [ 727.991490][T17768] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.998324][T17768] page last free pid 17034 tgid 17030 stack trace: [ 728.056163][T17768] __free_frozen_pages+0x7df/0x1160 [ 728.093201][T17768] __put_partials+0x130/0x170 [ 728.116645][T17768] qlist_free_all+0x4d/0x120 [ 728.133698][T17768] kasan_quarantine_reduce+0x195/0x1e0 [ 728.186072][T17768] __kasan_slab_alloc+0x69/0x90 [ 728.191606][T17768] kmem_cache_alloc_noprof+0x250/0x6e0 [ 728.197184][T17768] ptlock_alloc+0x1f/0x70 [ 728.202015][T17768] pte_alloc_one+0x84/0x350 [ 728.206664][T17768] do_pte_missing+0x1acf/0x3ba0 [ 728.211704][T17768] __handle_mm_fault+0x1556/0x2aa0 [ 728.217106][T17768] handle_mm_fault+0x589/0xd10 [ 728.223004][T17768] __get_user_pages+0x54e/0x3530 [ 728.228345][T17768] populate_vma_page_range+0x267/0x3f0 [ 728.234384][T17768] __mm_populate+0x1d8/0x380 [ 728.239216][T17768] vm_mmap_pgoff+0x37f/0x470 [ 728.244831][T17768] ksys_mmap_pgoff+0x32c/0x5c0 [ 731.254901][T17829] serio: Serial port pty6 [ 732.433277][T17831] kexec: Could not allocate control_code_buffer [ 733.527394][T17864] random: crng reseeded on system resumption [ 733.604439][T17865] blktrace: Concurrent blktraces are not allowed on loop12 [ 734.274986][T17873] FAULT_INJECTION: forcing a failure. [ 734.274986][T17873] name failslab, interval 1, probability 0, space 0, times 0 [ 734.290967][T17873] CPU: 1 UID: 0 PID: 17873 Comm: syz.3.3074 Not tainted syzkaller #0 PREEMPT(full) [ 734.291007][T17873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 734.291023][T17873] Call Trace: [ 734.291033][T17873] [ 734.291043][T17873] dump_stack_lvl+0x16c/0x1f0 [ 734.291163][T17873] should_fail_ex+0x512/0x640 [ 734.291202][T17873] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 734.291237][T17873] should_failslab+0xc2/0x120 [ 734.291271][T17873] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 734.291296][T17873] ? do_raw_spin_lock+0x12c/0x2b0 [ 734.291333][T17873] ? sock_alloc_inode+0x25/0x1c0 [ 734.291370][T17873] ? __pfx_sock_alloc_inode+0x10/0x10 [ 734.291408][T17873] ? sock_alloc_inode+0x25/0x1c0 [ 734.291435][T17873] sock_alloc_inode+0x25/0x1c0 [ 734.291463][T17873] alloc_inode+0x64/0x240 [ 734.291499][T17873] sock_alloc+0x40/0x280 [ 734.291528][T17873] __sock_create+0xc1/0x8d0 [ 734.291558][T17873] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 734.291596][T17873] inet_ctl_sock_create+0x94/0x230 [ 734.291631][T17873] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 734.291665][T17873] ? ndisc_net_init+0x1bc/0x250 [ 734.291699][T17873] ? __pfx_ndisc_net_init+0x10/0x10 [ 734.291734][T17873] ? __pfx_igmp6_net_init+0x10/0x10 [ 734.291770][T17873] igmp6_net_init+0x35/0x470 [ 734.291807][T17873] ? __pfx_igmp6_net_init+0x10/0x10 [ 734.291840][T17873] ops_init+0x1e2/0x5f0 [ 734.291870][T17873] setup_net+0x100/0x390 [ 734.291897][T17873] ? __pfx_setup_net+0x10/0x10 [ 734.291924][T17873] ? debug_mutex_init+0x37/0x70 [ 734.291955][T17873] copy_net_ns+0x2f8/0x690 [ 734.291987][T17873] create_new_namespaces+0x3ea/0xa90 [ 734.292024][T17873] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 734.292057][T17873] ksys_unshare+0x45b/0xa40 [ 734.292109][T17873] ? __pfx_ksys_unshare+0x10/0x10 [ 734.292144][T17873] ? xfd_validate_state+0x61/0x180 [ 734.292194][T17873] __x64_sys_unshare+0x31/0x40 [ 734.292228][T17873] do_syscall_64+0xcd/0xfa0 [ 734.292257][T17873] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.292284][T17873] RIP: 0033:0x7f95bfb8efc9 [ 734.292306][T17873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.292332][T17873] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 734.292357][T17873] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 734.292376][T17873] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 734.292405][T17873] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 734.292421][T17873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 734.292439][T17873] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 734.292478][T17873] [ 734.292492][T17873] socket: no more sockets [ 734.586490][T17883] FAULT_INJECTION: forcing a failure. [ 734.586490][T17883] name failslab, interval 1, probability 0, space 0, times 0 [ 734.586523][T17883] CPU: 1 UID: 0 PID: 17883 Comm: syz.2.3075 Not tainted syzkaller #0 PREEMPT(full) [ 734.586540][T17883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 734.586549][T17883] Call Trace: [ 734.586554][T17883] [ 734.586560][T17883] dump_stack_lvl+0x16c/0x1f0 [ 734.586579][T17883] should_fail_ex+0x512/0x640 [ 734.586601][T17883] ? fs_reclaim_acquire+0xae/0x150 [ 734.586621][T17883] should_failslab+0xc2/0x120 [ 734.586640][T17883] __kmalloc_noprof+0xdd/0x880 [ 734.586662][T17883] ? tomoyo_encode2+0x100/0x3e0 [ 734.586680][T17883] ? tomoyo_encode2+0x100/0x3e0 [ 734.586694][T17883] tomoyo_encode2+0x100/0x3e0 [ 734.586711][T17883] tomoyo_encode+0x29/0x50 [ 734.586725][T17883] tomoyo_mount_acl+0x144/0x850 [ 734.586738][T17883] ? bpf_ksym_find+0x124/0x1c0 [ 734.586754][T17883] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 734.586772][T17883] ? is_bpf_text_address+0x94/0x1a0 [ 734.586793][T17883] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 734.586805][T17883] ? unwind_get_return_address+0x59/0xa0 [ 734.586841][T17883] ? tomoyo_domain+0xbb/0x150 [ 734.586857][T17883] ? tomoyo_profile+0x47/0x60 [ 734.586876][T17883] tomoyo_mount_permission+0x16d/0x420 [ 734.586890][T17883] ? tomoyo_mount_permission+0x14f/0x420 [ 734.586905][T17883] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 734.586930][T17883] security_sb_mount+0x9b/0x260 [ 734.586952][T17883] path_mount+0x158/0x23a0 [ 734.586971][T17883] ? __pfx_path_mount+0x10/0x10 [ 734.586988][T17883] ? kmem_cache_free+0x2d4/0x6c0 [ 734.587001][T17883] ? putname+0x154/0x1a0 [ 734.587022][T17883] ? putname+0x154/0x1a0 [ 734.587037][T17883] ? putname+0x154/0x1a0 [ 734.587056][T17883] ? __x64_sys_mount+0x293/0x310 [ 734.587070][T17883] __x64_sys_mount+0x293/0x310 [ 734.587086][T17883] ? __pfx___x64_sys_mount+0x10/0x10 [ 734.587108][T17883] do_syscall_64+0xcd/0xfa0 [ 734.587135][T17883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 734.587149][T17883] RIP: 0033:0x7f8605f8efc9 [ 734.587162][T17883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 734.587177][T17883] RSP: 002b:00007f8606d9f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 734.587191][T17883] RAX: ffffffffffffffda RBX: 00007f86061e6180 RCX: 00007f8605f8efc9 [ 734.587200][T17883] RDX: 0000200000000440 RSI: 0000200000000100 RDI: 0000000000000000 [ 734.587209][T17883] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 734.587217][T17883] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000 [ 734.587225][T17883] R13: 00007f86061e6218 R14: 00007f86061e6180 R15: 00007fff794115c8 [ 734.587245][T17883] [ 734.626757][T17873] Failed to initialize the IGMP6 control socket (err -23) [ 737.996414][ T30] audit: type=1804 audit(4294969502.242:21): pid=17930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3085" name="/newroot/727/file0" dev="tmpfs" ino=3820 res=1 errno=0 [ 740.068109][T17959] netlink: 330 bytes leftover after parsing attributes in process `syz.1.3091'. [ 742.046230][T17986] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3097'. [ 743.650195][T18011] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 743.870922][T18026] warning: `syz.3.3104' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 747.283610][T18065] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3109'. [ 748.909820][T18097] Console: switching to colour VGA+ 80x25 [ 749.056370][T18107] FAULT_INJECTION: forcing a failure. [ 749.056370][T18107] name failslab, interval 1, probability 0, space 0, times 0 [ 749.103001][T18107] CPU: 0 UID: 0 PID: 18107 Comm: syz.2.3120 Not tainted syzkaller #0 PREEMPT(full) [ 749.103036][T18107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 749.103045][T18107] Call Trace: [ 749.103050][T18107] [ 749.103057][T18107] dump_stack_lvl+0x16c/0x1f0 [ 749.103078][T18107] should_fail_ex+0x512/0x640 [ 749.103100][T18107] ? __kmalloc_noprof+0xca/0x880 [ 749.103125][T18107] should_failslab+0xc2/0x120 [ 749.103143][T18107] __kmalloc_noprof+0xdd/0x880 [ 749.103165][T18107] ? handler_new_ref+0x1b0/0xc60 [ 749.103186][T18107] ? handler_new_ref+0x1b0/0xc60 [ 749.103202][T18107] ? handler_new_ref+0x827/0xc60 [ 749.103217][T18107] handler_new_ref+0x1b0/0xc60 [ 749.103239][T18107] v4l2_ctrl_new+0x196c/0x2190 [ 749.103266][T18107] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 749.103289][T18107] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 749.103315][T18107] v4l2_ctrl_new_std+0x1be/0x290 [ 749.103338][T18107] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 749.103357][T18107] ? rcu_is_watching+0x12/0xc0 [ 749.103372][T18107] ? trace_kmalloc+0x2b/0xd0 [ 749.103388][T18107] ? __kvmalloc_node_noprof+0x3c0/0x9c0 [ 749.103405][T18107] ? v4l2_ctrl_handler_init_class+0x201/0x350 [ 749.103425][T18107] ? media_request_object_init+0x100/0x180 [ 749.103442][T18107] vicodec_open+0x1b2/0xf70 [ 749.103455][T18107] ? kobject_get_unless_zero+0x156/0x1e0 [ 749.103476][T18107] v4l2_open+0x1d2/0x5e0 [ 749.103491][T18107] ? __pfx_v4l2_open+0x10/0x10 [ 749.103506][T18107] chrdev_open+0x234/0x6a0 [ 749.103522][T18107] ? __pfx_apparmor_file_open+0x10/0x10 [ 749.103543][T18107] ? __pfx_chrdev_open+0x10/0x10 [ 749.103563][T18107] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 749.103582][T18107] do_dentry_open+0x982/0x1530 [ 749.103598][T18107] ? __pfx_chrdev_open+0x10/0x10 [ 749.103618][T18107] vfs_open+0x82/0x3f0 [ 749.103640][T18107] path_openat+0x1de4/0x2cb0 [ 749.103661][T18107] ? __pfx_path_openat+0x10/0x10 [ 749.103677][T18107] ? __lock_acquire+0xb8a/0x1c90 [ 749.103698][T18107] do_filp_open+0x20b/0x470 [ 749.103713][T18107] ? __pfx_do_filp_open+0x10/0x10 [ 749.103742][T18107] ? alloc_fd+0x471/0x7d0 [ 749.103761][T18107] do_sys_openat2+0x11b/0x1d0 [ 749.103781][T18107] ? __pfx_do_sys_openat2+0x10/0x10 [ 749.103816][T18107] __x64_sys_openat+0x174/0x210 [ 749.103837][T18107] ? __pfx___x64_sys_openat+0x10/0x10 [ 749.103866][T18107] do_syscall_64+0xcd/0xfa0 [ 749.103883][T18107] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.103898][T18107] RIP: 0033:0x7f8605f8efc9 [ 749.103915][T18107] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.103938][T18107] RSP: 002b:00007f8606dc0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 749.103963][T18107] RAX: ffffffffffffffda RBX: 00007f86061e6090 RCX: 00007f8605f8efc9 [ 749.103981][T18107] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 749.103997][T18107] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 749.104012][T18107] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.104027][T18107] R13: 00007f86061e6128 R14: 00007f86061e6090 R15: 00007fff794115c8 [ 749.104067][T18107] [ 749.458767][T18109] FAULT_INJECTION: forcing a failure. [ 749.458767][T18109] name failslab, interval 1, probability 0, space 0, times 0 [ 749.473374][T18109] CPU: 0 UID: 0 PID: 18109 Comm: syz.2.3120 Not tainted syzkaller #0 PREEMPT(full) [ 749.473409][T18109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 749.473425][T18109] Call Trace: [ 749.473434][T18109] [ 749.473444][T18109] dump_stack_lvl+0x16c/0x1f0 [ 749.473478][T18109] should_fail_ex+0x512/0x640 [ 749.473525][T18109] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 749.473557][T18109] should_failslab+0xc2/0x120 [ 749.473589][T18109] kmem_cache_alloc_node_noprof+0x78/0x770 [ 749.473615][T18109] ? do_kmem_cache_create+0x25b/0x740 [ 749.473653][T18109] ? do_kmem_cache_create+0x25b/0x740 [ 749.473682][T18109] do_kmem_cache_create+0x25b/0x740 [ 749.473718][T18109] __kmem_cache_create_args+0x202/0x3c0 [ 749.473758][T18109] mon_text_open+0x333/0x510 [ 749.473787][T18109] ? __pfx_mon_text_open+0x10/0x10 [ 749.473817][T18109] ? __pfx_mon_text_ctor+0x10/0x10 [ 749.473846][T18109] ? __pfx_apparmor_file_open+0x10/0x10 [ 749.473880][T18109] ? lockdown_is_locked_down+0x3f/0x130 [ 749.473912][T18109] ? bpf_lsm_locked_down+0x9/0x10 [ 749.473948][T18109] ? __pfx_mon_text_open+0x10/0x10 [ 749.473972][T18109] full_proxy_open_regular+0x1b9/0x360 [ 749.474010][T18109] do_dentry_open+0x982/0x1530 [ 749.474039][T18109] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 749.474081][T18109] vfs_open+0x82/0x3f0 [ 749.474119][T18109] path_openat+0x1de4/0x2cb0 [ 749.474157][T18109] ? __pfx_path_openat+0x10/0x10 [ 749.474187][T18109] ? __lock_acquire+0xb8a/0x1c90 [ 749.474224][T18109] do_filp_open+0x20b/0x470 [ 749.474252][T18109] ? __pfx_do_filp_open+0x10/0x10 [ 749.474304][T18109] ? alloc_fd+0x471/0x7d0 [ 749.474346][T18109] do_sys_openat2+0x11b/0x1d0 [ 749.474382][T18109] ? __pfx_do_sys_openat2+0x10/0x10 [ 749.474418][T18109] ? find_held_lock+0x2b/0x80 [ 749.474454][T18109] __x64_sys_openat+0x174/0x210 [ 749.474489][T18109] ? __pfx___x64_sys_openat+0x10/0x10 [ 749.474551][T18109] do_syscall_64+0xcd/0xfa0 [ 749.474583][T18109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.474609][T18109] RIP: 0033:0x7f8605f8efc9 [ 749.474629][T18109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.474654][T18109] RSP: 002b:00007f8606d9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 749.474679][T18109] RAX: ffffffffffffffda RBX: 00007f86061e6180 RCX: 00007f8605f8efc9 [ 749.474697][T18109] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 749.474715][T18109] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 749.474730][T18109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.474746][T18109] R13: 00007f86061e6218 R14: 00007f86061e6180 R15: 00007fff794115c8 [ 749.474783][T18109] [ 749.474982][T18109] __kmem_cache_create_args(mon_text_ffff88802fb4ec00) failed with error -22 [ 749.865355][T18109] CPU: 0 UID: 0 PID: 18109 Comm: syz.2.3120 Not tainted syzkaller #0 PREEMPT(full) [ 749.865389][T18109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 749.865402][T18109] Call Trace: [ 749.865411][T18109] [ 749.865420][T18109] dump_stack_lvl+0x16c/0x1f0 [ 749.865452][T18109] __kmem_cache_create_args+0x128/0x3c0 [ 749.865499][T18109] mon_text_open+0x333/0x510 [ 749.865528][T18109] ? __pfx_mon_text_open+0x10/0x10 [ 749.865552][T18109] ? __pfx_mon_text_ctor+0x10/0x10 [ 749.865567][T18109] ? __pfx_apparmor_file_open+0x10/0x10 [ 749.865587][T18109] ? lockdown_is_locked_down+0x3f/0x130 [ 749.865607][T18109] ? bpf_lsm_locked_down+0x9/0x10 [ 749.865628][T18109] ? __pfx_mon_text_open+0x10/0x10 [ 749.865642][T18109] full_proxy_open_regular+0x1b9/0x360 [ 749.865665][T18109] do_dentry_open+0x982/0x1530 [ 749.865682][T18109] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 749.865706][T18109] vfs_open+0x82/0x3f0 [ 749.865728][T18109] path_openat+0x1de4/0x2cb0 [ 749.865752][T18109] ? __pfx_path_openat+0x10/0x10 [ 749.865769][T18109] ? __lock_acquire+0xb8a/0x1c90 [ 749.865791][T18109] do_filp_open+0x20b/0x470 [ 749.865806][T18109] ? __pfx_do_filp_open+0x10/0x10 [ 749.865835][T18109] ? alloc_fd+0x471/0x7d0 [ 749.865854][T18109] do_sys_openat2+0x11b/0x1d0 [ 749.865874][T18109] ? __pfx_do_sys_openat2+0x10/0x10 [ 749.865895][T18109] ? find_held_lock+0x2b/0x80 [ 749.865914][T18109] __x64_sys_openat+0x174/0x210 [ 749.865935][T18109] ? __pfx___x64_sys_openat+0x10/0x10 [ 749.865963][T18109] do_syscall_64+0xcd/0xfa0 [ 749.865981][T18109] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.865995][T18109] RIP: 0033:0x7f8605f8efc9 [ 749.866008][T18109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.866022][T18109] RSP: 002b:00007f8606d9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 749.866036][T18109] RAX: ffffffffffffffda RBX: 00007f86061e6180 RCX: 00007f8605f8efc9 [ 749.866046][T18109] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 749.866054][T18109] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 749.866063][T18109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.866071][T18109] R13: 00007f86061e6218 R14: 00007f86061e6180 R15: 00007fff794115c8 [ 749.866090][T18109] [ 751.658560][T18116] kexec: Could not allocate control_code_buffer [ 751.883940][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 751.894969][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 754.307191][T18178] netlink: 5 bytes leftover after parsing attributes in process `syz.1.3134'. [ 761.001461][T18293] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant. [ 761.001461][T18293] The task syz.3.3157 (18293) triggered the difference, watch for misbehavior. [ 761.047790][T18297] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 762.735468][T18324] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3164'. [ 763.731763][T18347] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 765.256535][T18368] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.392322][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.406667][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.454504][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.550742][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.601518][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.639331][T18361] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 765.689944][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.701101][T18361] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 765.712873][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.727623][T18375] netlink: 78 bytes leftover after parsing attributes in process `syz.0.3174'. [ 765.746377][T18361] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 765.768475][T18361] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 766.913548][T17251] Bluetooth: hci0: command 0x0406 tx timeout [ 767.705712][T17251] Bluetooth: hci1: command 0x0406 tx timeout [ 767.785327][T17251] Bluetooth: hci3: command 0x0406 tx timeout [ 767.791423][T17251] Bluetooth: hci2: command 0x0406 tx timeout [ 769.770492][T18455] __nla_validate_parse: 25 callbacks suppressed [ 769.770504][T18455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3187'. [ 773.840048][T18538] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3200'. [ 777.397195][T18609] QAT: Device 0 not found [ 782.805244][T18683] vivid-003: ================= START STATUS ================= [ 782.827042][T18683] vivid-003: Radio HW Seek Mode: Bounded [ 782.843752][T18683] vivid-003: Radio Programmable HW Seek: false [ 782.871960][T18683] vivid-003: RDS Rx I/O Mode: Block I/O [ 782.879303][T18683] vivid-003: Generate RBDS Instead of RDS: false [ 782.902677][T18683] vivid-003: RDS Reception: true [ 782.912625][T18683] vivid-003: RDS Program Type: 0 inactive [ 782.922320][T18683] vivid-003: RDS PS Name: inactive [ 782.929949][T18683] vivid-003: RDS Radio Text: inactive [ 782.945853][T18683] vivid-003: RDS Traffic Announcement: false inactive [ 782.953831][T18683] vivid-003: RDS Traffic Program: false inactive [ 782.960370][T18683] vivid-003: RDS Music: false inactive [ 782.966449][T18683] vivid-003: ================== END STATUS ================== [ 783.115929][T18666] binder: 18665:18666 ioctl c018620c 0 returned -22 [ 783.864835][T18698] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3229'. [ 784.004419][T18697] can0: slcan on ptm0. [ 784.255528][T18699] Invalid ELF header magic: != ELF [ 784.757805][T18692] can0 (unregistered): slcan off ptm0. [ 784.818645][T18693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 784.829841][T18693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 784.861836][T18693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 784.901038][T18693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 785.339084][T18727] netlink: 80 bytes leftover after parsing attributes in process `syz.3.3233'. [ 785.698434][T17251] Bluetooth: hci0: command 0x0406 tx timeout [ 786.885889][T17251] Bluetooth: hci2: command 0x0406 tx timeout [ 786.892030][ T7793] Bluetooth: hci1: command 0x0406 tx timeout [ 786.967848][ T7793] Bluetooth: hci3: command 0x0406 tx timeout [ 788.263853][T18799] random: crng reseeded on system resumption [ 788.284429][ T7793] Bluetooth: hci3: unexpected event 0x3c length: 728 > 7 [ 788.471306][T18795] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 793.756252][T18910] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3271'. [ 793.868538][ T7793] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260 [ 793.868576][ T7793] Bluetooth: hci1: unexpected subevent 0x03 length: 727 > 9 [ 794.748401][T18933] vivid-003: ================= START STATUS ================= [ 794.757297][T18933] vivid-003: Radio HW Seek Mode: Bounded [ 794.764615][T18933] vivid-003: Radio Programmable HW Seek: false [ 794.771494][T18933] vivid-003: RDS Rx I/O Mode: Block I/O [ 794.948137][T18933] vivid-003: Generate RBDS Instead of RDS: false [ 795.007339][T18933] vivid-003: RDS Reception: true [ 795.015191][T18933] vivid-003: RDS Program Type: 0 inactive [ 795.020991][T18933] vivid-003: RDS PS Name: inactive [ 795.029245][T18933] vivid-003: RDS Radio Text: inactive [ 795.035086][T18933] vivid-003: RDS Traffic Announcement: false inactive [ 795.041961][T18933] vivid-003: RDS Traffic Program: false inactive [ 795.057839][T18938] random: crng reseeded on system resumption [ 795.095659][T18933] vivid-003: RDS Music: false inactive [ 795.101205][T18933] vivid-003: ================== END STATUS ================== [ 795.143253][T18938] Restarting kernel threads ... [ 795.162414][T18938] Done restarting kernel threads. [ 795.833130][T18964] netlink: 80 bytes leftover after parsing attributes in process `syz.0.3290'. [ 796.745833][T18993] vivid-003: ================= START STATUS ================= [ 796.753545][T18993] vivid-003: Radio HW Seek Mode: Bounded [ 796.761008][T18993] vivid-003: Radio Programmable HW Seek: false [ 796.775277][T18993] vivid-003: RDS Rx I/O Mode: Block I/O [ 796.781847][T18993] vivid-003: Generate RBDS Instead of RDS: false [ 796.788939][T18993] vivid-003: RDS Reception: true [ 796.806439][T18993] vivid-003: RDS Program Type: 0 inactive [ 796.843608][T18993] vivid-003: RDS PS Name: inactive [ 796.859085][T18993] vivid-003: RDS Radio Text: inactive [ 796.870939][T18993] vivid-003: RDS Traffic Announcement: false inactive [ 796.892460][T18993] vivid-003: RDS Traffic Program: false inactive [ 796.900151][T18993] vivid-003: RDS Music: false inactive [ 796.909914][T18993] vivid-003: ================== END STATUS ================== [ 799.671646][T19079] ubi0: attaching mtd1 [ 799.692726][T19079] ubi0: scanning is finished [ 799.713475][T19081] UHID_CREATE from different security context by process 2792 (syz.2.3332), this is not allowed. [ 799.739023][T19079] ubi0: empty MTD device detected [ 799.770830][T19079] ubi0 error: ubi_early_get_peb: no free eraseblocks [ 799.918695][T19079] ubi0 error: ubi_attach_mtd_dev: failed to attach mtd1, error -28 [ 800.307752][T19086] zswap: compressor not available [ 800.667725][T19110] zswap: compressor not available [ 801.283087][T19143] could not allocate digest TFM handle [ 802.451104][T19204] openvswitch: netlink: Key 32 has unexpected len 0 expected 2 [ 805.697630][T19308] ima: policy update failed [ 805.704843][ T30] audit: type=1802 audit(4294969570.315:22): pid=19308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.3423" res=0 errno=0 [ 805.735505][T19309] Format for adding new port is "id [perm_addr]" (uint MAC). [ 806.125211][T19332] netlink: 334 bytes leftover after parsing attributes in process `syz.2.3434'. [ 806.289100][T19338] device-mapper: ioctl: Unable to rename non-existent device,  to `˳OXjО*|X[ϣEOgaA@fF0RŶ [ 806.409986][T19341] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3438'. [ 806.568060][T19346] openvswitch: netlink: Key 32 has unexpected len 0 expected 2 [ 806.615675][T19351] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3442'. [ 807.139364][T19377] netlink: 342 bytes leftover after parsing attributes in process `syz.3.3454'. [ 807.306453][T19383] FAULT_INJECTION: forcing a failure. [ 807.306453][T19383] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 807.344759][T19383] CPU: 1 UID: 0 PID: 19383 Comm: syz.2.3456 Not tainted syzkaller #0 PREEMPT(full) [ 807.344797][T19383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 807.344813][T19383] Call Trace: [ 807.344822][T19383] [ 807.344832][T19383] dump_stack_lvl+0x16c/0x1f0 [ 807.344868][T19383] should_fail_ex+0x512/0x640 [ 807.344910][T19383] should_fail_alloc_page+0xe7/0x130 [ 807.344946][T19383] prepare_alloc_pages+0x3c2/0x610 [ 807.344985][T19383] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 807.345012][T19383] ? lockdep_hardirqs_on+0x7c/0x110 [ 807.345039][T19383] ? finish_task_switch.isra.0+0x221/0xc10 [ 807.345069][T19383] ? rcu_is_watching+0x12/0xc0 [ 807.345096][T19383] ? trace_sched_exit_tp+0xd1/0x120 [ 807.345132][T19383] ? __schedule+0x11a3/0x5de0 [ 807.345156][T19383] ? mod_memcg_lruvec_state+0x389/0x5f0 [ 807.345184][T19383] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 807.345210][T19383] ? __pfx_peak_open+0x10/0x10 [ 807.345253][T19383] ? __pfx___schedule+0x10/0x10 [ 807.345283][T19383] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 807.345321][T19383] ? policy_nodemask+0xea/0x4e0 [ 807.345355][T19383] alloc_pages_mpol+0x1fb/0x550 [ 807.345388][T19383] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 807.345442][T19383] alloc_pages_noprof+0x131/0x390 [ 807.345478][T19383] pte_alloc_one+0x1e/0x350 [ 807.345508][T19383] __pte_alloc+0x6d/0x380 [ 807.345537][T19383] ? __pfx___pte_alloc+0x10/0x10 [ 807.345567][T19383] ? _raw_spin_unlock+0x28/0x50 [ 807.345590][T19383] ? __pmd_alloc+0x64f/0x8b0 [ 807.345625][T19383] move_page_tables+0x2372/0x4230 [ 807.345659][T19383] ? __pfx_copy_vma+0x10/0x10 [ 807.345691][T19383] ? __pfx_move_page_tables+0x10/0x10 [ 807.345736][T19383] ? finish_task_switch.isra.0+0x21c/0xc10 [ 807.345769][T19383] copy_vma_and_data+0x24e/0x790 [ 807.345799][T19383] ? __pfx_copy_vma_and_data+0x10/0x10 [ 807.345833][T19383] ? __vma_enter_locked+0x163/0x3f0 [ 807.345873][T19383] ? find_held_lock+0x2b/0x80 [ 807.345899][T19383] ? move_vma+0x52e/0x1770 [ 807.345921][T19383] ? __vm_enough_memory+0x184/0x3f0 [ 807.345960][T19383] move_vma+0x540/0x1770 [ 807.345991][T19383] ? __pfx_move_vma+0x10/0x10 [ 807.346022][T19383] ? mm_get_unmapped_area_vmflags+0x97/0xe0 [ 807.346055][T19383] ? cap_mmap_addr+0x4b/0x120 [ 807.346087][T19383] ? bpf_lsm_mmap_addr+0x9/0x10 [ 807.346114][T19383] ? security_mmap_addr+0x6c/0x1e0 [ 807.346139][T19383] ? __get_unmapped_area+0x267/0x440 [ 807.346174][T19383] ? vrm_set_new_addr+0x208/0x290 [ 807.346200][T19383] mremap_to+0x1b7/0x450 [ 807.346227][T19383] do_mremap+0x13a8/0x2020 [ 807.346254][T19383] ? futex_private_hash_put+0x180/0x300 [ 807.346296][T19383] ? __pfx_do_mremap+0x10/0x10 [ 807.346318][T19383] ? __pfx_futex_wake+0x10/0x10 [ 807.346374][T19383] __do_sys_mremap+0x119/0x170 [ 807.346405][T19383] ? __pfx___do_sys_mremap+0x10/0x10 [ 807.346440][T19383] ? __x64_sys_futex+0x1e0/0x4c0 [ 807.346493][T19383] do_syscall_64+0xcd/0xfa0 [ 807.346523][T19383] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 807.346550][T19383] RIP: 0033:0x7f8605f8efc9 [ 807.346572][T19383] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 807.346596][T19383] RSP: 002b:00007f8606de1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 807.346621][T19383] RAX: ffffffffffffffda RBX: 00007f86061e5fa0 RCX: 00007f8605f8efc9 [ 807.346639][T19383] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000000000 [ 807.346655][T19383] RBP: 00007f8606011f91 R08: 0000000100000000 R09: 0000000000000000 [ 807.346670][T19383] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 807.346685][T19383] R13: 00007f86061e6038 R14: 00007f86061e5fa0 R15: 00007fff794115c8 [ 807.346722][T19383] [ 808.639686][T19418] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3471'. [ 808.639790][T19419] FAULT_INJECTION: forcing a failure. [ 808.639790][T19419] name failslab, interval 1, probability 0, space 0, times 0 [ 808.667455][T19419] CPU: 1 UID: 0 PID: 19419 Comm: syz.3.3470 Not tainted syzkaller #0 PREEMPT(full) [ 808.667486][T19419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 808.667501][T19419] Call Trace: [ 808.667518][T19419] [ 808.667529][T19419] dump_stack_lvl+0x16c/0x1f0 [ 808.667563][T19419] should_fail_ex+0x512/0x640 [ 808.667597][T19419] ? __kmalloc_cache_noprof+0x5f/0x780 [ 808.667640][T19419] should_failslab+0xc2/0x120 [ 808.667672][T19419] __kmalloc_cache_noprof+0x72/0x780 [ 808.667708][T19419] ? io_uring_setup+0x278/0x20e0 [ 808.667742][T19419] ? io_uring_setup+0x278/0x20e0 [ 808.667770][T19419] io_uring_setup+0x278/0x20e0 [ 808.667803][T19419] ? __pfx_io_uring_setup+0x10/0x10 [ 808.667829][T19419] ? do_futex+0x122/0x350 [ 808.667861][T19419] ? __pfx_do_futex+0x10/0x10 [ 808.667896][T19419] ? find_held_lock+0x2b/0x80 [ 808.667936][T19419] ? xfd_validate_state+0x61/0x180 [ 808.667976][T19419] __x64_sys_io_uring_setup+0xc2/0x170 [ 808.668005][T19419] do_syscall_64+0xcd/0xfa0 [ 808.668032][T19419] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 808.668058][T19419] RIP: 0033:0x7f95bfb8efc9 [ 808.668079][T19419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 808.668101][T19419] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 808.668124][T19419] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 808.668140][T19419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 808.668155][T19419] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 808.668170][T19419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 808.668183][T19419] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 808.668219][T19419] [ 809.208583][T19418] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 809.238820][T19418] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 809.292392][T19418] bond0 (unregistering): Released all slaves [ 811.666391][T19514] netlink: 346 bytes leftover after parsing attributes in process `syz.2.3504'. [ 813.002390][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 813.008763][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 813.904200][T19564] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3523'. [ 814.310634][ T9] Process accounting resumed [ 815.398021][T19589] netlink: 246 bytes leftover after parsing attributes in process `syz.3.3531'. [ 816.298762][T19598] FAULT_INJECTION: forcing a failure. [ 816.298762][T19598] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 816.319455][T19598] CPU: 1 UID: 0 PID: 19598 Comm: syz.2.3535 Not tainted syzkaller #0 PREEMPT(full) [ 816.319495][T19598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 816.319511][T19598] Call Trace: [ 816.319521][T19598] [ 816.319531][T19598] dump_stack_lvl+0x16c/0x1f0 [ 816.319564][T19598] should_fail_ex+0x512/0x640 [ 816.319603][T19598] should_fail_alloc_page+0xe7/0x130 [ 816.319635][T19598] prepare_alloc_pages+0x3c2/0x610 [ 816.319668][T19598] ? rcu_is_watching+0x12/0xc0 [ 816.319696][T19598] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 816.319725][T19598] ? __lock_acquire+0xb8a/0x1c90 [ 816.319768][T19598] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 816.319793][T19598] ? do_raw_spin_lock+0x12c/0x2b0 [ 816.319828][T19598] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 816.319862][T19598] ? find_held_lock+0x2b/0x80 [ 816.319896][T19598] ? __lock_acquire+0xb8a/0x1c90 [ 816.319927][T19598] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 816.319968][T19598] ? policy_nodemask+0xea/0x4e0 [ 816.320003][T19598] alloc_pages_mpol+0x1fb/0x550 [ 816.320037][T19598] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 816.320081][T19598] folio_alloc_mpol_noprof+0x36/0x2f0 [ 816.320118][T19598] shmem_alloc_folio+0x135/0x160 [ 816.320155][T19598] shmem_alloc_and_add_folio+0x499/0xc20 [ 816.320203][T19598] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 816.320245][T19598] ? shmem_allowable_huge_orders+0xd4/0x3f0 [ 816.320271][T19598] ? __lock_acquire+0xb80/0x1c90 [ 816.320309][T19598] shmem_get_folio_gfp+0x67f/0x1610 [ 816.320343][T19598] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 816.320372][T19598] ? __pfx___might_resched+0x10/0x10 [ 816.320414][T19598] shmem_fallocate+0x794/0xf50 [ 816.320454][T19598] ? __pfx_shmem_fallocate+0x10/0x10 [ 816.320487][T19598] ? __lock_acquire+0xb8a/0x1c90 [ 816.320522][T19598] ? __lock_acquire+0x622/0x1c90 [ 816.320574][T19598] ? __pfx_shmem_fallocate+0x10/0x10 [ 816.320600][T19598] vfs_fallocate+0x5b4/0x10e0 [ 816.320629][T19598] ? __pfx_vfs_fallocate+0x10/0x10 [ 816.320667][T19598] __x64_sys_fallocate+0xd5/0x150 [ 816.320698][T19598] do_syscall_64+0xcd/0xfa0 [ 816.320728][T19598] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.320753][T19598] RIP: 0033:0x7f8605f8efc9 [ 816.320773][T19598] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.320796][T19598] RSP: 002b:00007f8606de1038 EFLAGS: 00000246 ORIG_RAX: 000000000000011d [ 816.320821][T19598] RAX: ffffffffffffffda RBX: 00007f86061e5fa0 RCX: 00007f8605f8efc9 [ 816.320838][T19598] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 8000000000000003 [ 816.320853][T19598] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 816.320867][T19598] R10: 00000000004cbd5d R11: 0000000000000246 R12: 0000000000000000 [ 816.320883][T19598] R13: 00007f86061e6038 R14: 00007f86061e5fa0 R15: 00007fff794115c8 [ 816.320919][T19598] [ 818.218941][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.235427][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.380225][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.411490][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.446222][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.559388][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.592546][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.716564][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.772798][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. [ 818.788406][T19633] netlink: 78 bytes leftover after parsing attributes in process `syz.2.3544'. getty: ttyS0: read error: Resource temporarily unavailable [ 825.514378][ T30] audit: type=1800 audit(4294969590.218:23): pid=19756 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3576" name="dbroot" dev="configfs" ino=71194 res=0 errno=0 [ 827.182323][T19785] vivid-003: ================= START STATUS ================= [ 827.206394][T19785] vivid-003: Radio HW Seek Mode: Bounded [ 827.250637][T19785] vivid-003: Radio Programmable HW Seek: false [ 827.299013][T19785] vivid-003: RDS Rx I/O Mode: Block I/O [ 827.304823][T19785] vivid-003: Generate RBDS Instead of RDS: false [ 827.311369][T19785] vivid-003: RDS Reception: true [ 827.316519][T19785] vivid-003: RDS Program Type: 0 inactive [ 827.322252][T19785] vivid-003: RDS PS Name: inactive [ 827.327672][T19785] vivid-003: RDS Radio Text: inactive [ 827.333152][T19785] vivid-003: RDS Traffic Announcement: false inactive [ 827.340161][T19785] vivid-003: RDS Traffic Program: false inactive [ 827.346596][T19785] vivid-003: RDS Music: false inactive [ 827.352229][T19785] vivid-003: ================== END STATUS ================== [ 827.892166][T19794] debugfs: '!PjE r҄y*"l-y–L̓]' already exists in 'ieee80211' [ 829.691200][T19830] __nla_validate_parse: 22 callbacks suppressed [ 829.691215][T19830] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3595'. [ 830.049332][T19837] netlink: 'syz.2.3597': attribute type 1 has an invalid length. [ 832.511584][T19874] netlink: 25 bytes leftover after parsing attributes in process `syz.1.3607'. [ 832.835966][T19883] blktrace: Concurrent blktraces are not allowed on loop2 [ 834.675061][T19932] vivid-003: ================= START STATUS ================= [ 834.683537][T19932] vivid-003: Radio HW Seek Mode: Bounded [ 834.689702][T19932] vivid-003: Radio Programmable HW Seek: false [ 834.696027][T19932] vivid-003: RDS Rx I/O Mode: Block I/O [ 834.702917][T19932] vivid-003: Generate RBDS Instead of RDS: false [ 834.709707][T19932] vivid-003: RDS Reception: true [ 834.714679][T19932] vivid-003: RDS Program Type: 0 inactive [ 834.720728][T19932] vivid-003: RDS PS Name: inactive [ 834.726421][T19932] vivid-003: RDS Radio Text: inactive [ 834.733963][T19932] vivid-003: RDS Traffic Announcement: false inactive [ 834.754827][T19932] vivid-003: RDS Traffic Program: false inactive [ 834.765679][T19932] vivid-003: RDS Music: false inactive [ 834.775108][T19932] vivid-003: ================== END STATUS ================== [ 835.431805][T19954] FAULT_INJECTION: forcing a failure. [ 835.431805][T19954] name failslab, interval 1, probability 0, space 0, times 0 [ 835.467956][T19954] CPU: 0 UID: 0 PID: 19954 Comm: syz.2.3629 Not tainted syzkaller #0 PREEMPT(full) [ 835.467980][T19954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 835.467988][T19954] Call Trace: [ 835.467994][T19954] [ 835.468000][T19954] dump_stack_lvl+0x16c/0x1f0 [ 835.468022][T19954] should_fail_ex+0x512/0x640 [ 835.468043][T19954] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 835.468061][T19954] should_failslab+0xc2/0x120 [ 835.468080][T19954] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 835.468101][T19954] ? d_lookup+0xe7/0x190 [ 835.468133][T19954] ? alloc_inode+0x64/0x240 [ 835.468169][T19954] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 835.468205][T19954] ? alloc_inode+0x64/0x240 [ 835.468236][T19954] alloc_inode+0x64/0x240 [ 835.468268][T19954] new_inode+0x22/0x1c0 [ 835.468296][T19954] __debugfs_create_file+0x11c/0x6b0 [ 835.468313][T19954] debugfs_create_file_full+0x41/0x60 [ 835.468329][T19954] ? __pfx_do_setup+0x10/0x10 [ 835.468345][T19954] ref_tracker_dir_debugfs+0x19d/0x290 [ 835.468370][T19954] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 835.468407][T19954] ? __kmalloc_noprof+0x34f/0x880 [ 835.468428][T19954] ? alloc_netdev_mqs+0xd7/0x1550 [ 835.468442][T19954] ? lockdep_init_map_type+0x5c/0x280 [ 835.468465][T19954] alloc_netdev_mqs+0x314/0x1550 [ 835.468482][T19954] internal_dev_create+0x8a/0x520 [ 835.468501][T19954] ovs_vport_add+0x147/0x4d0 [ 835.468518][T19954] new_vport+0x16/0x1d0 [ 835.468539][T19954] ovs_dp_cmd_new+0x6ba/0xe60 [ 835.468565][T19954] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 835.468591][T19954] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 835.468609][T19954] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 835.468639][T19954] genl_family_rcv_msg_doit+0x209/0x2f0 [ 835.468658][T19954] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 835.468683][T19954] ? bpf_lsm_capable+0x9/0x10 [ 835.468702][T19954] ? security_capable+0x7e/0x260 [ 835.468721][T19954] ? ns_capable+0xd7/0x110 [ 835.468738][T19954] genl_rcv_msg+0x55c/0x800 [ 835.468757][T19954] ? __pfx_genl_rcv_msg+0x10/0x10 [ 835.468774][T19954] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 835.468797][T19954] ? __lock_acquire+0x622/0x1c90 [ 835.468818][T19954] netlink_rcv_skb+0x158/0x420 [ 835.468832][T19954] ? __pfx_genl_rcv_msg+0x10/0x10 [ 835.468850][T19954] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 835.468872][T19954] ? netlink_deliver_tap+0x1ae/0xd30 [ 835.468897][T19954] genl_rcv+0x28/0x40 [ 835.468911][T19954] netlink_unicast+0x5aa/0x870 [ 835.468929][T19954] ? __pfx_netlink_unicast+0x10/0x10 [ 835.468950][T19954] netlink_sendmsg+0x8c8/0xdd0 [ 835.468968][T19954] ? __pfx_netlink_sendmsg+0x10/0x10 [ 835.468984][T19954] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 835.469008][T19954] ____sys_sendmsg+0xa98/0xc70 [ 835.469026][T19954] ? copy_msghdr_from_user+0x10a/0x160 [ 835.469048][T19954] ? __pfx_____sys_sendmsg+0x10/0x10 [ 835.469074][T19954] ___sys_sendmsg+0x134/0x1d0 [ 835.469086][T19954] ? futex_private_hash_put+0x176/0x300 [ 835.469105][T19954] ? __pfx____sys_sendmsg+0x10/0x10 [ 835.469125][T19954] ? __lock_acquire+0x622/0x1c90 [ 835.469167][T19954] __sys_sendmsg+0x16d/0x220 [ 835.469180][T19954] ? __pfx___sys_sendmsg+0x10/0x10 [ 835.469193][T19954] ? __x64_sys_futex+0x1e0/0x4c0 [ 835.469223][T19954] do_syscall_64+0xcd/0xfa0 [ 835.469247][T19954] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 835.469272][T19954] RIP: 0033:0x7f8605f8efc9 [ 835.469298][T19954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 835.469322][T19954] RSP: 002b:00007f8606dc0038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 835.469347][T19954] RAX: ffffffffffffffda RBX: 00007f86061e6090 RCX: 00007f8605f8efc9 [ 835.469365][T19954] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000007 [ 835.469383][T19954] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 835.469396][T19954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 835.469410][T19954] R13: 00007f86061e6128 R14: 00007f86061e6090 R15: 00007fff794115c8 [ 835.469446][T19954] [ 835.472496][T19954] debugfs: out of free dentries, can not create file 'netdev@ffff88807bb64618' [ 835.906463][T19954] openvswitch: HfR: Dropping previously announced user features [ 837.359050][T19985] vivid-003: ================= START STATUS ================= [ 837.371027][T19985] vivid-003: Radio HW Seek Mode: Bounded [ 837.377243][T19985] vivid-003: Radio Programmable HW Seek: false [ 837.393231][T19985] vivid-003: RDS Rx I/O Mode: Block I/O [ 837.398862][T19985] vivid-003: Generate RBDS Instead of RDS: false [ 837.413653][T19985] vivid-003: RDS Reception: true [ 837.418745][T19985] vivid-003: RDS Program Type: 0 inactive [ 837.481012][T19980] netlink: 268 bytes leftover after parsing attributes in process `syz.2.3635'. [ 837.490957][T19985] vivid-003: RDS PS Name: inactive [ 837.558649][T19985] vivid-003: RDS Radio Text: inactive [ 837.585678][T19985] vivid-003: RDS Traffic Announcement: false inactive [ 837.622138][T19985] vivid-003: RDS Traffic Program: false inactive [ 837.631176][T19985] vivid-003: RDS Music: false inactive [ 837.637062][T19985] vivid-003: ================== END STATUS ================== [ 841.263961][T20032] kexec: Could not allocate control_code_buffer [ 842.757133][T20057] FAULT_INJECTION: forcing a failure. [ 842.757133][T20057] name failslab, interval 1, probability 0, space 0, times 0 [ 842.839881][T20057] CPU: 0 UID: 0 PID: 20057 Comm: syz.2.3655 Not tainted syzkaller #0 PREEMPT(full) [ 842.839916][T20057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 842.839930][T20057] Call Trace: [ 842.839939][T20057] [ 842.839949][T20057] dump_stack_lvl+0x16c/0x1f0 [ 842.839982][T20057] should_fail_ex+0x512/0x640 [ 842.840016][T20057] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 842.840045][T20057] should_failslab+0xc2/0x120 [ 842.840076][T20057] kmem_cache_alloc_noprof+0x75/0x6e0 [ 842.840101][T20057] ? ptlock_alloc+0x1f/0x70 [ 842.840142][T20057] ? ptlock_alloc+0x1f/0x70 [ 842.840173][T20057] ptlock_alloc+0x1f/0x70 [ 842.840206][T20057] pte_alloc_one+0x84/0x350 [ 842.840234][T20057] __pte_alloc+0x6d/0x380 [ 842.840262][T20057] ? __pfx___pte_alloc+0x10/0x10 [ 842.840288][T20057] ? __pfx___might_resched+0x10/0x10 [ 842.840314][T20057] ? copy_page_range+0x1c69/0x6930 [ 842.840354][T20057] copy_page_range+0x44a1/0x6930 [ 842.840433][T20057] ? __pfx_copy_page_range+0x10/0x10 [ 842.840482][T20057] ? __pfx___might_resched+0x10/0x10 [ 842.840504][T20057] ? __pfx_mas_store+0x10/0x10 [ 842.840561][T20057] ? __vma_enter_locked+0x163/0x3f0 [ 842.840600][T20057] ? dup_mmap+0xe30/0x2280 [ 842.840629][T20057] ? down_write+0x14d/0x200 [ 842.840663][T20057] ? up_write+0x1b2/0x520 [ 842.840700][T20057] dup_mmap+0xe80/0x2280 [ 842.840746][T20057] ? __pfx_dup_mmap+0x10/0x10 [ 842.840803][T20057] copy_process+0x3f0c/0x76a0 [ 842.840832][T20057] ? __pfx___futex_wait+0x10/0x10 [ 842.840883][T20057] ? __pfx_copy_process+0x10/0x10 [ 842.840911][T20057] ? futex_private_hash_put+0x176/0x300 [ 842.840946][T20057] ? futex_private_hash_put+0x18a/0x300 [ 842.840984][T20057] kernel_clone+0xfc/0x930 [ 842.841015][T20057] ? __pfx_kernel_clone+0x10/0x10 [ 842.841067][T20057] __do_sys_clone+0xce/0x120 [ 842.841095][T20057] ? __pfx___do_sys_clone+0x10/0x10 [ 842.841143][T20057] ? xfd_validate_state+0x61/0x180 [ 842.841173][T20057] ? __pfx_do_writev+0x10/0x10 [ 842.841209][T20057] do_syscall_64+0xcd/0xfa0 [ 842.841237][T20057] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.841262][T20057] RIP: 0033:0x7f8605f8efc9 [ 842.841283][T20057] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.841306][T20057] RSP: 002b:00007f8606dbffe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 842.841329][T20057] RAX: ffffffffffffffda RBX: 00007f86061e6090 RCX: 00007f8605f8efc9 [ 842.841346][T20057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 842.841361][T20057] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 842.841376][T20057] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 842.841390][T20057] R13: 00007f86061e6128 R14: 00007f86061e6090 R15: 00007fff794115c8 [ 842.841428][T20057] [ 844.457322][T20085] futex_wake_op: syz.2.3661 tries to shift op by -2048; fix this program [ 845.923278][T20117] blktrace: Concurrent blktraces are not allowed on loop2 [ 846.738237][T20126] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3669'. [ 848.324084][T20153] FAULT_INJECTION: forcing a failure. [ 848.324084][T20153] name failslab, interval 1, probability 0, space 0, times 0 [ 848.403855][T20159] openvswitch: netlink: Flow actions attr not present in new flow. [ 848.417420][T20153] CPU: 1 UID: 0 PID: 20153 Comm: syz.2.3673 Not tainted syzkaller #0 PREEMPT(full) [ 848.417442][T20153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 848.417450][T20153] Call Trace: [ 848.417456][T20153] [ 848.417461][T20153] dump_stack_lvl+0x16c/0x1f0 [ 848.417483][T20153] should_fail_ex+0x512/0x640 [ 848.417507][T20153] should_failslab+0xc2/0x120 [ 848.417528][T20153] kmem_cache_alloc_noprof+0x75/0x6e0 [ 848.417542][T20153] ? __pfx___alloc_skb+0x10/0x10 [ 848.417562][T20153] ? sctp_chunkify+0x51/0x2d0 [ 848.417587][T20153] ? sctp_chunkify+0x51/0x2d0 [ 848.417608][T20153] sctp_chunkify+0x51/0x2d0 [ 848.417631][T20153] _sctp_make_chunk+0x148/0x270 [ 848.417653][T20153] sctp_make_control+0x2f/0x2d0 [ 848.417676][T20153] sctp_make_shutdown+0xb6/0x1d0 [ 848.417690][T20153] ? __pfx_sctp_make_shutdown+0x10/0x10 [ 848.417706][T20153] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 848.417731][T20153] sctp_sf_do_9_2_start_shutdown+0x27/0x490 [ 848.417754][T20153] sctp_sf_do_9_2_prm_shutdown+0x11c/0x150 [ 848.417776][T20153] ? __pfx_sctp_pname+0x10/0x10 [ 848.417788][T20153] sctp_do_sm+0x181/0x5c80 [ 848.417811][T20153] ? __kernel_text_address+0xd/0x40 [ 848.417824][T20153] ? unwind_get_return_address+0x59/0xa0 [ 848.417839][T20153] ? arch_stack_walk+0xa6/0x100 [ 848.417854][T20153] ? __pfx_sctp_do_sm+0x10/0x10 [ 848.417872][T20153] ? look_up_lock_class+0x59/0x150 [ 848.417888][T20153] ? register_lock_class+0x41/0x4c0 [ 848.417927][T20153] ? mark_held_locks+0x49/0x80 [ 848.417944][T20153] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 848.417961][T20153] ? lockdep_hardirqs_on+0x7c/0x110 [ 848.417975][T20153] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 848.417991][T20153] sctp_primitive_SHUTDOWN+0x9f/0xd0 [ 848.418014][T20153] sctp_close+0x3ff/0x940 [ 848.418034][T20153] ? __pfx_sctp_close+0x10/0x10 [ 848.418050][T20153] ? __pfx___might_resched+0x10/0x10 [ 848.418068][T20153] ? ip_mc_drop_socket+0x1f/0x280 [ 848.418083][T20153] ? down_write+0x14d/0x200 [ 848.418102][T20153] inet_release+0xed/0x200 [ 848.418121][T20153] inet6_release+0x4f/0x70 [ 848.418136][T20153] __sock_release+0xb3/0x270 [ 848.418152][T20153] ? __pfx_sock_close+0x10/0x10 [ 848.418164][T20153] sock_close+0x1c/0x30 [ 848.418177][T20153] __fput+0x402/0xb70 [ 848.418200][T20153] task_work_run+0x150/0x240 [ 848.418230][T20153] ? __pfx_task_work_run+0x10/0x10 [ 848.418252][T20153] ? __pfx___do_sys_close_range+0x10/0x10 [ 848.418272][T20153] exit_to_user_mode_loop+0xec/0x130 [ 848.418295][T20153] do_syscall_64+0x426/0xfa0 [ 848.418311][T20153] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 848.418325][T20153] RIP: 0033:0x7f8605f8efc9 [ 848.418338][T20153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 848.418351][T20153] RSP: 002b:00007f8606dc0038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 848.418365][T20153] RAX: 0000000000000000 RBX: 00007f86061e6090 RCX: 00007f8605f8efc9 [ 848.418374][T20153] RDX: 0000000000000000 RSI: 000000000000000a RDI: 0000000000000002 [ 848.418382][T20153] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 848.418391][T20153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 848.418399][T20153] R13: 00007f86061e6128 R14: 00007f86061e6090 R15: 00007fff794115c8 [ 848.418420][T20153] [ 851.758347][ T7793] Bluetooth: hci1: unexpected event 0x17 length: 440 > 6 [ 855.228992][T20241] blktrace: Concurrent blktraces are not allowed on sg0 [ 856.872189][T20264] random: crng reseeded on system resumption [ 857.468900][ T30] audit: type=1804 audit(4294969622.324:24): pid=20270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.3700" name="file0" dev="tmpfs" ino=5438 res=1 errno=0 [ 857.562822][ T30] audit: type=1804 audit(4294969622.344:25): pid=20272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.3700" name="file0" dev="tmpfs" ino=5438 res=1 errno=0 [ 857.600693][ T30] audit: type=1800 audit(4294969622.384:26): pid=20270 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3700" name="file0" dev="tmpfs" ino=5438 res=0 errno=0 [ 858.282874][T20289] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3703'. [ 858.282941][T20289] hsr0: left allmulticast mode [ 858.282955][T20289] hsr_slave_0: left allmulticast mode [ 858.282975][T20289] hsr_slave_1: left allmulticast mode [ 858.282987][T20289] hsr0: left promiscuous mode [ 858.284368][T20289] bridge0: port 3(hsr0) entered disabled state [ 858.321206][T20289] bridge_slave_1: left allmulticast mode [ 858.384197][T20289] bridge_slave_1: left promiscuous mode [ 858.384440][T20289] bridge0: port 2(bridge_slave_1) entered disabled state [ 858.416965][T20289] bridge_slave_0: left allmulticast mode [ 858.423021][T20289] bridge_slave_0: left promiscuous mode [ 858.455522][T20289] bridge0: port 1(bridge_slave_0) entered disabled state [ 859.461069][T20304] netlink: zone id is out of range [ 859.595022][T20304] netlink: del zone limit has 4 unknown bytes [ 859.703749][T20303] netlink: set zone limit has 8 unknown bytes [ 860.539277][T20329] netlink: 220 bytes leftover after parsing attributes in process `syz.3.3711'. [ 861.037080][T20341] random: crng reseeded on system resumption [ 862.511926][T20366] random: crng reseeded on system resumption [ 864.003079][T20388] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3727'. [ 864.217835][T20393] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3728'. [ 867.366739][T20437] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 867.398098][T20437] File: /dev/mtdblock0 PID: 20437 Comm: syz.0.3737 [ 868.260856][T20454] FAULT_INJECTION: forcing a failure. [ 868.260856][T20454] name failslab, interval 1, probability 0, space 0, times 0 [ 868.293912][T20454] CPU: 1 UID: 0 PID: 20454 Comm: syz.3.3742 Not tainted syzkaller #0 PREEMPT(full) [ 868.293949][T20454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 868.293962][T20454] Call Trace: [ 868.293970][T20454] [ 868.293978][T20454] dump_stack_lvl+0x16c/0x1f0 [ 868.294006][T20454] should_fail_ex+0x512/0x640 [ 868.294037][T20454] ? fs_reclaim_acquire+0xae/0x150 [ 868.294067][T20454] should_failslab+0xc2/0x120 [ 868.294100][T20454] __kmalloc_noprof+0xdd/0x880 [ 868.294136][T20454] ? kfree+0x252/0x6d0 [ 868.294153][T20454] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 868.294183][T20454] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 868.294207][T20454] tomoyo_realpath_from_path+0xc2/0x6e0 [ 868.294237][T20454] tomoyo_check_open_permission+0x2ab/0x3c0 [ 868.294269][T20454] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 868.294327][T20454] ? do_raw_spin_lock+0x12c/0x2b0 [ 868.294365][T20454] tomoyo_file_open+0x6b/0x90 [ 868.294390][T20454] security_file_open+0x84/0x1e0 [ 868.294411][T20454] do_dentry_open+0x596/0x1530 [ 868.294442][T20454] vfs_open+0x82/0x3f0 [ 868.294472][T20454] path_openat+0x1de4/0x2cb0 [ 868.294503][T20454] ? __pfx_path_openat+0x10/0x10 [ 868.294526][T20454] ? __lock_acquire+0xb8a/0x1c90 [ 868.294554][T20454] do_filp_open+0x20b/0x470 [ 868.294576][T20454] ? __pfx_do_filp_open+0x10/0x10 [ 868.294617][T20454] ? alloc_fd+0x471/0x7d0 [ 868.294645][T20454] do_sys_openat2+0x11b/0x1d0 [ 868.294671][T20454] ? __pfx_do_sys_openat2+0x10/0x10 [ 868.294709][T20454] __x64_sys_openat+0x174/0x210 [ 868.294737][T20454] ? __pfx___x64_sys_openat+0x10/0x10 [ 868.294776][T20454] do_syscall_64+0xcd/0xfa0 [ 868.294799][T20454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.294819][T20454] RIP: 0033:0x7f95bfb8efc9 [ 868.294836][T20454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 868.294857][T20454] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 868.294877][T20454] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 868.294891][T20454] RDX: 0000000000000080 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 868.294905][T20454] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 868.294918][T20454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 868.294930][T20454] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 868.294960][T20454] [ 868.294973][T20454] ERROR: Out of memory at tomoyo_realpath_from_path. [ 870.024798][T20477] delete_channel: no stack [ 871.275711][T20514] netlink: 220 bytes leftover after parsing attributes in process `syz.2.3751'. [ 874.116012][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 874.124245][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 875.514554][ T30] audit: type=1804 audit(4294969640.478:27): pid=20580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3765" name="/newroot/890/file0" dev="tmpfs" ino=4662 res=1 errno=0 [ 878.197657][T20644] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3783'. [ 878.333657][T20644] HfR: entered promiscuous mode [ 880.369339][T20687] ptrace attach of "./syz-executor exec"[5835] was attempted by "LKM]qH\x0cmoT|纔4\x0c$DGkHГ`]c 6oӵuO (kOJ/IJ}>|$̯2wnߡu~[4B4PhnDhæis2_ˠgLqFF\x0a>azEALm̐f&1e쉜=&k\x09V@;m=ޠ٣Gl=y+.%YQqKW搊NW`WIU +(^ \x077ؤZ,<>pmƳH=Ei7yK)oayo*Xn7fۗ-ڒms|4вנO~ODk\x07ɧݜ\x0c[IA\x1bYDWEЏ\x0dH?q\x0aO㘐z4>{5z=|u7jp\x1b4.3\x0bL̽*!<ODGCZ=u0|q\x073zk/\x0bt߯\x0d`J52$uמ\x5c 酛7tysǀ1xq7)Br\x07]wanMn?Q\x0aQ~\x0beé+(:tB޼z45+ٹtٰOaa-N6\x0c [ 898.708781][T21009] dump_stack_lvl+0x16c/0x1f0 [ 898.708814][T21009] should_fail_ex+0x512/0x640 [ 898.708849][T21009] ? fs_reclaim_acquire+0xae/0x150 [ 898.708884][T21009] should_failslab+0xc2/0x120 [ 898.708917][T21009] __kmalloc_noprof+0xdd/0x880 [ 898.708952][T21009] ? kfree+0x252/0x6d0 [ 898.708970][T21009] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 898.709005][T21009] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 898.709031][T21009] tomoyo_realpath_from_path+0xc2/0x6e0 [ 898.709069][T21009] tomoyo_check_open_permission+0x2ab/0x3c0 [ 898.709109][T21009] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 898.709184][T21009] ? do_raw_spin_lock+0x12c/0x2b0 [ 898.709231][T21009] tomoyo_file_open+0x6b/0x90 [ 898.709264][T21009] security_file_open+0x84/0x1e0 [ 898.709290][T21009] do_dentry_open+0x596/0x1530 [ 898.709331][T21009] vfs_open+0x82/0x3f0 [ 898.709370][T21009] path_openat+0x1de4/0x2cb0 [ 898.709409][T21009] ? __pfx_path_openat+0x10/0x10 [ 898.709439][T21009] ? __lock_acquire+0xb8a/0x1c90 [ 898.709474][T21009] do_filp_open+0x20b/0x470 [ 898.709501][T21009] ? __pfx_do_filp_open+0x10/0x10 [ 898.709556][T21009] ? alloc_fd+0x471/0x7d0 [ 898.709592][T21009] do_sys_openat2+0x11b/0x1d0 [ 898.709626][T21009] ? __pfx_do_sys_openat2+0x10/0x10 [ 898.709687][T21009] __x64_sys_openat+0x174/0x210 [ 898.709723][T21009] ? __pfx___x64_sys_openat+0x10/0x10 [ 898.709767][T21009] do_syscall_64+0xcd/0xfa0 [ 898.709793][T21009] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 898.709817][T21009] RIP: 0033:0x7f95bfb8efc9 [ 898.709837][T21009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 898.709859][T21009] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 898.709883][T21009] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 898.709900][T21009] RDX: 0000000000000080 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 898.709917][T21009] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 898.709931][T21009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 898.709946][T21009] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 898.709983][T21009] [ 898.711244][T21009] ERROR: Out of memory at tomoyo_realpath_from_path. [ 899.413185][T20995] kexec: Could not allocate control_code_buffer [ 899.533843][T21026] Console: switching to colour VGA+ 80x25 [ 900.082940][T21035] FAULT_INJECTION: forcing a failure. [ 900.082940][T21035] name fail_futex, interval 1, probability 0, space 0, times 0 [ 900.083022][T21035] CPU: 1 UID: 0 PID: 21035 Comm: syz.3.3853 Not tainted syzkaller #0 PREEMPT(full) [ 900.083055][T21035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 900.083074][T21035] Call Trace: [ 900.083082][T21035] [ 900.083093][T21035] dump_stack_lvl+0x16c/0x1f0 [ 900.083126][T21035] should_fail_ex+0x512/0x640 [ 900.083168][T21035] get_futex_key+0x1d0/0x1560 [ 900.083204][T21035] ? find_held_lock+0x2b/0x80 [ 900.083231][T21035] ? __pfx_get_futex_key+0x10/0x10 [ 900.083268][T21035] ? __pfx___schedule+0x10/0x10 [ 900.083298][T21035] futex_wake+0xea/0x530 [ 900.083340][T21035] ? __pfx_futex_wake+0x10/0x10 [ 900.083374][T21035] ? find_held_lock+0x2b/0x80 [ 900.083387][T21035] ? __might_fault+0xe3/0x190 [ 900.083404][T21035] do_futex+0x1e3/0x350 [ 900.083425][T21035] ? __pfx_do_futex+0x10/0x10 [ 900.083443][T21035] ? snd_pcm_oss_ioctl+0x2c2/0x37c0 [ 900.083463][T21035] ? find_held_lock+0x2b/0x80 [ 900.083479][T21035] __x64_sys_futex+0x1e0/0x4c0 [ 900.083498][T21035] ? __fget_files+0x20e/0x3c0 [ 900.083512][T21035] ? __pfx___x64_sys_futex+0x10/0x10 [ 900.083532][T21035] ? xfd_validate_state+0x61/0x180 [ 900.083558][T21035] do_syscall_64+0xcd/0xfa0 [ 900.083575][T21035] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 900.083589][T21035] RIP: 0033:0x7f95bfb8efc9 [ 900.083601][T21035] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 900.083615][T21035] RSP: 002b:00007f95c0a9c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 900.083628][T21035] RAX: ffffffffffffffda RBX: 00007f95bfde6098 RCX: 00007f95bfb8efc9 [ 900.083638][T21035] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f95bfde609c [ 900.083646][T21035] RBP: 00007f95bfde6090 R08: 00007f95c0abe000 R09: 0000000000000000 [ 900.083655][T21035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 900.083663][T21035] R13: 00007f95bfde6128 R14: 00007ffec5fa4490 R15: 00007ffec5fa4578 [ 900.083690][T21035] [ 900.297000][T21019] Console: switching to colour frame buffer device 128x48 [ 900.848880][T21041] netlink: 186 bytes leftover after parsing attributes in process `syz.1.3854'. [ 901.749746][T21060] tipc: Started in network mode [ 901.749772][T21060] tipc: Node identity ee00, cluster identity 4711 [ 901.749789][T21060] tipc: Node number set to 60928 [ 901.984825][T21043] tty tty17: ldisc open failed (-12), clearing slot 16 [ 903.584126][T21090] nbd: socks must be embedded in a SOCK_ITEM attr [ 907.680837][T21159] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3883'. [ 909.500041][T21188] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3880'. [ 909.559480][T21188] FAULT_INJECTION: forcing a failure. [ 909.559480][T21188] name fail_futex, interval 1, probability 0, space 0, times 0 [ 909.575351][T21188] CPU: 1 UID: 0 PID: 21188 Comm: syz.3.3880 Not tainted syzkaller #0 PREEMPT(full) [ 909.575388][T21188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 909.575405][T21188] Call Trace: [ 909.575414][T21188] [ 909.575424][T21188] dump_stack_lvl+0x16c/0x1f0 [ 909.575456][T21188] should_fail_ex+0x512/0x640 [ 909.575508][T21188] get_futex_key+0x1d0/0x1560 [ 909.575547][T21188] ? __pfx_get_futex_key+0x10/0x10 [ 909.575576][T21188] ? futex_private_hash_put+0x176/0x300 [ 909.575616][T21188] futex_wake+0xea/0x530 [ 909.575656][T21188] ? __pfx_futex_wake+0x10/0x10 [ 909.575692][T21188] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 909.575723][T21188] ? get_filter+0x146/0x1b0 [ 909.575751][T21188] ? __pfx_get_filter+0x10/0x10 [ 909.575786][T21188] do_futex+0x1e3/0x350 [ 909.575818][T21188] ? __pfx_do_futex+0x10/0x10 [ 909.575859][T21188] __x64_sys_futex+0x1e0/0x4c0 [ 909.575896][T21188] ? __pfx___x64_sys_futex+0x10/0x10 [ 909.575928][T21188] ? __sys_getsockopt+0x144/0x1b0 [ 909.575974][T21188] do_syscall_64+0xcd/0xfa0 [ 909.576002][T21188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 909.576027][T21188] RIP: 0033:0x7f95bfb8efc9 [ 909.576048][T21188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 909.576073][T21188] RSP: 002b:00007f95c0abd0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 909.576098][T21188] RAX: ffffffffffffffda RBX: 00007f95bfde5fa8 RCX: 00007f95bfb8efc9 [ 909.576116][T21188] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f95bfde5fac [ 909.576132][T21188] RBP: 00007f95bfde5fa0 R08: 00007f95c0abe000 R09: 0000000000000000 [ 909.576148][T21188] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000000 [ 909.576163][T21188] R13: 00007f95bfde6038 R14: 00007ffec5fa4490 R15: 00007ffec5fa4578 [ 909.576197][T21188] [ 909.948232][T21201] netlink: 246 bytes leftover after parsing attributes in process `syz.2.3884'. [ 910.955485][T21222] input: f as /devices/virtual/input/input26 [ 914.678869][ T30] audit: type=1804 audit(4294967326.000:29): pid=21286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.3901" name="/newroot/sys/kernel/debug/tracing/events/vmalloc/alloc_vmap_area/filter" dev="tracefs" ino=19680823 res=1 errno=0 [ 915.117161][T21282] FAULT_INJECTION: forcing a failure. [ 915.117161][T21282] name failslab, interval 1, probability 0, space 0, times 0 [ 915.159045][T21282] CPU: 0 UID: 0 PID: 21282 Comm: syz.3.3900 Not tainted syzkaller #0 PREEMPT(full) [ 915.159092][T21282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 915.159109][T21282] Call Trace: [ 915.159118][T21282] [ 915.159128][T21282] dump_stack_lvl+0x16c/0x1f0 [ 915.159162][T21282] should_fail_ex+0x512/0x640 [ 915.159198][T21282] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 915.159228][T21282] should_failslab+0xc2/0x120 [ 915.159262][T21282] kmem_cache_alloc_noprof+0x75/0x6e0 [ 915.159288][T21282] ? vm_area_dup+0x27/0x8d0 [ 915.159330][T21282] ? vm_area_dup+0x27/0x8d0 [ 915.159365][T21282] vm_area_dup+0x27/0x8d0 [ 915.159404][T21282] __split_vma+0x18e/0x1070 [ 915.159444][T21282] ? __pfx___split_vma+0x10/0x10 [ 915.159491][T21282] ? flush_tlb_mm_range+0x36a/0x17a0 [ 915.159528][T21282] ? __page_table_check_ptes_set+0x1ae/0x420 [ 915.159559][T21282] vms_gather_munmap_vmas+0x1cb/0x1340 [ 915.159596][T21282] ? move_page_tables+0x140d/0x4230 [ 915.159623][T21282] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 915.159660][T21282] ? move_page_tables+0xf9e/0x4230 [ 915.159704][T21282] do_vmi_align_munmap+0x286/0x7e0 [ 915.159735][T21282] ? __pfx_do_vmi_align_munmap+0x10/0x10 [ 915.159812][T21282] do_vmi_munmap+0x204/0x3e0 [ 915.159840][T21282] move_vma+0xb5f/0x1770 [ 915.159872][T21282] ? __pfx_move_vma+0x10/0x10 [ 915.159917][T21282] ? vrm_set_new_addr+0x208/0x290 [ 915.159946][T21282] mremap_to+0x1b7/0x450 [ 915.159972][T21282] do_mremap+0x13a8/0x2020 [ 915.160000][T21282] ? futex_private_hash_put+0x180/0x300 [ 915.160042][T21282] ? __pfx_do_mremap+0x10/0x10 [ 915.160075][T21282] ? do_writev+0x218/0x340 [ 915.160119][T21282] __do_sys_mremap+0x119/0x170 [ 915.160145][T21282] ? __pfx___do_sys_mremap+0x10/0x10 [ 915.160182][T21282] ? __x64_sys_futex+0x1e0/0x4c0 [ 915.160235][T21282] do_syscall_64+0xcd/0xfa0 [ 915.160265][T21282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 915.160292][T21282] RIP: 0033:0x7f95bfb8efc9 [ 915.160313][T21282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 915.160337][T21282] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 915.160363][T21282] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 915.160380][T21282] RDX: 0000000000000004 RSI: 0000000000000004 RDI: 0000200000004000 [ 915.160396][T21282] RBP: 00007f95bfc11f91 R08: 0000000100000000 R09: 0000000000000000 [ 915.160412][T21282] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 915.160427][T21282] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 915.160465][T21282] [ 916.407499][T21311] netlink: 188 bytes leftover after parsing attributes in process `syz.1.3903'. [ 916.428857][T21311] netlink: 93 bytes leftover after parsing attributes in process `syz.1.3903'. [ 919.909107][T21374] blktrace: Concurrent blktraces are not allowed on loop2 [ 920.235458][ T30] audit: type=1800 audit(4294967331.588:30): pid=21380 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3915" name="features" dev="configfs" ino=81133 res=0 errno=0 [ 923.598657][T21441] blktrace: Concurrent blktraces are not allowed on loop2 [ 923.812426][T21444] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3931'. [ 924.254671][T21456] netlink: 268 bytes leftover after parsing attributes in process `syz.1.3936'. [ 924.796278][T21462] Console: switching to colour VGA+ 80x25 [ 925.532130][T21492] netlink: 246 bytes leftover after parsing attributes in process `syz.1.3944'. [ 927.747454][T21553] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3963'. [ 928.042893][T21562] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3967'. [ 928.834524][T21575] nvme_fabrics: missing parameter 'transport=%s' [ 928.849873][T21575] nvme_fabrics: missing parameter 'nqn=%s' [ 929.509902][T21614] netlink: 186 bytes leftover after parsing attributes in process `syz.3.3985'. [ 929.957140][T21625] netlink: 186 bytes leftover after parsing attributes in process `syz.0.3992'. [ 930.656024][T21637] netlink: 186 bytes leftover after parsing attributes in process `syz.2.3996'. [ 931.063767][ T30] audit: type=1804 audit(4294967342.465:31): pid=21647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.4003" name="/newroot/988/file0" dev="tmpfs" ino=5178 res=1 errno=0 [ 931.115969][ T30] audit: type=1800 audit(4294967342.465:32): pid=21647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4003" name="file0" dev="tmpfs" ino=5178 res=0 errno=0 [ 931.661298][T21666] netlink: 186 bytes leftover after parsing attributes in process `syz.2.4007'. [ 933.636105][T21712] ptrace attach of "./syz-executor exec"[5826] was attempted by ")#0TM~i~\x09/y̗b,xٺI$emJ}Nzl Y^DDMFh~wDԛl{fY:cڠdRWC_*ޕt?hNSŜ\x0abFX\x09\x09&75I9Ge+Y;*}\x0b@\x0a[ |Nj1bj(sAF')>Y:hBPQINkf:%2;\x1b(x~܃?SU5\x07`/-\x0cD9>im|beAP%_ φƢ t&񣁁l^\x5c3:~eQiė'_f{ؘ\x1b GbQxI @QS3sDKiu(h+ \x0c5<$WP,#*MvW[j'kn(\x0b[&iw=Y3\x09[Udt\x09̚5\x0dyGd?n<&uz23@CPq.Ё=g76QD/4i\x09BՄNWYFMnx()2@b̾OS?P\x07I<92zC7T{&Aw׸'sq惷~3(q =j*cLE`SZ~Z6fW(A<U-y5M8Ht`\x07!*PA\x0b~bWL5&2jc=f}SWwB%1rnw`mI]\x0d7V=pTh;_jtLy l6Z\x0bw Z8\x0cEM [ 935.249576][ T1298] ieee802154 phy0 wpan0: encryption failed: -22 [ 935.356071][ T1298] ieee802154 phy1 wpan1: encryption failed: -22 [ 935.578478][T21754] zswap: compressor not available [ 935.839388][T21777] FAULT_INJECTION: forcing a failure. [ 935.839388][T21777] name failslab, interval 1, probability 0, space 0, times 0 [ 935.852431][T21777] CPU: 0 UID: 0 PID: 21777 Comm: syz.2.4048 Not tainted syzkaller #0 PREEMPT(full) [ 935.852469][T21777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 935.852485][T21777] Call Trace: [ 935.852493][T21777] [ 935.852504][T21777] dump_stack_lvl+0x16c/0x1f0 [ 935.852543][T21777] should_fail_ex+0x512/0x640 [ 935.852580][T21777] ? __kmalloc_cache_noprof+0x5f/0x780 [ 935.852624][T21777] should_failslab+0xc2/0x120 [ 935.852657][T21777] __kmalloc_cache_noprof+0x72/0x780 [ 935.852693][T21777] ? do_raw_spin_unlock+0x172/0x230 [ 935.852730][T21777] ? snd_mixer_oss_open+0x11d/0x300 [ 935.852765][T21777] ? snd_mixer_oss_open+0x11d/0x300 [ 935.852791][T21777] snd_mixer_oss_open+0x11d/0x300 [ 935.852816][T21777] ? __pfx_snd_mixer_oss_open+0x10/0x10 [ 935.852845][T21777] soundcore_open+0x40c/0x580 [ 935.852883][T21777] ? __pfx_soundcore_open+0x10/0x10 [ 935.852911][T21777] chrdev_open+0x234/0x6a0 [ 935.852941][T21777] ? __pfx_apparmor_file_open+0x10/0x10 [ 935.852976][T21777] ? __pfx_chrdev_open+0x10/0x10 [ 935.853006][T21777] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 935.853040][T21777] do_dentry_open+0x982/0x1530 [ 935.853069][T21777] ? __pfx_chrdev_open+0x10/0x10 [ 935.853104][T21777] vfs_open+0x82/0x3f0 [ 935.853142][T21777] path_openat+0x1de4/0x2cb0 [ 935.853181][T21777] ? __pfx_path_openat+0x10/0x10 [ 935.853210][T21777] ? __lock_acquire+0xb8a/0x1c90 [ 935.853247][T21777] do_filp_open+0x20b/0x470 [ 935.853276][T21777] ? __pfx_do_filp_open+0x10/0x10 [ 935.853327][T21777] ? alloc_fd+0x471/0x7d0 [ 935.853358][T21777] do_sys_openat2+0x11b/0x1d0 [ 935.853391][T21777] ? __pfx_do_sys_openat2+0x10/0x10 [ 935.853439][T21777] __x64_sys_openat+0x174/0x210 [ 935.853474][T21777] ? __pfx___x64_sys_openat+0x10/0x10 [ 935.853523][T21777] do_syscall_64+0xcd/0xfa0 [ 935.853553][T21777] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 935.853579][T21777] RIP: 0033:0x7f8605f8efc9 [ 935.853600][T21777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 935.853625][T21777] RSP: 002b:00007f8606de1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 935.853651][T21777] RAX: ffffffffffffffda RBX: 00007f86061e5fa0 RCX: 00007f8605f8efc9 [ 935.853670][T21777] RDX: 0000000000000902 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 935.853687][T21777] RBP: 00007f8606011f91 R08: 0000000000000000 R09: 0000000000000000 [ 935.853703][T21777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 935.853718][T21777] R13: 00007f86061e6038 R14: 00007f86061e5fa0 R15: 00007fff794115c8 [ 935.853755][T21777] [ 936.494373][T21797] program syz.3.4055 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 937.485729][T21820] [U]  [ 937.488583][T21820] [U] [ 937.491307][T21820] [U] [ 937.494020][T21820] [U] [ 937.519714][T21820] [U] [ 937.522480][T21820] [U] [ 937.525199][T21820] [U] [ 937.527936][T21820] [U] [ 937.531482][T21820] [U] [ 937.534209][T21820] [U] [ 937.536921][T21820] [U] [ 937.539633][T21820] [U] [ 937.551569][T21820] [U] [ 937.554321][T21820] [U] [ 937.557033][T21820] [U] [ 937.559742][T21820] [U] [ 937.563316][T21820] [U] [ 937.566043][T21820] [U] [ 937.568753][T21820] [U] [ 937.571459][T21820] [U] [ 937.575946][T21820] [U] [ 937.578672][T21820] [U] [ 937.581383][T21820] [U] [ 937.584084][T21820] [U] [ 937.602652][T21820] [U] [ 937.605420][T21820] [U] [ 937.608139][T21820] [U] [ 937.610853][T21820] [U] [ 937.642011][T21820] [U] [ 937.644777][T21820] [U] [ 937.647495][T21820] [U] [ 937.650208][T21820] [U] [ 937.663782][T21820] [U] [ 937.666543][T21820] [U] [ 937.669259][T21820] [U] [ 937.671975][T21820] [U] [ 937.685365][T21820] [U] [ 937.688125][T21820] [U] [ 937.690844][T21820] [U] [ 937.693562][T21820] [U] [ 937.715576][T21820] [U] [ 937.718343][T21820] [U] [ 937.721060][T21820] [U] [ 937.723779][T21820] [U] [ 937.727496][T21820] [U] [ 937.730221][T21820] [U] [ 937.732927][T21820] [U] [ 937.735698][T21820] [U] [ 937.762675][T21820] [U] [ 937.765435][T21820] [U] [ 937.768147][T21820] [U] [ 937.770851][T21820] [U] [ 937.822331][T21820] [U] [ 937.825107][T21820] [U] [ 937.827823][T21820] [U] [ 937.830542][T21820] [U] [ 937.838557][T21820] [U] [ 937.841302][T21820] [U] [ 937.844006][T21820] [U] [ 937.846713][T21820] [U] [ 937.850549][T21820] [U] [ 937.853276][T21820] [U] [ 937.855979][T21820] [U] [ 937.858682][T21820] [U] [ 937.864392][T21820] [U] [ 937.867133][T21820] [U] [ 937.869849][T21820] [U] [ 937.872557][T21820] [U] [ 937.881218][ T30] audit: type=1804 audit(4294967302.216:33): pid=21826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.4065" name="/newroot/961/file0" dev="tmpfs" ino=5028 res=1 errno=0 [ 937.904088][T21820] [U] [ 937.906820][T21820] [U] [ 937.909528][T21820] [U] [ 937.912231][T21820] [U] [ 937.916325][ T30] audit: type=1800 audit(4294967302.216:34): pid=21826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.4065" name="file0" dev="tmpfs" ino=5028 res=0 errno=0 [ 937.940474][T21820] [U] [ 937.943206][T21820] [U] [ 937.945897][T21820] [U] [ 937.948581][T21820] [U] [ 937.970432][T21820] [U] [ 937.973189][T21820] [U] [ 937.975899][T21820] [U] [ 937.978605][T21820] [U] [ 938.007082][T21820] [U] [ 938.009836][T21820] [U] [ 938.012549][T21820] [U] [ 938.015259][T21820] [U] [ 938.022013][T21820] [U] [ 938.024754][T21820] [U] [ 938.027466][T21820] [U] [ 938.030179][T21820] [U] [ 938.058922][T21820] [U] [ 938.061677][T21820] [U] [ 938.064387][T21820] [U] [ 938.067094][T21820] [U] [ 938.070301][T21820] [U] [ 938.073040][T21820] [U] [ 938.075733][T21820] [U] [ 938.078417][T21820] [U] [ 938.108617][T21820] [U] [ 938.111376][T21820] [U] [ 938.114089][T21820] [U] [ 938.116787][T21820] [U] [ 938.125783][T21820] [U] [ 938.128531][T21820] [U] [ 938.131251][T21820] [U] [ 938.133954][T21820] [U] [ 938.137992][T21820] [U] [ 938.140718][T21820] [U] [ 938.143422][T21820] [U] [ 938.146129][T21820] [U] [ 938.161394][T21820] [U] [ 938.164149][T21820] [U] [ 938.166854][T21820] [U] [ 938.169582][T21820] [U] [ 938.172693][T21820] [U] [ 938.175415][T21820] [U] [ 938.178119][T21820] [U] [ 938.180819][T21820] [U] [ 938.283933][T21820] [U] [ 938.847826][T21845] ima: policy update failed [ 938.936744][ T30] audit: type=1802 audit(4294967303.232:35): pid=21845 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.4069" res=0 errno=0 [ 939.355431][T21851] misc userio: The device must be registered before sending interrupts [ 940.105228][T21864] netlink: 342 bytes leftover after parsing attributes in process `syz.1.4076'. [ 941.741361][T21907] mkiss: ax0: crc mode is auto. [ 942.600435][T21926] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4095'. [ 942.612994][T21926] netlink: 25 bytes leftover after parsing attributes in process `syz.3.4095'. [ 942.772572][T21932] [ 942.774950][T21932] ====================================================== [ 942.781967][T21932] WARNING: possible circular locking dependency detected [ 942.788979][T21932] syzkaller #0 Not tainted [ 942.793381][T21932] ------------------------------------------------------ [ 942.800382][T21932] syz.3.4098/21932 is trying to acquire lock: [ 942.806433][T21932] ffff8880787bd0c8 (&type->i_mutex_dir_key#6){++++}-{4:4}, at: walk_component+0x345/0x5b0 [ 942.816372][T21932] [ 942.816372][T21932] but task is already holding lock: [ 942.823737][T21932] ffffffff8e281ae8 (param_lock){+.+.}-{4:4}, at: param_attr_store+0xec/0x300 [ 942.832546][T21932] [ 942.832546][T21932] which lock already depends on the new lock. [ 942.832546][T21932] [ 942.842944][T21932] [ 942.842944][T21932] the existing dependency chain (in reverse order) is: [ 942.851951][T21932] [ 942.851951][T21932] -> #3 (param_lock){+.+.}-{4:4}: [ 942.859254][T21932] __mutex_lock+0x193/0x1060 [ 942.864372][T21932] ieee80211_init_rate_ctrl_alg+0x18d/0x6b0 [ 942.870788][T21932] ieee80211_register_hw+0x21b5/0x4120 [ 942.876778][T21932] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 942.883016][T21932] init_mac80211_hwsim+0x44e/0x900 [ 942.888655][T21932] do_one_initcall+0x123/0x6e0 [ 942.893955][T21932] kernel_init_freeable+0x5c8/0x920 [ 942.899675][T21932] kernel_init+0x1c/0x2b0 [ 942.904526][T21932] ret_from_fork+0x675/0x7d0 [ 942.909644][T21932] ret_from_fork_asm+0x1a/0x30 [ 942.914931][T21932] [ 942.914931][T21932] -> #2 (rtnl_mutex){+.+.}-{4:4}: [ 942.922138][T21932] __mutex_lock+0x193/0x1060 [ 942.927257][T21932] cgrp_css_online+0xa2/0x1f0 [ 942.932452][T21932] online_css+0xb2/0x350 [ 942.937223][T21932] cgroup_apply_control_enable+0x702/0xbb0 [ 942.943552][T21932] cgroup_mkdir+0x5e0/0x1310 [ 942.948666][T21932] kernfs_iop_mkdir+0x111/0x190 [ 942.954067][T21932] vfs_mkdir+0x593/0x8c0 [ 942.958836][T21932] do_mkdirat+0x304/0x3e0 [ 942.963690][T21932] __x64_sys_mkdirat+0x83/0xb0 [ 942.968968][T21932] do_syscall_64+0xcd/0xfa0 [ 942.973990][T21932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 942.980402][T21932] [ 942.980402][T21932] -> #1 (cgroup_mutex){+.+.}-{4:4}: [ 942.987784][T21932] __mutex_lock+0x193/0x1060 [ 942.992932][T21932] cgroup_kn_lock_live+0x116/0x520 [ 942.998572][T21932] cgroup_rmdir+0x20/0x2b0 [ 943.003503][T21932] kernfs_iop_rmdir+0x106/0x170 [ 943.008880][T21932] vfs_rmdir+0x206/0x690 [ 943.013645][T21932] do_rmdir+0x2e8/0x3c0 [ 943.018319][T21932] __x64_sys_rmdir+0xc5/0x110 [ 943.023512][T21932] do_syscall_64+0xcd/0xfa0 [ 943.028525][T21932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.034930][T21932] [ 943.034930][T21932] -> #0 (&type->i_mutex_dir_key#6){++++}-{4:4}: [ 943.043358][T21932] __lock_acquire+0x126f/0x1c90 [ 943.048725][T21932] lock_acquire+0x179/0x350 [ 943.053748][T21932] down_read+0x9b/0x480 [ 943.058419][T21932] walk_component+0x345/0x5b0 [ 943.063607][T21932] path_lookupat+0x142/0x6d0 [ 943.068707][T21932] filename_lookup+0x224/0x5f0 [ 943.073979][T21932] kern_path+0x35/0x50 [ 943.078555][T21932] lookup_bdev+0xd8/0x280 [ 943.083402][T21932] bdev_file_open_by_path+0x82/0x330 [ 943.089196][T21932] block2mtd_setup2+0x317/0xe10 [ 943.094569][T21932] block2mtd_setup+0xbd/0x110 [ 943.099771][T21932] param_attr_store+0x199/0x300 [ 943.105134][T21932] module_attr_store+0x58/0x80 [ 943.110405][T21932] sysfs_kf_write+0xf2/0x150 [ 943.115505][T21932] kernfs_fop_write_iter+0x3af/0x570 [ 943.121309][T21932] vfs_write+0x7d3/0x11d0 [ 943.126150][T21932] ksys_write+0x12a/0x250 [ 943.130991][T21932] do_syscall_64+0xcd/0xfa0 [ 943.136006][T21932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.142407][T21932] [ 943.142407][T21932] other info that might help us debug this: [ 943.142407][T21932] [ 943.152701][T21932] Chain exists of: [ 943.152701][T21932] &type->i_mutex_dir_key#6 --> rtnl_mutex --> param_lock [ 943.152701][T21932] [ 943.165672][T21932] Possible unsafe locking scenario: [ 943.165672][T21932] [ 943.173110][T21932] CPU0 CPU1 [ 943.178460][T21932] ---- ---- [ 943.183838][T21932] lock(param_lock); [ 943.187811][T21932] lock(rtnl_mutex); [ 943.194304][T21932] lock(param_lock); [ 943.200805][T21932] rlock(&type->i_mutex_dir_key#6); [ 943.206091][T21932] [ 943.206091][T21932] *** DEADLOCK *** [ 943.206091][T21932] [ 943.214217][T21932] 5 locks held by syz.3.4098/21932: [ 943.219400][T21932] #0: ffff8880314189b8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x2a2/0x370 [ 943.228454][T21932] #1: ffff888023f10420 (sb_writers#7){.+.+}-{0:0}, at: ksys_write+0x12a/0x250 [ 943.237448][T21932] #2: ffff888032417888 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x28f/0x570 [ 943.247203][T21932] #3: ffff88814d9075a8 (kn->active#4){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x2ff/0x570 [ 943.257142][T21932] #4: ffffffff8e281ae8 (param_lock){+.+.}-{4:4}, at: param_attr_store+0xec/0x300 [ 943.266374][T21932] [ 943.266374][T21932] stack backtrace: [ 943.272273][T21932] CPU: 1 UID: 0 PID: 21932 Comm: syz.3.4098 Not tainted syzkaller #0 PREEMPT(full) [ 943.272298][T21932] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 943.272310][T21932] Call Trace: [ 943.272318][T21932] [ 943.272327][T21932] dump_stack_lvl+0x116/0x1f0 [ 943.272349][T21932] print_circular_bug+0x275/0x350 [ 943.272376][T21932] check_noncircular+0x14c/0x170 [ 943.272402][T21932] __lock_acquire+0x126f/0x1c90 [ 943.272430][T21932] lock_acquire+0x179/0x350 [ 943.272454][T21932] ? walk_component+0x345/0x5b0 [ 943.272473][T21932] ? __pfx___might_resched+0x10/0x10 [ 943.272494][T21932] ? __d_lookup+0x25c/0x4a0 [ 943.272523][T21932] down_read+0x9b/0x480 [ 943.272546][T21932] ? walk_component+0x345/0x5b0 [ 943.272561][T21932] ? __d_lookup+0x266/0x4a0 [ 943.272585][T21932] ? __pfx_down_read+0x10/0x10 [ 943.272609][T21932] ? lookup_fast+0x156/0x610 [ 943.272626][T21932] walk_component+0x345/0x5b0 [ 943.272643][T21932] path_lookupat+0x142/0x6d0 [ 943.272662][T21932] filename_lookup+0x224/0x5f0 [ 943.272682][T21932] ? __pfx_filename_lookup+0x10/0x10 [ 943.272708][T21932] ? getname_kernel+0x52/0x370 [ 943.272733][T21932] ? __asan_memcpy+0x3c/0x60 [ 943.272753][T21932] kern_path+0x35/0x50 [ 943.272770][T21932] lookup_bdev+0xd8/0x280 [ 943.272797][T21932] ? __pfx_lookup_bdev+0x10/0x10 [ 943.272827][T21932] bdev_file_open_by_path+0x82/0x330 [ 943.272846][T21932] ? __pfx_bdev_file_open_by_path+0x10/0x10 [ 943.272868][T21932] block2mtd_setup2+0x317/0xe10 [ 943.272895][T21932] ? __pfx_block2mtd_setup2+0x10/0x10 [ 943.272920][T21932] ? __pfx___mutex_trylock_common+0x10/0x10 [ 943.272948][T21932] ? trace_contention_end+0xdd/0x130 [ 943.272984][T21932] block2mtd_setup+0xbd/0x110 [ 943.273009][T21932] param_attr_store+0x199/0x300 [ 943.273030][T21932] ? __pfx_param_attr_store+0x10/0x10 [ 943.273049][T21932] module_attr_store+0x58/0x80 [ 943.273066][T21932] ? __pfx_module_attr_store+0x10/0x10 [ 943.273088][T21932] sysfs_kf_write+0xf2/0x150 [ 943.273109][T21932] kernfs_fop_write_iter+0x3af/0x570 [ 943.273138][T21932] ? __pfx_sysfs_kf_write+0x10/0x10 [ 943.273158][T21932] vfs_write+0x7d3/0x11d0 [ 943.273178][T21932] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 943.273207][T21932] ? __pfx___mutex_lock+0x10/0x10 [ 943.273228][T21932] ? __pfx_vfs_write+0x10/0x10 [ 943.273253][T21932] ksys_write+0x12a/0x250 [ 943.273273][T21932] ? __pfx_ksys_write+0x10/0x10 [ 943.273295][T21932] do_syscall_64+0xcd/0xfa0 [ 943.273315][T21932] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 943.273335][T21932] RIP: 0033:0x7f95bfb8efc9 [ 943.273350][T21932] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 943.273368][T21932] RSP: 002b:00007f95c0abd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 943.273386][T21932] RAX: ffffffffffffffda RBX: 00007f95bfde5fa0 RCX: 00007f95bfb8efc9 [ 943.273399][T21932] RDX: 0000000000000025 RSI: 0000200000000000 RDI: 0000000000000003 [ 943.273411][T21932] RBP: 00007f95bfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 943.273423][T21932] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 943.273435][T21932] R13: 00007f95bfde6038 R14: 00007f95bfde5fa0 R15: 00007ffec5fa4578 [ 943.273453][T21932] [ 943.597991][T21932] block2mtd: error: cannot open device inX±jFBB>U;߸Ilk