last executing test programs: 9.36436796s ago: executing program 2 (id=438): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x22a01, 0x0) getpid() r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x80, 0x4, 0x5, 0x4) madvise$auto(0x0, 0x2003f2, 0x15) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24040081}, 0x40094) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x100000002, 0x100000001) 8.293930317s ago: executing program 3 (id=441): unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x29, 0xa, 0xb) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0x8f80, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) r3 = prctl$auto(0x38, 0x1, 0x4, 0xd73, 0x7) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) getsockopt$auto(r3, 0x0, 0x2, 0xffffffffffffffff, 0x0) mprotect$auto(0x0, 0x8000000000000001, 0x8) connect$auto(0x3, 0x0, 0x54) socket(0xa, 0x3, 0x3a) sendmsg$auto_CTRL_CMD_GETPOLICY(r1, 0x0, 0x10) madvise$auto(0x0, 0xffffffffffff0001, 0x15) 6.981577195s ago: executing program 1 (id=442): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x5429, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x10000040000b, 0x1000000000000df, 0x4000009b73, r2, 0x8003) mlock$auto(0x9, 0x401) r3 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x60800, 0x0) ioctl$auto(r3, 0x901064ac, 0x5) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0xa, 0x8, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x400}, 0x7f) 6.504746934s ago: executing program 2 (id=443): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 6.400353713s ago: executing program 3 (id=444): openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0) openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000280), 0x204b00, 0x0) socket(0x2, 0x80002, 0x73) socket(0x2, 0x1, 0x84) socket(0x2b, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/rpc/use-gss-proxy\x00', 0x200042, 0x0) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000140), 0x20, 0x0) socket(0x10, 0x2, 0x4) openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) pipe$auto(&(0x7f0000000000)) socket(0xa, 0x2, 0x3a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x8a240, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x2042, 0x0) io_uring_setup$auto(0x6, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xf) r1 = bpf$auto(0x0, &(0x7f0000000080)=@bpf_attr_4={0x1e, r0, 0xffffffff}, 0xd) bpf$auto(0x2, &(0x7f0000000080)=@iter_create={r1, 0x98}, 0x5) 5.977344365s ago: executing program 2 (id=445): mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x189880, 0x0) ioctl$auto_tracing_buffers_fops_trace(r1, 0x5220, 0x0) pipe$auto(0x0) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, 0x0) write$auto(0x6, 0x0, 0x100000001) splice$auto(0x4, 0x0, r0, 0x0, 0x6c06, 0x7) socketpair$auto(0x1e, 0x5, 0x3, 0x0) r2 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f0000000040), 0x4001, 0x0) setsockopt$auto_SO_RCVBUF(r2, 0x9, 0x8, &(0x7f00000000c0)='$,*\x00', 0xeb4) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000040080000004, 0xe) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0) ioctl$auto_CEC_DQEVENT(r3, 0xc0506107, 0x0) 5.520376161s ago: executing program 3 (id=446): mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0x401, 0x20000008000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/audit\x00', 0x100, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x1ac}}, 0x4004) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) ioctl$auto_VHOST_GET_FEATURES(r0, 0x8008af00, &(0x7f0000000100)=0x8) r1 = socket(0x11, 0x3, 0x9) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xc, 0x800008000) vmsplice$auto(0x1, &(0x7f0000000000)={0x0, 0x5}, 0x6, 0x8) r2 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000180)='/dev/binderfs/binder1\x00', 0x200, 0x0) ioctl$auto_BINDER_GET_FROZEN_INFO(r2, 0xc00c620f, 0x0) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x7, 0x4a}) socket(0x2, 0x2, 0x73) bind$auto(r1, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6d) r3 = socket(0x2, 0x80002, 0x73) bind$auto(r3, &(0x7f0000000340)=@l2tp={0x2, 0x0, @multicast2=0x7f000001, 0x4}, 0x6b) sendmmsg$auto(r1, &(0x7f00000001c0)={{0x0, 0x5aa, &(0x7f0000000100)={&(0x7f0000000080), 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) clock_gettime$auto(0x404, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x0) r4 = bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0x6, 0x10, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x7, 0x7, 0x6}, 0xf) ioctl$auto_X86_IOC_WRMSR_REGS(r4, 0xc02063a1, &(0x7f0000000040)=[0x92, 0x7, 0xfff, 0x8000005, 0x7, 0x9b, 0x2, 0xffffff81]) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@map_fd, @target_ifindex=r5, 0x3, 0x81, @uprobe_multi={0x84, 0x1ff, 0x3d7e, 0x0, 0x1f, 0x4}}, 0x92) 5.333618917s ago: executing program 2 (id=447): openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/audio\x00', 0x20342, 0x0) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) timer_create$auto(0x9, 0x0, 0x0) read$auto(0x3, 0x0, 0x8080) socket(0xa, 0x1, 0x100) write$auto(0x3, 0x0, 0xffd8) unshare$auto(0x40000080) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000840)='/dev/ttyS1\x00', 0x20000, 0x0) ioctl$auto_TIOCGDEV2(r0, 0x5429, 0x0) process_mrelease$auto(0xffffffffffffffff, 0xa) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mount$auto(0x0, 0xfffffffffffffffe, 0x0, 0x80, 0xfffffffffffffffe) write$auto(r1, &(0x7f0000000180)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8\xa6\xb6\xaa\x96/OX\xba\x02\xc5\xc6B\x1d}Y\xbc@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf\xd6f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8', 0x100000a3d6) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/037/001\x00', 0x802, 0x0) mmap$auto(0x1000000000, 0x100000400008, 0x1000000000000df, 0x4000009b73, r2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x40080, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x10000000000001ff, 0x7, 0xd3e, 0x20, 0x9687, 0x100000000000003, 0x3c2a19d5, 0x6, 0x3, 0x62, 0x8, 0x7, 0x6d3f, 0x6, 0xa, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xfffffffffffffffb, 0x1, 0x4, 0x3, 0x3, 0x3, 0xffffffffffffffff, 0x3, 0x8000000000400000, 0x3, 0x6d3c, 0x3, 0x2, 0x8000000000000006]}, 0x0) close_range$auto(0x2, 0x8, 0x0) readv$auto(0xffffffffffffffff, &(0x7f0000001780)={0x0, 0x400}, 0x7f) 4.852741905s ago: executing program 1 (id=448): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r1 = openat$auto_ftrace_set_event_notrace_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/set_event_notrace_pid\x00', 0x582, 0x0) write$auto_console_fops_tty_io(r1, &(0x7f0000001240)='4', 0x1) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup/cgroup.threads\x00', 0x80302, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000080)) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000600)={{&(0x7f0000000400)="5cdd59f1a68d086a02a2cc1399c7b3f7410eb36cfbec7e7224eaf6de379d09771080b197b8057225ffa98bc9a7bd53a5aee9a2d48d74d149c199be3009d2d61af64942e106e9b586aabcd7ae4de8a0e87e02af7f6af674c2fc8d8a8a78916f9c23e6b8a8be7141ae87f2996f079bfcbadc2ef4a6a3e894ba7dd3d9f11bd4d05558df32f9eeb4fda5e29576787e2ced58e35355c37e1ff8a11d36a067d362a37323c582eee83ea4cc9e7f", 0x6, &(0x7f0000000540)={&(0x7f00000004c0)="35a4988620ed7f4ab66aa8948d2c0530bb25f6057ba29add8bbc1d2db5f8682804b365a0d809d366e189194941627ddf76d73565a6133f661519a99780edab37135a9058cfbea6f19ec9ad30287159ec1c6afd59583911a5239ff895b0871d32f098c6cfdef0b944fe4659694d8716"}, 0x2, &(0x7f0000000580)="6ea0838008f497d022b78e5e7eb7c80c499b948523cfff8c50f12ebc124c316e0b644f39bb8b55a743fb004e0ed1aec82d0b82794ab3801ad7705749f562a3d87256f1ec7ebea9a0fd16decd422f095cc3abfc2c4e7fcc9916d6a7139c731bdeed", 0x4, 0xc7b}, 0xfffffffe}, 0x6, 0x2) 3.46406887s ago: executing program 2 (id=451): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x62, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(r0, 0x0, 0x9a9, 0x70000fc) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) r2 = socket(0x2b, 0x1, 0x0) ioctl$auto_BTRFS_IOC_ENCODED_WRITE_32(0xffffffffffffffff, 0x40789440, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x11}}, 0x6a) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x3, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ff) sendto$auto(0x3, 0x0, 0x2000f, 0x181, 0x0, 0x1c) recvmmsg$auto(0x3, 0x0, 0xfffe, 0x6, 0x0) 3.463258188s ago: executing program 1 (id=459): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 3.4621473s ago: executing program 3 (id=460): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r0) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r0, &(0x7f0000001cc0)={0x0, 0x0, &(0x7f0000001c80)={&(0x7f0000000340)={0x34, r1, 0x1, 0x70bd27, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}, @ETHTOOL_A_CHANNELS_RX_COUNT={0x8, 0x6, 0x1}]}, 0x34}, 0x1, 0x0, 0x0, 0xf2b0dd16cfb63227}, 0x800) r2 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x9, 0x7) bpf$auto_BPF_ENABLE_STATS(0x20, &(0x7f0000000040)=@token_create={0x5, r2}, 0x9) setsockopt$auto(r2, 0x9, 0x8, &(0x7f0000000000)='\x00', 0xfffffffe) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/disksize\x00', 0x2202, 0x0) write$auto(r3, &(0x7f00000001c0)='7K\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x3dec) r4 = socket(0x26, 0x2, 0x1) r5 = syz_genetlink_get_family_id$auto_nlbl_cipsov4(&(0x7f0000000140), r2) socket(0x1a, 0x80000, 0x0) sendmsg$auto_NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r5, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x80d0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) finit_module$auto(0xffffffffffffffff, 0x0, 0x4) openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x80802, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) close_range$auto(0x2, 0x8, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x89b0, &(0x7f0000000080)={'bond0\x00'}) r6 = getpid() shmctl$auto_IPC_STAT(0x2, 0x2, &(0x7f0000000440)={{0x1000, 0xee00, 0xffffffffffffffff, 0x97c, 0x10000, 0x0, 0x9}, 0x671, 0x69ad, 0x1, 0x7, @raw=0x1, @raw=0x6, 0x4, 0x0, &(0x7f0000000280)="832922ddc770db99b839741117f955b6735d03d985bb0f46b5b9e41c23c97cb1950132814cf16079ab956dcd1f5bb39fcbcc842f4e62248b4c036f886e258e472752d687de0b70970a8c568113d644abda8924cd3c7a1c52e7871953af04ab7288858bb1f5e29f2be25906f6430f9929cf77d87a1224f8d05ad01eabd89a35a56a5f657bfe81b8dd", &(0x7f0000000380)="fd0c4ed64791f3d9dfe195178d558f040c07c9dcd8dce90465bedf68670c65c3bfd77235f71d8090dbcefc5db01b1291dd7104221261927b14420880bcc5574504571190934005d7f8d2226ef93ccf0776e7bf21705da66d8650a5334ff3cf2c77948d27e77fbab10b29e68d9fedc8a70155ec821f622d3b97d2586a36f1013f85f6308e554666f46a892d45e7170c9d8b4c058e2733b1fcfa6e8460e05b879f37d5317c241d"}) msgctl$auto_IPC_STAT(0x8, 0x2, &(0x7f0000000640)={{0x2, r7, 0x0, 0x9b, 0x8, 0x3, 0xef}, &(0x7f00000005c0)=0x9, &(0x7f0000000600)=0x6, 0x6c6be1f7, 0x7, 0x9b, 0x800, 0x1, 0xfb, 0xa66f, 0x401, @inferred=r6, @raw=0x4}) rt_tgsigqueueinfo$auto(r6, r6, 0x2, 0x0) 2.968583125s ago: executing program 1 (id=452): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_NETDEV_CMD_DEV_GET(0xffffffffffffffff, 0x0, 0x28044004) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket$nl_generic(0x10, 0x3, 0x10) madvise$auto(0x0, 0x2003f2, 0x15) socket(0x23, 0x5, 0x0) socket(0x2, 0x1, 0x106) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x2aa01, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00000000000000000000000000000000000000000000000000cadb00", 0x3ff, 0x408, 0xf, 0x400001, 0x200000000040000d}) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r2, &(0x7f00000009c0)="8939cc4d36227fdb35e4a7779345a4d999cb1552f41b34b4003355454e96e6647b34e58345a013e46d9380cd77dcd9b5804ab378df5b19fd93b23d547b6a39e0563f1da27d880a0c7a41ada96f5899128a2f138a38855f3a0e5090cfcb022a807fd8d8410e21962aea3354ff7d28917ad17443189afcba863b21eedff9ef8944e15848033f30ec1ce206287db0755992c3d95fa6c7a2ecb44696ce661038bdc304c775605215501e237d8713947274ff5249f4fefe090d0581a07ac675fdc5da272124ae5975977941ead35326b8dd9ef2562c730a1df3116a5e25f19463fb391d3ba275758c4dd50d5bb8ecd6b3b07ebadfc8c978bb7e15a95c5bd06356d6d9d9e89db59312c4f8452f55ba7013b2691ca80c7db06df2026b190ae22bd233128b0459f8e22f77579ee7f7c6054e4eb33480be2d6e034dd96379f65937a7edf67a2d6b9fc5bb4253bb95d4bedd94da5d5cd944ccfa98c65c25dc3ab8fda6e68d77806b21e624aae3a6435c313b15894332942eb58e2bc6a0582aceaeb594578a2908b49a6f2ce66aac2e2ee4cadfc452cb953a51449039dbb5c7e84405d9cb335afbed3384ffc695b954cc51531bb083df05e2af461c2a7a0a697d0d59c565f5cfd3b354f051d5637fd1f72aeb79be3567215c648ae85541c9f3c4856229247b1225d327ed57fa7981424b39ebbb77a0f6ca5778ed0c9713d68aedd19627de8edf485f9155261ede5c803da5ce248f4c93a1b9925ee07d3f42c8f999252655c582ff47da1e6d010449345c4f3a43336547112ef4e8e0bd0829027b6dcb8fb127171eeb7a38470592c8422bc5c9bb784c281d20847eb79fef43fd38aa88f1a8639728267aef7a74fc40cc54cefea2807f598cd25f3c1bd8ab17fc88aac82179057717177355a1103433d8f7468a8f49d7d5dd8093f6882a791ce983aa4e03bf1a91e938b8da4f9cb41d6371579d9feb55636d8626b9e339d5e54a2397537e9b2f5bb846f1d0dd4614ad5f68fa35ea3f366a12eb4d51aad810856db0f11974bda08daf259c9477053847f17074fbbcbce75472cb9acada0b400f4fa85b71a97e7c686b2ba98e3d2bbb905d9e82430a2730d8d3465d9b632ba07fd746b2a394feb76db7501208f559be2a151c205103c4481cae7352f7117e6c626f25f0b3367d50a1ea87a38136b6ca64e1ef51207c0d6c06dfe86336b65caeee24138f1ca0955135c5d2b49743b0e51f98b7a8bd3a5ac50ca3a5d6e8e17cdf154bae7fa031b40b83b285b58eb47277920fc28ef916d5ae8536458577a37b73ae29312fee7885c405417d454e38dbe50ef1a8603e28611bf4d6b63251a1abc190581c6efe832d62d6ce8f6c4a64c7e018427b5fadddc1cec3896ed51c977d9e3f7c0d1e8f8d75693e1ead5a7a3714843fb3517bd0ddc68936c801692cce52ba003036764dc7f016e342a54f99916fc595dba1fc76222c5e814a1b71c6b9b735240e6bf747a900f6048b2836af70c6aa717701312c61c965d8ca1bdafb5d3623b2ee9b7e4a767ed76defd661a9f18bffaeada811ac2ad6731bf96274b019498c5552b38678ff0aedb465713d895595b92e2bc9e1b3acec28f3ee5831951582f2ad1831ddce1300dcc4547ec444eae5c614719be9c3d397fc1db1a76d954cbc9b7a0d7c8d1eab3eeccd70b17dcd7c3543b6d9effbea67c4ade126c6fbfdee281fe3479c3052e68cf8441a50a6adc59dec8de4261a117e0286eea92ecc88230fdfdca1ed438026e238e6dbfdc4772dccb17737c398add9644b47bfb1a3e3a4b1316ec25ea07f90f858736e80dbb9c882701e7188d315391c538469695f33d266550fb873f47a12518717c83bec4e0cce65958d08a0e287df6a08efd979e087814b1822681ba6ea015714fd66af5100967e152262973b065ed349398aa13bb4329b4f56081aba2ba73ede47a2f1b2dbd5daeaf4d4f790a030e3c1fac30da1b5f6149074de6d76b1635adf44016027efd4ac08c93983e0935c1c8b38a675d5c356483539624e1f402439e6a55529a44c17207d6a5f9d0a2b1745ccb5d4e7332a2b2467c9690c9b7fb9fa73b4da5d3eadd347b89bf05a6aacac989ce9f1398729a4b3383c64c64cc68a8638735ebd80fb9ba2ee9e30e65a56d5676f2b607567f2a07adba966b210339d6a8cc404ffdcbf8ac02216239cc9e0abec2e2aa1d27d658913c83ae08657439bf32213d6b3c3fbb37f978a1820d23be11511869e5884ccab0de2a2ac982d58f01e88b54a54b0f50cc0ff699e39f86d74371f1667927ea4ba96af4c98b05e2b1d4115ef892332ab7ac777f1537f3ce78a2889fab969aa6a11f9e855ec1ba09096346fe930737e6760688c91a60bce3f173c24fa1efcbe5d12869ba34883f95e6bc90c61994f6761c305f5de4a0f79f6b3403249190542edd86d7231f0d89d1519ccab3ef35e3dc9e35a5031ab1cb888a8ace8cbe67073c19f8060ea78bf6d6a8970ed1aae35246df0b825d325279ae4c2a838e0e1f40a3c9615b06b2c4e929942a2d820a82ef19d355754caa45119d5e07f9052bf02ed05de6e07bf46758255d8ef077fd04e971b5117f8ef54f20559c98a9c51df5ed7d2db8f2085ce9947b474c7f00f4a1585507e2344a53a597292a338dd39592df962267a835d091dc9f1c5e7a6a0f1215a0015d9083720aee97b7fa1aa7f4fbcf698018980ebe5cd928e6ea1f1c4e6087678cfa687f1f6cea280fb9f24496211fb00b3788bf4ac4cf5d0972c398baa70fc54dc28a9fd3b838a5732b5039602d5049afc135cfef8053a20359287d53bcce117c7c36147288178cef8dac66f4b941333dd74cf2e9e22ce1be287f1ea2c0d5f476ea74a996d5952c98714a9939084f87bb525f287214567bf1da94d8d098640215d14800f09367aaade0f57ad08dc581dc19d21bdd640d1d3cf54336bb0feafc14d9709f719b1212eee75d9f8b958783cce8a535cb6a1b890e002fefa0e60597275ca2d516b28ef1d1ce3f25184b20726cb59ccab574b8d0ffd30fce23936ec84224991a6f9d2fd74def41248726f86e413dd13e9be77f1856fa1b5803312b8a9179914980bb70873a380278f1c6ad42186b14933892427939f83556e9d130607c1b3e1292da5ba6908b642a11d2814b7ea8b7442ae9aaea89948a58cba34807e617404af7e34ecc449be8c403ee536f311af194d63c9120e0268c3f7e2cafc739b6a0575396d61e55707820fe6eb6a71ce094b931d67b8be93937542e3f7e5bb80ab033d979b3c1bff4ff367934c73198fd04571e7a74b9376894d4b0c45a53b7711cecdd98fc87980b82019db23bf4f41ad8182b6861cab9fdb8f882eddc568f5f35e798350857b3818e2e0ef189cf08825355a9ffec231c0f5039b80764f3c7d1f2371fc71216e8f8d83bce4273bcbf22908d81b7c28d664e574e396098ad8fb0bcd68dbc3d1bb0f0bf295df0ae59339381ee231536c7d3b949072a5a2ba5245cb57848dfbb7cbcb7cbdae9b96752c824410eb46f6978051ae5734c278292a90f3c395f098162d4a43c7f449b1cd8208e15fe97c11c25b663a837348b45e059998a10f1c05490dae27b12508decaafec265eb2c22f3df91291922c80e33f479a77078717a7beea74972a7817e791e2cedcaafb43d1bb71ae86242f3375633bdcf0176ef26075446d3cf999df207983af46406defa8aaab0071a24c273a6b2ef78c47efdc0950a3bf486e1f0c26587b8de77a7fbfeb10a22485a6ec662f3afa0508343f9019a8a04118a30c78d89311da9fddfab1cd44f0c2c2f934ba94e88862fb2121893dab164b3edd2d3b0f4658624f6883099353b1bd0e0601f5397c5a5d6689890b207189602ee61524acc886ab1276aecf1a0bb4fbc85ff7e4881a977513ea0abd446b757464f6caa3485c3d08a4dc810ce21d85cfffc4fa07015ae41b1c7a6ba1858566db8ecaa0dd1cd6e5b7e3cc2a344399e89103954e380ee58b62cd508c587c9946b05433af55959a2ad30fb9b521c64f57321a23e4ac9866f356d28b29302f9604303bc66215696874eaf63e7a37056f78ac3034dc63db9315edb5bc7ada518e02b28281893792ac39374220645694c8e437358b5117f1e2d8269125111afc070ff118ec3a38d949c9ca4a7a1ce6dcac1e2a8e63af511d140b23a86cb78a7a47c4a9e2dcd4587ae32a36e47ed7a7a6e84bf1dbc60b0b00773b4bc0c9ebd38f0e8ccaa0eef5199229057f93c12988cd52317e64c9668b74e946a5cf837320f0889a427f84431f20540dc17eeb0587e51bd05ae9478dd42d215849d50cb745dd9d2d90c294a404ec95941d39ffacbe0e02c0fb6b017042986f1bb00e675a26eb0e65654eb130e5ad3b67cf73b89783effdebf50788f5287ebf2b1d96a4a94e37f39a9bfa0e6c95791a6fd5b5bc083af38afd3fb3ae0f17736f020d8b055a8081121d9f5d563cba2d8b803c4c687ea9184aa09445af016c77d946b03fca370c157f3c7b61ada339a9d3b1b5d18d68e3d66db596164720b09b1426bae1b96c7c5c201a5b232742cfcba1c45164165b5f342548354c2e040fc3a9dbb77dd35ae1f84aa89360fbd232637c0522c64088d7e4313311708c5525538c2e0db4d25143306e93492170413f1f85c3e582ca354164e14b5d3bb33fd808a8b608e29f744333fc670f3816829c1a8583a7b158154a988f5b3b97c38add8146f2faa7c30acc309763eee280251c0a1e1b2d26bd377531a00a2dc54696b90045b17bba7e76dcef64714fecd12c3e84bcc7cffa17b18c6bbcc39960f4156ef05e368c4f205e8dc05a668b09548c2ced5927e6dab63a9e196aa42034ac8f4b9fb9ee4d8cd9c0fb435efaf5c7f4059607a2ac5669f5ebfd5c6db2579e465a3ca09c2a8441fabd977ada9ef15d795c891810ff1cf95bf071ecd4cd4b8fff8a1e63e08e790edef1aced37d8cab6d66696bbfce01ed7e22aefa9dc81de1fb212c4153ca29647d85b84def3234bfeaac52f6e1d567987d0b92ef04f9822acd1c25f532ba96c513954af88288b2d3a100bb9bc33df9b86ba471b2c7eed43d64422831455d144709d2ca4582559fb2a8cdc1c0686c686bbd04bd81f6116c7b8480c990651c4eab199dd27fecce28ab10965b60d0d062f66c0055cf7c0bf5b9779a6", 0xe42) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto_BLKSSZGET(r1, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4091}, 0x80) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x9488, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x7ff, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0x8001, 0xfffffffffffffffe, 0x80000000, 0x335b0eef, 0xffffdfffffffff81, 0x4]}, 0x0) 2.967396327s ago: executing program 0 (id=462): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 2.637700837s ago: executing program 3 (id=453): r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x800008000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x22a01, 0x0) getpid() r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) prctl$auto(0x1000000003b, 0x80, 0x4, 0x5, 0x4) madvise$auto(0x0, 0x2003f2, 0x15) getcpu$auto(0xfffffffffffffffc, 0xffffffffffffffff, 0xfffffffffffffffd) unshare$auto(0x20000080) syz_clone3(&(0x7f0000000380)={0x2c022000, 0x0, 0x0, 0x0, {0x1f}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) sendmsg$auto_NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24040081}, 0x40094) r2 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r2, &(0x7f0000000240)='\x03W\x96l\x15\x00\x00\x00\x00\xf4\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x100000002, 0x100000001) 2.439643596s ago: executing program 0 (id=454): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/self/net/arp_tables_targets\x00', 0x0, 0x0) pread64$auto(r2, &(0x7f0000000100)='/proc/self/net/arp_tables_targets\x00', 0x8, 0x9) r3 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, r3, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x101100, 0x0) ioctl$auto_SW_SYNC_GET_DEADLINE(r5, 0xc0105702, &(0x7f0000000000)={0x0, 0x0, r5}) r6 = syz_genetlink_get_family_id$auto_802_15_4_mac(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$auto_IEEE802154_ASSOCIATE_REQ(r4, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f00000006c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="100029bd7000ffaddf2501ece75114000d00000000000c000500960000000000000005001300fa00000008ca095abbc4ac7a8408000000769df16105001a"], 0x40}, 0x1, 0x0, 0x0, 0x4000004}, 0x20000000) sendmsg$auto_IEEE802154_DISASSOCIATE_REQ(r3, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002dbd7000fddbdf250300000005001b00bd00000006000e0093070000140001006e657464657673696d30000000000000080028000101000005001500070000000c0009000e000000000000000500070000005f0c2280ca1045202e41b607dd6c392c0cc5cc6ab7341bd3f48d8837264233b0d9bcba1571b8302ecb117aa2b4e75f986cfd6f38a41bee3bb7ca1e5355900c8a18ad9fea2ba09495e19dc407fc5c80af87e1b2ca74f8f7aa3b75a3fbfdcc59fb"], 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x20024001) sendmsg$auto_IEEE802154_LLSEC_DEL_DEVKEY(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0x80, r6, 0x400, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_COORD_PAN_ID={0x6, 0xa, 0x81}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x7}, @IEEE802154_ATTR_ED_LIST={0x1f, 0x16, "bfe05d1b0c926c11ae33ecc31afe7dc3c0be17bd936c9f451a336b"}, @IEEE802154_ATTR_SCAN_TYPE={0x5, 0x13, 0x5}, @IEEE802154_ATTR_STATUS={0x5, 0x3, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_USAGE_COMMANDS={0x24, 0x32, "1c25616f47264316cfc8b1aff9763e454691043dc539a56992ebddca602d3bdc"}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0xff}]}, 0x80}, 0x1, 0x0, 0x0, 0x8001}, 0x20000045) close_range$auto(0x2, 0x8, 0x0) r7 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000140), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r7, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r7) ioctl$auto_SG_GET_SCSI_ID(0xffffffffffffffff, 0x2276, &(0x7f0000000040)) ioctl$auto_KVM_CREATE_VM(r1, 0xc048aeca, 0x0) 1.925692606s ago: executing program 0 (id=455): mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) close_range$auto(0x2, 0x8, 0x0) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) fanotify_init$auto(0x65, 0x2) r1 = openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x189880, 0x0) ioctl$auto_tracing_buffers_fops_trace(r1, 0x5220, 0x0) pipe$auto(0x0) dup2$auto(0x5, 0x4) ioctl$auto_BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, 0x0) splice$auto(0x4, 0x0, r0, 0x0, 0x6c06, 0x7) socketpair$auto(0x1e, 0x5, 0x3, 0x0) r2 = openat$auto_stats_fops_2(0xffffffffffffff9c, &(0x7f0000000040), 0x4001, 0x0) setsockopt$auto_SO_RCVBUF(r2, 0x9, 0x8, &(0x7f00000000c0)='$,*\x00', 0xeb4) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) madvise$auto(0x0, 0x2000040080000004, 0xe) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cec8\x00', 0x0, 0x0) ioctl$auto_CEC_DQEVENT(r3, 0xc0506107, 0x0) 1.430289967s ago: executing program 0 (id=456): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 1.115102205s ago: executing program 1 (id=457): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x101080, 0x0) socket(0xa, 0x801, 0x84) setsockopt$auto(0x3, 0x10000000084, 0x1e, 0x0, 0x0) read$auto_snd_rawmidi_f_ops_rawmidi(r0, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000140)='lp\x00h\x85M\xdf\xdc\x83\x8a\xa7\xe4]U(\x01\t=\x1e\x00\x00}\xc9\xd0ghB\x8a\n\x8bw\xc8\x9f\x8f\xd1\xd0\xc3i\xd4\x8cO\x90\xaf?J\t\xce%\xcb\xb7Sq)\x12k\xb6\xa7(\\Vpm\xc6Q6\xe2\x0f\xae\xd6\x15\\\xf3\xefOA\xf1G\n\xd6u\x9b\x18+\x83\xc9g*v@\x90\xc6\xc2\xb9\n\a]\x86VDLp\xa2\xb0\xbd`\x144\xb2', 0x4) r1 = socket(0xa, 0x1, 0x84) r2 = getpid() process_vm_readv$auto(r2, &(0x7f0000000080)={0x0, 0xfff}, 0x40000000001, &(0x7f0000000180)={&(0x7f0000000140), 0x40000000001243}, 0xa, 0x0) setsockopt$auto(r1, 0x0, 0x60, 0x0, 0x6f7250c4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xffffffffffffffff, &(0x7f0000000080)='V\x89Zn\xbd\x93\x8e\x91$\x11\xddM\n\xc292\xb6$\xde|\x85\x83R\xe7*\x9bY\xce\xa9\x10\xf6\x8c|\xfb\xd0x\xd8\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa6f\xa8\xe0RV\x91\xd4\x16\xa9\xafWW\xb1\xf4o\x1d \xc6\xef\x9dB\xce\xde\xac\x97v\\n\x00\xc6L\xa8\x01~\xe9\x8d\xc7\x18\xcc\xed\xfe\xe3\xe6!\x9e\x9d\x04\xe9\xfc', 0xdda) getpid() getsockopt$auto_SO_NO_CHECK(0xffffffffffffffff, 0x8, 0xb, &(0x7f0000000100)='V\x89Zn\xbd\x93\x8e\x91$\x11\xddM\n\xc292\xb6$\xde|\x85\x83R\xe7*\x9bY\xce\xa9\x10\xf6\x8c|\xfb\xd0x\xd8\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa6f\xa8\xe0RV\x91\xd4\x16\xa9\xafWW\xb1\xf4o\x1d \xc6\xef\x9dB\xce\xde\xac\x97v\\n\x00\xc6L\xa8\x01~\xe9\x8d\xc7\x18\xcc\xed\xfe\xe3\xe6!\x9e\x9d\x04\xe9\xfc', 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/bus/usb/016/001\x00', 0xa901, 0x0) setresuid$auto(0x0, 0x0, 0x0) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) ioctl$auto_USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000100)={0x2, 0x80, 0xffff, 0x5, &(0x7f0000000240), 0xc694, 0x3, 0x80005, @stream_id=0x9, 0x2004b, 0xd, 0x0}) ioctl$auto_USBDEVFS_REAPURBNDELAY(r3, 0x4008550d, 0x0) r4 = socket(0xa, 0x1, 0x84) setsockopt$auto(r4, 0x0, 0x40, 0x0, 0x6f7250c4) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/bank6\x00', 0x2101, 0x0) 947.039565ms ago: executing program 0 (id=458): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) 478.23711ms ago: executing program 0 (id=461): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x6, 0x0) ioctl$auto_XFS_IOC_ATTRLIST_BY_HANDLE(0xffffffffffffffff, 0x4058587a, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) socket(0x28, 0x5, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video3\x00', 0x2aa01, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sda1\x00', 0x24040, 0x0) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000240)={"ef65ce6c00000000000000000000000000000000000000000000000000cadb00", 0x3ff, 0x408, 0xf, 0x400001, 0x200000000040000d}) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000540)='/dev/tty45\x00', 0x201, 0x0) write$auto_tty_fops_tty_io(r2, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_gtp(&(0x7f0000000b00), r3) ioctl$auto_BLKSSZGET(r1, 0x1268, 0x0) sendmsg$auto_GTP_CMD_ECHOREQ(r3, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4091}, 0x80) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0x3, 0x1, 0x9488, 0x9, 0x15f4da07, 0x6, 0x2, 0x64, 0x80000020, 0x1000, 0xb, 0x9, 0x2, 0xd8]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x4, 0x1000000000000bc3, 0x7ff, 0x3, 0xff, 0x10001, 0x400000000003, 0x3, 0x8001, 0xfffffffffffffffe, 0x80000000, 0x335b0eef, 0xffffdfffffffff81, 0x4]}, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) 332.905933ms ago: executing program 1 (id=463): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x3) r0 = socket(0x2, 0x1, 0x106) setsockopt$auto(r0, 0x1, 0x40, &(0x7f0000000200)='\x00\x89e\xad\x97\xc5E\xea=\x0f\xf4\xba4\x05>y/21\xfd\'\xc7\x1c\xaeV`\xc7^\x05\"H\xb8\x12\x99\x1fF\xdc\xc4\x02FV\x04D&9?\xa8d\xc97B\x9f)\xc6\xbb\x15_\xfd\xa5\xaf\xf8\xb8\x8a\x186\xa9\x0eY;\x9a\xe32T\xddn\xa6zK\xef\xf7\x04\x81\xb4\xb7;\x12\x1ch$\xbd\xd1x\x15\xa8\x9c\xba\x83\xa7\xbdwf8\xc03z|\xcd\xbc\xa1+8\xcet\x960\a\x80\x88!\x9e\x96\xcd\xb5dB\xc1L\xb2\xb1\xe6\xf9\x92\xd4\xcd\v0|G\xb7\xc3+\xb5\xa9\xb4E>ry\x8d(\xcb\xadaH<-h\xef8\x0678]`\x1f\xe5\\\x9c\xb4\xbd 6\x9fP\x16\xb5\xa1.;d\xf5F7TgT\x908=l\x89\x05\x03\xcb\x04\x9c\x0e\x04\xb5a\xe6\xa6\x13\xf8\xb2\xe1\xab\vI;\x10\xa7\xcc\x84\x1d\xff(\x1c\x99\x90M\xba\xfe\xaa\x8e\x83\x98\xbb8\xc3\x02\x8d(\xb0\x9c@n\xb7\xd3TF\xc7\x7f\x11\x9e\x00\x00\x00\x00\x00', 0xbb) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) landlock_restrict_self$auto(r1, 0x0) prctl$auto_PR_SET_MM_ENV_START(0x1000, 0xa, 0x0, 0x401, 0xfff) clone$auto(0x10000, 0x2, &(0x7f00000001c0)=0x9, &(0x7f0000000300)=0xfffffffe, 0x7) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0x5, 0xa, 0x0) openat$auto_nodes_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x22, 0xc4633ac14d4adfed, 0xb) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) writev$auto(r2, 0x0, 0x2) r3 = openat$auto_xfs_dir_file_operations_xfs_file(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mac80211_hwsim/hwsim13\x00', 0x40a000, 0x0) ioctl$auto_XFS_IOC_RTGROUP_GEOMETRY(r3, 0xc0805841, &(0x7f0000000140)={0x8, 0x3, 0x0, 0x9, 0x8}) write$auto(r2, &(0x7f00000000c0)='7\x00\\\x1c\xe7k\x00\x00\x00\x00\x00\x00\x00\x00', 0x8083a) io_uring_register$auto(r2, 0x52a, &(0x7f00000000c0)="1bb2d1bb89671f477fb81c5cce632678544d284013a2d633cbfb4f11e1b269ba68e173e0ce785027d1f093ea2e51f652d3cdd5e99f02221c73e72efa989535ddf83eb444b9aff1d7ac3cec1a1da5d97bbe17e53a5567c3fc2ed38d33fce04113e1ff", 0x1) socket(0x18, 0x5, 0x1) sendto$auto(0x3, 0x0, 0x8, 0x101, 0x0, 0x1c) 226.486362ms ago: executing program 2 (id=464): mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) socket(0x11, 0x2, 0x2) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bus/usb/034/001\x00', 0x20100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_buffer_subbuf_size_fops_trace(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/tracing/buffer_subbuf_size_kb\x00', 0x2401, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x73) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x100) socket(0xa, 0x2, 0x0) openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, &(0x7f00000000c0), 0x161401, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000000)='/dev/bus/usb/009/001\x00', 0xa101, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/hugepages-64kB/stats/nr_anon\x00', 0x0, 0x0) socket(0x2b, 0x1, 0x0) openat$auto_lowpan_enable_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x30d540, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) socketpair$auto(0x4004, 0x8, 0x7, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) futex$auto(0x0, 0x6, 0xc, 0x0, 0x0, 0x526) ioctl$auto_TCFLSH2(r0, 0xc0384707, 0x0) 0s ago: executing program 3 (id=465): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x1004) rseq$auto(0x0, 0x8000, 0x0, 0x6) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={0x0}, 0x1, 0x0, 0x0, 0x20004050}, 0x4000084) lstat$auto(0x0, &(0x7f0000000180)={0x5, 0x1c, 0x9, 0x62, 0x0, 0x0, 0x0, 0xffc, 0x2, 0x80000000400000a, 0x3, 0x9, 0x9, 0xffffffff80000000, 0x11, 0x7, 0x6}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, &(0x7f0000000040)={'bridge0\x00'}) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = memfd_create$auto(0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x2a, 0x2, 0x1) connect$auto(r1, &(0x7f00000000c0)=@qipcrtr={0x2a, 0x3, 0xfffffffe}, 0x52) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) readv$auto(r0, 0x0, 0x1) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto(0x3, 0x4048aec9, r2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) write$auto(0x3, 0x0, 0xfffffdef) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TCFLSH2(r3, 0x5408, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.44' (ED25519) to the list of known hosts. [ 81.577710][ T5614] cgroup: Unknown subsys name 'net' [ 81.731970][ T5614] cgroup: Unknown subsys name 'cpuset' [ 81.741265][ T5614] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 83.492838][ T5614] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 85.518560][ T5630] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.526800][ T5630] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 85.537630][ T5630] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 85.545369][ T5630] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.554376][ T5634] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 85.564324][ T5634] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 85.565696][ T5630] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.580753][ T5630] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.588344][ T5634] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 85.588762][ T5630] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.610966][ T5630] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 85.618368][ T50] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 85.629561][ T50] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 85.637277][ T50] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 85.637634][ T5630] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 85.645740][ T50] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 85.653648][ T5630] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 85.660593][ T50] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 85.666306][ T5630] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 85.674222][ T50] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 87.578798][ T5635] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.586598][ T5635] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.593943][ T5635] bridge_slave_0: entered allmulticast mode [ 87.601259][ T5635] bridge_slave_0: entered promiscuous mode [ 87.629199][ T5634] Bluetooth: hci1: command tx timeout [ 87.642058][ T5635] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.649427][ T5635] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.656677][ T5635] bridge_slave_1: entered allmulticast mode [ 87.664140][ T5635] bridge_slave_1: entered promiscuous mode [ 87.708032][ T5634] Bluetooth: hci2: command tx timeout [ 87.708073][ T5630] Bluetooth: hci0: command tx timeout [ 87.715860][ T5634] Bluetooth: hci3: command tx timeout [ 87.734006][ T5627] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.741343][ T5627] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.749626][ T5627] bridge_slave_0: entered allmulticast mode [ 87.756813][ T5627] bridge_slave_0: entered promiscuous mode [ 87.795696][ T5627] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.803052][ T5627] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.810348][ T5627] bridge_slave_1: entered allmulticast mode [ 87.817438][ T5627] bridge_slave_1: entered promiscuous mode [ 87.827646][ T5635] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 87.859131][ T5626] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.866323][ T5626] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.874130][ T5626] bridge_slave_0: entered allmulticast mode [ 87.881435][ T5626] bridge_slave_0: entered promiscuous mode [ 87.901531][ T5635] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 87.910882][ T5636] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.918358][ T5636] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.925649][ T5636] bridge_slave_0: entered allmulticast mode [ 87.933031][ T5636] bridge_slave_0: entered promiscuous mode [ 87.940841][ T5626] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.948439][ T5626] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.955618][ T5626] bridge_slave_1: entered allmulticast mode [ 87.962949][ T5626] bridge_slave_1: entered promiscuous mode [ 88.005735][ T5636] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.013014][ T5636] bridge0: port 2(bridge_slave_1) entered disabled state [ 88.020270][ T5636] bridge_slave_1: entered allmulticast mode [ 88.027391][ T5636] bridge_slave_1: entered promiscuous mode [ 88.046623][ T5627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.058279][ T5635] team0: Port device team_slave_0 added [ 88.087623][ T5627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.111870][ T5635] team0: Port device team_slave_1 added [ 88.130365][ T5626] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.164575][ T5636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 88.176298][ T5626] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.187813][ T5627] team0: Port device team_slave_0 added [ 88.206907][ T5636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 88.228393][ T5627] team0: Port device team_slave_1 added [ 88.235101][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.242390][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.269148][ T5635] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.314329][ T5635] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.321744][ T5635] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.348376][ T5635] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.372677][ T5626] team0: Port device team_slave_0 added [ 88.401482][ T5636] team0: Port device team_slave_0 added [ 88.409853][ T5626] team0: Port device team_slave_1 added [ 88.416438][ T5627] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.423779][ T5627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.454936][ T5627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.468003][ T5627] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.475029][ T5627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.501007][ T5627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.514913][ T5636] team0: Port device team_slave_1 added [ 88.568454][ T5626] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.575582][ T5626] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.601971][ T5626] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.615098][ T5626] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.622154][ T5626] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.648260][ T5626] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.711637][ T5636] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 88.718821][ T5636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.745170][ T5636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 88.762730][ T5635] hsr_slave_0: entered promiscuous mode [ 88.770327][ T5635] hsr_slave_1: entered promiscuous mode [ 88.783862][ T5627] hsr_slave_0: entered promiscuous mode [ 88.790208][ T5627] hsr_slave_1: entered promiscuous mode [ 88.796332][ T5627] debugfs: 'hsr0' already exists in 'hsr' [ 88.802680][ T5627] Cannot create hsr debugfs directory [ 88.809244][ T5636] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 88.816212][ T5636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 88.842183][ T5636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 88.902627][ T5626] hsr_slave_0: entered promiscuous mode [ 88.909019][ T5626] hsr_slave_1: entered promiscuous mode [ 88.915095][ T5626] debugfs: 'hsr0' already exists in 'hsr' [ 88.921114][ T5626] Cannot create hsr debugfs directory [ 89.056484][ T5636] hsr_slave_0: entered promiscuous mode [ 89.062951][ T5636] hsr_slave_1: entered promiscuous mode [ 89.069326][ T5636] debugfs: 'hsr0' already exists in 'hsr' [ 89.075080][ T5636] Cannot create hsr debugfs directory [ 89.467104][ T5635] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 89.483483][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 89.491729][ T5635] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 89.503325][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 89.514281][ T5635] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 89.523978][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 89.541383][ T5635] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 89.552684][ T5635] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 89.617372][ T5627] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 89.631174][ T5627] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 89.641729][ T5627] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 89.652958][ T5627] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 89.664955][ T5627] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 89.676292][ T5627] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 89.695429][ T5627] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 89.705822][ T5627] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 89.713443][ T5634] Bluetooth: hci1: command tx timeout [ 89.783829][ T5626] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 89.791507][ T5630] Bluetooth: hci2: command tx timeout [ 89.797227][ T5634] Bluetooth: hci0: command tx timeout [ 89.803510][ T5630] Bluetooth: hci3: command tx timeout [ 89.810231][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 89.829434][ T5626] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 89.840272][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 89.854234][ T5626] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 89.864076][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 89.873664][ T5626] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 89.885918][ T5626] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 90.021180][ T5636] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.034249][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim0 [ 90.042365][ T5636] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.052455][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim1 [ 90.062193][ T5636] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.072898][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim2 [ 90.090905][ T5636] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.102410][ T5636] 8021q: adding VLAN 0 to HW filter on device netdevsim3 [ 90.125638][ T5635] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.203906][ T5635] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.236230][ T5627] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.248452][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.256214][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.287356][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.294756][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.314743][ T5626] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.335354][ T5627] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.372867][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.380091][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.415497][ T71] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.422679][ T71] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.439860][ T5626] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.472226][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.479431][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.524054][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.531221][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 90.633093][ T5636] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.739301][ T5636] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.784493][ T48] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.791764][ T48] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.854968][ T149] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.862421][ T149] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.756024][ T5635] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.792386][ T5634] Bluetooth: hci1: command tx timeout [ 91.854091][ T5627] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.868262][ T5634] Bluetooth: hci0: command tx timeout [ 91.874201][ T5634] Bluetooth: hci3: command tx timeout [ 91.886282][ T5630] Bluetooth: hci2: command tx timeout [ 92.031428][ T5635] veth0_vlan: entered promiscuous mode [ 92.083909][ T5635] veth1_vlan: entered promiscuous mode [ 92.095475][ T5627] veth0_vlan: entered promiscuous mode [ 92.135703][ T5626] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.151777][ T5627] veth1_vlan: entered promiscuous mode [ 92.178882][ T5636] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.205710][ T29] cfg80211: failed to load regulatory.db [ 92.251369][ T5635] veth0_macvtap: entered promiscuous mode [ 92.281672][ T5635] veth1_macvtap: entered promiscuous mode [ 92.349507][ T5627] veth0_macvtap: entered promiscuous mode [ 92.370120][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.377791][ T5626] veth0_vlan: entered promiscuous mode [ 92.390570][ T5636] veth0_vlan: entered promiscuous mode [ 92.406980][ T5627] veth1_macvtap: entered promiscuous mode [ 92.418360][ T5635] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.439716][ T5636] veth1_vlan: entered promiscuous mode [ 92.450146][ T5626] veth1_vlan: entered promiscuous mode [ 92.469857][ T1158] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.480003][ T1158] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.496536][ T1158] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.505612][ T1158] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.547256][ T5627] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.621542][ T5627] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.650069][ T5636] veth0_macvtap: entered promiscuous mode [ 92.684464][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.693699][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.713957][ T5636] veth1_macvtap: entered promiscuous mode [ 92.721434][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.730400][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.753130][ T5626] veth0_macvtap: entered promiscuous mode [ 92.774002][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.782547][ T5626] veth1_macvtap: entered promiscuous mode [ 92.800438][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.846774][ T5626] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.888454][ T5626] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.904039][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.916731][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.940244][ T5636] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.976098][ T1158] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.987679][ T1158] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.015691][ T1158] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.026655][ T1158] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.040108][ T5636] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.052362][ T5635] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 93.059336][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.088568][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.140803][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.152703][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.173432][ T1158] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.182839][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.202223][ T1158] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.209408][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.516788][ T149] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.560089][ T149] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.663652][ T1158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.680311][ T1158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.869662][ T5634] Bluetooth: hci1: command tx timeout [ 93.948541][ T5634] Bluetooth: hci3: command tx timeout [ 93.954613][ T5630] Bluetooth: hci2: command tx timeout [ 93.960674][ T50] Bluetooth: hci0: command tx timeout [ 93.976791][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.003376][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 94.030869][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.046925][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 94.653245][ T5791] FAULT_INJECTION: forcing a failure. [ 94.653245][ T5791] name failslab, interval 1, probability 0, space 0, times 1 [ 94.695744][ T5791] CPU: 1 UID: 0 PID: 5791 Comm: syz.1.2 Not tainted syzkaller #0 PREEMPT(full) [ 94.695799][ T5791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 94.695816][ T5791] Call Trace: [ 94.695827][ T5791] [ 94.695838][ T5791] dump_stack_lvl+0x100/0x190 [ 94.695873][ T5791] should_fail_ex.cold+0x5/0xa [ 94.695909][ T5791] should_failslab+0xc2/0x120 [ 94.695942][ T5791] __kmalloc_cache_noprof+0x7a/0x6f0 [ 94.695983][ T5791] ? tipc_sub_subscribe+0x15c/0x730 [ 94.696023][ T5791] ? find_held_lock+0x2b/0x80 [ 94.696066][ T5791] tipc_sub_subscribe+0x15c/0x730 [ 94.696112][ T5791] tipc_conn_rcv_sub+0x21e/0x3d0 [ 94.696154][ T5791] tipc_topsrv_kern_subscr+0x20b/0x3c0 [ 94.696197][ T5791] ? __pfx_tipc_topsrv_kern_subscr+0x10/0x10 [ 94.696241][ T5791] ? net_generic+0xea/0x2a0 [ 94.696291][ T5791] tipc_group_create+0x4ab/0x660 [ 94.696339][ T5791] tipc_setsockopt+0x611/0xe30 [ 94.696391][ T5791] ? __pfx_tipc_setsockopt+0x10/0x10 [ 94.696458][ T5791] ? __pfx_tipc_setsockopt+0x10/0x10 [ 94.696510][ T5791] do_sock_setsockopt+0xf3/0x1d0 [ 94.696549][ T5791] __sys_setsockopt+0x119/0x190 [ 94.696591][ T5791] __x64_sys_setsockopt+0xbd/0x160 [ 94.696623][ T5791] ? do_syscall_64+0x90/0xf80 [ 94.696662][ T5791] ? lockdep_hardirqs_on+0x78/0x100 [ 94.696697][ T5791] do_syscall_64+0x10b/0xf80 [ 94.696732][ T5791] ? clear_bhb_loop+0x40/0x90 [ 94.696784][ T5791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 94.696816][ T5791] RIP: 0033:0x7fa374d9cdd9 [ 94.696843][ T5791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 94.696872][ T5791] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 94.696903][ T5791] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 94.696923][ T5791] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000005 [ 94.696942][ T5791] RBP: 00007fa374e32d69 R08: 0000000000000014 R09: 0000000000000000 [ 94.696960][ T5791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 94.696978][ T5791] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 94.697017][ T5791] [ 94.786174][ T5793] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input5 [ 94.862931][ T5791] tipc: Subscription rejected, no memory [ 95.189469][ T30] audit: type=1800 audit(1778020039.946:2): pid=5793 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4" name="sr0" dev="devtmpfs" ino=2788 res=0 errno=0 [ 95.670167][ T5807] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 96.253521][ T5817] FAULT_INJECTION: forcing a failure. [ 96.253521][ T5817] name failslab, interval 1, probability 0, space 0, times 0 [ 96.266808][ T5817] CPU: 1 UID: 0 PID: 5817 Comm: syz.3.12 Not tainted syzkaller #0 PREEMPT(full) [ 96.266850][ T5817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 96.266868][ T5817] Call Trace: [ 96.266878][ T5817] [ 96.266890][ T5817] dump_stack_lvl+0x100/0x190 [ 96.266930][ T5817] should_fail_ex.cold+0x5/0xa [ 96.266971][ T5817] should_failslab+0xc2/0x120 [ 96.267008][ T5817] __kmalloc_cache_noprof+0x7a/0x6f0 [ 96.267052][ T5817] ? wakeup_source_register+0x4c/0x3e0 [ 96.267095][ T5817] wakeup_source_register+0x4c/0x3e0 [ 96.267131][ T5817] ep_create_wakeup_source+0x1df/0x2e0 [ 96.267173][ T5817] ? __pfx_ep_create_wakeup_source+0x10/0x10 [ 96.267220][ T5817] ? do_epoll_ctl+0x1012/0x36a0 [ 96.267260][ T5817] ? do_epoll_ctl+0x1012/0x36a0 [ 96.267308][ T5817] do_epoll_ctl+0x1eee/0x36a0 [ 96.267367][ T5817] ? __pfx_do_epoll_ctl+0x10/0x10 [ 96.267406][ T5817] ? find_held_lock+0x2b/0x80 [ 96.267446][ T5817] ? __might_fault+0xc5/0x140 [ 96.267491][ T5817] ? __might_fault+0xc5/0x140 [ 96.267552][ T5817] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 96.267597][ T5817] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 96.267640][ T5817] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 96.267686][ T5817] ? rcu_is_watching+0x12/0xc0 [ 96.267726][ T5817] do_syscall_64+0x10b/0xf80 [ 96.267780][ T5817] ? clear_bhb_loop+0x40/0x90 [ 96.267821][ T5817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 96.267852][ T5817] RIP: 0033:0x7fd086d9cdd9 [ 96.267878][ T5817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 96.267905][ T5817] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 96.267933][ T5817] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 96.267953][ T5817] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000008 [ 96.267971][ T5817] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 96.267989][ T5817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 96.268006][ T5817] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 96.268049][ T5817] [ 96.487708][ T5819] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 99.995983][ T5865] FAULT_INJECTION: forcing a failure. [ 99.995983][ T5865] name failslab, interval 1, probability 0, space 0, times 0 [ 100.059853][ T5865] CPU: 0 UID: 0 PID: 5865 Comm: syz.2.22 Not tainted syzkaller #0 PREEMPT(full) [ 100.059895][ T5865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 100.059917][ T5865] Call Trace: [ 100.059926][ T5865] [ 100.059937][ T5865] dump_stack_lvl+0x100/0x190 [ 100.059968][ T5865] should_fail_ex.cold+0x5/0xa [ 100.059992][ T5865] ? tomoyo_realpath_from_path+0xb6/0x690 [ 100.060015][ T5865] should_failslab+0xc2/0x120 [ 100.060035][ T5865] __kmalloc_noprof+0xe0/0x850 [ 100.060062][ T5865] ? kfree+0x1dd/0x6c0 [ 100.060091][ T5865] tomoyo_realpath_from_path+0xb6/0x690 [ 100.060119][ T5865] tomoyo_mount_acl+0x1b6/0x8b0 [ 100.060138][ T5865] ? is_bpf_text_address+0x8a/0x1a0 [ 100.060164][ T5865] ? bpf_ksym_find+0x124/0x1c0 [ 100.060182][ T5865] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 100.060210][ T5865] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 100.060228][ T5865] ? kernel_text_address+0x8d/0x100 [ 100.060245][ T5865] ? make_vfsuid+0xec/0x140 [ 100.060262][ T5865] ? unwind_get_return_address+0x59/0xa0 [ 100.060308][ T5865] ? tomoyo_domain+0xb2/0x150 [ 100.060331][ T5865] ? tomoyo_profile+0x47/0x60 [ 100.060358][ T5865] tomoyo_mount_permission+0x214/0x460 [ 100.060377][ T5865] ? tomoyo_mount_permission+0x1f6/0x460 [ 100.060398][ T5865] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 100.060432][ T5865] security_sb_mount+0xdd/0x270 [ 100.060461][ T5865] path_mount+0x158/0x23d0 [ 100.060497][ T5865] ? __pfx_path_mount+0x10/0x10 [ 100.060520][ T5865] ? lockdep_hardirqs_on+0x78/0x100 [ 100.060547][ T5865] ? putname+0xb1/0x110 [ 100.060568][ T5865] ? kmem_cache_free+0x127/0x6c0 [ 100.060602][ T5865] ? __x64_sys_mount+0x293/0x310 [ 100.060625][ T5865] __x64_sys_mount+0x293/0x310 [ 100.060658][ T5865] ? __pfx___x64_sys_mount+0x10/0x10 [ 100.060686][ T5865] ? rcu_is_watching+0x12/0xc0 [ 100.060711][ T5865] do_syscall_64+0x10b/0xf80 [ 100.060737][ T5865] ? clear_bhb_loop+0x40/0x90 [ 100.060759][ T5865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 100.060777][ T5865] RIP: 0033:0x7f0adc39cdd9 [ 100.060792][ T5865] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 100.060811][ T5865] RSP: 002b:00007f0ada191028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 100.060838][ T5865] RAX: ffffffffffffffda RBX: 00007f0adc616270 RCX: 00007f0adc39cdd9 [ 100.060857][ T5865] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 100.060874][ T5865] RBP: 00007f0adc432d69 R08: 0000000000000000 R09: 0000000000000000 [ 100.060890][ T5865] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 100.060907][ T5865] R13: 00007f0adc616308 R14: 00007f0adc616270 R15: 00007fff4b35d538 [ 100.060945][ T5865] [ 100.061089][ T5865] ERROR: Out of memory at tomoyo_realpath_from_path. [ 101.851928][ T5890] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 101.997491][ T30] audit: type=1800 audit(1778020046.756:3): pid=5890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.27" name="dummy_udc" dev="gadgetfs" ino=7594 res=0 errno=0 [ 103.021835][ T5901] random: crng reseeded on system resumption [ 103.067019][ T5901] FAULT_INJECTION: forcing a failure. [ 103.067019][ T5901] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 103.145839][ T5901] CPU: 1 UID: 0 PID: 5901 Comm: syz.3.31 Not tainted syzkaller #0 PREEMPT(full) [ 103.145878][ T5901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 103.145894][ T5901] Call Trace: [ 103.145904][ T5901] [ 103.145915][ T5901] dump_stack_lvl+0x100/0x190 [ 103.145951][ T5901] should_fail_ex.cold+0x5/0xa [ 103.145980][ T5901] ? prepare_alloc_pages+0x16d/0x5f0 [ 103.146017][ T5901] should_fail_alloc_page+0xeb/0x140 [ 103.146051][ T5901] prepare_alloc_pages+0x1f0/0x5f0 [ 103.146090][ T5901] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 103.146135][ T5901] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 103.146185][ T5901] ? mark_held_locks+0x40/0x70 [ 103.146212][ T5901] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 103.146245][ T5901] ? lockdep_hardirqs_on+0x78/0x100 [ 103.146279][ T5901] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 103.146311][ T5901] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 103.146356][ T5901] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 103.146403][ T5901] ? kasan_save_stack+0x30/0x50 [ 103.146427][ T5901] ? kasan_save_track+0x14/0x30 [ 103.146452][ T5901] ? __kasan_kmalloc+0xaa/0xb0 [ 103.146475][ T5901] ? memory_bm_create+0x14d/0xba0 [ 103.146516][ T5901] ? do_syscall_64+0x10b/0xf80 [ 103.146559][ T5901] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.146591][ T5901] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 103.146634][ T5901] ? policy_nodemask+0xed/0x4f0 [ 103.146670][ T5901] alloc_pages_mpol+0x1fb/0x540 [ 103.146705][ T5901] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 103.146745][ T5901] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 103.146783][ T5901] alloc_pages_noprof+0x1a/0x160 [ 103.146820][ T5901] get_zeroed_page_noprof+0x18/0xb0 [ 103.146852][ T5901] get_image_page+0x18/0x1a0 [ 103.146887][ T5901] alloc_rtree_node+0x3c/0xb0 [ 103.146921][ T5901] memory_bm_create+0x65e/0xba0 [ 103.146975][ T5901] create_basic_memory_bitmaps+0xbd/0x350 [ 103.147018][ T5901] snapshot_open+0x230/0x2a0 [ 103.147057][ T5901] ? __pfx_snapshot_open+0x10/0x10 [ 103.147097][ T5901] misc_open+0x26d/0x450 [ 103.147131][ T5901] ? __pfx_misc_open+0x10/0x10 [ 103.147163][ T5901] chrdev_open+0x234/0x6a0 [ 103.147198][ T5901] ? __pfx_chrdev_open+0x10/0x10 [ 103.147234][ T5901] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 103.147277][ T5901] do_dentry_open+0x6d8/0x1660 [ 103.147309][ T5901] ? __pfx_chrdev_open+0x10/0x10 [ 103.147353][ T5901] vfs_open+0x82/0x3f0 [ 103.147398][ T5901] path_openat+0x208c/0x31a0 [ 103.147446][ T5901] ? __pfx_path_openat+0x10/0x10 [ 103.147494][ T5901] do_file_open+0x20e/0x430 [ 103.147539][ T5901] ? __pfx_do_file_open+0x10/0x10 [ 103.147603][ T5901] ? alloc_fd+0x476/0x790 [ 103.147641][ T5901] ? do_getname+0x191/0x390 [ 103.147685][ T5901] do_sys_openat2+0x10d/0x1e0 [ 103.147727][ T5901] ? __pfx_do_sys_openat2+0x10/0x10 [ 103.147781][ T5901] __x64_sys_openat+0x12d/0x210 [ 103.147822][ T5901] ? __pfx___x64_sys_openat+0x10/0x10 [ 103.147871][ T5901] ? rcu_is_watching+0x12/0xc0 [ 103.147909][ T5901] do_syscall_64+0x10b/0xf80 [ 103.147943][ T5901] ? clear_bhb_loop+0x40/0x90 [ 103.147976][ T5901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.148003][ T5901] RIP: 0033:0x7fd086d9cdd9 [ 103.148026][ T5901] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 103.148052][ T5901] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 103.148079][ T5901] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 103.148097][ T5901] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 103.148114][ T5901] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 103.148130][ T5901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.148146][ T5901] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 103.148184][ T5901] [ 103.667986][ T5901] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 104.441471][ T5910] FAULT_INJECTION: forcing a failure. [ 104.441471][ T5910] name failslab, interval 1, probability 0, space 0, times 0 [ 104.455364][ T5910] CPU: 1 UID: 0 PID: 5910 Comm: syz.0.33 Not tainted syzkaller #0 PREEMPT(full) [ 104.455403][ T5910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 104.455418][ T5910] Call Trace: [ 104.455428][ T5910] [ 104.455439][ T5910] dump_stack_lvl+0x100/0x190 [ 104.455478][ T5910] should_fail_ex.cold+0x5/0xa [ 104.455516][ T5910] should_failslab+0xc2/0x120 [ 104.455547][ T5910] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 104.455575][ T5910] ? nf_log_net_init+0x9f/0x450 [ 104.455618][ T5910] ? __pfx_nf_log_net_init+0x10/0x10 [ 104.455657][ T5910] kmemdup_noprof+0x29/0x60 [ 104.455688][ T5910] nf_log_net_init+0x9f/0x450 [ 104.455729][ T5910] ? __pfx_nf_log_net_init+0x10/0x10 [ 104.455782][ T5910] ops_init+0x1e2/0x5f0 [ 104.455823][ T5910] setup_net+0x118/0x3a0 [ 104.455860][ T5910] ? __pfx_setup_net+0x10/0x10 [ 104.455897][ T5910] ? mutex_init_lockdep+0xf1/0x120 [ 104.455946][ T5910] copy_net_ns+0x46f/0x7c0 [ 104.455989][ T5910] create_new_namespaces+0x3ea/0xac0 [ 104.456041][ T5910] unshare_nsproxy_namespaces+0xf2/0x220 [ 104.456086][ T5910] ksys_unshare+0x438/0xab0 [ 104.456137][ T5910] ? __pfx_ksys_unshare+0x10/0x10 [ 104.456182][ T5910] ? xfd_validate_state+0x129/0x190 [ 104.456231][ T5910] __x64_sys_unshare+0x31/0x40 [ 104.456278][ T5910] do_syscall_64+0x10b/0xf80 [ 104.456318][ T5910] ? clear_bhb_loop+0x40/0x90 [ 104.456358][ T5910] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.456390][ T5910] RIP: 0033:0x7f6345b9cdd9 [ 104.456417][ T5910] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.456446][ T5910] RSP: 002b:00007f6343df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 104.456477][ T5910] RAX: ffffffffffffffda RBX: 00007f6345e15fa0 RCX: 00007f6345b9cdd9 [ 104.456497][ T5910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 104.456516][ T5910] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 104.456532][ T5910] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.456549][ T5910] R13: 00007f6345e16038 R14: 00007f6345e15fa0 R15: 00007fffd3003af8 [ 104.456591][ T5910] [ 105.424644][ T5927] netlink: 'syz.2.37': attribute type 1 has an invalid length. [ 105.456039][ T5927] netlink: 9 bytes leftover after parsing attributes in process `syz.2.37'. [ 105.849165][ T5936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.40'. [ 105.891048][ T5936] netlink: 'syz.2.40': attribute type 1 has an invalid length. [ 105.917736][ T5936] netlink: 51465 bytes leftover after parsing attributes in process `syz.2.40'. [ 106.226582][ T5944] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 106.611796][ T5948] random: crng reseeded on system resumption [ 108.028164][ T5957] kAFS: No cell specified [ 108.041116][ T5960] FAULT_INJECTION: forcing a failure. [ 108.041116][ T5960] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 108.083956][ T5960] CPU: 0 UID: 0 PID: 5960 Comm: syz.2.46 Not tainted syzkaller #0 PREEMPT(full) [ 108.083983][ T5960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 108.083993][ T5960] Call Trace: [ 108.083999][ T5960] [ 108.084006][ T5960] dump_stack_lvl+0x100/0x190 [ 108.084032][ T5960] should_fail_ex.cold+0x5/0xa [ 108.084060][ T5960] _copy_from_iter+0x1f4/0x1690 [ 108.084080][ T5960] ? __pfx_tcp_leave_memory_pressure+0x10/0x10 [ 108.084108][ T5960] ? sk_leave_memory_pressure+0x81/0x140 [ 108.084135][ T5960] ? __pfx__copy_from_iter+0x10/0x10 [ 108.084151][ T5960] ? slab_build_skb+0x320/0x400 [ 108.084167][ T5960] ? finish_task_switch.isra.0+0x2cb/0x1010 [ 108.084196][ T5960] ? __sk_mem_schedule+0xd0/0x100 [ 108.084220][ T5960] tcp_sendmsg_locked+0xcab/0x4500 [ 108.084260][ T5960] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 108.084290][ T5960] ? do_raw_spin_lock+0x128/0x260 [ 108.084328][ T5960] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 108.084354][ T5960] ? __local_bh_enable_ip+0x9e/0x120 [ 108.084380][ T5960] tcp_sendmsg+0x2e/0x50 [ 108.084405][ T5960] ? __pfx_tcp_sendmsg+0x10/0x10 [ 108.084431][ T5960] inet_sendmsg+0xb9/0x140 [ 108.084459][ T5960] sock_write_iter+0x4ea/0x5a0 [ 108.084482][ T5960] ? __pfx_inet_sendmsg+0x10/0x10 [ 108.084509][ T5960] ? __pfx_sock_write_iter+0x10/0x10 [ 108.084540][ T5960] ? bpf_lsm_file_permission+0x9/0x10 [ 108.084557][ T5960] ? security_file_permission+0x76/0x210 [ 108.084578][ T5960] ? rw_verify_area+0xce/0x6d0 [ 108.084597][ T5960] vfs_write+0x6ac/0x1070 [ 108.084618][ T5960] ? __pfx_sock_write_iter+0x10/0x10 [ 108.084643][ T5960] ? __pfx_vfs_write+0x10/0x10 [ 108.084662][ T5960] ? find_held_lock+0x2b/0x80 [ 108.084698][ T5960] ksys_write+0x1f8/0x250 [ 108.084724][ T5960] ? __pfx_ksys_write+0x10/0x10 [ 108.084746][ T5960] ? rcu_is_watching+0x12/0xc0 [ 108.084770][ T5960] do_syscall_64+0x10b/0xf80 [ 108.084794][ T5960] ? clear_bhb_loop+0x40/0x90 [ 108.084815][ T5960] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.084833][ T5960] RIP: 0033:0x7f0adc39cdd9 [ 108.084849][ T5960] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 108.084866][ T5960] RSP: 002b:00007f0ada5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 108.084883][ T5960] RAX: ffffffffffffffda RBX: 00007f0adc615fa0 RCX: 00007f0adc39cdd9 [ 108.084895][ T5960] RDX: 0000000000100085 RSI: 0000000000000000 RDI: 0000000000000003 [ 108.084905][ T5960] RBP: 00007f0adc432d69 R08: 0000000000000000 R09: 0000000000000000 [ 108.084915][ T5960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.084925][ T5960] R13: 00007f0adc616038 R14: 00007f0adc615fa0 R15: 00007fff4b35d538 [ 108.084946][ T5960] [ 108.893629][ T5962] netlink: zone id is out of range [ 108.915868][ T5962] netlink: zone id is out of range [ 108.937862][ T5962] netlink: zone id is out of range [ 108.955246][ T5962] netlink: zone id is out of range [ 108.979529][ T5962] netlink: zone id is out of range [ 109.011955][ T5962] netlink: zone id is out of range [ 109.045258][ T5962] netlink: zone id is out of range [ 109.094725][ T5962] netlink: zone id is out of range [ 109.139719][ T5962] netlink: zone id is out of range [ 109.168765][ T5962] netlink: zone id is out of range [ 109.459082][ T5975] netlink: 326 bytes leftover after parsing attributes in process `syz.1.50'. [ 109.514801][ T5975] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.524143][ T5975] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.582466][ T5975] Zero length message leads to an empty skb [ 111.024899][ T5993] HfR: entered promiscuous mode [ 111.916299][ T5993] netlink: 12 bytes leftover after parsing attributes in process `syz.2.54'. [ 111.948671][ T5993] HfR: left promiscuous mode [ 113.219584][ T6022] Console: switching to colour VGA+ 80x25 [ 114.017037][ T6041] netlink: 28 bytes leftover after parsing attributes in process `syz.1.67'. [ 114.626678][ T6035] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 114.653408][ T6035] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 114.749068][ T6035] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 114.889298][ T6035] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 114.905682][ T6035] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 114.985256][ T6035] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 115.035173][ T6035] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 115.063535][ T6035] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.137894][ T6035] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 115.204566][ T6035] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 115.221521][ T6035] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 115.335359][ T6035] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 116.604611][ T5634] Bluetooth: hci0: command 0x0c1a tx timeout [ 116.913575][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 117.028049][ T6063] netlink: 342 bytes leftover after parsing attributes in process `syz.1.70'. [ 117.041937][ T6066] FAULT_INJECTION: forcing a failure. [ 117.041937][ T6066] name failslab, interval 1, probability 0, space 0, times 0 [ 117.045733][ T6067] FAULT_INJECTION: forcing a failure. [ 117.045733][ T6067] name failslab, interval 1, probability 0, space 0, times 0 [ 117.089300][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 117.118202][ T6066] CPU: 0 UID: 0 PID: 6066 Comm: syz.3.71 Not tainted syzkaller #0 PREEMPT(full) [ 117.118229][ T6066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 117.118239][ T6066] Call Trace: [ 117.118245][ T6066] [ 117.118252][ T6066] dump_stack_lvl+0x100/0x190 [ 117.118279][ T6066] should_fail_ex.cold+0x5/0xa [ 117.118301][ T6066] should_failslab+0xc2/0x120 [ 117.118323][ T6066] __kvmalloc_node_noprof+0xfa/0xa00 [ 117.118341][ T6066] ? bucket_table_alloc.isra.0+0x88/0x460 [ 117.118374][ T6066] bucket_table_alloc.isra.0+0x88/0x460 [ 117.118404][ T6066] rhashtable_init_noprof+0x43b/0x890 [ 117.118441][ T6066] ? kasan_save_track+0x14/0x30 [ 117.118475][ T6066] fqdir_init+0xb4/0x1f0 [ 117.118511][ T6066] nf_ct_net_init+0x3d/0x370 [ 117.118585][ T6066] ? __pfx_nf_ct_net_init+0x10/0x10 [ 117.118628][ T6066] ops_init+0x1e2/0x5f0 [ 117.118668][ T6066] setup_net+0x118/0x3a0 [ 117.118705][ T6066] ? __pfx_setup_net+0x10/0x10 [ 117.118741][ T6066] ? mutex_init_lockdep+0xf1/0x120 [ 117.118781][ T6066] copy_net_ns+0x46f/0x7c0 [ 117.118823][ T6066] create_new_namespaces+0x3ea/0xac0 [ 117.118875][ T6066] unshare_nsproxy_namespaces+0xf2/0x220 [ 117.118919][ T6066] ksys_unshare+0x438/0xab0 [ 117.118970][ T6066] ? __pfx_ksys_unshare+0x10/0x10 [ 117.119014][ T6066] ? xfd_validate_state+0x129/0x190 [ 117.119060][ T6066] __x64_sys_unshare+0x31/0x40 [ 117.119107][ T6066] do_syscall_64+0x10b/0xf80 [ 117.119147][ T6066] ? clear_bhb_loop+0x40/0x90 [ 117.119185][ T6066] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.119217][ T6066] RIP: 0033:0x7fd086d9cdd9 [ 117.119245][ T6066] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.119279][ T6066] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 117.119310][ T6066] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 117.119330][ T6066] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 117.119347][ T6066] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 117.119365][ T6066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 117.119382][ T6066] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 117.119424][ T6066] [ 117.351150][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 117.524725][ T6067] CPU: 1 UID: 8 PID: 6067 Comm: syz.3.71 Not tainted syzkaller #0 PREEMPT(full) [ 117.524753][ T6067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 117.524764][ T6067] Call Trace: [ 117.524782][ T6067] [ 117.524790][ T6067] dump_stack_lvl+0x100/0x190 [ 117.524820][ T6067] should_fail_ex.cold+0x5/0xa [ 117.524844][ T6067] should_failslab+0xc2/0x120 [ 117.524866][ T6067] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 117.524894][ T6067] ? key_alloc+0x3c5/0x1310 [ 117.524913][ T6067] ? mark_held_locks+0x40/0x70 [ 117.524933][ T6067] key_alloc+0x3c5/0x1310 [ 117.524959][ T6067] ? __pfx_key_alloc+0x10/0x10 [ 117.524983][ T6067] ? __pfx_key_default_cmp+0x10/0x10 [ 117.525006][ T6067] ? __pfx_keyring_search_iterator+0x10/0x10 [ 117.525031][ T6067] keyring_alloc+0x44/0xc0 [ 117.525056][ T6067] look_up_user_keyrings+0x508/0x790 [ 117.525089][ T6067] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 117.525126][ T6067] lookup_user_key+0xbb1/0x1300 [ 117.525145][ T6067] ? __pfx_lookup_user_key+0x10/0x10 [ 117.525163][ T6067] ? __pfx_do_futex+0x10/0x10 [ 117.525187][ T6067] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 117.525222][ T6067] ? xfd_validate_state+0x129/0x190 [ 117.525240][ T6067] ? ksys_write+0x1ac/0x250 [ 117.525263][ T6067] keyctl_keyring_unlink+0x1f/0x1b0 [ 117.525289][ T6067] __do_sys_keyctl+0x3dd/0x5a0 [ 117.525318][ T6067] do_syscall_64+0x10b/0xf80 [ 117.525341][ T6067] ? clear_bhb_loop+0x40/0x90 [ 117.525362][ T6067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 117.525381][ T6067] RIP: 0033:0x7fd086d9cdd9 [ 117.525396][ T6067] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 117.525413][ T6067] RSP: 002b:00007fd087ba2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 117.525431][ T6067] RAX: ffffffffffffffda RBX: 00007fd087016090 RCX: 00007fd086d9cdd9 [ 117.525443][ T6067] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 117.525453][ T6067] RBP: 00007fd086e32d69 R08: 0000000000000008 R09: 0000000000000000 [ 117.525463][ T6067] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 117.525473][ T6067] R13: 00007fd087016128 R14: 00007fd087016090 R15: 00007ffcf394dae8 [ 117.525495][ T6067] [ 117.778259][ T6064] zswap: compressor not available [ 118.674015][ T5634] Bluetooth: hci0: command 0x0c1a tx timeout [ 118.994803][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 119.154441][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 119.217991][ T6087] zswap: compressor 000 not available [ 119.395430][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 120.755590][ T5634] Bluetooth: hci0: command 0x0c1a tx timeout [ 121.075751][ T5634] Bluetooth: hci1: command 0x0c1a tx timeout [ 121.235290][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 121.475385][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 123.369212][ T6157] FAULT_INJECTION: forcing a failure. [ 123.369212][ T6157] name failslab, interval 1, probability 0, space 0, times 0 [ 123.429574][ T6157] CPU: 1 UID: 0 PID: 6157 Comm: syz.2.88 Not tainted syzkaller #0 PREEMPT(full) [ 123.429620][ T6157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 123.429638][ T6157] Call Trace: [ 123.429648][ T6157] [ 123.429660][ T6157] dump_stack_lvl+0x100/0x190 [ 123.429710][ T6157] should_fail_ex.cold+0x5/0xa [ 123.429751][ T6157] should_failslab+0xc2/0x120 [ 123.429787][ T6157] __kmalloc_cache_noprof+0x7a/0x6f0 [ 123.429831][ T6157] ? alloc_bprm+0x86/0x710 [ 123.429870][ T6157] alloc_bprm+0x86/0x710 [ 123.429906][ T6157] do_execveat_common.isra.0+0x19c/0x580 [ 123.429941][ T6157] ? do_getname+0x191/0x390 [ 123.429990][ T6157] __x64_sys_execveat+0xdf/0x130 [ 123.430028][ T6157] do_syscall_64+0x10b/0xf80 [ 123.430067][ T6157] ? clear_bhb_loop+0x40/0x90 [ 123.430110][ T6157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.430142][ T6157] RIP: 0033:0x7f0adc39cdd9 [ 123.430169][ T6157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 123.430197][ T6157] RSP: 002b:00007f0ada5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 123.430228][ T6157] RAX: ffffffffffffffda RBX: 00007f0adc615fa0 RCX: 00007f0adc39cdd9 [ 123.430247][ T6157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 123.430264][ T6157] RBP: 00007f0adc432d69 R08: 0000000000001000 R09: 0000000000000000 [ 123.430282][ T6157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 123.430299][ T6157] R13: 00007f0adc616038 R14: 00007f0adc615fa0 R15: 00007fff4b35d538 [ 123.430339][ T6157] [ 123.613872][ T6127] kexec: Could not allocate control_code_buffer [ 124.421118][ T6172] ubi0: attaching mtd0 [ 124.455602][ T6172] ubi0: scanning is finished [ 124.468775][ T6172] ubi0: empty MTD device detected [ 124.973641][ T6172] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 124.987488][ T6172] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 125.002413][ T6172] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 125.041785][ T6172] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 125.053991][ T6172] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 125.064754][ T6172] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 125.082126][ T6172] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3366618659 [ 125.092695][ T6172] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 125.169414][ T6183] ubi0: background thread "ubi_bgt0d" started, PID 6183 [ 125.187428][ T6178] ubi0: detaching mtd0 [ 125.586554][ T6178] ubi0: mtd0 is detached [ 126.955691][ T6188] ima: policy update failed [ 127.013465][ T30] audit: type=1802 audit(1778021094.769:4): pid=6188 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.93" res=0 errno=0 [ 127.646169][ T6204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.96'. [ 127.717098][ T6208] netlink: 'syz.0.96': attribute type 2 has an invalid length. [ 127.757002][ T6208] netlink: 'syz.0.96': attribute type 3 has an invalid length. [ 127.832468][ T6208] netlink: 51465 bytes leftover after parsing attributes in process `syz.0.96'. [ 128.622575][ T6222] input: jJǸ-¶š9ã%vø“û¨lÐQ  J86Ö‘ as /devices/virtual/input/input6 [ 129.384652][ T6228] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 129.427184][ T6228] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 129.448212][ T6228] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 129.469688][ T6228] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 130.575763][ T6253] netlink: 8 bytes leftover after parsing attributes in process `syz.1.108'. [ 131.162013][ T5634] Bluetooth: hci0: command 0x0c1a tx timeout [ 131.428685][ T6266] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 131.480391][ T5634] Bluetooth: hci3: command 0x0c1a tx timeout [ 131.487033][ T5630] Bluetooth: hci2: command 0x0c1a tx timeout [ 131.493437][ T50] Bluetooth: hci1: command 0x0c1a tx timeout [ 131.953156][ T6257] &#$@\]\-: entered promiscuous mode [ 132.681318][ T6282] netlink: 25 bytes leftover after parsing attributes in process `syz.0.116'. [ 133.166552][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.174318][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.235522][ T6284] netlink: 'syz.3.115': attribute type 1 has an invalid length. [ 133.283240][ T6284] netlink: 9 bytes leftover after parsing attributes in process `syz.3.115'. [ 135.413230][ T6322] process 'syz.2.126' launched '/dev/fd/4' with NULL argv: empty string added [ 139.310972][ T6369] futex_wake_op: syz.2.134 tries to shift op by -2048; fix this program [ 139.339305][ T6369] futex_wake_op: syz.2.134 tries to shift op by -2048; fix this program [ 139.382642][ T6369] 0x000000000001-0x000000020000 : "" [ 139.479191][ T6369] ftl_cs: FTL header corrupt! [ 141.086850][ T6393] HfR: entered promiscuous mode [ 141.876727][ T6393] netlink: 12 bytes leftover after parsing attributes in process `syz.0.138'. [ 142.047926][ T6393] HfR: left promiscuous mode [ 142.383155][ T6403] &#$@\]\-: entered promiscuous mode [ 142.903700][ T6415] bond0: Unable to set down delay as MII monitoring is disabled [ 143.718443][ T6430] netlink: 'syz.3.145': attribute type 3 has an invalid length. [ 144.152398][ T6414] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 145.246347][ T6445] FAULT_INJECTION: forcing a failure. [ 145.246347][ T6445] name fail_futex, interval 1, probability 0, space 0, times 1 [ 145.326760][ T6445] CPU: 1 UID: 0 PID: 6445 Comm: syz.0.149 Not tainted syzkaller #0 PREEMPT(full) [ 145.326791][ T6445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 145.326801][ T6445] Call Trace: [ 145.326808][ T6445] [ 145.326815][ T6445] dump_stack_lvl+0x100/0x190 [ 145.326841][ T6445] should_fail_ex.cold+0x5/0xa [ 145.326866][ T6445] get_futex_key+0x1d2/0x1510 [ 145.326887][ T6445] ? __pfx_get_futex_key+0x10/0x10 [ 145.326912][ T6445] futex_wake+0xea/0x530 [ 145.326935][ T6445] ? rcu_is_watching+0x12/0xc0 [ 145.326957][ T6445] ? __pfx_futex_wake+0x10/0x10 [ 145.326989][ T6445] ? putname+0xb1/0x110 [ 145.327015][ T6445] ? kmem_cache_free+0x127/0x6c0 [ 145.327046][ T6445] do_futex+0x32b/0x350 [ 145.327070][ T6445] ? __pfx_do_futex+0x10/0x10 [ 145.327093][ T6445] ? __pfx_do_sys_openat2+0x10/0x10 [ 145.327148][ T6445] __x64_sys_futex+0x34f/0x4d0 [ 145.327183][ T6445] ? __pfx___x64_sys_futex+0x10/0x10 [ 145.327209][ T6445] ? rcu_is_watching+0x12/0xc0 [ 145.327244][ T6445] do_syscall_64+0x10b/0xf80 [ 145.327271][ T6445] ? clear_bhb_loop+0x40/0x90 [ 145.327293][ T6445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.327313][ T6445] RIP: 0033:0x7f6345b9cdd9 [ 145.327331][ T6445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 145.327358][ T6445] RSP: 002b:00007f6343df60e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 145.327386][ T6445] RAX: ffffffffffffffda RBX: 00007f6345e15fa8 RCX: 00007f6345b9cdd9 [ 145.327404][ T6445] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f6345e15fac [ 145.327431][ T6445] RBP: 00007f6345e15fa0 R08: 0000000000000001 R09: 0000000000000000 [ 145.327449][ T6445] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 145.327462][ T6445] R13: 00007f6345e16038 R14: 00007fffd3003a10 R15: 00007fffd3003af8 [ 145.327485][ T6445] [ 146.197352][ T6434] binder: 6433:6434 ioctl c00c620f 200000000080 returned -22 [ 151.849138][ T6491] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 155.629651][ T6547] &#$@\]\-: entered promiscuous mode [ 159.402507][ T6576] FAULT_INJECTION: forcing a failure. [ 159.402507][ T6576] name failslab, interval 1, probability 0, space 0, times 0 [ 159.496643][ T6576] CPU: 1 UID: 0 PID: 6576 Comm: syz.0.171 Not tainted syzkaller #0 PREEMPT(full) [ 159.496689][ T6576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 159.496708][ T6576] Call Trace: [ 159.496719][ T6576] [ 159.496730][ T6576] dump_stack_lvl+0x100/0x190 [ 159.496774][ T6576] should_fail_ex.cold+0x5/0xa [ 159.496815][ T6576] ? tracing_log_err+0x4b4/0x6a0 [ 159.496860][ T6576] should_failslab+0xc2/0x120 [ 159.496898][ T6576] __kmalloc_noprof+0xe0/0x850 [ 159.496957][ T6576] tracing_log_err+0x4b4/0x6a0 [ 159.497009][ T6576] append_filter_err+0x399/0x620 [ 159.497060][ T6576] apply_subsystem_event_filter+0x727/0x17b0 [ 159.497121][ T6576] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 159.497175][ T6576] ? _copy_from_user+0x59/0xd0 [ 159.497231][ T6576] subsystem_filter_write+0x95/0x120 [ 159.497279][ T6576] vfs_write+0x2aa/0x1070 [ 159.497326][ T6576] ? __pfx_subsystem_filter_write+0x10/0x10 [ 159.497375][ T6576] ? __pfx_vfs_write+0x10/0x10 [ 159.497411][ T6576] ? __fget_files+0x215/0x3d0 [ 159.497472][ T6576] ? __fget_files+0x21f/0x3d0 [ 159.497521][ T6576] ksys_write+0x12a/0x250 [ 159.497557][ T6576] ? __pfx_ksys_write+0x10/0x10 [ 159.497592][ T6576] ? rcu_is_watching+0x12/0xc0 [ 159.497632][ T6576] do_syscall_64+0x10b/0xf80 [ 159.497666][ T6576] ? clear_bhb_loop+0x40/0x90 [ 159.497701][ T6576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.497730][ T6576] RIP: 0033:0x7f6345b9cdd9 [ 159.497756][ T6576] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.497785][ T6576] RSP: 002b:00007f6343df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 159.497816][ T6576] RAX: ffffffffffffffda RBX: 00007f6345e15fa0 RCX: 00007f6345b9cdd9 [ 159.497835][ T6576] RDX: 0000000000000078 RSI: 0000200000000040 RDI: 0000000000000005 [ 159.497853][ T6576] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 159.497870][ T6576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.497886][ T6576] R13: 00007f6345e16038 R14: 00007f6345e15fa0 R15: 00007fffd3003af8 [ 159.497928][ T6576] [ 160.365788][ T6580] FAULT_INJECTION: forcing a failure. [ 160.365788][ T6580] name failslab, interval 1, probability 0, space 0, times 0 [ 160.416700][ T6580] CPU: 0 UID: 0 PID: 6580 Comm: syz.1.172 Not tainted syzkaller #0 PREEMPT(full) [ 160.416741][ T6580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 160.416758][ T6580] Call Trace: [ 160.416767][ T6580] [ 160.416779][ T6580] dump_stack_lvl+0x100/0x190 [ 160.416816][ T6580] should_fail_ex.cold+0x5/0xa [ 160.416853][ T6580] ? snd_seq_oss_readq_new+0x9b/0x290 [ 160.416880][ T6580] should_failslab+0xc2/0x120 [ 160.416912][ T6580] __kmalloc_noprof+0xe0/0x850 [ 160.416963][ T6580] snd_seq_oss_readq_new+0x9b/0x290 [ 160.416994][ T6580] snd_seq_oss_open+0x476/0xa10 [ 160.417037][ T6580] odev_open+0x6f/0x90 [ 160.417066][ T6580] ? __pfx_odev_open+0x10/0x10 [ 160.417098][ T6580] soundcore_open+0x2e3/0x5a0 [ 160.417135][ T6580] ? __pfx_soundcore_open+0x10/0x10 [ 160.417170][ T6580] chrdev_open+0x234/0x6a0 [ 160.417202][ T6580] ? __pfx_apparmor_file_open+0x10/0x10 [ 160.417243][ T6580] ? __pfx_chrdev_open+0x10/0x10 [ 160.417278][ T6580] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 160.417326][ T6580] do_dentry_open+0x6d8/0x1660 [ 160.417357][ T6580] ? __pfx_chrdev_open+0x10/0x10 [ 160.417409][ T6580] vfs_open+0x82/0x3f0 [ 160.417452][ T6580] path_openat+0x208c/0x31a0 [ 160.417501][ T6580] ? __pfx_path_openat+0x10/0x10 [ 160.417551][ T6580] do_file_open+0x20e/0x430 [ 160.417589][ T6580] ? __pfx_do_file_open+0x10/0x10 [ 160.417653][ T6580] ? alloc_fd+0x476/0x790 [ 160.417690][ T6580] ? do_getname+0x191/0x390 [ 160.417733][ T6580] do_sys_openat2+0x10d/0x1e0 [ 160.417773][ T6580] ? __pfx_do_sys_openat2+0x10/0x10 [ 160.417828][ T6580] __x64_sys_openat+0x12d/0x210 [ 160.417915][ T6580] ? __pfx___x64_sys_openat+0x10/0x10 [ 160.417966][ T6580] ? rcu_is_watching+0x12/0xc0 [ 160.418006][ T6580] do_syscall_64+0x10b/0xf80 [ 160.418044][ T6580] ? clear_bhb_loop+0x40/0x90 [ 160.418080][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 160.418107][ T6580] RIP: 0033:0x7fa374d9cdd9 [ 160.418132][ T6580] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 160.418157][ T6580] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 160.418186][ T6580] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 160.418203][ T6580] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 160.418220][ T6580] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 160.418237][ T6580] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 160.418252][ T6580] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 160.418290][ T6580] [ 161.070561][ T6577] bond0: Unable to set down delay as MII monitoring is disabled [ 163.210963][ T6572] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 163.909791][ T6614] ubi0: attaching mtd0 [ 163.929691][ T6614] ubi0: scanning is finished [ 164.143983][ T6614] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 164.167254][ T6614] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 164.188424][ T6614] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 164.204652][ T6614] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 164.230531][ T6614] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 164.237996][ T6614] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 164.250595][ T6614] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3366618659 [ 164.379761][ T6614] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 164.393108][ T6619] ubi0: background thread "ubi_bgt0d" started, PID 6619 [ 164.400416][ T6616] ubi0: detaching mtd0 [ 164.491168][ T6616] ubi0: mtd0 is detached [ 165.966737][ T6633] FAULT_INJECTION: forcing a failure. [ 165.966737][ T6633] name failslab, interval 1, probability 0, space 0, times 0 [ 166.010176][ T6633] CPU: 0 UID: 0 PID: 6633 Comm: syz.1.184 Not tainted syzkaller #0 PREEMPT(full) [ 166.010215][ T6633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 166.010242][ T6633] Call Trace: [ 166.010270][ T6633] [ 166.010283][ T6633] dump_stack_lvl+0x100/0x190 [ 166.010345][ T6633] should_fail_ex.cold+0x5/0xa [ 166.010403][ T6633] should_failslab+0xc2/0x120 [ 166.010438][ T6633] __kmalloc_cache_noprof+0x7a/0x6f0 [ 166.010483][ T6633] ? snd_seq_oss_timer_new+0x43/0x230 [ 166.010528][ T6633] ? __raw_spin_lock_init+0x3a/0x110 [ 166.010570][ T6633] snd_seq_oss_timer_new+0x43/0x230 [ 166.010614][ T6633] snd_seq_oss_open+0x4fc/0xa10 [ 166.010673][ T6633] odev_open+0x6f/0x90 [ 166.010709][ T6633] ? __pfx_odev_open+0x10/0x10 [ 166.010746][ T6633] soundcore_open+0x2e3/0x5a0 [ 166.010790][ T6633] ? __pfx_soundcore_open+0x10/0x10 [ 166.010829][ T6633] chrdev_open+0x234/0x6a0 [ 166.010872][ T6633] ? __pfx_apparmor_file_open+0x10/0x10 [ 166.010927][ T6633] ? __pfx_chrdev_open+0x10/0x10 [ 166.010967][ T6633] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 166.011017][ T6633] do_dentry_open+0x6d8/0x1660 [ 166.011055][ T6633] ? __pfx_chrdev_open+0x10/0x10 [ 166.011138][ T6633] vfs_open+0x82/0x3f0 [ 166.011186][ T6633] path_openat+0x208c/0x31a0 [ 166.011243][ T6633] ? __pfx_path_openat+0x10/0x10 [ 166.011298][ T6633] do_file_open+0x20e/0x430 [ 166.011342][ T6633] ? __pfx_do_file_open+0x10/0x10 [ 166.011411][ T6633] ? alloc_fd+0x476/0x790 [ 166.011453][ T6633] ? do_getname+0x191/0x390 [ 166.011503][ T6633] do_sys_openat2+0x10d/0x1e0 [ 166.011550][ T6633] ? __pfx_do_sys_openat2+0x10/0x10 [ 166.011620][ T6633] __x64_sys_openat+0x12d/0x210 [ 166.011672][ T6633] ? __pfx___x64_sys_openat+0x10/0x10 [ 166.011731][ T6633] ? rcu_is_watching+0x12/0xc0 [ 166.011774][ T6633] do_syscall_64+0x10b/0xf80 [ 166.011814][ T6633] ? clear_bhb_loop+0x40/0x90 [ 166.011854][ T6633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.011887][ T6633] RIP: 0033:0x7fa374d9cdd9 [ 166.011915][ T6633] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 166.011943][ T6633] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 166.011974][ T6633] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 166.011994][ T6633] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 166.012013][ T6633] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 166.012031][ T6633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.012048][ T6633] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 166.012090][ T6633] [ 166.282261][ T6633] ALSA: seq_oss: can't alloc timer [ 167.542375][ T6645] futex_wake_op: syz.1.185 tries to shift op by -2048; fix this program [ 167.563977][ T6645] futex_wake_op: syz.1.185 tries to shift op by -2048; fix this program [ 167.632970][ T6645] 0x000000000001-0x000000020000 : "" [ 167.730147][ T6645] ftl_cs: FTL header corrupt! [ 169.101678][ T6191] syz.3.92 (6191) used greatest stack depth: 18688 bytes left [ 169.770813][ T6675] FAULT_INJECTION: forcing a failure. [ 169.770813][ T6675] name failslab, interval 1, probability 0, space 0, times 0 [ 169.840591][ T6675] CPU: 1 UID: 0 PID: 6675 Comm: syz.2.194 Not tainted syzkaller #0 PREEMPT(full) [ 169.840633][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 169.840651][ T6675] Call Trace: [ 169.840662][ T6675] [ 169.840674][ T6675] dump_stack_lvl+0x100/0x190 [ 169.840713][ T6675] should_fail_ex.cold+0x5/0xa [ 169.840743][ T6675] should_failslab+0xc2/0x120 [ 169.840766][ T6675] __kmalloc_cache_noprof+0x7a/0x6f0 [ 169.840791][ T6675] ? snd_seq_oss_readq_new+0x4a/0x290 [ 169.840814][ T6675] snd_seq_oss_readq_new+0x4a/0x290 [ 169.840840][ T6675] snd_seq_oss_open+0x476/0xa10 [ 169.840884][ T6675] odev_open+0x6f/0x90 [ 169.840914][ T6675] ? __pfx_odev_open+0x10/0x10 [ 169.840947][ T6675] soundcore_open+0x2e3/0x5a0 [ 169.840980][ T6675] ? __pfx_soundcore_open+0x10/0x10 [ 169.841002][ T6675] chrdev_open+0x234/0x6a0 [ 169.841024][ T6675] ? __pfx_apparmor_file_open+0x10/0x10 [ 169.841052][ T6675] ? __pfx_chrdev_open+0x10/0x10 [ 169.841075][ T6675] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 169.841103][ T6675] do_dentry_open+0x6d8/0x1660 [ 169.841124][ T6675] ? __pfx_chrdev_open+0x10/0x10 [ 169.841151][ T6675] vfs_open+0x82/0x3f0 [ 169.841180][ T6675] path_openat+0x208c/0x31a0 [ 169.841211][ T6675] ? __pfx_path_openat+0x10/0x10 [ 169.841241][ T6675] do_file_open+0x20e/0x430 [ 169.841266][ T6675] ? __pfx_do_file_open+0x10/0x10 [ 169.841304][ T6675] ? alloc_fd+0x476/0x790 [ 169.841327][ T6675] ? do_getname+0x191/0x390 [ 169.841355][ T6675] do_sys_openat2+0x10d/0x1e0 [ 169.841382][ T6675] ? __pfx_do_sys_openat2+0x10/0x10 [ 169.841417][ T6675] __x64_sys_openat+0x12d/0x210 [ 169.841444][ T6675] ? __pfx___x64_sys_openat+0x10/0x10 [ 169.841476][ T6675] ? rcu_is_watching+0x12/0xc0 [ 169.841500][ T6675] do_syscall_64+0x10b/0xf80 [ 169.841521][ T6675] ? clear_bhb_loop+0x40/0x90 [ 169.841543][ T6675] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.841578][ T6675] RIP: 0033:0x7f0adc39cdd9 [ 169.841594][ T6675] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 169.841610][ T6675] RSP: 002b:00007f0ada5f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 169.841628][ T6675] RAX: ffffffffffffffda RBX: 00007f0adc615fa0 RCX: 00007f0adc39cdd9 [ 169.841640][ T6675] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 169.841651][ T6675] RBP: 00007f0adc432d69 R08: 0000000000000000 R09: 0000000000000000 [ 169.841661][ T6675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.841672][ T6675] R13: 00007f0adc616038 R14: 00007f0adc615fa0 R15: 00007fff4b35d538 [ 169.841694][ T6675] [ 170.161500][ T6679] bond0: Unable to set down delay as MII monitoring is disabled [ 170.649196][ T6676] binder: 6673:6676 ioctl c00c620f 0 returned -22 [ 170.686989][ T6686] netlink: 'syz.2.195': attribute type 3 has an invalid length. [ 171.385293][ T6669] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 175.035219][ T6728] blktrace: Concurrent blktraces are not allowed on sda1 [ 177.899214][ T6799] ubi0: attaching mtd0 [ 177.968705][ T6799] ubi0: scanning is finished [ 178.317399][ T6799] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 178.341663][ T6799] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 178.371435][ T6799] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 178.427903][ T6799] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 178.443032][ T6799] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 178.460499][ T6799] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 178.482961][ T6799] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 3366618659 [ 178.537702][ T6799] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 178.578333][ T6807] ubi0: background thread "ubi_bgt0d" started, PID 6807 [ 178.589961][ T6803] ubi0: detaching mtd0 [ 178.817751][ T6803] ubi0: mtd0 is detached [ 179.692854][ T6824] FAULT_INJECTION: forcing a failure. [ 179.692854][ T6824] name failslab, interval 1, probability 0, space 0, times 0 [ 179.733004][ T6824] CPU: 1 UID: 0 PID: 6824 Comm: syz.3.227 Not tainted syzkaller #0 PREEMPT(full) [ 179.733030][ T6824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 179.733041][ T6824] Call Trace: [ 179.733047][ T6824] [ 179.733055][ T6824] dump_stack_lvl+0x100/0x190 [ 179.733080][ T6824] should_fail_ex.cold+0x5/0xa [ 179.733102][ T6824] ? snd_seq_oss_readq_new+0x9b/0x290 [ 179.733120][ T6824] should_failslab+0xc2/0x120 [ 179.733142][ T6824] __kmalloc_noprof+0xe0/0x850 [ 179.733174][ T6824] snd_seq_oss_readq_new+0x9b/0x290 [ 179.733194][ T6824] snd_seq_oss_open+0x476/0xa10 [ 179.733222][ T6824] odev_open+0x6f/0x90 [ 179.733242][ T6824] ? __pfx_odev_open+0x10/0x10 [ 179.733263][ T6824] soundcore_open+0x2e3/0x5a0 [ 179.733287][ T6824] ? __pfx_soundcore_open+0x10/0x10 [ 179.733309][ T6824] chrdev_open+0x234/0x6a0 [ 179.733339][ T6824] ? __pfx_apparmor_file_open+0x10/0x10 [ 179.733368][ T6824] ? __pfx_chrdev_open+0x10/0x10 [ 179.733392][ T6824] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 179.733422][ T6824] do_dentry_open+0x6d8/0x1660 [ 179.733444][ T6824] ? __pfx_chrdev_open+0x10/0x10 [ 179.733471][ T6824] vfs_open+0x82/0x3f0 [ 179.733500][ T6824] path_openat+0x208c/0x31a0 [ 179.733530][ T6824] ? __pfx_path_openat+0x10/0x10 [ 179.733561][ T6824] do_file_open+0x20e/0x430 [ 179.733585][ T6824] ? __pfx_do_file_open+0x10/0x10 [ 179.733623][ T6824] ? alloc_fd+0x476/0x790 [ 179.733647][ T6824] ? do_getname+0x191/0x390 [ 179.733675][ T6824] do_sys_openat2+0x10d/0x1e0 [ 179.733701][ T6824] ? __pfx_do_sys_openat2+0x10/0x10 [ 179.733736][ T6824] __x64_sys_openat+0x12d/0x210 [ 179.733764][ T6824] ? __pfx___x64_sys_openat+0x10/0x10 [ 179.733795][ T6824] ? rcu_is_watching+0x12/0xc0 [ 179.733819][ T6824] do_syscall_64+0x10b/0xf80 [ 179.733842][ T6824] ? clear_bhb_loop+0x40/0x90 [ 179.733863][ T6824] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.733881][ T6824] RIP: 0033:0x7fd086d9cdd9 [ 179.733897][ T6824] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 179.733914][ T6824] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 179.733932][ T6824] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 179.733943][ T6824] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 179.733955][ T6824] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 179.733966][ T6824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.733975][ T6824] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 179.733997][ T6824] [ 181.242272][ T6848] binder: 6838:6848 ioctl c00c620f 0 returned -22 [ 183.371101][ T6869] FAULT_INJECTION: forcing a failure. [ 183.371101][ T6869] name failslab, interval 1, probability 0, space 0, times 0 [ 183.466093][ T6877] ubi0: attaching mtd0 [ 183.472450][ T6869] CPU: 1 UID: 0 PID: 6869 Comm: syz.1.238 Not tainted syzkaller #0 PREEMPT(full) [ 183.472493][ T6869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 183.472509][ T6869] Call Trace: [ 183.472519][ T6869] [ 183.472530][ T6869] dump_stack_lvl+0x100/0x190 [ 183.472571][ T6869] should_fail_ex.cold+0x5/0xa [ 183.472610][ T6869] should_failslab+0xc2/0x120 [ 183.472647][ T6869] __kmalloc_cache_noprof+0x7a/0x6f0 [ 183.472691][ T6869] ? snd_seq_oss_readq_new+0x4a/0x290 [ 183.472733][ T6869] snd_seq_oss_readq_new+0x4a/0x290 [ 183.472768][ T6869] snd_seq_oss_open+0x476/0xa10 [ 183.472820][ T6869] odev_open+0x6f/0x90 [ 183.472856][ T6869] ? __pfx_odev_open+0x10/0x10 [ 183.472893][ T6869] soundcore_open+0x2e3/0x5a0 [ 183.472938][ T6869] ? __pfx_soundcore_open+0x10/0x10 [ 183.472978][ T6869] chrdev_open+0x234/0x6a0 [ 183.473017][ T6869] ? __pfx_apparmor_file_open+0x10/0x10 [ 183.473066][ T6869] ? __pfx_chrdev_open+0x10/0x10 [ 183.473108][ T6869] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 183.473159][ T6869] do_dentry_open+0x6d8/0x1660 [ 183.473197][ T6869] ? __pfx_chrdev_open+0x10/0x10 [ 183.473247][ T6869] vfs_open+0x82/0x3f0 [ 183.473299][ T6869] path_openat+0x208c/0x31a0 [ 183.473363][ T6869] ? __pfx_path_openat+0x10/0x10 [ 183.473418][ T6869] do_file_open+0x20e/0x430 [ 183.473462][ T6869] ? __pfx_do_file_open+0x10/0x10 [ 183.473532][ T6869] ? alloc_fd+0x476/0x790 [ 183.473576][ T6869] ? do_getname+0x191/0x390 [ 183.473625][ T6869] do_sys_openat2+0x10d/0x1e0 [ 183.473672][ T6869] ? __pfx_do_sys_openat2+0x10/0x10 [ 183.473736][ T6869] __x64_sys_openat+0x12d/0x210 [ 183.473791][ T6869] ? __pfx___x64_sys_openat+0x10/0x10 [ 183.473848][ T6869] ? rcu_is_watching+0x12/0xc0 [ 183.473891][ T6869] do_syscall_64+0x10b/0xf80 [ 183.473931][ T6869] ? clear_bhb_loop+0x40/0x90 [ 183.473970][ T6869] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 183.474000][ T6869] RIP: 0033:0x7fa374d9cdd9 [ 183.474024][ T6869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 183.474050][ T6869] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 183.474080][ T6869] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 183.474099][ T6869] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 183.474118][ T6869] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 183.474136][ T6869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 183.474154][ T6869] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 183.474196][ T6869] [ 183.761372][ T6877] ubi0: scanning is finished [ 184.600492][ T6877] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 184.685514][ T6877] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 184.766997][ T6877] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 184.863485][ T6877] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 184.895871][ T6877] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 184.931841][ T6877] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 184.948394][ T6877] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 3366618659 [ 185.017024][ T6877] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 185.051518][ T6894] ubi0: background thread "ubi_bgt0d" started, PID 6894 [ 185.067197][ T6882] ubi0: detaching mtd0 [ 185.120518][ T6882] ubi0: mtd0 is detached [ 187.098804][ T6916] netlink: 'syz.3.246': attribute type 3 has an invalid length. [ 188.585840][ T6939] ubi0: attaching mtd0 [ 188.615115][ T6939] ubi0: scanning is finished [ 189.006707][ T6939] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 189.015995][ T6939] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 189.027461][ T6939] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 189.042426][ T6939] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 189.050893][ T6939] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 189.194167][ T6939] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 189.220778][ T6939] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 3366618659 [ 189.253317][ T6939] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 189.315003][ T6946] ubi0: background thread "ubi_bgt0d" started, PID 6946 [ 189.326286][ T6942] ubi0: detaching mtd0 [ 189.567133][ T6942] ubi0: mtd0 is detached [ 191.919822][ T6978] netlink: 28 bytes leftover after parsing attributes in process `syz.0.258'. [ 191.953651][ T6978] veth1_macvtap: left promiscuous mode [ 194.633828][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.650111][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 197.020779][ T7041] FAULT_INJECTION: forcing a failure. [ 197.020779][ T7041] name failslab, interval 1, probability 0, space 0, times 0 [ 197.169357][ T7041] CPU: 1 UID: 0 PID: 7041 Comm: syz.3.273 Not tainted syzkaller #0 PREEMPT(full) [ 197.169398][ T7041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 197.169413][ T7041] Call Trace: [ 197.169420][ T7041] [ 197.169427][ T7041] dump_stack_lvl+0x100/0x190 [ 197.169452][ T7041] should_fail_ex.cold+0x5/0xa [ 197.169475][ T7041] ? snd_seq_oss_readq_new+0x9b/0x290 [ 197.169493][ T7041] should_failslab+0xc2/0x120 [ 197.169514][ T7041] __kmalloc_noprof+0xe0/0x850 [ 197.169550][ T7041] snd_seq_oss_readq_new+0x9b/0x290 [ 197.169570][ T7041] snd_seq_oss_open+0x476/0xa10 [ 197.169598][ T7041] odev_open+0x6f/0x90 [ 197.169619][ T7041] ? __pfx_odev_open+0x10/0x10 [ 197.169649][ T7041] soundcore_open+0x2e3/0x5a0 [ 197.169681][ T7041] ? __pfx_soundcore_open+0x10/0x10 [ 197.169703][ T7041] chrdev_open+0x234/0x6a0 [ 197.169725][ T7041] ? __pfx_apparmor_file_open+0x10/0x10 [ 197.169753][ T7041] ? __pfx_chrdev_open+0x10/0x10 [ 197.169777][ T7041] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 197.169805][ T7041] do_dentry_open+0x6d8/0x1660 [ 197.169826][ T7041] ? __pfx_chrdev_open+0x10/0x10 [ 197.169853][ T7041] vfs_open+0x82/0x3f0 [ 197.169882][ T7041] path_openat+0x208c/0x31a0 [ 197.169912][ T7041] ? __pfx_path_openat+0x10/0x10 [ 197.169943][ T7041] do_file_open+0x20e/0x430 [ 197.169968][ T7041] ? __pfx_do_file_open+0x10/0x10 [ 197.170005][ T7041] ? alloc_fd+0x476/0x790 [ 197.170028][ T7041] ? do_getname+0x191/0x390 [ 197.170056][ T7041] do_sys_openat2+0x10d/0x1e0 [ 197.170083][ T7041] ? __pfx_do_sys_openat2+0x10/0x10 [ 197.170117][ T7041] __x64_sys_openat+0x12d/0x210 [ 197.170145][ T7041] ? __pfx___x64_sys_openat+0x10/0x10 [ 197.170177][ T7041] ? rcu_is_watching+0x12/0xc0 [ 197.170201][ T7041] do_syscall_64+0x10b/0xf80 [ 197.170223][ T7041] ? clear_bhb_loop+0x40/0x90 [ 197.170244][ T7041] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 197.170262][ T7041] RIP: 0033:0x7fd086d9cdd9 [ 197.170278][ T7041] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 197.170302][ T7041] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 197.170321][ T7041] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 197.170332][ T7041] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 197.170342][ T7041] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 197.170352][ T7041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 197.170361][ T7041] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 197.170384][ T7041] [ 201.483619][ T7094] netlink: 'syz.0.285': attribute type 1 has an invalid length. [ 201.521949][ T7094] netlink: 9 bytes leftover after parsing attributes in process `syz.0.285'. [ 201.887933][ T7103] random: crng reseeded on system resumption [ 201.932708][ T7103] FAULT_INJECTION: forcing a failure. [ 201.932708][ T7103] name failslab, interval 1, probability 0, space 0, times 0 [ 201.999010][ T7103] CPU: 0 UID: 0 PID: 7103 Comm: syz.0.288 Not tainted syzkaller #0 PREEMPT(full) [ 201.999052][ T7103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 201.999069][ T7103] Call Trace: [ 201.999079][ T7103] [ 201.999091][ T7103] dump_stack_lvl+0x100/0x190 [ 201.999131][ T7103] should_fail_ex.cold+0x5/0xa [ 201.999167][ T7103] should_failslab+0xc2/0x120 [ 201.999189][ T7103] __kmalloc_cache_noprof+0x7a/0x6f0 [ 201.999216][ T7103] ? create_basic_memory_bitmaps+0xeb/0x350 [ 201.999246][ T7103] create_basic_memory_bitmaps+0xeb/0x350 [ 201.999315][ T7103] snapshot_open+0x230/0x2a0 [ 201.999343][ T7103] ? __pfx_snapshot_open+0x10/0x10 [ 201.999377][ T7103] misc_open+0x26d/0x450 [ 201.999400][ T7103] ? __pfx_misc_open+0x10/0x10 [ 201.999421][ T7103] chrdev_open+0x234/0x6a0 [ 201.999443][ T7103] ? __pfx_apparmor_file_open+0x10/0x10 [ 201.999472][ T7103] ? __pfx_chrdev_open+0x10/0x10 [ 201.999497][ T7103] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 201.999529][ T7103] do_dentry_open+0x6d8/0x1660 [ 201.999550][ T7103] ? __pfx_chrdev_open+0x10/0x10 [ 201.999577][ T7103] vfs_open+0x82/0x3f0 [ 201.999606][ T7103] path_openat+0x208c/0x31a0 [ 201.999635][ T7103] ? __pfx_path_openat+0x10/0x10 [ 201.999665][ T7103] do_file_open+0x20e/0x430 [ 201.999689][ T7103] ? __pfx_do_file_open+0x10/0x10 [ 201.999727][ T7103] ? alloc_fd+0x476/0x790 [ 201.999751][ T7103] ? do_getname+0x191/0x390 [ 201.999779][ T7103] do_sys_openat2+0x10d/0x1e0 [ 201.999806][ T7103] ? __pfx_do_sys_openat2+0x10/0x10 [ 201.999841][ T7103] __x64_sys_openat+0x12d/0x210 [ 201.999869][ T7103] ? __pfx___x64_sys_openat+0x10/0x10 [ 201.999901][ T7103] ? rcu_is_watching+0x12/0xc0 [ 201.999925][ T7103] do_syscall_64+0x10b/0xf80 [ 201.999947][ T7103] ? clear_bhb_loop+0x40/0x90 [ 201.999969][ T7103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.999987][ T7103] RIP: 0033:0x7f6345b9cdd9 [ 202.000003][ T7103] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 202.000020][ T7103] RSP: 002b:00007f6343df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 202.000038][ T7103] RAX: ffffffffffffffda RBX: 00007f6345e15fa0 RCX: 00007f6345b9cdd9 [ 202.000049][ T7103] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 202.000060][ T7103] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 202.000069][ T7103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 202.000079][ T7103] R13: 00007f6345e16038 R14: 00007f6345e15fa0 R15: 00007fffd3003af8 [ 202.000101][ T7103] [ 202.711664][ T7108] netlink: 'syz.3.289': attribute type 3 has an invalid length. [ 203.115256][ T7118] FAULT_INJECTION: forcing a failure. [ 203.115256][ T7118] name failslab, interval 1, probability 0, space 0, times 0 [ 203.237116][ T7118] CPU: 1 UID: 0 PID: 7118 Comm: syz.1.287 Not tainted syzkaller #0 PREEMPT(full) [ 203.237156][ T7118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 203.237173][ T7118] Call Trace: [ 203.237183][ T7118] [ 203.237194][ T7118] dump_stack_lvl+0x100/0x190 [ 203.237223][ T7118] should_fail_ex.cold+0x5/0xa [ 203.237246][ T7118] ? tomoyo_encode2+0xfb/0x3c0 [ 203.237266][ T7118] should_failslab+0xc2/0x120 [ 203.237287][ T7118] __kmalloc_noprof+0xe0/0x850 [ 203.237319][ T7118] tomoyo_encode2+0xfb/0x3c0 [ 203.237343][ T7118] tomoyo_encode+0x29/0x50 [ 203.237364][ T7118] tomoyo_mount_acl+0x14c/0x8b0 [ 203.237383][ T7118] ? is_bpf_text_address+0x8a/0x1a0 [ 203.237408][ T7118] ? bpf_ksym_find+0x124/0x1c0 [ 203.237427][ T7118] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 203.237463][ T7118] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 203.237481][ T7118] ? kernel_text_address+0x8d/0x100 [ 203.237498][ T7118] ? make_vfsuid+0xec/0x140 [ 203.237515][ T7118] ? unwind_get_return_address+0x59/0xa0 [ 203.237561][ T7118] ? tomoyo_domain+0xb2/0x150 [ 203.237585][ T7118] ? tomoyo_profile+0x47/0x60 [ 203.237611][ T7118] tomoyo_mount_permission+0x214/0x460 [ 203.237631][ T7118] ? tomoyo_mount_permission+0x1f6/0x460 [ 203.237653][ T7118] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 203.237692][ T7118] security_sb_mount+0xdd/0x270 [ 203.237720][ T7118] path_mount+0x158/0x23d0 [ 203.237749][ T7118] ? __pfx_path_mount+0x10/0x10 [ 203.237772][ T7118] ? lockdep_hardirqs_on+0x78/0x100 [ 203.237797][ T7118] ? putname+0xb1/0x110 [ 203.237818][ T7118] ? kmem_cache_free+0x127/0x6c0 [ 203.237852][ T7118] ? __x64_sys_mount+0x293/0x310 [ 203.237876][ T7118] __x64_sys_mount+0x293/0x310 [ 203.237901][ T7118] ? __pfx___x64_sys_mount+0x10/0x10 [ 203.237927][ T7118] ? rcu_is_watching+0x12/0xc0 [ 203.237952][ T7118] do_syscall_64+0x10b/0xf80 [ 203.237974][ T7118] ? clear_bhb_loop+0x40/0x90 [ 203.237996][ T7118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.238015][ T7118] RIP: 0033:0x7fa374d9cdd9 [ 203.238030][ T7118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 203.238047][ T7118] RSP: 002b:00007fa372bb2028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 203.238064][ T7118] RAX: ffffffffffffffda RBX: 00007fa375016270 RCX: 00007fa374d9cdd9 [ 203.238076][ T7118] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 203.238086][ T7118] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 203.238096][ T7118] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 203.238106][ T7118] R13: 00007fa375016308 R14: 00007fa375016270 R15: 00007ffdf3e95458 [ 203.238143][ T7118] [ 204.630451][ T30] audit: type=1800 audit(1778021172.340:5): pid=7124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.291" name="dummy_udc" dev="gadgetfs" ino=7594 res=0 errno=0 [ 207.551763][ T7156] FAULT_INJECTION: forcing a failure. [ 207.551763][ T7156] name failslab, interval 1, probability 0, space 0, times 0 [ 207.639280][ T7156] CPU: 1 UID: 0 PID: 7156 Comm: syz.3.298 Not tainted syzkaller #0 PREEMPT(full) [ 207.639307][ T7156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 207.639318][ T7156] Call Trace: [ 207.639324][ T7156] [ 207.639331][ T7156] dump_stack_lvl+0x100/0x190 [ 207.639356][ T7156] should_fail_ex.cold+0x5/0xa [ 207.639379][ T7156] ? snd_seq_oss_readq_new+0x9b/0x290 [ 207.639398][ T7156] should_failslab+0xc2/0x120 [ 207.639420][ T7156] __kmalloc_noprof+0xe0/0x850 [ 207.639452][ T7156] snd_seq_oss_readq_new+0x9b/0x290 [ 207.639472][ T7156] snd_seq_oss_open+0x476/0xa10 [ 207.639503][ T7156] odev_open+0x6f/0x90 [ 207.639523][ T7156] ? __pfx_odev_open+0x10/0x10 [ 207.639544][ T7156] soundcore_open+0x2e3/0x5a0 [ 207.639569][ T7156] ? __pfx_soundcore_open+0x10/0x10 [ 207.639591][ T7156] chrdev_open+0x234/0x6a0 [ 207.639612][ T7156] ? __pfx_apparmor_file_open+0x10/0x10 [ 207.639640][ T7156] ? __pfx_chrdev_open+0x10/0x10 [ 207.639664][ T7156] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 207.639692][ T7156] do_dentry_open+0x6d8/0x1660 [ 207.639718][ T7156] ? __pfx_chrdev_open+0x10/0x10 [ 207.639746][ T7156] vfs_open+0x82/0x3f0 [ 207.639775][ T7156] path_openat+0x208c/0x31a0 [ 207.639806][ T7156] ? __pfx_path_openat+0x10/0x10 [ 207.639836][ T7156] do_file_open+0x20e/0x430 [ 207.639860][ T7156] ? __pfx_do_file_open+0x10/0x10 [ 207.639899][ T7156] ? alloc_fd+0x476/0x790 [ 207.639922][ T7156] ? do_getname+0x191/0x390 [ 207.639950][ T7156] do_sys_openat2+0x10d/0x1e0 [ 207.639977][ T7156] ? __pfx_do_sys_openat2+0x10/0x10 [ 207.640013][ T7156] __x64_sys_openat+0x12d/0x210 [ 207.640041][ T7156] ? __pfx___x64_sys_openat+0x10/0x10 [ 207.640073][ T7156] ? rcu_is_watching+0x12/0xc0 [ 207.640097][ T7156] do_syscall_64+0x10b/0xf80 [ 207.640120][ T7156] ? clear_bhb_loop+0x40/0x90 [ 207.640141][ T7156] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.640159][ T7156] RIP: 0033:0x7fd086d9cdd9 [ 207.640175][ T7156] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 207.640192][ T7156] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 207.640213][ T7156] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 207.640231][ T7156] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 207.640257][ T7156] RBP: 00007fd086e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 207.640274][ T7156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.640291][ T7156] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 207.640328][ T7156] [ 209.529303][ T7170] FAULT_INJECTION: forcing a failure. [ 209.529303][ T7170] name failslab, interval 1, probability 0, space 0, times 0 [ 209.590224][ T7170] CPU: 0 UID: 0 PID: 7170 Comm: syz.0.302 Not tainted syzkaller #0 PREEMPT(full) [ 209.590252][ T7170] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 209.590262][ T7170] Call Trace: [ 209.590269][ T7170] [ 209.590276][ T7170] dump_stack_lvl+0x100/0x190 [ 209.590307][ T7170] should_fail_ex.cold+0x5/0xa [ 209.590331][ T7170] ? acpi_ns_get_normalized_pathname+0x95/0x250 [ 209.590358][ T7170] should_failslab+0xc2/0x120 [ 209.590379][ T7170] __kmalloc_noprof+0xe0/0x850 [ 209.590407][ T7170] ? acpi_ut_trace_ptr+0x1d2/0x2a0 [ 209.590433][ T7170] acpi_ns_get_normalized_pathname+0x95/0x250 [ 209.590462][ T7170] acpi_ex_start_trace_method+0x30/0x4f0 [ 209.590492][ T7170] acpi_ds_begin_method_execution+0x60/0xc20 [ 209.590529][ T7170] ? down_timeout+0x6b/0x90 [ 209.590555][ T7170] ? acpi_tb_check_dsdt_header+0x324/0x3f0 [ 209.590576][ T7170] acpi_ps_execute_method+0xb1/0xe90 [ 209.590599][ T7170] ? acpi_ut_acquire_mutex+0x2d7/0x500 [ 209.590632][ T7170] acpi_ns_evaluate+0x640/0x1670 [ 209.590661][ T7170] acpi_evaluate_object+0x420/0xe00 [ 209.590679][ T7170] ? kasan_save_stack+0x30/0x50 [ 209.590696][ T7170] ? kasan_save_track+0x14/0x30 [ 209.590712][ T7170] ? __kasan_kmalloc+0xaa/0xb0 [ 209.590728][ T7170] ? __kvmalloc_node_noprof+0x360/0xa00 [ 209.590749][ T7170] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 209.590767][ T7170] ? lock_acquire+0x1b1/0x370 [ 209.590790][ T7170] acpi_evaluate_integer+0xdf/0x220 [ 209.590818][ T7170] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 209.590854][ T7170] ? __pfx_status_show+0x10/0x10 [ 209.590871][ T7170] status_show+0xa0/0x120 [ 209.590888][ T7170] ? __pfx_status_show+0x10/0x10 [ 209.590912][ T7170] dev_attr_show+0x52/0xa0 [ 209.590936][ T7170] ? __pfx_dev_attr_show+0x10/0x10 [ 209.590957][ T7170] sysfs_kf_seq_show+0x217/0x3a0 [ 209.590990][ T7170] seq_read_iter+0x32f/0x1270 [ 209.591010][ T7170] ? lock_acquire+0x1b1/0x370 [ 209.591036][ T7170] kernfs_fop_read_iter+0x46c/0x610 [ 209.591064][ T7170] ? rw_verify_area+0xce/0x6d0 [ 209.591082][ T7170] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 209.591110][ T7170] vfs_read+0x825/0xb30 [ 209.591133][ T7170] ? __pfx_vfs_read+0x10/0x10 [ 209.591176][ T7170] ksys_read+0x12a/0x250 [ 209.591196][ T7170] ? __pfx_ksys_read+0x10/0x10 [ 209.591219][ T7170] ? rcu_is_watching+0x12/0xc0 [ 209.591245][ T7170] do_syscall_64+0x10b/0xf80 [ 209.591268][ T7170] ? clear_bhb_loop+0x40/0x90 [ 209.591290][ T7170] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.591309][ T7170] RIP: 0033:0x7f6345b9cdd9 [ 209.591325][ T7170] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 209.591342][ T7170] RSP: 002b:00007f6343df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 209.591359][ T7170] RAX: ffffffffffffffda RBX: 00007f6345e15fa0 RCX: 00007f6345b9cdd9 [ 209.591371][ T7170] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000007 [ 209.591381][ T7170] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 209.591390][ T7170] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.591400][ T7170] R13: 00007f6345e16038 R14: 00007f6345e15fa0 R15: 00007fffd3003af8 [ 209.591429][ T7170] [ 209.593891][ T7170] ACPI Error: Could not allocate 15 bytes (20251212/nsnames-308) [ 210.385532][ T5630] Bluetooth: hci1: unexpected event 0x31 length: 19 > 6 [ 211.418188][ T7192] FAULT_INJECTION: forcing a failure. [ 211.418188][ T7192] name failslab, interval 1, probability 0, space 0, times 0 [ 211.488909][ T7192] CPU: 1 UID: 0 PID: 7192 Comm: syz.0.307 Not tainted syzkaller #0 PREEMPT(full) [ 211.488952][ T7192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 211.488970][ T7192] Call Trace: [ 211.488980][ T7192] [ 211.488992][ T7192] dump_stack_lvl+0x100/0x190 [ 211.489033][ T7192] should_fail_ex.cold+0x5/0xa [ 211.489072][ T7192] ? snd_seq_oss_readq_new+0x9b/0x290 [ 211.489103][ T7192] should_failslab+0xc2/0x120 [ 211.489138][ T7192] __kmalloc_noprof+0xe0/0x850 [ 211.489196][ T7192] snd_seq_oss_readq_new+0x9b/0x290 [ 211.489231][ T7192] snd_seq_oss_open+0x476/0xa10 [ 211.489278][ T7192] odev_open+0x6f/0x90 [ 211.489313][ T7192] ? __pfx_odev_open+0x10/0x10 [ 211.489350][ T7192] soundcore_open+0x2e3/0x5a0 [ 211.489394][ T7192] ? __pfx_soundcore_open+0x10/0x10 [ 211.489433][ T7192] chrdev_open+0x234/0x6a0 [ 211.489471][ T7192] ? __pfx_apparmor_file_open+0x10/0x10 [ 211.489529][ T7192] ? __pfx_chrdev_open+0x10/0x10 [ 211.489570][ T7192] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 211.489621][ T7192] do_dentry_open+0x6d8/0x1660 [ 211.489658][ T7192] ? __pfx_chrdev_open+0x10/0x10 [ 211.489708][ T7192] vfs_open+0x82/0x3f0 [ 211.489758][ T7192] path_openat+0x208c/0x31a0 [ 211.489811][ T7192] ? __pfx_path_openat+0x10/0x10 [ 211.489866][ T7192] do_file_open+0x20e/0x430 [ 211.489908][ T7192] ? __pfx_do_file_open+0x10/0x10 [ 211.489978][ T7192] ? alloc_fd+0x476/0x790 [ 211.490019][ T7192] ? do_getname+0x191/0x390 [ 211.490069][ T7192] do_sys_openat2+0x10d/0x1e0 [ 211.490116][ T7192] ? __pfx_do_sys_openat2+0x10/0x10 [ 211.490181][ T7192] __x64_sys_openat+0x12d/0x210 [ 211.490226][ T7192] ? __pfx___x64_sys_openat+0x10/0x10 [ 211.490279][ T7192] ? rcu_is_watching+0x12/0xc0 [ 211.490321][ T7192] do_syscall_64+0x10b/0xf80 [ 211.490360][ T7192] ? clear_bhb_loop+0x40/0x90 [ 211.490395][ T7192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 211.490425][ T7192] RIP: 0033:0x7f6345b9cdd9 [ 211.490451][ T7192] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 211.490477][ T7192] RSP: 002b:00007f6343df6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 211.490515][ T7192] RAX: ffffffffffffffda RBX: 00007f6345e15fa0 RCX: 00007f6345b9cdd9 [ 211.490535][ T7192] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 211.490554][ T7192] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 211.490571][ T7192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 211.490587][ T7192] R13: 00007f6345e16038 R14: 00007f6345e15fa0 R15: 00007fffd3003af8 [ 211.490626][ T7192] [ 212.260898][ T7202] ubi0: attaching mtd0 [ 212.284395][ T7202] ubi0: scanning is finished [ 212.691105][ T7202] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 212.727442][ T7202] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 212.749922][ T7202] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 212.767888][ T7202] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 212.794336][ T7202] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 213.038989][ T7202] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 213.136436][ T7202] ubi0: max/mean erase counter: 2/1, WL threshold: 4096, image sequence number: 3366618659 [ 213.252716][ T7202] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 213.367262][ T7214] ubi0: background thread "ubi_bgt0d" started, PID 7214 [ 213.379604][ T7207] ubi0: detaching mtd0 [ 213.437663][ T7207] ubi0: mtd0 is detached [ 220.570898][ T7273] FAULT_INJECTION: forcing a failure. [ 220.570898][ T7273] name failslab, interval 1, probability 0, space 0, times 0 [ 220.673341][ T7273] CPU: 1 UID: 0 PID: 7273 Comm: syz.3.321 Not tainted syzkaller #0 PREEMPT(full) [ 220.673368][ T7273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 220.673379][ T7273] Call Trace: [ 220.673386][ T7273] [ 220.673393][ T7273] dump_stack_lvl+0x100/0x190 [ 220.673418][ T7273] should_fail_ex.cold+0x5/0xa [ 220.673442][ T7273] should_failslab+0xc2/0x120 [ 220.673463][ T7273] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 220.673491][ T7273] ? __pmd_alloc+0xbf/0x950 [ 220.673527][ T7273] __pmd_alloc+0xbf/0x950 [ 220.673547][ T7273] ? __pud_alloc+0x4fb/0x690 [ 220.673570][ T7273] __handle_mm_fault+0xa9c/0x2a00 [ 220.673600][ T7273] ? mt_find+0x45e/0x8e0 [ 220.673626][ T7273] ? __pfx___handle_mm_fault+0x10/0x10 [ 220.673652][ T7273] ? __pfx_mt_find+0x10/0x10 [ 220.673694][ T7273] handle_mm_fault+0x36d/0xa20 [ 220.673741][ T7273] __get_user_pages+0x1178/0x32a0 [ 220.673775][ T7273] ? __pfx___get_user_pages+0x10/0x10 [ 220.673803][ T7273] get_user_pages_remote+0x3d2/0xb10 [ 220.673830][ T7273] ? __pfx_get_user_pages_remote+0x10/0x10 [ 220.673853][ T7273] ? __pfx_create_init_stack_vma+0x10/0x10 [ 220.673877][ T7273] get_arg_page+0xf4/0x310 [ 220.673895][ T7273] ? __pfx_get_arg_page+0x10/0x10 [ 220.673913][ T7273] ? alloc_bprm+0x3da/0x710 [ 220.673930][ T7273] ? alloc_bprm+0x3da/0x710 [ 220.673949][ T7273] copy_string_kernel+0x17d/0x3f0 [ 220.673968][ T7273] ? alloc_bprm+0x420/0x710 [ 220.673987][ T7273] do_execveat_common.isra.0+0x2e6/0x580 [ 220.674012][ T7273] __x64_sys_execveat+0xdf/0x130 [ 220.674033][ T7273] do_syscall_64+0x10b/0xf80 [ 220.674055][ T7273] ? clear_bhb_loop+0x40/0x90 [ 220.674076][ T7273] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.674094][ T7273] RIP: 0033:0x7fd086d9cdd9 [ 220.674110][ T7273] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 220.674127][ T7273] RSP: 002b:00007fd087bc3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 220.674144][ T7273] RAX: ffffffffffffffda RBX: 00007fd087015fa0 RCX: 00007fd086d9cdd9 [ 220.674156][ T7273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 220.674165][ T7273] RBP: 00007fd086e32d69 R08: 0000000000001000 R09: 0000000000000000 [ 220.674176][ T7273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 220.674185][ T7273] R13: 00007fd087016038 R14: 00007fd087015fa0 R15: 00007ffcf394dae8 [ 220.674207][ T7273] [ 223.510443][ T30] audit: type=1800 audit(1778021191.221:6): pid=7287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.325" name="dummy_udc" dev="gadgetfs" ino=7594 res=0 errno=0 [ 224.591176][ T5630] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 224.591224][ T5630] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 224.609283][ T5630] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 224.609346][ T5630] Bluetooth: hci0: Unknown advertising packet type: 0x57 [ 224.617398][ T5630] Bluetooth: hci0: Unknown advertising packet type: 0x19 [ 224.624563][ T5630] Bluetooth: hci0: Unknown advertising packet type: 0x31 [ 224.631672][ T5630] Bluetooth: hci0: Malformed LE Event: 0x0d [ 229.492768][ T30] audit: type=1800 audit(1778021197.198:7): pid=7346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.337" name="dummy_udc" dev="gadgetfs" ino=7594 res=0 errno=0 [ 230.896384][ T7366] netlink: 8 bytes leftover after parsing attributes in process `syz.3.340'. [ 235.299710][ T7412] FAULT_INJECTION: forcing a failure. [ 235.299710][ T7412] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 235.374235][ T7412] CPU: 0 UID: 0 PID: 7412 Comm: syz.1.349 Not tainted syzkaller #0 PREEMPT(full) [ 235.374277][ T7412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 235.374295][ T7412] Call Trace: [ 235.374306][ T7412] [ 235.374318][ T7412] dump_stack_lvl+0x100/0x190 [ 235.374360][ T7412] should_fail_ex.cold+0x5/0xa [ 235.374393][ T7412] ? prepare_alloc_pages+0x16d/0x5f0 [ 235.374437][ T7412] should_fail_alloc_page+0xeb/0x140 [ 235.374484][ T7412] prepare_alloc_pages+0x1f0/0x5f0 [ 235.374523][ T7412] ? rcu_is_watching+0x12/0xc0 [ 235.374566][ T7412] __alloc_frozen_pages_noprof+0x19a/0x2bc0 [ 235.374616][ T7412] ? __alloc_frozen_pages_noprof+0x2b1/0x2bc0 [ 235.374667][ T7412] ? arch_stack_walk+0xa6/0xf0 [ 235.374720][ T7412] ? mas_next_node+0x29c/0x1020 [ 235.374759][ T7412] ? stack_trace_save+0x8e/0xc0 [ 235.374802][ T7412] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 235.374851][ T7412] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 235.374908][ T7412] ? mt_validate_nulls+0x1b3/0xa10 [ 235.374948][ T7412] ? look_up_lock_class+0x64/0x120 [ 235.374994][ T7412] ? __lock_acquire+0x4a5/0x2630 [ 235.375022][ T7412] ? css_rstat_updated+0x1ce/0x5a0 [ 235.375076][ T7412] ? __lock_acquire+0x4a5/0x2630 [ 235.375104][ T7412] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 235.375158][ T7412] ? policy_nodemask+0xed/0x4f0 [ 235.375196][ T7412] alloc_pages_mpol+0x1fb/0x540 [ 235.375234][ T7412] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 235.375270][ T7412] ? find_held_lock+0x2b/0x80 [ 235.375309][ T7412] ? __pud_alloc+0x4f6/0x690 [ 235.375346][ T7412] ? __pud_alloc+0x4f6/0x690 [ 235.375389][ T7412] alloc_pages_noprof+0x1a/0x160 [ 235.375432][ T7412] __pmd_alloc+0x3b/0x950 [ 235.375476][ T7412] ? __pud_alloc+0x4fb/0x690 [ 235.375517][ T7412] __handle_mm_fault+0xa9c/0x2a00 [ 235.375570][ T7412] ? mt_find+0x45e/0x8e0 [ 235.375614][ T7412] ? __pfx___handle_mm_fault+0x10/0x10 [ 235.375658][ T7412] ? __pfx_mt_find+0x10/0x10 [ 235.375736][ T7412] handle_mm_fault+0x36d/0xa20 [ 235.375790][ T7412] __get_user_pages+0x1178/0x32a0 [ 235.375845][ T7412] ? __pfx___get_user_pages+0x10/0x10 [ 235.375895][ T7412] get_user_pages_remote+0x3d2/0xb10 [ 235.375943][ T7412] ? __pfx_get_user_pages_remote+0x10/0x10 [ 235.375984][ T7412] ? __pfx_create_init_stack_vma+0x10/0x10 [ 235.376027][ T7412] get_arg_page+0xf4/0x310 [ 235.376059][ T7412] ? __pfx_get_arg_page+0x10/0x10 [ 235.376094][ T7412] ? alloc_bprm+0x3da/0x710 [ 235.376123][ T7412] ? alloc_bprm+0x3da/0x710 [ 235.376159][ T7412] copy_string_kernel+0x17d/0x3f0 [ 235.376192][ T7412] ? alloc_bprm+0x420/0x710 [ 235.376226][ T7412] do_execveat_common.isra.0+0x2e6/0x580 [ 235.376269][ T7412] __x64_sys_execveat+0xdf/0x130 [ 235.376307][ T7412] do_syscall_64+0x10b/0xf80 [ 235.376345][ T7412] ? clear_bhb_loop+0x40/0x90 [ 235.376383][ T7412] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.376415][ T7412] RIP: 0033:0x7fa374d9cdd9 [ 235.376450][ T7412] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.376478][ T7412] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000142 [ 235.376508][ T7412] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 235.376528][ T7412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000009 [ 235.376546][ T7412] RBP: 00007fa374e32d69 R08: 0000000000001000 R09: 0000000000000000 [ 235.376564][ T7412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.376581][ T7412] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 235.376622][ T7412] [ 235.892579][ T7415] netlink: 'syz.2.351': attribute type 3 has an invalid length. [ 237.474478][ T7430] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 237.481601][ T7430] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 237.490828][ T7430] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 237.497216][ T7430] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 238.016006][ T7442] FAULT_INJECTION: forcing a failure. [ 238.016006][ T7442] name failslab, interval 1, probability 0, space 0, times 0 [ 238.047993][ T7442] CPU: 1 UID: 0 PID: 7442 Comm: syz.1.356 Not tainted syzkaller #0 PREEMPT(full) [ 238.048038][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 238.048055][ T7442] Call Trace: [ 238.048065][ T7442] [ 238.048077][ T7442] dump_stack_lvl+0x100/0x190 [ 238.048118][ T7442] should_fail_ex.cold+0x5/0xa [ 238.048144][ T7442] should_failslab+0xc2/0x120 [ 238.048166][ T7442] __kmalloc_cache_noprof+0x7a/0x6f0 [ 238.048193][ T7442] ? snd_seq_port_connect+0x61/0x550 [ 238.048217][ T7442] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 238.048237][ T7442] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 238.048261][ T7442] snd_seq_port_connect+0x61/0x550 [ 238.048283][ T7442] ? _raw_read_unlock+0x28/0x50 [ 238.048304][ T7442] ? check_subscription_permission.isra.0+0x146/0x240 [ 238.048336][ T7442] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 238.048363][ T7442] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 238.048398][ T7442] call_seq_client_ctl+0xa3/0x130 [ 238.048421][ T7442] snd_seq_kernel_client_ctl+0x77/0xd0 [ 238.048452][ T7442] snd_seq_oss_midi_open+0x596/0x690 [ 238.048482][ T7442] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 238.048524][ T7442] snd_seq_oss_synth_setup_midi+0x131/0x590 [ 238.048563][ T7442] snd_seq_oss_open+0x82e/0xa10 [ 238.048608][ T7442] odev_open+0x6f/0x90 [ 238.048628][ T7442] ? __pfx_odev_open+0x10/0x10 [ 238.048649][ T7442] soundcore_open+0x2e3/0x5a0 [ 238.048673][ T7442] ? __pfx_soundcore_open+0x10/0x10 [ 238.048696][ T7442] chrdev_open+0x234/0x6a0 [ 238.048718][ T7442] ? __pfx_apparmor_file_open+0x10/0x10 [ 238.048747][ T7442] ? __pfx_chrdev_open+0x10/0x10 [ 238.048770][ T7442] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 238.048798][ T7442] do_dentry_open+0x6d8/0x1660 [ 238.048819][ T7442] ? __pfx_chrdev_open+0x10/0x10 [ 238.048847][ T7442] vfs_open+0x82/0x3f0 [ 238.048876][ T7442] path_openat+0x208c/0x31a0 [ 238.048906][ T7442] ? __pfx_path_openat+0x10/0x10 [ 238.048937][ T7442] do_file_open+0x20e/0x430 [ 238.048961][ T7442] ? __pfx_do_file_open+0x10/0x10 [ 238.049000][ T7442] ? alloc_fd+0x476/0x790 [ 238.049024][ T7442] ? do_getname+0x191/0x390 [ 238.049051][ T7442] do_sys_openat2+0x10d/0x1e0 [ 238.049078][ T7442] ? __pfx_do_sys_openat2+0x10/0x10 [ 238.049114][ T7442] __x64_sys_openat+0x12d/0x210 [ 238.049141][ T7442] ? __pfx___x64_sys_openat+0x10/0x10 [ 238.049173][ T7442] ? rcu_is_watching+0x12/0xc0 [ 238.049201][ T7442] do_syscall_64+0x10b/0xf80 [ 238.049223][ T7442] ? clear_bhb_loop+0x40/0x90 [ 238.049244][ T7442] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.049263][ T7442] RIP: 0033:0x7fa374d9cdd9 [ 238.049279][ T7442] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 238.049297][ T7442] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 238.049314][ T7442] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 238.049325][ T7442] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 238.049336][ T7442] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 238.049346][ T7442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.049355][ T7442] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 238.049378][ T7442] [ 239.214311][ T5630] Bluetooth: hci0: command 0x0c1a tx timeout [ 239.537471][ T5630] Bluetooth: hci3: command 0x0c1a tx timeout [ 239.538087][ T5634] Bluetooth: hci2: command 0x0c1a tx timeout [ 239.543585][ T5630] Bluetooth: hci1: command 0x0c1a tx timeout [ 242.278325][ T7495] FAULT_INJECTION: forcing a failure. [ 242.278325][ T7495] name failslab, interval 1, probability 0, space 0, times 0 [ 242.336231][ T7495] CPU: 0 UID: 0 PID: 7495 Comm: syz.1.366 Not tainted syzkaller #0 PREEMPT(full) [ 242.336275][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 242.336293][ T7495] Call Trace: [ 242.336303][ T7495] [ 242.336315][ T7495] dump_stack_lvl+0x100/0x190 [ 242.336356][ T7495] should_fail_ex.cold+0x5/0xa [ 242.336394][ T7495] ? snd_seq_oss_readq_new+0x9b/0x290 [ 242.336424][ T7495] should_failslab+0xc2/0x120 [ 242.336459][ T7495] __kmalloc_noprof+0xe0/0x850 [ 242.336518][ T7495] snd_seq_oss_readq_new+0x9b/0x290 [ 242.336552][ T7495] snd_seq_oss_open+0x476/0xa10 [ 242.336601][ T7495] odev_open+0x6f/0x90 [ 242.336637][ T7495] ? __pfx_odev_open+0x10/0x10 [ 242.336673][ T7495] soundcore_open+0x2e3/0x5a0 [ 242.336721][ T7495] ? __pfx_soundcore_open+0x10/0x10 [ 242.336760][ T7495] chrdev_open+0x234/0x6a0 [ 242.336797][ T7495] ? __pfx_apparmor_file_open+0x10/0x10 [ 242.336855][ T7495] ? __pfx_chrdev_open+0x10/0x10 [ 242.336893][ T7495] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 242.336934][ T7495] do_dentry_open+0x6d8/0x1660 [ 242.336963][ T7495] ? __pfx_chrdev_open+0x10/0x10 [ 242.336999][ T7495] vfs_open+0x82/0x3f0 [ 242.337036][ T7495] path_openat+0x208c/0x31a0 [ 242.337077][ T7495] ? __pfx_path_openat+0x10/0x10 [ 242.337125][ T7495] do_file_open+0x20e/0x430 [ 242.337157][ T7495] ? __pfx_do_file_open+0x10/0x10 [ 242.337208][ T7495] ? alloc_fd+0x476/0x790 [ 242.337240][ T7495] ? do_getname+0x191/0x390 [ 242.337280][ T7495] do_sys_openat2+0x10d/0x1e0 [ 242.337316][ T7495] ? __pfx_do_sys_openat2+0x10/0x10 [ 242.337364][ T7495] __x64_sys_openat+0x12d/0x210 [ 242.337400][ T7495] ? __pfx___x64_sys_openat+0x10/0x10 [ 242.337442][ T7495] ? rcu_is_watching+0x12/0xc0 [ 242.337474][ T7495] do_syscall_64+0x10b/0xf80 [ 242.337504][ T7495] ? clear_bhb_loop+0x40/0x90 [ 242.337532][ T7495] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.337555][ T7495] RIP: 0033:0x7fa374d9cdd9 [ 242.337576][ T7495] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.337598][ T7495] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 242.337621][ T7495] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 242.337636][ T7495] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 242.337649][ T7495] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 242.337663][ T7495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.337676][ T7495] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 242.337710][ T7495] [ 243.195657][ T7507] netlink: 8 bytes leftover after parsing attributes in process `syz.0.367'. [ 244.034047][ T7514] binder: 7513:7514 ioctl c00c620f 0 returned -22 [ 251.632057][ T7616] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 256.115233][ T1315] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.121590][ T1315] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.922232][ T5630] Bluetooth: hci3: unexpected event 0x03 length: 123 > 11 [ 262.830492][ T7734] binder: 7725:7734 ioctl c00c620f 200000000080 returned -22 [ 264.511358][ T7744] kexec: Could not allocate control_code_buffer [ 264.654453][ T7757] blktrace: Concurrent blktraces are not allowed on sda1 [ 266.821880][ T7785] binder: 7782:7785 ioctl c00c620f 0 returned -22 [ 267.553794][ T5630] Bluetooth: hci0: unexpected event 0x31 length: 19 > 6 [ 268.646283][ T7819] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1317: comm sh: iget: checksum invalid [ 268.816641][ T7828] EXT4-fs error (device sda1): ext4_lookup:1785: inode #1317: comm sh: iget: checksum invalid [ 271.360735][ T7855] netlink: 8 bytes leftover after parsing attributes in process `syz.2.429'. [ 271.502320][ T7859] FAULT_INJECTION: forcing a failure. [ 271.502320][ T7859] name failslab, interval 1, probability 0, space 0, times 0 [ 271.515258][ T7859] CPU: 1 UID: 0 PID: 7859 Comm: syz.0.428 Not tainted syzkaller #0 PREEMPT(full) [ 271.515298][ T7859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 271.515315][ T7859] Call Trace: [ 271.515326][ T7859] [ 271.515338][ T7859] dump_stack_lvl+0x100/0x190 [ 271.515391][ T7859] should_fail_ex.cold+0x5/0xa [ 271.515431][ T7859] ? tomoyo_encode2+0xfb/0x3c0 [ 271.515468][ T7859] should_failslab+0xc2/0x120 [ 271.515504][ T7859] __kmalloc_noprof+0xe0/0x850 [ 271.515555][ T7859] ? rcu_is_watching+0x12/0xc0 [ 271.515609][ T7859] tomoyo_encode2+0xfb/0x3c0 [ 271.515646][ T7859] ? rcu_preempt_deferred_qs_irqrestore+0x4fd/0xb90 [ 271.515703][ T7859] tomoyo_encode+0x29/0x50 [ 271.515739][ T7859] tomoyo_mount_acl+0x14c/0x8b0 [ 271.515780][ T7859] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 271.515830][ T7859] ? __pfx_tomoyo_mount_acl+0x10/0x10 [ 271.515863][ T7859] ? kernel_text_address+0x8d/0x100 [ 271.515895][ T7859] ? make_vfsuid+0xec/0x140 [ 271.515925][ T7859] ? unwind_get_return_address+0x59/0xa0 [ 271.516007][ T7859] ? tomoyo_domain+0xb2/0x150 [ 271.516049][ T7859] ? tomoyo_profile+0x47/0x60 [ 271.516096][ T7859] tomoyo_mount_permission+0x214/0x460 [ 271.516128][ T7859] ? tomoyo_mount_permission+0x1f6/0x460 [ 271.516167][ T7859] ? __pfx_tomoyo_mount_permission+0x10/0x10 [ 271.516228][ T7859] security_sb_mount+0xdd/0x270 [ 271.516280][ T7859] path_mount+0x158/0x23d0 [ 271.516329][ T7859] ? __pfx_path_mount+0x10/0x10 [ 271.516378][ T7859] ? lockdep_hardirqs_on+0x78/0x100 [ 271.516423][ T7859] ? putname+0xb1/0x110 [ 271.516461][ T7859] ? kmem_cache_free+0x127/0x6c0 [ 271.516523][ T7859] ? __x64_sys_mount+0x293/0x310 [ 271.516570][ T7859] __x64_sys_mount+0x293/0x310 [ 271.516615][ T7859] ? __pfx___x64_sys_mount+0x10/0x10 [ 271.516664][ T7859] ? rcu_is_watching+0x12/0xc0 [ 271.516708][ T7859] do_syscall_64+0x10b/0xf80 [ 271.516746][ T7859] ? clear_bhb_loop+0x40/0x90 [ 271.516785][ T7859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 271.516816][ T7859] RIP: 0033:0x7f6345b9cdd9 [ 271.516842][ T7859] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 271.516870][ T7859] RSP: 002b:00007f6343991028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 271.516900][ T7859] RAX: ffffffffffffffda RBX: 00007f6345e16270 RCX: 00007f6345b9cdd9 [ 271.516919][ T7859] RDX: 0000200000000100 RSI: 00002000000000c0 RDI: 0000000000000000 [ 271.516938][ T7859] RBP: 00007f6345c32d69 R08: 0000000000000000 R09: 0000000000000000 [ 271.516955][ T7859] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000000 [ 271.516972][ T7859] R13: 00007f6345e16308 R14: 00007f6345e16270 R15: 00007fffd3003af8 [ 271.517013][ T7859] [ 272.967813][ T7868] binder: 7867:7868 ioctl c00c620f 0 returned -22 [ 273.880774][ T7883] FAULT_INJECTION: forcing a failure. [ 273.880774][ T7883] name failslab, interval 1, probability 0, space 0, times 0 [ 273.901498][ T7883] CPU: 0 UID: 0 PID: 7883 Comm: syz.1.436 Not tainted syzkaller #0 PREEMPT(full) [ 273.901539][ T7883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 273.901555][ T7883] Call Trace: [ 273.901565][ T7883] [ 273.901576][ T7883] dump_stack_lvl+0x100/0x190 [ 273.901615][ T7883] should_fail_ex.cold+0x5/0xa [ 273.901652][ T7883] should_failslab+0xc2/0x120 [ 273.901685][ T7883] __kmalloc_cache_noprof+0x7a/0x6f0 [ 273.901725][ T7883] ? snd_seq_port_connect+0x61/0x550 [ 273.901758][ T7883] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 273.901791][ T7883] ? snd_seq_port_use_ptr+0x136/0x1a0 [ 273.901831][ T7883] snd_seq_port_connect+0x61/0x550 [ 273.901865][ T7883] ? _raw_read_unlock+0x28/0x50 [ 273.901898][ T7883] ? check_subscription_permission.isra.0+0x146/0x240 [ 273.901940][ T7883] snd_seq_ioctl_subscribe_port+0x219/0x490 [ 273.901984][ T7883] ? __pfx_snd_seq_ioctl_subscribe_port+0x10/0x10 [ 273.902039][ T7883] call_seq_client_ctl+0xa3/0x130 [ 273.902075][ T7883] snd_seq_kernel_client_ctl+0x77/0xd0 [ 273.902114][ T7883] snd_seq_oss_midi_open+0x596/0x690 [ 273.902162][ T7883] ? __pfx_snd_seq_oss_midi_open+0x10/0x10 [ 273.902232][ T7883] snd_seq_oss_synth_setup_midi+0x131/0x590 [ 273.902296][ T7883] snd_seq_oss_open+0x82e/0xa10 [ 273.902340][ T7883] odev_open+0x6f/0x90 [ 273.902371][ T7883] ? __pfx_odev_open+0x10/0x10 [ 273.902404][ T7883] soundcore_open+0x2e3/0x5a0 [ 273.902445][ T7883] ? __pfx_soundcore_open+0x10/0x10 [ 273.902482][ T7883] chrdev_open+0x234/0x6a0 [ 273.902516][ T7883] ? __pfx_apparmor_file_open+0x10/0x10 [ 273.902558][ T7883] ? __pfx_chrdev_open+0x10/0x10 [ 273.902595][ T7883] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 273.902642][ T7883] do_dentry_open+0x6d8/0x1660 [ 273.902677][ T7883] ? __pfx_chrdev_open+0x10/0x10 [ 273.902722][ T7883] vfs_open+0x82/0x3f0 [ 273.902769][ T7883] path_openat+0x208c/0x31a0 [ 273.902819][ T7883] ? __pfx_path_openat+0x10/0x10 [ 273.902869][ T7883] do_file_open+0x20e/0x430 [ 273.902914][ T7883] ? __pfx_do_file_open+0x10/0x10 [ 273.902978][ T7883] ? alloc_fd+0x476/0x790 [ 273.903016][ T7883] ? do_getname+0x191/0x390 [ 273.903058][ T7883] do_sys_openat2+0x10d/0x1e0 [ 273.903097][ T7883] ? __pfx_do_sys_openat2+0x10/0x10 [ 273.903152][ T7883] __x64_sys_openat+0x12d/0x210 [ 273.903194][ T7883] ? __pfx___x64_sys_openat+0x10/0x10 [ 273.903232][ T7883] ? __hrtimer_rearm_deferred+0x24d/0x740 [ 273.903283][ T7883] ? rcu_is_watching+0x12/0xc0 [ 273.903322][ T7883] do_syscall_64+0x10b/0xf80 [ 273.903356][ T7883] ? clear_bhb_loop+0x40/0x90 [ 273.903392][ T7883] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.903421][ T7883] RIP: 0033:0x7fa374d9cdd9 [ 273.903446][ T7883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 273.903471][ T7883] RSP: 002b:00007fa375b71028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 273.903498][ T7883] RAX: ffffffffffffffda RBX: 00007fa375015fa0 RCX: 00007fa374d9cdd9 [ 273.903517][ T7883] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 273.903535][ T7883] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 273.903553][ T7883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.903569][ T7883] R13: 00007fa375016038 R14: 00007fa375015fa0 R15: 00007ffdf3e95458 [ 273.903611][ T7883] [ 278.063374][ T7937] binder: 7936:7937 ioctl c00c620f 0 returned -22 [ 279.827941][ T7966] zram0: detected capacity change from 0 to 16 [ 281.131037][ T7973] blktrace: Concurrent blktraces are not allowed on sda1 [ 282.309853][ T7993] usb usb16: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 282.863051][ T7996] blktrace: Concurrent blktraces are not allowed on sda1 [ 283.085394][ T8003] ================================================================== [ 283.085415][ T8003] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0x94e/0xc60 [ 283.085457][ T8003] Read of size 26 at addr ffff88802ab58dda by task syz.1.463/8003 [ 283.085481][ T8003] [ 283.085494][ T8003] CPU: 1 UID: 0 PID: 8003 Comm: syz.1.463 Not tainted syzkaller #0 PREEMPT(full) [ 283.085535][ T8003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 283.085554][ T8003] Call Trace: [ 283.085563][ T8003] [ 283.085574][ T8003] dump_stack_lvl+0x100/0x190 [ 283.085606][ T8003] print_report+0x13d/0x4b0 [ 283.085649][ T8003] ? __virt_addr_valid+0x239/0x430 [ 283.085696][ T8003] ? fbcon_prepare_logo+0x94e/0xc60 [ 283.085728][ T8003] kasan_report+0xdf/0x1d0 [ 283.085762][ T8003] ? fbcon_prepare_logo+0x94e/0xc60 [ 283.085797][ T8003] kasan_check_range+0x10f/0x1e0 [ 283.085835][ T8003] __asan_memcpy+0x23/0x60 [ 283.085878][ T8003] fbcon_prepare_logo+0x94e/0xc60 [ 283.085914][ T8003] fbcon_init+0x1065/0x1830 [ 283.085947][ T8003] visual_init+0x320/0x620 [ 283.085981][ T8003] do_bind_con_driver.isra.0+0x636/0x9c0 [ 283.086026][ T8003] store_bind+0x609/0x730 [ 283.086111][ T8003] ? __pfx_store_bind+0x10/0x10 [ 283.086149][ T8003] dev_attr_store+0x58/0x80 [ 283.086183][ T8003] ? __pfx_dev_attr_store+0x10/0x10 [ 283.086222][ T8003] sysfs_kf_write+0xf2/0x150 [ 283.086272][ T8003] kernfs_fop_write_iter+0x3e0/0x5f0 [ 283.086310][ T8003] ? __pfx_sysfs_kf_write+0x10/0x10 [ 283.086355][ T8003] vfs_write+0x6ac/0x1070 [ 283.086388][ T8003] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 283.086430][ T8003] ? __pfx_vfs_write+0x10/0x10 [ 283.086471][ T8003] ksys_write+0x12a/0x250 [ 283.086504][ T8003] ? __pfx_ksys_write+0x10/0x10 [ 283.086539][ T8003] ? rcu_is_watching+0x12/0xc0 [ 283.086575][ T8003] do_syscall_64+0x10b/0xf80 [ 283.086613][ T8003] ? clear_bhb_loop+0x40/0x90 [ 283.086648][ T8003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.086677][ T8003] RIP: 0033:0x7fa374d9cdd9 [ 283.086701][ T8003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.086729][ T8003] RSP: 002b:00007fa372ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 283.086760][ T8003] RAX: ffffffffffffffda RBX: 00007fa375016090 RCX: 00007fa374d9cdd9 [ 283.086781][ T8003] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000007 [ 283.086800][ T8003] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 283.086818][ T8003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.086836][ T8003] R13: 00007fa375016128 R14: 00007fa375016090 R15: 00007ffdf3e95458 [ 283.086865][ T8003] [ 283.086876][ T8003] [ 283.086885][ T8003] Allocated by task 7949: [ 283.086900][ T8003] kasan_save_stack+0x30/0x50 [ 283.086929][ T8003] kasan_save_track+0x14/0x30 [ 283.086955][ T8003] __kasan_kmalloc+0xaa/0xb0 [ 283.086981][ T8003] __kmalloc_noprof+0x301/0x850 [ 283.087027][ T8003] __register_sysctl_table+0xbe4/0x1650 [ 283.087075][ T8003] xfrm6_net_init+0xf0/0x1c0 [ 283.087101][ T8003] ops_init+0x1e2/0x5f0 [ 283.087131][ T8003] setup_net+0x118/0x3a0 [ 283.087161][ T8003] copy_net_ns+0x46f/0x7c0 [ 283.087203][ T8003] create_new_namespaces+0x3ea/0xac0 [ 283.087241][ T8003] unshare_nsproxy_namespaces+0xf2/0x220 [ 283.087277][ T8003] ksys_unshare+0x438/0xab0 [ 283.087318][ T8003] __x64_sys_unshare+0x31/0x40 [ 283.087360][ T8003] do_syscall_64+0x10b/0xf80 [ 283.087395][ T8003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.087424][ T8003] [ 283.087431][ T8003] Freed by task 23: [ 283.087445][ T8003] kasan_save_stack+0x30/0x50 [ 283.087472][ T8003] kasan_save_track+0x14/0x30 [ 283.087499][ T8003] kasan_save_free_info+0x3b/0x70 [ 283.087535][ T8003] __kasan_slab_free+0x5f/0x80 [ 283.087564][ T8003] __rcu_free_sheaf_prepare+0x5d/0x2f0 [ 283.087601][ T8003] rcu_free_sheaf+0x1a/0xe0 [ 283.087626][ T8003] rcu_core+0x5a2/0x10d0 [ 283.087653][ T8003] handle_softirqs+0x1ea/0xa00 [ 283.087684][ T8003] run_ksoftirqd+0x38/0x60 [ 283.087717][ T8003] smpboot_thread_fn+0x3d3/0xaa0 [ 283.087755][ T8003] kthread+0x370/0x450 [ 283.087779][ T8003] ret_from_fork+0x72b/0xd50 [ 283.087811][ T8003] ret_from_fork_asm+0x1a/0x30 [ 283.087848][ T8003] [ 283.087855][ T8003] The buggy address belongs to the object at ffff88802ab58d00 [ 283.087855][ T8003] which belongs to the cache kmalloc-192 of size 192 [ 283.087879][ T8003] The buggy address is located 26 bytes to the right of [ 283.087879][ T8003] allocated 192-byte region [ffff88802ab58d00, ffff88802ab58dc0) [ 283.087909][ T8003] [ 283.087917][ T8003] The buggy address belongs to the physical page: [ 283.087930][ T8003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802ab58c00 pfn:0x2ab58 [ 283.087958][ T8003] flags: 0xfff00000000200(workingset|node=0|zone=1|lastcpupid=0x7ff) [ 283.087983][ T8003] page_type: f5(slab) [ 283.088009][ T8003] raw: 00fff00000000200 ffff88813fe2e3c0 ffffea0000d88850 ffffea000188a310 [ 283.088056][ T8003] raw: ffff88802ab58c00 000000080010000f 00000000f5000000 0000000000000000 [ 283.088073][ T8003] page dumped because: kasan: bad access detected [ 283.088087][ T8003] page_owner tracks the page as allocated [ 283.088097][ T8003] page last allocated via order 0, migratetype Unmovable, gfp_mask 0xd2cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 7422, tgid 7421 (syz.1.352), ts 236440425707, free_ts 236423510397 [ 283.088148][ T8003] post_alloc_hook+0x153/0x170 [ 283.088188][ T8003] get_page_from_freelist+0x11a6/0x33b0 [ 283.088230][ T8003] __alloc_frozen_pages_noprof+0x27c/0x2bc0 [ 283.088275][ T8003] new_slab+0xa6/0x6c0 [ 283.088308][ T8003] refill_objects+0x277/0x420 [ 283.088350][ T8003] __pcs_replace_empty_main+0x375/0x650 [ 283.088394][ T8003] __kmalloc_node_track_caller_noprof+0x694/0x850 [ 283.088422][ T8003] kmemdup_noprof+0x29/0x60 [ 283.088447][ T8003] fib_rules_register+0x30/0x500 [ 283.088480][ T8003] ipmr_net_init+0x164/0x5e0 [ 283.088511][ T8003] ops_init+0x1e2/0x5f0 [ 283.088539][ T8003] setup_net+0x118/0x3a0 [ 283.088565][ T8003] copy_net_ns+0x46f/0x7c0 [ 283.088602][ T8003] create_new_namespaces+0x3ea/0xac0 [ 283.088635][ T8003] unshare_nsproxy_namespaces+0xf2/0x220 [ 283.088666][ T8003] ksys_unshare+0x438/0xab0 [ 283.088704][ T8003] page last free pid 7415 tgid 7414 stack trace: [ 283.088721][ T8003] __free_frozen_pages+0x747/0x1040 [ 283.088757][ T8003] qlist_free_all+0x47/0xf0 [ 283.088799][ T8003] kasan_quarantine_reduce+0x1a0/0x1f0 [ 283.088845][ T8003] __kasan_slab_alloc+0x69/0x90 [ 283.088873][ T8003] kmem_cache_alloc_node_noprof+0x25a/0x6f0 [ 283.088917][ T8003] __alloc_skb+0x140/0x710 [ 283.088941][ T8003] __ip_append_data+0x2bfb/0x4410 [ 283.088976][ T8003] ip_append_data+0x10f/0x1a0 [ 283.089013][ T8003] raw_sendmsg+0xcb6/0x35f0 [ 283.089065][ T8003] inet_sendmsg+0x11c/0x140 [ 283.089105][ T8003] ____sys_sendmsg+0x98d/0xb70 [ 283.089140][ T8003] ___sys_sendmsg+0x190/0x1e0 [ 283.089176][ T8003] __sys_sendmmsg+0x205/0x430 [ 283.089202][ T8003] __x64_sys_sendmmsg+0x9c/0x100 [ 283.089232][ T8003] do_syscall_64+0x10b/0xf80 [ 283.089266][ T8003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.089293][ T8003] [ 283.089301][ T8003] Memory state around the buggy address: [ 283.089315][ T8003] ffff88802ab58c80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 283.089336][ T8003] ffff88802ab58d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 283.089357][ T8003] >ffff88802ab58d80: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 283.089373][ T8003] ^ [ 283.089390][ T8003] ffff88802ab58e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 283.089411][ T8003] ffff88802ab58e80: 00 00 00 04 fc fc fc fc fc fc fc fc fc fc fc fc [ 283.089425][ T8003] ================================================================== [ 283.089669][ T8003] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 283.089694][ T8003] CPU: 1 UID: 0 PID: 8003 Comm: syz.1.463 Not tainted syzkaller #0 PREEMPT(full) [ 283.089730][ T8003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 [ 283.089748][ T8003] Call Trace: [ 283.089758][ T8003] [ 283.089769][ T8003] dump_stack_lvl+0x100/0x190 [ 283.089803][ T8003] vpanic+0x552/0x970 [ 283.089831][ T8003] ? __pfx_vpanic+0x10/0x10 [ 283.089863][ T8003] ? fbcon_prepare_logo+0x94e/0xc60 [ 283.089896][ T8003] panic+0xd1/0xe0 [ 283.089925][ T8003] ? __pfx_panic+0x10/0x10 [ 283.089955][ T8003] ? fbcon_prepare_logo+0x94e/0xc60 [ 283.089987][ T8003] ? preempt_schedule_common+0x42/0xc0 [ 283.090043][ T8003] check_panic_on_warn.cold+0x19/0x34 [ 283.090077][ T8003] end_report.part.0+0x3a/0x90 [ 283.090121][ T8003] kasan_report.cold+0xe/0x18 [ 283.090164][ T8003] ? fbcon_prepare_logo+0x94e/0xc60 [ 283.090198][ T8003] kasan_check_range+0x10f/0x1e0 [ 283.090236][ T8003] __asan_memcpy+0x23/0x60 [ 283.090281][ T8003] fbcon_prepare_logo+0x94e/0xc60 [ 283.090321][ T8003] fbcon_init+0x1065/0x1830 [ 283.090358][ T8003] visual_init+0x320/0x620 [ 283.090395][ T8003] do_bind_con_driver.isra.0+0x636/0x9c0 [ 283.090439][ T8003] store_bind+0x609/0x730 [ 283.090478][ T8003] ? __pfx_store_bind+0x10/0x10 [ 283.090513][ T8003] dev_attr_store+0x58/0x80 [ 283.090545][ T8003] ? __pfx_dev_attr_store+0x10/0x10 [ 283.090580][ T8003] sysfs_kf_write+0xf2/0x150 [ 283.090623][ T8003] kernfs_fop_write_iter+0x3e0/0x5f0 [ 283.090663][ T8003] ? __pfx_sysfs_kf_write+0x10/0x10 [ 283.090711][ T8003] vfs_write+0x6ac/0x1070 [ 283.090743][ T8003] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 283.090787][ T8003] ? __pfx_vfs_write+0x10/0x10 [ 283.090831][ T8003] ksys_write+0x12a/0x250 [ 283.090864][ T8003] ? __pfx_ksys_write+0x10/0x10 [ 283.090898][ T8003] ? rcu_is_watching+0x12/0xc0 [ 283.090936][ T8003] do_syscall_64+0x10b/0xf80 [ 283.090974][ T8003] ? clear_bhb_loop+0x40/0x90 [ 283.091007][ T8003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.091048][ T8003] RIP: 0033:0x7fa374d9cdd9 [ 283.091072][ T8003] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.091101][ T8003] RSP: 002b:00007fa372ff6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 283.091131][ T8003] RAX: ffffffffffffffda RBX: 00007fa375016090 RCX: 00007fa374d9cdd9 [ 283.091151][ T8003] RDX: 000000000008083a RSI: 00002000000000c0 RDI: 0000000000000007 [ 283.091170][ T8003] RBP: 00007fa374e32d69 R08: 0000000000000000 R09: 0000000000000000 [ 283.091189][ T8003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 283.091207][ T8003] R13: 00007fa375016128 R14: 00007fa375016090 R15: 00007ffdf3e95458 [ 283.091236][ T8003] [ 283.091629][ T8003] Kernel Offset: disabled