last executing test programs: 8.499196456s ago: executing program 1 (id=1017): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000180)={{0x0, 0x200001, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x0, 0xdd, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) socket(0x1, 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1d48, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/ram6/queue/max_hw_sectors_kb\x00', 0x80000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x1007}, 0x4) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) 7.684704118s ago: executing program 1 (id=1020): openat$auto_adf_ctl_ops_adf_ctl_drv(0xffffffffffffff9c, &(0x7f0000000080), 0x20140, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x6051) unshare$auto(0x40000080) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_ehash_entries\x00', 0x40100, 0x0) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000001140)='/dev/psaux\x00', 0x42000, 0x0) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x6, 0x7, 0x400b, r0, [], {0x6, 0x6, 0x8c48, 0x29a, 0x9, 0x80, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x3}}) r1 = openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) ioctl$auto_XFS_IOC_FREESP(0xffffffffffffffff, 0x4030580b, &(0x7f0000000100)={0x6a6e, 0x2, 0x0, 0x5f6, 0x1}) read$auto_vhci_fops_hci_vhci(r1, &(0x7f0000000d40)=""/16, 0x10) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x400001, 0x200948d, 0x3, 0x10015f4da0a, 0xe, 0x7, 0x5, 0x8000001f, 0x8, 0x6d3e, 0x200000002, 0x2, 0xffffffffffffffff]}, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) ioctl$auto(0x3, 0x8905, 0x38) madvise$auto(0x0, 0x2003f2, 0x15) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) 7.683628163s ago: executing program 0 (id=1028): socket(0x11, 0x3, 0xe) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0803, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) clone$auto(0x20003b48, 0x2, 0x0, 0x0, 0x5) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0xc, 0x2000000000940, 0x1ffde, 0x7, 0x4, 0x3fe, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x8000000007, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x0, 0xfffffffc, 0x0, 0x1, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x47e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) r0 = socket(0x10, 0x2, 0x0) r1 = socket(0xa, 0x3, 0x3c) write$auto(r1, &(0x7f00000003c0)='+&\x00', 0x273f) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24048040}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='.'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'g\t$K\xcb\x12\xfa\x00\x00\xcfk', 0xb7f) select$auto(0x1, &(0x7f0000000040)={[0xfffffffffffff91e, 0x40, 0x4, 0x80, 0x7, 0x3, 0x80000001, 0x7c, 0x3, 0xfffffffffffffffc, 0x5, 0xb, 0x4, 0x7, 0x0, 0x6]}, &(0x7f00000000c0)={[0x3, 0x4, 0x0, 0x1, 0x39, 0x6, 0x7f, 0x3, 0x2, 0xc6d, 0x8, 0xffffffff, 0x1, 0x0, 0x7491, 0x40]}, 0x0, &(0x7f00000001c0)={0x9, 0x1}) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5) fsopen$auto(0x0, 0x1) 7.575798761s ago: executing program 3 (id=1021): openat$auto_dma_heap_fops_dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyeb\x00', 0xa0102, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/erspan0/queues/tx-0/xps_cpus\x00', 0x8382, 0x0) unshare$auto(0x40000080) r0 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/mouse0\x00', 0x42000, 0x0) ioctl$auto_PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x0, 0xe8, 0x0, 0x2, 0xe4, 0x2}) mmap$auto(0x0, 0x40009, 0xa, 0x9b72, 0x2, 0x28000) socket(0x1d, 0x3, 0x1) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7ffffffc, 0x8, 0x3000, 0x3, 0x7, 0x400b, r0, [], {0x6, 0x3, 0x8c48, 0x29a, 0x9, 0x81, 0x104, 0x6, 0x4}, {0x100, 0x1, 0x101, 0x85, 0x2, 0x24, 0xfe000000, 0x8, 0x8}}) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000d00), 0x0, 0x0) openat$auto_event_inject_fops_trace(0xffffffffffffff9c, 0x0, 0x40482, 0x0) r1 = openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000400)='/sys/kernel/debug/usb/usbmon/0u\x00', 0x22202, 0x0) pread64$auto(r1, 0x0, 0x0, 0x9) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) ioctl$auto_IOCTL_VMCI_QUEUEPAIR_SETVA(0xffffffffffffffff, 0x7a4, 0x0) read$auto_mon_fops_text_t_mon_text(r1, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000580)={[0x1ff, 0x8000, 0xd, 0x1, 0x200948d, 0x3, 0x10015f4da0a, 0xd, 0x7, 0x6, 0x8000001f, 0x8, 0x6d3e, 0xc, 0x2, 0x2]}, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) 7.124848595s ago: executing program 0 (id=1022): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x1, 0x20009, 0xdf, 0xebf, 0x40000000000a5, 0x8000) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) close_range$auto(0x2, 0xa, 0x0) socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_ILA_CMD_GET(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="020000", @ANYBLOB="29f7"], 0x14}}, 0x24004814) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 5.790139055s ago: executing program 0 (id=1024): mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) ioctl$auto(0xffffffffffffffff, 0x900064b7, 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'}) pipe$auto(0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x84) r2 = socket(0x18, 0x5, 0x1) connect$auto(r2, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 5.514910855s ago: executing program 0 (id=1025): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xfffffffffffffffb) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) socket(0x2, 0x1, 0x106) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) mmap$auto(0x0, 0x9, 0xfc, 0x1000000eb1, 0x401, 0x8000) mmap$auto(0x0, 0x8, 0x3, 0x9b72, 0x2, 0x8000) io_uring_register$auto(0xffffffffffffffff, 0xa, 0x0, 0x3) symlink$auto(0x0, 0x0) read$auto(0xffffffffffffffff, 0x0, 0x80) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket(0x18, 0x5, 0x1) 4.892976649s ago: executing program 3 (id=1026): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0) unshare$auto(0x40000080) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x2, 0x0) read$auto(0x3, 0x0, 0x80) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) read$auto(0x3, 0x0, 0x7fffffff) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000003c00), 0x40402, 0x0) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/options/raw\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) 4.870165595s ago: executing program 0 (id=1027): pread64$auto(0xffffffffffffffff, 0x0, 0x7, 0x0) setsockopt$auto(0xffffffffffffffff, 0xc, 0xc56e, 0x0, 0x5) unshare$auto(0x40000080) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) prctl$auto(0x8, 0x674, 0x0, 0x6, 0x8) socket(0x10, 0x2, 0x0) r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/015/001\x00', 0x18bd01, 0x0) ioctl$auto_USBDEVFS_BULK(r0, 0xc0185502, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) sendto$auto(0x3, 0x0, 0x2000f, 0x101, &(0x7f0000000000)=@in={0x2, 0x4e22, @rand_addr=0x64010100}, 0x1c) listen$auto(0x3, 0x81) accept$auto(0x3, 0x0, 0x0) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 4.2682852s ago: executing program 3 (id=1030): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0x200001, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x0, 0xdd, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) socket(0x1, 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1d48, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x1007}, 0x4) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) 3.72576833s ago: executing program 2 (id=1031): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fanotify_init$auto(0x5, 0x0) io_uring_setup$auto(0xf00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0xa, 0x801, 0x84) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_STOP_OLD(0xffffffffffffffff, 0x5421, &(0x7f0000000200)="cd5ff6e06adac35ef682a181b07fa6613c089295e1d3745009368fcdd09f858c2a7c963a6ecdbd5b39a0797188b5c8e0dcedefcc1417b080") write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x0, 0x3, 0x5, 0x10001, 0x400000000003, 0x5, 0xffffffffffffffff, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0x200, 0xd7e, 0x1, 0x948b, 0x3, 0x95b45a07, 0x8000000000000003, 0xe05, 0x8000000000008001, 0x80000001, 0x7, 0x6d3f, 0x9, 0x800, 0x4]}, 0x0) ioctl$auto_VHOST_SET_VRING_CALL2(r2, 0x4008af21, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x40) write$auto(0xffffffffffffffff, 0x0, 0x847a) 3.72501168s ago: executing program 3 (id=1032): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$auto_MACSEC_CMD_DEL_RXSC(0xffffffffffffffff, 0x0, 0x40) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) setgroups$auto(0xe32, 0x0) write$auto(0x3, 0x0, 0xffd8) 3.63269312s ago: executing program 0 (id=1033): bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0xe, 0x4, 0x4, 0x10001, 0x8, 0xc, 0xffffffffffffffff, 0x9, 0x7ff}, 0xee) close_range$auto(0x2, 0x8, 0x0) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x5, 0xfffffffd) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) fcntl$auto_F_NOTIFY(0xffffffffffffffff, 0x402, 0x9000) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mremap$auto(0xfffffffffffffe01, 0x40000000100005, 0x843, 0x3, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) madvise$auto(0x0, 0x2003f2, 0x15) syz_genetlink_get_family_id$auto_ethtool(0x0, r1) setsockopt$auto(0xffffffffffffffff, 0x100, 0x5, 0x0, 0x8001) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r2, r2, 0x0, 0x3) 3.244740261s ago: executing program 1 (id=1034): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r0, 0x40046109, &(0x7f0000000000)=0xf2) r1 = getpid() process_vm_readv$auto(r1, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={0x0, 0xffffffff}, 0x6, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/dummy0/ifalias\x00', 0x8041, 0x0) write$auto(r2, &(0x7f0000000500)='%[\x05\x00`T\n&\xc1\x1e\xae\xb8\xd7\x95\x17\xa3\x7f\xa31T\x9fQG0\xe8\xd1\xd7m\xafF\x04\"h\xe6\x10\f)\x7f\x83\xcc\xb4\xa4:R\f\xe7\xe6\xb1I\x03\x9a\xca\x8f\x8c\xbb\xe1*\x9d\x11\x9a\x04F9\"\xe3\xc2\x0f\xc5\xcf\x0f\xb1,w\xfe\x06h\xff\x03\xfd\xffE\x8b}\xa2\xb9g\xa3\xbe|l3\xda\x9bzl\x8c\x8b\xce\x12*=`\x11\xef2\xf3 \xec\xbe:h\x9e\xc8\xf1\x15\xfa\x90\x9d\xeec\xbf\xf9\xf2\xcc\xf5\xa3F\xc2', 0x7) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x4923c1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80500, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) pwritev2$auto(r3, 0x0, 0x800, 0x6, 0x9db, 0x80000000) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) read$auto(r3, 0x0, 0x56cfca1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) 2.483447207s ago: executing program 2 (id=1035): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) 2.420272382s ago: executing program 2 (id=1036): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000000280)=""/175, 0xaf) 2.250055204s ago: executing program 2 (id=1037): socket(0x2, 0x801, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6d) listen$auto(0x3, 0x81) r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x400c004) mmap$auto(0x0, 0x2020209, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x2b, 0x1, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/printk_devkmsg\x00', 0x202, 0x0) sendfile$auto(r2, r2, 0x0, 0x7fffe000) sendmmsg$auto(r1, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x4, 0x0, 0x2, 0x4}, 0x8}, 0x5, 0x20000000) process_madvise$auto_MADV_DOFORK(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000180), 0xffffffffffffffff}, 0x917, 0xb, 0xfff) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/kernel/mm/ksm/pages_volatile\x00', 0x800, 0x0) setsockopt$auto(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000180)='\x01\x00\x00\x00', 0x2) process_vm_readv$auto(0x0, 0x0, 0x800000001, 0x0, 0x6, 0x0) socket(0x11, 0x3, 0x2) lsetxattr$auto(0x0, 0x0, 0x0, 0x80000000, 0x7f000) ioctl$auto_SCSI_IOCTL_SEND_COMMAND2(0xffffffffffffffff, 0x1, &(0x7f00000002c0)) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000100)=""/16, 0x10) close_range$auto(0x2, 0x8, 0x0) 2.05975651s ago: executing program 3 (id=1038): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x30d980, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000240)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7fffffff, 0x10) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mlock$auto(0x7c88, 0x7fff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) getcpu$auto(&(0x7f00000000c0)=0xa51e, &(0x7f0000000140)=0x4800000, &(0x7f0000000180)={[0x5035, 0x2, 0x1, 0x4, 0x9, 0x8001, 0x9, 0x6, 0x9, 0x6, 0x0, 0x1, 0x2, 0x7, 0x4, 0xffffffff]}) socket(0x2b, 0x1, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) 1.988144887s ago: executing program 2 (id=1039): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0xa, 0x3, 0x5) sendmmsg$auto(r0, &(0x7f0000000180)={{&(0x7f0000000040), 0x200001, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x8000005}, 0x3b8b, 0xa) ioctl$auto(0x3, 0x80000541b, 0x38) mmap$auto(0x0, 0x0, 0xdd, 0xeb2, 0x401, 0x8000) mmap$auto(0x0, 0x2, 0xdf, 0xeb1, 0x69a5, 0xa800000000000000) socket(0x1, 0x2, 0x0) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) io_uring_setup$auto(0x1d48, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80000, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x1007}, 0x4) unshare$auto(0x40000080) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) write$auto(r1, 0x0, 0x7) close_range$auto(0x2, 0x8, 0x0) 1.722731306s ago: executing program 1 (id=1040): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/lockd/parameters/nlm_tcpport\x00', 0xc2481, 0x0) unshare$auto(0x40000080) r0 = socket(0xa, 0x5, 0x0) mmap$auto(0x4, 0xa020009, 0x3, 0xeb1, r0, 0x7ffe) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/system/machinecheck/machinecheck0/cmci_disabled\x00', 0x2062, 0x0) sendfile$auto(r2, 0xffffffffffffffff, 0x0, 0x800) write$auto(r1, &(0x7f0000000640)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\xff\x7f\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc:\xfa\x01\xd1\xa3\xb5\xc2B\xa5\xac:woR^a\xb9}\xe7\xbd\xe1\xf77.\xa3\xd8\xc2T\x95\x13\x91\xb6p\xf3\xb2w\xe6\xd7\x94DW\x97\x90a\xe6c\xfb\x88x\xd5L\xa9\xe4\x82\x04\xb1\x8b\r\xcaP\\\x1aVP\xc9\xa4`\xfd\v\x94\f\xc1\x0fQ\xc9\xdcL\x03\x9c\xbfk\xa6\xb1\xb0\xa1\xeeJ\xd8\xef\xc8t\x9d\x1e=J\x91W\xc6AuJ\xb9Q\xed\xd1\a\x05\x9d\x85\xb7b#r\xcd\xaf\xb7\x9f\xf7\xd2\xae\x0f\x98\xa9&\xb6~\xd4\xbd\xbbr\xb9\xc3\xacH!\xc1\x90K2\x05K@\xee\xac\xe8\xc7\t\xab\xbf\xa3\xedb\xd7\xb5\xd7\x83&\x95\xb2?\x0e\x85\xaaIGu\xd6$\xeb\xb6\xdd\a\x121\a\xac\x1bx#\x87\xa9\x10\x9b\xf8YD\x04ZL\xca\x99]\x8f[\x90[\xa8\xbf\x98\xa6\xe50(zC\xe84*w\x13\x96\xd5\xd0\x877\x12\xbc\xa1\xd0h@|\xf9\xfa\x9b\x17\x94\xb9\xe7\xf3\x15\x05\x91\xe8\x98p\x7f:\xd7s\xd9wo\x82\xda\xec\x91\xb7\xd9;H\x8a\b\x00\x00\x00\x00\x00\x00\x00\x8aZ\x94\x14$X7\xaeW6=^I\x9fQ\r5c\x81\xca]\x97m\x89o\x8f\xd8}P>I\xd0\xb3\x88C\xd7', 0x100000a3d9) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) poll$auto(&(0x7f0000000180)={0xffffffffffffffff, 0xfff7, 0x9816}, 0x7f, 0x9) migrate_pages$auto(0x0, 0xa, &(0x7f00000000c0)=0x52a6, &(0x7f0000000140)=0x2) ioctl$auto_VHOST_SET_LOG_FD2(0xffffffffffffffff, 0x4004af07, &(0x7f00000003c0)) unshare$auto(0x2) r3 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/net/mcfilter6\x00', 0x103440, 0x0) pread64$auto(r3, &(0x7f0000000000)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94P\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xba*G\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90~Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1\x00'/232, 0x3ef, 0x9) 214.705847ms ago: executing program 2 (id=1041): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setregid$auto(0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0xa, 0x801, 0x84) ioctl$auto_VHOST_GET_BACKEND_FEATURES(0xffffffffffffffff, 0x8008af26, &(0x7f00000000c0)=0x5) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r1 = socket(0x1d, 0x2, 0x2) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000000040), r1) socket(0x10, 0x2, 0x0) r2 = bpf$auto(0x5, &(0x7f0000000080)=@bpf_attr_7={@prog_id=0x9, 0x92f1, 0x4000004}, 0xd) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) setsockopt$auto_SO_BROADCAST(r0, 0x9, 0x6, &(0x7f0000000180)='\x00', 0x2) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000200), r2) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r3 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r3, 0x0, 0x18) openat$auto_tracing_pipe_fops_trace(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe\x00', 0x4400, 0x0) getdents$auto(r3, 0x0, 0xa2b0) 213.950456ms ago: executing program 3 (id=1042): fsconfig$auto(0xffffffffffffffff, 0x80, 0x0, 0x0, 0x0) sendto$auto(0x3, 0x0, 0x13, 0x7, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x3, 0x8}}, 0x20) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x10000100200000) setrlimit$auto(0xb, 0x0) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) mmap$auto(0x0, 0xa00006, 0x100, 0x80000000010, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x2000000003, 0x400009, 0x8, 0x50, 0x2, 0x8000) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x18}}, 0x54) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r0 = io_uring_setup$auto(0xc, 0x0) mmap$auto(0x0, 0x400408, 0x10001, 0x411, r0, 0x8000) mprotect$auto(0x8000, 0x8, 0x8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) prctl$auto(0x3, 0x1, 0xffffffffffffffff, 0xff, 0x8000) acct$auto(&(0x7f0000000000)='/dev/bus/usb/036/001\x00') r1 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000180)='/dev/bus/usb/036/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_CLAIMINTERFACE(r1, 0x8004550f, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) 161.067502ms ago: executing program 1 (id=1043): r0 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r0, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) 0s ago: executing program 1 (id=1044): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000100)='./file0/file0\x00', 0x222c0, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/filesystems\x00', 0x1c9802, 0x0) pread64$auto(r1, 0x0, 0x100000001, 0x100) fcntl$auto(r0, 0x400, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x5, 0x84) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r2, 0x0, 0x1ff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000800)={{@raw=0x1, 0x2a, 0x9, 0x8, "1fb8c66db3341cdd7c59af17e7b614aa3afcdeb461cadda10426d44d78a6ba746186ca630a6da69ee86ab53f"}, 0x5, 0x4, 0x5, @raw=0x7177, @integer64={0x4, 0xffffffffffff7b36, 0xa}, "cba6172b3efc8e802148850d899c7344d921d6500e1df65334791ec480e1f7d57f372e3ab8a1a0d9984325bf99e346b18bc1fd824548a13ab3cd10995fd5417b"}) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x84, &(0x7f0000000080)={0x7fffffff, 0xd, 0x83000, 0x8000006, 0x4, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0xcb32dd6, 0x8c48, 0x29f, 0x100, 0x77fffffe, 0x101, 0xb0d, 0x3}, {0x100, 0x1, 0x20000052, 0x1, 0x2, 0x40, 0xc4, 0xb, 0x100000000}}) kernel console output (not intermixed with test programs): 89.817963][ T5836] debugfs: 'hsr0' already exists in 'hsr' [ 89.823757][ T5836] Cannot create hsr debugfs directory [ 90.322753][ T5824] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 90.338341][ T5824] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 90.348533][ T5824] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 90.367261][ T5824] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 90.447297][ T5825] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 90.458715][ T5825] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 90.474947][ T5825] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 90.508016][ T5825] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 90.580412][ T5833] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 90.603743][ T5833] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 90.629516][ T5833] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 90.647785][ T5833] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 90.754766][ T5824] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.767419][ T5836] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 90.783433][ T5836] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 90.801752][ T5836] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 90.816209][ T5836] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 90.852758][ T5824] 8021q: adding VLAN 0 to HW filter on device team0 [ 90.899765][ T5825] 8021q: adding VLAN 0 to HW filter on device bond0 [ 90.910295][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 90.917640][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 90.928648][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state [ 90.935831][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.017190][ T5825] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.034620][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.041797][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.072089][ T1101] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.079339][ T1101] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.093693][ T5833] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.131184][ T5833] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.189655][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.196932][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.236156][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.243404][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.306679][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 91.385019][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 91.427413][ T668] bridge0: port 1(bridge_slave_0) entered blocking state [ 91.434640][ T668] bridge0: port 1(bridge_slave_0) entered forwarding state [ 91.465484][ T668] bridge0: port 2(bridge_slave_1) entered blocking state [ 91.472747][ T668] bridge0: port 2(bridge_slave_1) entered forwarding state [ 91.613685][ T5835] Bluetooth: hci0: command tx timeout [ 91.619166][ T5835] Bluetooth: hci1: command tx timeout [ 91.656943][ T5824] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.693738][ T5835] Bluetooth: hci2: command tx timeout [ 91.699215][ T5835] Bluetooth: hci3: command tx timeout [ 91.795048][ T5824] veth0_vlan: entered promiscuous mode [ 91.830763][ T5824] veth1_vlan: entered promiscuous mode [ 91.864078][ T5825] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 91.916623][ T5824] veth0_macvtap: entered promiscuous mode [ 91.950669][ T5824] veth1_macvtap: entered promiscuous mode [ 92.020071][ T5825] veth0_vlan: entered promiscuous mode [ 92.033542][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.067373][ T5824] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.080391][ T5825] veth1_vlan: entered promiscuous mode [ 92.089886][ T795] cfg80211: failed to load regulatory.db [ 92.103451][ T5833] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.128497][ T1101] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.138247][ T1101] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.169860][ T1101] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.178790][ T1101] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.206613][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 92.234607][ T5825] veth0_macvtap: entered promiscuous mode [ 92.276198][ T5825] veth1_macvtap: entered promiscuous mode [ 92.355978][ T5833] veth0_vlan: entered promiscuous mode [ 92.364177][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.364742][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.389426][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.408265][ T5825] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.458174][ T5833] veth1_vlan: entered promiscuous mode [ 92.465245][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.474072][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.486529][ T5836] veth0_vlan: entered promiscuous mode [ 92.503183][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.511045][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.528415][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.539011][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.581098][ T5836] veth1_vlan: entered promiscuous mode [ 92.663205][ T5824] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 92.685554][ T5833] veth0_macvtap: entered promiscuous mode [ 92.701185][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.719818][ T5833] veth1_macvtap: entered promiscuous mode [ 92.719958][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.749192][ T5836] veth0_macvtap: entered promiscuous mode [ 92.811279][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.839476][ T3535] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 92.840877][ T5836] veth1_macvtap: entered promiscuous mode [ 92.862492][ T3535] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 92.887128][ T5833] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 92.927985][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 92.987964][ T3535] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 92.998580][ T3535] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.009970][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 93.020439][ T3535] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.030421][ T3535] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.072907][ T3535] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.081656][ T5918] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 93.167360][ T3535] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.216985][ T3535] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.226930][ T3535] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 93.311490][ T3535] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.316034][ T5923] capability: warning: `syz.2.3' uses 32-bit capabilities (legacy support in use) [ 93.332745][ T3535] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.457180][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.486955][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.550329][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.559595][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.654424][ T1101] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 93.677744][ T1101] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 93.693643][ T5832] Bluetooth: hci0: command tx timeout [ 93.699646][ T5835] Bluetooth: hci1: command tx timeout [ 93.764291][ T5832] Bluetooth: hci2: command tx timeout [ 93.769861][ T5835] Bluetooth: hci3: command tx timeout [ 94.832092][ T5951] netlink: 12 bytes leftover after parsing attributes in process `syz.3.11'. [ 94.851884][ T5951] i: entered promiscuous mode [ 94.911688][ T5953] HfR: entered promiscuous mode [ 95.776131][ T5835] Bluetooth: hci1: command tx timeout [ 95.781588][ T5832] Bluetooth: hci0: command tx timeout [ 95.854449][ T5832] Bluetooth: hci3: command tx timeout [ 95.859889][ T5835] Bluetooth: hci2: command tx timeout [ 96.019702][ T5973] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 96.068130][ T5973] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16'. [ 96.238245][ T5973] bond0: (slave bond_slave_0): Releasing backup interface [ 96.314626][ T5973] Zero length message leads to an empty skb [ 96.708294][ T5982] sp0: Synchronizing with TNC [ 96.983497][ T5988] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21'. [ 97.049529][ T5988] netlink: 13 bytes leftover after parsing attributes in process `syz.2.21'. [ 97.553841][ T5996] FAULT_INJECTION: forcing a failure. [ 97.553841][ T5996] name failslab, interval 1, probability 0, space 0, times 1 [ 97.572382][ T5996] CPU: 0 UID: 0 PID: 5996 Comm: syz.0.25 Not tainted syzkaller #0 PREEMPT(full) [ 97.572421][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 97.572439][ T5996] Call Trace: [ 97.572449][ T5996] [ 97.572460][ T5996] dump_stack_lvl+0x100/0x190 [ 97.572512][ T5996] should_fail_ex.cold+0x5/0xa [ 97.572549][ T5996] ? __register_sysctl_table+0xac/0x1650 [ 97.572582][ T5996] should_failslab+0xc2/0x120 [ 97.572615][ T5996] __kmalloc_noprof+0xe0/0x850 [ 97.572671][ T5996] __register_sysctl_table+0xac/0x1650 [ 97.572706][ T5996] ? is_module_address+0x5f/0xf0 [ 97.572753][ T5996] ? __pfx___register_sysctl_table+0x10/0x10 [ 97.572785][ T5996] ? is_module_address+0x69/0xf0 [ 97.572824][ T5996] ? register_net_sysctl_sz+0x222/0x430 [ 97.572867][ T5996] __addrconf_sysctl_register+0x1a2/0x360 [ 97.572921][ T5996] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 97.572978][ T5996] ? __asan_memcpy+0x3c/0x60 [ 97.573037][ T5996] addrconf_init_net+0x5dd/0x8e0 [ 97.573084][ T5996] ? __pfx_addrconf_init_net+0x10/0x10 [ 97.573127][ T5996] ops_init+0x1e2/0x5f0 [ 97.573178][ T5996] setup_net+0x118/0x3a0 [ 97.573207][ T5996] ? __pfx_setup_net+0x10/0x10 [ 97.573233][ T5996] ? lockdep_init_map_type+0x5c/0x250 [ 97.573276][ T5996] ? mutex_init_lockep+0x110/0x150 [ 97.573326][ T5996] copy_net_ns+0x46f/0x7c0 [ 97.573368][ T5996] create_new_namespaces+0x3ea/0xac0 [ 97.573420][ T5996] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 97.573459][ T5996] ksys_unshare+0x473/0xad0 [ 97.573501][ T5996] ? __pfx_ksys_unshare+0x10/0x10 [ 97.573557][ T5996] __x64_sys_unshare+0x31/0x40 [ 97.573595][ T5996] do_syscall_64+0x10b/0xf80 [ 97.573620][ T5996] ? clear_bhb_loop+0x40/0x90 [ 97.573658][ T5996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 97.573690][ T5996] RIP: 0033:0x7f837a79c819 [ 97.573715][ T5996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 97.573742][ T5996] RSP: 002b:00007f837b708028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 97.573769][ T5996] RAX: ffffffffffffffda RBX: 00007f837aa15fa0 RCX: 00007f837a79c819 [ 97.573788][ T5996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 97.573805][ T5996] RBP: 00007f837a832c91 R08: 0000000000000000 R09: 0000000000000000 [ 97.573824][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 97.573841][ T5996] R13: 00007f837aa16038 R14: 00007f837aa15fa0 R15: 00007ffcd2e83008 [ 97.573883][ T5996] [ 98.116361][ T30] audit: type=1804 audit(1776167087.981:2): pid=6001 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.24" name="/newroot/6/file0" dev="tmpfs" ino=50 res=1 errno=0 [ 98.153485][ T30] audit: type=1804 audit(1776167088.101:3): pid=6003 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.24" name="/newroot/6/file0" dev="tmpfs" ino=50 res=1 errno=0 [ 98.753117][ T6015] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 98.818146][ T6015] netlink: 'syz.0.30': attribute type 2 has an invalid length. [ 98.836370][ T6015] netlink: 5 bytes leftover after parsing attributes in process `syz.0.30'. [ 98.857080][ T6017] netlink: 4 bytes leftover after parsing attributes in process `syz.2.31'. [ 98.897699][ T6017] netlink: 25 bytes leftover after parsing attributes in process `syz.2.31'. [ 100.152048][ T6039] vivid-007: ================= START STATUS ================= [ 100.192462][ T6039] vivid-007: Generate PTS: true [ 100.197731][ T6039] vivid-007: Generate SCR: true [ 100.232449][ T6039] tpg source WxH: 320x240 (Y'CbCr) [ 100.237649][ T6039] tpg field: 1 [ 100.241055][ T6039] tpg crop: (0,0)/320x240 [ 100.259877][ T6039] tpg compose: (0,0)/320x240 [ 100.266682][ T6039] tpg colorspace: 8 [ 100.270554][ T6039] tpg transfer function: 0/0 [ 100.285485][ T6039] tpg Y'CbCr encoding: 0/0 [ 100.295602][ T6039] tpg quantization: 0/0 [ 100.299880][ T6039] tpg RGB range: 0/2 [ 100.332607][ T6039] vivid-007: ================== END STATUS ================== [ 101.566503][ T6057] syz.0.43 (6057) used greatest stack depth: 18680 bytes left [ 102.299277][ T6077] zswap: compressor not available [ 103.816582][ T6118] FAULT_INJECTION: forcing a failure. [ 103.816582][ T6118] name failslab, interval 1, probability 0, space 0, times 0 [ 103.831865][ T6118] CPU: 1 UID: 0 PID: 6118 Comm: syz.0.59 Not tainted syzkaller #0 PREEMPT(full) [ 103.831907][ T6118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 103.831923][ T6118] Call Trace: [ 103.831934][ T6118] [ 103.831946][ T6118] dump_stack_lvl+0x100/0x190 [ 103.831998][ T6118] should_fail_ex.cold+0x5/0xa [ 103.832038][ T6118] should_failslab+0xc2/0x120 [ 103.832084][ T6118] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 103.832132][ T6118] ? tracefs_alloc_inode+0x2c/0x140 [ 103.832179][ T6118] ? __pfx_tracefs_alloc_inode+0x10/0x10 [ 103.832223][ T6118] tracefs_alloc_inode+0x2c/0x140 [ 103.832264][ T6118] ? __pfx_tracefs_alloc_inode+0x10/0x10 [ 103.832310][ T6118] alloc_inode+0x68/0x250 [ 103.832350][ T6118] new_inode+0x22/0x1c0 [ 103.832395][ T6118] tracefs_get_inode+0x19/0x80 [ 103.832437][ T6118] eventfs_get_inode+0x53/0x520 [ 103.832484][ T6118] eventfs_root_lookup+0x23c/0xa50 [ 103.832532][ T6118] ? __pfx_eventfs_root_lookup+0x10/0x10 [ 103.832583][ T6118] ? lockdep_init_map_type+0x5c/0x250 [ 103.832626][ T6118] ? lockdep_init_map_type+0x5c/0x250 [ 103.832672][ T6118] __lookup_slow+0x251/0x460 [ 103.832714][ T6118] ? __pfx___lookup_slow+0x10/0x10 [ 103.832778][ T6118] ? __d_lookup+0x266/0x4a0 [ 103.832829][ T6118] lookup_slow+0x50/0x70 [ 103.832871][ T6118] link_path_walk+0x1377/0x1cc0 [ 103.832934][ T6118] path_openat+0x1be/0x31a0 [ 103.832966][ T6118] ? kasan_save_stack+0x3f/0x50 [ 103.832992][ T6118] ? kasan_save_stack+0x30/0x50 [ 103.833019][ T6118] ? kasan_save_track+0x14/0x30 [ 103.833047][ T6118] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 103.833111][ T6118] ? __pfx_path_openat+0x10/0x10 [ 103.833153][ T6118] do_file_open+0x20e/0x430 [ 103.833175][ T6118] ? __pfx_do_file_open+0x10/0x10 [ 103.833211][ T6118] ? alloc_fd+0x476/0x790 [ 103.833232][ T6118] ? do_getname+0x191/0x390 [ 103.833258][ T6118] do_sys_openat2+0x10d/0x1e0 [ 103.833283][ T6118] ? __pfx_do_sys_openat2+0x10/0x10 [ 103.833309][ T6118] ? blkcg_maybe_throttle_current+0x5e7/0xeb0 [ 103.833336][ T6118] __x64_sys_openat+0x12d/0x210 [ 103.833365][ T6118] ? __pfx___x64_sys_openat+0x10/0x10 [ 103.833404][ T6118] do_syscall_64+0x10b/0xf80 [ 103.833421][ T6118] ? clear_bhb_loop+0x40/0x90 [ 103.833444][ T6118] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 103.833462][ T6118] RIP: 0033:0x7f837a79c819 [ 103.833478][ T6118] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 103.833494][ T6118] RSP: 002b:00007f837b708028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 103.833513][ T6118] RAX: ffffffffffffffda RBX: 00007f837aa15fa0 RCX: 00007f837a79c819 [ 103.833524][ T6118] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 103.833535][ T6118] RBP: 00007f837a832c91 R08: 0000000000000000 R09: 0000000000000000 [ 103.833545][ T6118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 103.833556][ T6118] R13: 00007f837aa16038 R14: 00007f837aa15fa0 R15: 00007ffcd2e83008 [ 103.833580][ T6118] [ 104.433692][ T6124] input: f¬ as /devices/virtual/input/input5 [ 104.449511][ T6125] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 104.625057][ T6128] FAULT_INJECTION: forcing a failure. [ 104.625057][ T6128] name failslab, interval 1, probability 0, space 0, times 0 [ 104.638074][ T6128] CPU: 1 UID: 0 PID: 6128 Comm: syz.1.63 Not tainted syzkaller #0 PREEMPT(full) [ 104.638100][ T6128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 104.638111][ T6128] Call Trace: [ 104.638120][ T6128] [ 104.638127][ T6128] dump_stack_lvl+0x100/0x190 [ 104.638160][ T6128] should_fail_ex.cold+0x5/0xa [ 104.638183][ T6128] should_failslab+0xc2/0x120 [ 104.638205][ T6128] __kmalloc_cache_noprof+0x7a/0x6f0 [ 104.638231][ T6128] ? pty_common_install+0xdf/0xb30 [ 104.638255][ T6128] pty_common_install+0xdf/0xb30 [ 104.638277][ T6128] ? __pfx_pty_unix98_install+0x10/0x10 [ 104.638298][ T6128] tty_init_dev.part.0+0x9e/0x470 [ 104.638326][ T6128] tty_init_dev+0x60/0x80 [ 104.638351][ T6128] ptmx_open+0x15e/0x3c0 [ 104.638369][ T6128] ? __pfx_ptmx_open+0x10/0x10 [ 104.638387][ T6128] chrdev_open+0x234/0x6a0 [ 104.638408][ T6128] ? __pfx_chrdev_open+0x10/0x10 [ 104.638430][ T6128] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 104.638456][ T6128] do_dentry_open+0x6d8/0x1660 [ 104.638476][ T6128] ? __pfx_chrdev_open+0x10/0x10 [ 104.638502][ T6128] vfs_open+0x82/0x3f0 [ 104.638529][ T6128] path_openat+0x208c/0x31a0 [ 104.638556][ T6128] ? __pfx_path_openat+0x10/0x10 [ 104.638584][ T6128] do_file_open+0x20e/0x430 [ 104.638605][ T6128] ? __pfx_do_file_open+0x10/0x10 [ 104.638641][ T6128] ? alloc_fd+0x476/0x790 [ 104.638662][ T6128] ? do_getname+0x191/0x390 [ 104.638687][ T6128] do_sys_openat2+0x10d/0x1e0 [ 104.638712][ T6128] ? __pfx_do_sys_openat2+0x10/0x10 [ 104.638739][ T6128] ? find_held_lock+0x2b/0x80 [ 104.638762][ T6128] __x64_sys_openat+0x12d/0x210 [ 104.638787][ T6128] ? __pfx___x64_sys_openat+0x10/0x10 [ 104.638829][ T6128] do_syscall_64+0x10b/0xf80 [ 104.638846][ T6128] ? clear_bhb_loop+0x40/0x90 [ 104.638869][ T6128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.638889][ T6128] RIP: 0033:0x7fe2bf99c819 [ 104.638905][ T6128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 104.638923][ T6128] RSP: 002b:00007fe2c0796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 104.638940][ T6128] RAX: ffffffffffffffda RBX: 00007fe2bfc15fa0 RCX: 00007fe2bf99c819 [ 104.638951][ T6128] RDX: 0000000000088000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 104.638962][ T6128] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 104.638972][ T6128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.638983][ T6128] R13: 00007fe2bfc16038 R14: 00007fe2bfc15fa0 R15: 00007ffcccb5f398 [ 104.639006][ T6128] [ 105.024272][ T6120] FAULT_INJECTION: forcing a failure. [ 105.024272][ T6120] name failslab, interval 1, probability 0, space 0, times 0 [ 105.038278][ T6120] CPU: 0 UID: 0 PID: 6120 Comm: syz.2.61 Not tainted syzkaller #0 PREEMPT(full) [ 105.038321][ T6120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 105.038338][ T6120] Call Trace: [ 105.038348][ T6120] [ 105.038361][ T6120] dump_stack_lvl+0x100/0x190 [ 105.038415][ T6120] should_fail_ex.cold+0x5/0xa [ 105.038455][ T6120] should_failslab+0xc2/0x120 [ 105.038491][ T6120] __kmalloc_cache_noprof+0x7a/0x6f0 [ 105.038534][ T6120] ? append_filter_err+0xb8/0x620 [ 105.038579][ T6120] ? process_preds+0x93d/0x1d90 [ 105.038633][ T6120] append_filter_err+0xb8/0x620 [ 105.038679][ T6120] ? create_filter_start.constprop.0+0x134/0x310 [ 105.038734][ T6120] create_filter+0x1a6/0x210 [ 105.038783][ T6120] ? __pfx_create_filter+0x10/0x10 [ 105.038833][ T6120] ? find_held_lock+0x2b/0x80 [ 105.038869][ T6120] apply_event_filter+0x220/0x500 [ 105.038921][ T6120] ? __pfx_apply_event_filter+0x10/0x10 [ 105.038982][ T6120] event_filter_write+0x16d/0x290 [ 105.039024][ T6120] vfs_write+0x2aa/0x1070 [ 105.039066][ T6120] ? __pfx_event_filter_write+0x10/0x10 [ 105.039107][ T6120] ? __pfx_vfs_write+0x10/0x10 [ 105.039137][ T6120] ? __fget_files+0x215/0x3d0 [ 105.039186][ T6120] ? __fget_files+0x21f/0x3d0 [ 105.039231][ T6120] ksys_write+0x12a/0x250 [ 105.039263][ T6120] ? __pfx_ksys_write+0x10/0x10 [ 105.039308][ T6120] do_syscall_64+0x10b/0xf80 [ 105.039337][ T6120] ? clear_bhb_loop+0x40/0x90 [ 105.039377][ T6120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 105.039411][ T6120] RIP: 0033:0x7fcc0f99c819 [ 105.039438][ T6120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 105.039467][ T6120] RSP: 002b:00007fcc108aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 105.039497][ T6120] RAX: ffffffffffffffda RBX: 00007fcc0fc15fa0 RCX: 00007fcc0f99c819 [ 105.039518][ T6120] RDX: 00000000000005c8 RSI: 0000000000000000 RDI: 0000000000000003 [ 105.039536][ T6120] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 105.039554][ T6120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 105.039571][ T6120] R13: 00007fcc0fc16038 R14: 00007fcc0fc15fa0 R15: 00007ffdab7d9828 [ 105.039614][ T6120] [ 105.295609][ T6131] process 'syz.0.64' launched './file0' with NULL argv: empty string added [ 105.513255][ T6131] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 106.892870][ T6157] mmap: syz.3.71 (6157) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 107.185611][ T6161] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 107.944237][ T6176] mkiss: ax0: crc mode is auto. [ 108.689528][ T6183] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 108.708410][ T6183] File: /dev/nullb0 PID: 6183 Comm: syz.1.77 [ 109.435548][ T6193] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 109.854941][ T6191] zswap: compressor not available [ 109.993935][ T6202] hub 1-0:1.0: USB hub found [ 110.003013][ T6202] hub 1-0:1.0: 1 port detected [ 110.115169][ T6209] netlink: 25 bytes leftover after parsing attributes in process `syz.3.85'. [ 110.550655][ T30] audit: type=1800 audit(1776167100.671:4): pid=6214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.87" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 111.084316][ T6218] FAULT_INJECTION: forcing a failure. [ 111.084316][ T6218] name failslab, interval 1, probability 0, space 0, times 0 [ 111.132409][ T6218] CPU: 1 UID: 0 PID: 6218 Comm: syz.3.88 Not tainted syzkaller #0 PREEMPT(full) [ 111.132447][ T6218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 111.132462][ T6218] Call Trace: [ 111.132471][ T6218] [ 111.132481][ T6218] dump_stack_lvl+0x100/0x190 [ 111.132531][ T6218] should_fail_ex.cold+0x5/0xa [ 111.132566][ T6218] should_failslab+0xc2/0x120 [ 111.132600][ T6218] __kmalloc_cache_noprof+0x7a/0x6f0 [ 111.132639][ T6218] ? refill_pi_state_cache+0x91/0x260 [ 111.132691][ T6218] refill_pi_state_cache+0x91/0x260 [ 111.132735][ T6218] futex_lock_pi+0x177/0x7b0 [ 111.132785][ T6218] ? __pfx_futex_lock_pi+0x10/0x10 [ 111.132833][ T6218] ? __pfx___futex_wait+0x10/0x10 [ 111.132915][ T6218] ? __pfx_futex_wake_mark+0x10/0x10 [ 111.132980][ T6218] ? __get_user_nocheck_8+0x20/0x20 [ 111.133021][ T6218] ? do_vfs_ioctl+0x226/0x13e0 [ 111.133069][ T6218] do_futex+0x18a/0x350 [ 111.133106][ T6218] ? __pfx_do_futex+0x10/0x10 [ 111.133146][ T6218] ? find_held_lock+0x2b/0x80 [ 111.133180][ T6218] __x64_sys_futex+0x34f/0x4d0 [ 111.133226][ T6218] ? __pfx___x64_sys_futex+0x10/0x10 [ 111.133279][ T6218] do_syscall_64+0x10b/0xf80 [ 111.133304][ T6218] ? clear_bhb_loop+0x40/0x90 [ 111.133336][ T6218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 111.133365][ T6218] RIP: 0033:0x7fa73759c819 [ 111.133386][ T6218] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 111.133409][ T6218] RSP: 002b:00007fa738465028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 111.133436][ T6218] RAX: ffffffffffffffda RBX: 00007fa737816090 RCX: 00007fa73759c819 [ 111.133454][ T6218] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 111.133472][ T6218] RBP: 00007fa737632c91 R08: 0000000000000000 R09: 000000008000fff5 [ 111.133490][ T6218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 111.133506][ T6218] R13: 00007fa737816128 R14: 00007fa737816090 R15: 00007ffd32b8d688 [ 111.133544][ T6218] [ 113.315043][ T6242] FAULT_INJECTION: forcing a failure. [ 113.315043][ T6242] name failslab, interval 1, probability 0, space 0, times 0 [ 113.362479][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.1.93 Not tainted syzkaller #0 PREEMPT(full) [ 113.362521][ T6242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 113.362538][ T6242] Call Trace: [ 113.362548][ T6242] [ 113.362560][ T6242] dump_stack_lvl+0x100/0x190 [ 113.362610][ T6242] should_fail_ex.cold+0x5/0xa [ 113.362647][ T6242] ? lsm_blob_alloc+0x68/0x90 [ 113.362680][ T6242] should_failslab+0xc2/0x120 [ 113.362715][ T6242] __kmalloc_noprof+0xe0/0x850 [ 113.362760][ T6242] ? trace_kmem_cache_alloc+0xf3/0x120 [ 113.362802][ T6242] lsm_blob_alloc+0x68/0x90 [ 113.362837][ T6242] security_sk_alloc+0x2d/0x290 [ 113.362878][ T6242] sk_prot_alloc+0x1d1/0x2a0 [ 113.362912][ T6242] sk_alloc+0x36/0xe80 [ 113.362957][ T6242] inet6_create+0x385/0x12b0 [ 113.363018][ T6242] ? inet6_create+0x7f/0x12b0 [ 113.363068][ T6242] __sock_create+0x339/0x860 [ 113.363112][ T6242] inet_ctl_sock_create+0x94/0x230 [ 113.363146][ T6242] ? __pfx_inet_ctl_sock_create+0x10/0x10 [ 113.363181][ T6242] ? __asan_memcpy+0x3c/0x60 [ 113.363226][ T6242] ? __pfx_tcpv6_net_init+0x10/0x10 [ 113.363257][ T6242] tcpv6_net_init+0x31/0xc0 [ 113.363286][ T6242] ops_init+0x1e2/0x5f0 [ 113.363336][ T6242] setup_net+0x118/0x3a0 [ 113.363363][ T6242] ? __pfx_setup_net+0x10/0x10 [ 113.363389][ T6242] ? lockdep_init_map_type+0x5c/0x250 [ 113.363431][ T6242] ? mutex_init_lockep+0x110/0x150 [ 113.363480][ T6242] copy_net_ns+0x46f/0x7c0 [ 113.363515][ T6242] create_new_namespaces+0x3ea/0xac0 [ 113.363566][ T6242] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 113.363604][ T6242] ksys_unshare+0x473/0xad0 [ 113.363646][ T6242] ? __pfx_ksys_unshare+0x10/0x10 [ 113.363701][ T6242] __x64_sys_unshare+0x31/0x40 [ 113.363738][ T6242] do_syscall_64+0x10b/0xf80 [ 113.363765][ T6242] ? clear_bhb_loop+0x40/0x90 [ 113.363801][ T6242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 113.363831][ T6242] RIP: 0033:0x7fe2bf99c819 [ 113.363856][ T6242] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 113.363884][ T6242] RSP: 002b:00007fe2c0796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 113.363913][ T6242] RAX: ffffffffffffffda RBX: 00007fe2bfc15fa0 RCX: 00007fe2bf99c819 [ 113.363933][ T6242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 113.363950][ T6242] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 113.363967][ T6242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 113.363994][ T6242] R13: 00007fe2bfc16038 R14: 00007fe2bfc15fa0 R15: 00007ffcccb5f398 [ 113.364034][ T6242] [ 116.936707][ T6295] netlink: 28 bytes leftover after parsing attributes in process `syz.0.111'. [ 116.960517][ T6295] bridge_slave_1: left allmulticast mode [ 116.973519][ T6295] bridge_slave_1: left promiscuous mode [ 116.984006][ T6295] bridge0: port 2(bridge_slave_1) entered disabled state [ 117.065225][ T6295] bridge_slave_0: left allmulticast mode [ 117.079856][ T6295] bridge_slave_0: left promiscuous mode [ 117.109869][ T6295] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.193480][ T6312] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 120.117028][ T6352] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 120.415655][ T6343] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 120.764989][ T6343] File: /dev/nullb0 PID: 6343 Comm: syz.2.123 [ 121.239800][ T6364] netlink: 4 bytes leftover after parsing attributes in process `syz.3.132'. [ 121.306042][ T6364] netlink: 'syz.3.132': attribute type 3 has an invalid length. [ 121.342388][ T6364] netlink: 17 bytes leftover after parsing attributes in process `syz.3.132'. [ 126.537144][ T6418] netlink: 4 bytes leftover after parsing attributes in process `syz.3.145'. [ 126.584237][ T6418] netlink: 'syz.3.145': attribute type 1 has an invalid length. [ 126.591954][ T6418] netlink: 5 bytes leftover after parsing attributes in process `syz.3.145'. [ 127.966695][ T6429] Device name cannot be null; rc = [-22] [ 130.061362][ T6440] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 130.137769][ T6436] netlink: 354 bytes leftover after parsing attributes in process `syz.2.151'. [ 132.834951][ T6471] netlink: 4 bytes leftover after parsing attributes in process `syz.2.159'. [ 132.884435][ T6471] netlink: 'syz.2.159': attribute type 1 has an invalid length. [ 132.922435][ T6471] netlink: 5 bytes leftover after parsing attributes in process `syz.2.159'. [ 133.052612][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.059156][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.214038][ T6476] netlink: 25 bytes leftover after parsing attributes in process `syz.2.161'. [ 134.127453][ T6486] FAULT_INJECTION: forcing a failure. [ 134.127453][ T6486] name failslab, interval 1, probability 0, space 0, times 0 [ 134.152266][ T6486] CPU: 0 UID: 0 PID: 6486 Comm: syz.0.163 Not tainted syzkaller #0 PREEMPT(full) [ 134.152308][ T6486] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 134.152325][ T6486] Call Trace: [ 134.152333][ T6486] [ 134.152344][ T6486] dump_stack_lvl+0x100/0x190 [ 134.152397][ T6486] should_fail_ex.cold+0x5/0xa [ 134.152432][ T6486] ? nfc_llcp_build_tlv+0x105/0x250 [ 134.152477][ T6486] should_failslab+0xc2/0x120 [ 134.152510][ T6486] __kmalloc_noprof+0xe0/0x850 [ 134.152564][ T6486] nfc_llcp_build_tlv+0x105/0x250 [ 134.152605][ T6486] ? lockdep_hardirqs_on+0x78/0x100 [ 134.152654][ T6486] nfc_llcp_build_gb.isra.0+0x11e/0x3f0 [ 134.152700][ T6486] ? __pfx_nfc_llcp_build_gb.isra.0+0x10/0x10 [ 134.152754][ T6486] ? lockdep_init_map_type+0x5c/0x250 [ 134.152795][ T6486] ? lockdep_init_map_type+0x5c/0x250 [ 134.152841][ T6486] nfc_llcp_register_device+0x600/0xa60 [ 134.152898][ T6486] nfc_register_device+0x6d/0x3e0 [ 134.152950][ T6486] nci_register_device+0x7f1/0xb80 [ 134.152992][ T6486] ? __pfx_nci_register_device+0x10/0x10 [ 134.153036][ T6486] ? lockdep_init_map_type+0x5c/0x250 [ 134.153084][ T6486] virtual_ncidev_open+0x141/0x220 [ 134.153121][ T6486] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 134.153155][ T6486] misc_open+0x26d/0x450 [ 134.153185][ T6486] ? __pfx_misc_open+0x10/0x10 [ 134.153212][ T6486] chrdev_open+0x234/0x6a0 [ 134.153244][ T6486] ? __pfx_apparmor_file_open+0x10/0x10 [ 134.153285][ T6486] ? __pfx_chrdev_open+0x10/0x10 [ 134.153320][ T6486] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 134.153370][ T6486] do_dentry_open+0x6d8/0x1660 [ 134.153403][ T6486] ? __pfx_chrdev_open+0x10/0x10 [ 134.153446][ T6486] vfs_open+0x82/0x3f0 [ 134.153491][ T6486] path_openat+0x208c/0x31a0 [ 134.153538][ T6486] ? __pfx_path_openat+0x10/0x10 [ 134.153587][ T6486] do_file_open+0x20e/0x430 [ 134.153625][ T6486] ? __pfx_do_file_open+0x10/0x10 [ 134.153685][ T6486] ? alloc_fd+0x476/0x790 [ 134.153723][ T6486] ? do_getname+0x191/0x390 [ 134.153766][ T6486] do_sys_openat2+0x10d/0x1e0 [ 134.153808][ T6486] ? __pfx_do_sys_openat2+0x10/0x10 [ 134.153864][ T6486] __x64_sys_openat+0x12d/0x210 [ 134.153913][ T6486] ? __pfx___x64_sys_openat+0x10/0x10 [ 134.153970][ T6486] do_syscall_64+0x10b/0xf80 [ 134.153997][ T6486] ? clear_bhb_loop+0x40/0x90 [ 134.154034][ T6486] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.154064][ T6486] RIP: 0033:0x7f837a79c819 [ 134.154089][ T6486] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 134.154116][ T6486] RSP: 002b:00007f837b708028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 134.154146][ T6486] RAX: ffffffffffffffda RBX: 00007f837aa15fa0 RCX: 00007f837a79c819 [ 134.154164][ T6486] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 134.154180][ T6486] RBP: 00007f837a832c91 R08: 0000000000000000 R09: 0000000000000000 [ 134.154196][ T6486] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 134.154213][ T6486] R13: 00007f837aa16038 R14: 00007f837aa15fa0 R15: 00007ffcd2e83008 [ 134.154248][ T6486] [ 135.035214][ T6500] netlink: 342 bytes leftover after parsing attributes in process `syz.1.166'. [ 136.033972][ T6508] netlink: 'syz.1.168': attribute type 1 has an invalid length. [ 136.052479][ T6508] netlink: 9 bytes leftover after parsing attributes in process `syz.1.168'. [ 136.175265][ T6510] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 136.214950][ T6513] netlink: 'syz.2.170': attribute type 1 has an invalid length. [ 136.242087][ T6513] netlink: 9 bytes leftover after parsing attributes in process `syz.2.170'. [ 136.690318][ T30] audit: type=1804 audit(1776167126.811:5): pid=6522 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.173" name="/newroot/41/file0" dev="tmpfs" ino=235 res=1 errno=0 [ 136.723408][ T30] audit: type=1804 audit(1776167126.841:6): pid=6524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.173" name="/newroot/41/file0" dev="tmpfs" ino=235 res=1 errno=0 [ 137.959096][ T6534] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 138.040823][ T6534] File: /dev/nullb0 PID: 6534 Comm: syz.1.174 [ 138.424596][ T6557] netlink: 4 bytes leftover after parsing attributes in process `syz.0.180'. [ 138.566755][ T6554] netlink: 'syz.0.180': attribute type 1 has an invalid length. [ 138.816241][ T6554] netlink: 5 bytes leftover after parsing attributes in process `syz.0.180'. [ 139.391051][ T6561] usbip-vudc usbip-vudc.0: gadget not bound [ 140.081654][ T6570] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 141.168492][ T6586] FAULT_INJECTION: forcing a failure. [ 141.168492][ T6586] name failslab, interval 1, probability 0, space 0, times 0 [ 141.227564][ T6586] CPU: 0 UID: 0 PID: 6586 Comm: syz.3.190 Not tainted syzkaller #0 PREEMPT(full) [ 141.227606][ T6586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 141.227624][ T6586] Call Trace: [ 141.227634][ T6586] [ 141.227655][ T6586] dump_stack_lvl+0x100/0x190 [ 141.227710][ T6586] should_fail_ex.cold+0x5/0xa [ 141.227751][ T6586] ? __register_sysctl_table+0xac/0x1650 [ 141.227787][ T6586] should_failslab+0xc2/0x120 [ 141.227821][ T6586] __kmalloc_noprof+0xe0/0x850 [ 141.227872][ T6586] __register_sysctl_table+0xac/0x1650 [ 141.227905][ T6586] ? is_module_address+0x5f/0xf0 [ 141.227951][ T6586] ? __pfx___register_sysctl_table+0x10/0x10 [ 141.227985][ T6586] ? is_module_address+0x69/0xf0 [ 141.228023][ T6586] ? register_net_sysctl_sz+0x222/0x430 [ 141.228060][ T6586] ? __asan_memcpy+0x3c/0x60 [ 141.228108][ T6586] sysctl_core_net_init+0xe6/0x290 [ 141.228150][ T6586] ? __pfx_sysctl_core_net_init+0x10/0x10 [ 141.228187][ T6586] ops_init+0x1e2/0x5f0 [ 141.228238][ T6586] setup_net+0x118/0x3a0 [ 141.228268][ T6586] ? __pfx_setup_net+0x10/0x10 [ 141.228292][ T6586] ? lockdep_init_map_type+0x5c/0x250 [ 141.228334][ T6586] ? mutex_init_lockep+0x110/0x150 [ 141.228383][ T6586] copy_net_ns+0x46f/0x7c0 [ 141.228419][ T6586] create_new_namespaces+0x3ea/0xac0 [ 141.228463][ T6586] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 141.228501][ T6586] ksys_unshare+0x473/0xad0 [ 141.228543][ T6586] ? __pfx_ksys_unshare+0x10/0x10 [ 141.228604][ T6586] __x64_sys_unshare+0x31/0x40 [ 141.228642][ T6586] do_syscall_64+0x10b/0xf80 [ 141.228678][ T6586] ? clear_bhb_loop+0x40/0x90 [ 141.228716][ T6586] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.228747][ T6586] RIP: 0033:0x7fa73759c819 [ 141.228773][ T6586] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 141.228801][ T6586] RSP: 002b:00007fa738465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 141.228831][ T6586] RAX: ffffffffffffffda RBX: 00007fa737816090 RCX: 00007fa73759c819 [ 141.228850][ T6586] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 141.228867][ T6586] RBP: 00007fa737632c91 R08: 0000000000000000 R09: 0000000000000000 [ 141.228884][ T6586] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.228899][ T6586] R13: 00007fa737816128 R14: 00007fa737816090 R15: 00007ffd32b8d688 [ 141.228937][ T6586] [ 146.201312][ T6634] FAULT_INJECTION: forcing a failure. [ 146.201312][ T6634] name failslab, interval 1, probability 0, space 0, times 0 [ 146.250429][ T6634] CPU: 1 UID: 0 PID: 6634 Comm: syz.2.201 Not tainted syzkaller #0 PREEMPT(full) [ 146.250472][ T6634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 146.250490][ T6634] Call Trace: [ 146.250500][ T6634] [ 146.250512][ T6634] dump_stack_lvl+0x100/0x190 [ 146.250567][ T6634] should_fail_ex.cold+0x5/0xa [ 146.250608][ T6634] should_failslab+0xc2/0x120 [ 146.250653][ T6634] __kmalloc_cache_noprof+0x7a/0x6f0 [ 146.250695][ T6634] ? netdev_init+0x151/0x3c0 [ 146.250738][ T6634] netdev_init+0x151/0x3c0 [ 146.250771][ T6634] ? __pfx_netdev_init+0x10/0x10 [ 146.250803][ T6634] ops_init+0x1e2/0x5f0 [ 146.250852][ T6634] setup_net+0x118/0x3a0 [ 146.250881][ T6634] ? __pfx_setup_net+0x10/0x10 [ 146.250905][ T6634] ? lockdep_init_map_type+0x5c/0x250 [ 146.250947][ T6634] ? mutex_init_lockep+0x110/0x150 [ 146.250994][ T6634] copy_net_ns+0x46f/0x7c0 [ 146.251029][ T6634] create_new_namespaces+0x3ea/0xac0 [ 146.251069][ T6634] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 146.251107][ T6634] ksys_unshare+0x473/0xad0 [ 146.251148][ T6634] ? __pfx_ksys_unshare+0x10/0x10 [ 146.251202][ T6634] __x64_sys_unshare+0x31/0x40 [ 146.251239][ T6634] do_syscall_64+0x10b/0xf80 [ 146.251267][ T6634] ? clear_bhb_loop+0x40/0x90 [ 146.251304][ T6634] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.251334][ T6634] RIP: 0033:0x7fcc0f99c819 [ 146.251360][ T6634] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 146.251387][ T6634] RSP: 002b:00007fcc10889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 146.251416][ T6634] RAX: ffffffffffffffda RBX: 00007fcc0fc16090 RCX: 00007fcc0f99c819 [ 146.251435][ T6634] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 146.251452][ T6634] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 146.251469][ T6634] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.251487][ T6634] R13: 00007fcc0fc16128 R14: 00007fcc0fc16090 R15: 00007ffdab7d9828 [ 146.251527][ T6634] [ 147.036476][ T6642] Console: switching to colour VGA+ 80x25 [ 148.265721][ T6661] FAULT_INJECTION: forcing a failure. [ 148.265721][ T6661] name failslab, interval 1, probability 0, space 0, times 0 [ 148.350510][ T6661] CPU: 1 UID: 0 PID: 6661 Comm: syz.3.210 Not tainted syzkaller #0 PREEMPT(full) [ 148.350552][ T6661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 148.350570][ T6661] Call Trace: [ 148.350579][ T6661] [ 148.350588][ T6661] dump_stack_lvl+0x100/0x190 [ 148.350631][ T6661] should_fail_ex.cold+0x5/0xa [ 148.350653][ T6661] should_failslab+0xc2/0x120 [ 148.350674][ T6661] __kvmalloc_node_noprof+0xfa/0xa00 [ 148.350692][ T6661] ? io_uring_setup.cold+0x171/0x1c7e [ 148.350721][ T6661] ? lockdep_init_map_type+0x5c/0x250 [ 148.350750][ T6661] io_uring_setup.cold+0x171/0x1c7e [ 148.350778][ T6661] ? ksys_write+0x190/0x250 [ 148.350796][ T6661] ? __pfx_io_uring_setup+0x10/0x10 [ 148.350818][ T6661] ? do_futex+0x192/0x350 [ 148.350842][ T6661] ? __pfx_do_futex+0x10/0x10 [ 148.350866][ T6661] ? __fget_files+0x215/0x3d0 [ 148.350893][ T6661] ? xfd_validate_state+0x129/0x190 [ 148.350925][ T6661] __x64_sys_io_uring_setup+0xc2/0x170 [ 148.350947][ T6661] do_syscall_64+0x10b/0xf80 [ 148.350964][ T6661] ? clear_bhb_loop+0x40/0x90 [ 148.350985][ T6661] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.351003][ T6661] RIP: 0033:0x7fa73759c819 [ 148.351018][ T6661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 148.351035][ T6661] RSP: 002b:00007fa738486028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 148.351053][ T6661] RAX: ffffffffffffffda RBX: 00007fa737815fa0 RCX: 00007fa73759c819 [ 148.351064][ T6661] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 148.351073][ T6661] RBP: 00007fa737632c91 R08: 0000000000000000 R09: 0000000000000000 [ 148.351084][ T6661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.351094][ T6661] R13: 00007fa737816038 R14: 00007fa737815fa0 R15: 00007ffd32b8d688 [ 148.351116][ T6661] [ 153.018969][ T6693] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 153.025522][ T6693] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 153.039248][ T6693] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 153.050616][ T6693] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 153.076543][ T6693] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 153.093760][ T6693] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 153.113983][ T6693] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 153.129466][ T6693] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.155318][ T6693] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 153.172178][ T6693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 153.181013][ T6693] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 153.200271][ T6693] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 153.765103][ T6716] FAULT_INJECTION: forcing a failure. [ 153.765103][ T6716] name failslab, interval 1, probability 0, space 0, times 0 [ 153.962384][ T6716] CPU: 0 UID: 0 PID: 6716 Comm: syz.0.222 Not tainted syzkaller #0 PREEMPT(full) [ 153.962428][ T6716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 153.962445][ T6716] Call Trace: [ 153.962455][ T6716] [ 153.962467][ T6716] dump_stack_lvl+0x100/0x190 [ 153.962520][ T6716] should_fail_ex.cold+0x5/0xa [ 153.962560][ T6716] should_failslab+0xc2/0x120 [ 153.962596][ T6716] __kmalloc_cache_noprof+0x7a/0x6f0 [ 153.962636][ T6716] ? devinet_init_net+0x4f/0x8d0 [ 153.962674][ T6716] ? __pfx_devinet_init_net+0x10/0x10 [ 153.962706][ T6716] devinet_init_net+0x4f/0x8d0 [ 153.962741][ T6716] ? __pfx_devinet_init_net+0x10/0x10 [ 153.962772][ T6716] ops_init+0x1e2/0x5f0 [ 153.962823][ T6716] setup_net+0x118/0x3a0 [ 153.962852][ T6716] ? __pfx_setup_net+0x10/0x10 [ 153.962884][ T6716] ? lockdep_init_map_type+0x5c/0x250 [ 153.962925][ T6716] ? mutex_init_lockep+0x110/0x150 [ 153.962971][ T6716] copy_net_ns+0x46f/0x7c0 [ 153.963007][ T6716] create_new_namespaces+0x3ea/0xac0 [ 153.963050][ T6716] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 153.963088][ T6716] ksys_unshare+0x473/0xad0 [ 153.963129][ T6716] ? __pfx_ksys_unshare+0x10/0x10 [ 153.963183][ T6716] __x64_sys_unshare+0x31/0x40 [ 153.963221][ T6716] do_syscall_64+0x10b/0xf80 [ 153.963248][ T6716] ? clear_bhb_loop+0x40/0x90 [ 153.963286][ T6716] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 153.963333][ T6716] RIP: 0033:0x7f837a79c819 [ 153.963359][ T6716] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 153.963393][ T6716] RSP: 002b:00007f837b6e7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 153.963422][ T6716] RAX: ffffffffffffffda RBX: 00007f837aa16090 RCX: 00007f837a79c819 [ 153.963441][ T6716] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 153.963459][ T6716] RBP: 00007f837a832c91 R08: 0000000000000000 R09: 0000000000000000 [ 153.963476][ T6716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 153.963493][ T6716] R13: 00007f837aa16128 R14: 00007f837aa16090 R15: 00007ffcd2e83008 [ 153.963535][ T6716] [ 154.416022][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 155.122381][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 155.122391][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 155.202332][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 156.482777][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 157.202487][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 157.222521][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.292484][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout [ 158.562568][ T5146] Bluetooth: hci0: command 0x0c1a tx timeout [ 159.081876][ T6774] FAULT_INJECTION: forcing a failure. [ 159.081876][ T6774] name failslab, interval 1, probability 0, space 0, times 0 [ 159.163973][ T6774] CPU: 0 UID: 0 PID: 6774 Comm: syz.1.238 Not tainted syzkaller #0 PREEMPT(full) [ 159.164016][ T6774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 159.164033][ T6774] Call Trace: [ 159.164043][ T6774] [ 159.164061][ T6774] dump_stack_lvl+0x100/0x190 [ 159.164115][ T6774] should_fail_ex.cold+0x5/0xa [ 159.164152][ T6774] ? __netlink_kernel_create+0x181/0x750 [ 159.164201][ T6774] should_failslab+0xc2/0x120 [ 159.164236][ T6774] __kmalloc_noprof+0xe0/0x850 [ 159.164292][ T6774] __netlink_kernel_create+0x181/0x750 [ 159.164344][ T6774] ? __pfx___netlink_kernel_create+0x10/0x10 [ 159.164406][ T6774] uevent_net_init+0xf8/0x330 [ 159.164444][ T6774] ? __pfx_uevent_net_init+0x10/0x10 [ 159.164484][ T6774] ? __pfx_uevent_net_rcv+0x10/0x10 [ 159.164523][ T6774] ? __kmalloc_noprof+0x320/0x850 [ 159.164577][ T6774] ? __pfx_uevent_net_init+0x10/0x10 [ 159.164612][ T6774] ops_init+0x1e2/0x5f0 [ 159.164676][ T6774] setup_net+0x118/0x3a0 [ 159.164706][ T6774] ? __pfx_setup_net+0x10/0x10 [ 159.164731][ T6774] ? lockdep_init_map_type+0x5c/0x250 [ 159.164774][ T6774] ? mutex_init_lockep+0x110/0x150 [ 159.164824][ T6774] copy_net_ns+0x46f/0x7c0 [ 159.164857][ T6774] create_new_namespaces+0x3ea/0xac0 [ 159.164899][ T6774] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 159.164935][ T6774] ksys_unshare+0x473/0xad0 [ 159.164977][ T6774] ? __pfx_ksys_unshare+0x10/0x10 [ 159.165031][ T6774] __x64_sys_unshare+0x31/0x40 [ 159.165068][ T6774] do_syscall_64+0x10b/0xf80 [ 159.165097][ T6774] ? clear_bhb_loop+0x40/0x90 [ 159.165134][ T6774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.165165][ T6774] RIP: 0033:0x7fe2bf99c819 [ 159.165190][ T6774] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 159.165218][ T6774] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 159.165247][ T6774] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 159.165267][ T6774] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 159.165284][ T6774] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 159.165302][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 159.165320][ T6774] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 159.165361][ T6774] [ 159.165935][ T6774] kobject_uevent: unable to create netlink socket! [ 159.284789][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout [ 159.294218][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout [ 159.372498][ T5832] Bluetooth: hci3: command 0x0c1a tx timeout [ 163.306282][ T6834] netlink: 342 bytes leftover after parsing attributes in process `syz.3.257'. [ 164.071796][ T6851] netlink: 28 bytes leftover after parsing attributes in process `syz.2.260'. [ 165.609727][ T6872] tipc: Withdrawal distribution failure [ 167.519497][ T6913] netlink: 28 bytes leftover after parsing attributes in process `syz.1.271'. [ 168.111546][ T6924] netlink: 4 bytes leftover after parsing attributes in process `syz.1.275'. [ 168.127716][ T6924] netlink: 354 bytes leftover after parsing attributes in process `syz.1.275'. [ 169.393684][ T6941] syz.1.281 uses obsolete (PF_INET,SOCK_PACKET) [ 169.922617][ T5832] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 169.925230][ T5146] Bluetooth: hci4: command 0x1003 tx timeout [ 173.379298][ T7004] FAULT_INJECTION: forcing a failure. [ 173.379298][ T7004] name failslab, interval 1, probability 0, space 0, times 0 [ 173.393307][ T7004] CPU: 1 UID: 0 PID: 7004 Comm: syz.1.300 Not tainted syzkaller #0 PREEMPT(full) [ 173.393348][ T7004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 173.393364][ T7004] Call Trace: [ 173.393374][ T7004] [ 173.393392][ T7004] dump_stack_lvl+0x100/0x190 [ 173.393440][ T7004] should_fail_ex.cold+0x5/0xa [ 173.393475][ T7004] should_failslab+0xc2/0x120 [ 173.393520][ T7004] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 173.393569][ T7004] ? __kernfs_new_node+0xd2/0x9f0 [ 173.393619][ T7004] ? kstrdup+0xb3/0xe0 [ 173.393655][ T7004] __kernfs_new_node+0xd2/0x9f0 [ 173.393711][ T7004] ? __kernel_text_address+0xd/0x30 [ 173.393760][ T7004] ? arch_stack_walk+0xa6/0xf0 [ 173.393793][ T7004] ? __pfx___kernfs_new_node+0x10/0x10 [ 173.393852][ T7004] ? find_held_lock+0x2b/0x80 [ 173.393883][ T7004] ? kernfs_root+0xee/0x2a0 [ 173.393910][ T7004] ? kernfs_root+0xee/0x2a0 [ 173.393948][ T7004] kernfs_new_node+0x11b/0x1a0 [ 173.393990][ T7004] kernfs_create_dir_ns+0x4c/0x1a0 [ 173.394029][ T7004] sysfs_create_dir_ns+0x13a/0x2b0 [ 173.394088][ T7004] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 173.394132][ T7004] ? find_held_lock+0x2b/0x80 [ 173.394162][ T7004] ? kobject_add_internal+0x25f/0x930 [ 173.394199][ T7004] ? kobject_add_internal+0x25f/0x930 [ 173.394238][ T7004] ? class_dir_child_ns_type+0xd/0x60 [ 173.394275][ T7004] kobject_add_internal+0x2c8/0x930 [ 173.394318][ T7004] kobject_add+0x16a/0x1e0 [ 173.394354][ T7004] ? __pfx_kobject_add+0x10/0x10 [ 173.394397][ T7004] ? kobject_put+0xb9/0x640 [ 173.394441][ T7004] device_add+0x294/0x1950 [ 173.394474][ T7004] ? alloc_workqueue_noprof+0x192/0x200 [ 173.394521][ T7004] ? alloc_workqueue_noprof+0x198/0x200 [ 173.394560][ T7004] ? __pfx_device_add+0x10/0x10 [ 173.394606][ T7004] nfc_register_device+0x41/0x3e0 [ 173.394658][ T7004] nci_register_device+0x7f1/0xb80 [ 173.394701][ T7004] ? __pfx_nci_register_device+0x10/0x10 [ 173.394747][ T7004] ? lockdep_init_map_type+0x5c/0x250 [ 173.394796][ T7004] virtual_ncidev_open+0x141/0x220 [ 173.394837][ T7004] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 173.394877][ T7004] misc_open+0x26d/0x450 [ 173.394909][ T7004] ? __pfx_misc_open+0x10/0x10 [ 173.394938][ T7004] chrdev_open+0x234/0x6a0 [ 173.394970][ T7004] ? __pfx_apparmor_file_open+0x10/0x10 [ 173.395013][ T7004] ? __pfx_chrdev_open+0x10/0x10 [ 173.395049][ T7004] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 173.395095][ T7004] do_dentry_open+0x6d8/0x1660 [ 173.395128][ T7004] ? __pfx_chrdev_open+0x10/0x10 [ 173.395173][ T7004] vfs_open+0x82/0x3f0 [ 173.395220][ T7004] path_openat+0x208c/0x31a0 [ 173.395268][ T7004] ? __pfx_path_openat+0x10/0x10 [ 173.395319][ T7004] do_file_open+0x20e/0x430 [ 173.395358][ T7004] ? __pfx_do_file_open+0x10/0x10 [ 173.395423][ T7004] ? alloc_fd+0x476/0x790 [ 173.395462][ T7004] ? do_getname+0x191/0x390 [ 173.395550][ T7004] do_sys_openat2+0x10d/0x1e0 [ 173.395595][ T7004] ? __pfx_do_sys_openat2+0x10/0x10 [ 173.395653][ T7004] __x64_sys_openat+0x12d/0x210 [ 173.395698][ T7004] ? __pfx___x64_sys_openat+0x10/0x10 [ 173.395758][ T7004] do_syscall_64+0x10b/0xf80 [ 173.395848][ T7004] ? clear_bhb_loop+0x40/0x90 [ 173.395887][ T7004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 173.395917][ T7004] RIP: 0033:0x7fe2bf99c819 [ 173.395943][ T7004] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 173.395971][ T7004] RSP: 002b:00007fe2c0796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 173.396000][ T7004] RAX: ffffffffffffffda RBX: 00007fe2bfc15fa0 RCX: 00007fe2bf99c819 [ 173.396019][ T7004] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 173.396037][ T7004] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 173.396055][ T7004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 173.396072][ T7004] R13: 00007fe2bfc16038 R14: 00007fe2bfc15fa0 R15: 00007ffcccb5f398 [ 173.396114][ T7004] [ 173.396166][ T7004] kobject: kobject_add_internal failed for nfc2 (error: -12 parent: nfc) [ 174.017012][ T7012] netlink: 342 bytes leftover after parsing attributes in process `syz.0.301'. [ 175.224421][ T7028] random: crng reseeded on system resumption [ 176.562520][ T7050] FAULT_INJECTION: forcing a failure. [ 176.562520][ T7050] name failslab, interval 1, probability 0, space 0, times 0 [ 176.682638][ T7050] CPU: 1 UID: 0 PID: 7050 Comm: syz.0.309 Not tainted syzkaller #0 PREEMPT(full) [ 176.682681][ T7050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 176.682699][ T7050] Call Trace: [ 176.682709][ T7050] [ 176.682721][ T7050] dump_stack_lvl+0x100/0x190 [ 176.682775][ T7050] should_fail_ex.cold+0x5/0xa [ 176.682824][ T7050] should_failslab+0xc2/0x120 [ 176.682858][ T7050] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 176.682890][ T7050] ? landlock_restrict_sibling_threads+0x4f5/0x1490 [ 176.682936][ T7050] krealloc_node_align_noprof+0x30a/0x3e0 [ 176.682975][ T7050] landlock_restrict_sibling_threads+0x4f5/0x1490 [ 176.683021][ T7050] ? __pfx_landlock_restrict_sibling_threads+0x10/0x10 [ 176.683099][ T7050] ? __pfx___might_resched+0x10/0x10 [ 176.683147][ T7050] ? landlock_merge_ruleset+0x213/0x830 [ 176.683200][ T7050] __do_sys_landlock_restrict_self+0x5d2/0x9e0 [ 176.683251][ T7050] do_syscall_64+0x10b/0xf80 [ 176.683279][ T7050] ? clear_bhb_loop+0x40/0x90 [ 176.683318][ T7050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 176.683348][ T7050] RIP: 0033:0x7f837a79c819 [ 176.683372][ T7050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 176.683398][ T7050] RSP: 002b:00007f837b6c6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 176.683427][ T7050] RAX: ffffffffffffffda RBX: 00007f837aa16180 RCX: 00007f837a79c819 [ 176.683446][ T7050] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000006 [ 176.683463][ T7050] RBP: 00007f837a832c91 R08: 0000000000000000 R09: 0000000000000000 [ 176.683480][ T7050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 176.683496][ T7050] R13: 00007f837aa16218 R14: 00007f837aa16180 R15: 00007ffcd2e83008 [ 176.683538][ T7050] [ 182.102576][ T7127] random: crng reseeded on system resumption [ 182.842895][ T7119] serio: Serial port ttyS0 [ 182.997810][ T5832] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 185.918256][ T7183] ubi0: attaching mtd0 [ 185.927773][ T7183] ubi0: scanning is finished [ 185.962348][ T7183] ubi0: empty MTD device detected [ 186.218993][ T7189] FAULT_INJECTION: forcing a failure. [ 186.218993][ T7189] name failslab, interval 1, probability 0, space 0, times 0 [ 186.232424][ T7189] CPU: 0 UID: 0 PID: 7189 Comm: syz.1.356 Not tainted syzkaller #0 PREEMPT(full) [ 186.232450][ T7189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 186.232460][ T7189] Call Trace: [ 186.232467][ T7189] [ 186.232474][ T7189] dump_stack_lvl+0x100/0x190 [ 186.232512][ T7189] should_fail_ex.cold+0x5/0xa [ 186.232535][ T7189] should_failslab+0xc2/0x120 [ 186.232555][ T7189] __kmalloc_cache_noprof+0x7a/0x6f0 [ 186.232580][ T7189] ? snd_midi_event_new+0x6f/0x210 [ 186.232603][ T7189] snd_midi_event_new+0x6f/0x210 [ 186.232623][ T7189] snd_virmidi_input_open+0x107/0x4d0 [ 186.232646][ T7189] open_substream+0x480/0x9e0 [ 186.232672][ T7189] rawmidi_open_priv+0x524/0x6f0 [ 186.232701][ T7189] snd_rawmidi_open+0x4c9/0xba0 [ 186.232730][ T7189] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 186.232766][ T7189] ? __pfx_default_wake_function+0x10/0x10 [ 186.232786][ T7189] ? soundcore_open+0x231/0x5a0 [ 186.232804][ T7189] ? soundcore_open+0x231/0x5a0 [ 186.232824][ T7189] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 186.232852][ T7189] soundcore_open+0x2e3/0x5a0 [ 186.232873][ T7189] ? __pfx_soundcore_open+0x10/0x10 [ 186.232892][ T7189] chrdev_open+0x234/0x6a0 [ 186.232914][ T7189] ? __pfx_chrdev_open+0x10/0x10 [ 186.232935][ T7189] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 186.232962][ T7189] do_dentry_open+0x6d8/0x1660 [ 186.232981][ T7189] ? __pfx_chrdev_open+0x10/0x10 [ 186.233006][ T7189] vfs_open+0x82/0x3f0 [ 186.233033][ T7189] path_openat+0x208c/0x31a0 [ 186.233060][ T7189] ? __pfx_path_openat+0x10/0x10 [ 186.233088][ T7189] do_file_open+0x20e/0x430 [ 186.233109][ T7189] ? __pfx_do_file_open+0x10/0x10 [ 186.233149][ T7189] ? alloc_fd+0x476/0x790 [ 186.233171][ T7189] ? do_getname+0x191/0x390 [ 186.233196][ T7189] do_sys_openat2+0x10d/0x1e0 [ 186.233221][ T7189] ? __pfx_do_sys_openat2+0x10/0x10 [ 186.233248][ T7189] ? __fget_files+0x21f/0x3d0 [ 186.233271][ T7189] __x64_sys_openat+0x12d/0x210 [ 186.233297][ T7189] ? __pfx___x64_sys_openat+0x10/0x10 [ 186.233331][ T7189] do_syscall_64+0x10b/0xf80 [ 186.233348][ T7189] ? clear_bhb_loop+0x40/0x90 [ 186.233370][ T7189] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.233388][ T7189] RIP: 0033:0x7fe2bf99c819 [ 186.233404][ T7189] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.233421][ T7189] RSP: 002b:00007fe2c0796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 186.233438][ T7189] RAX: ffffffffffffffda RBX: 00007fe2bfc15fa0 RCX: 00007fe2bf99c819 [ 186.233450][ T7189] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 186.233461][ T7189] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 186.233472][ T7189] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.233483][ T7189] R13: 00007fe2bfc16038 R14: 00007fe2bfc15fa0 R15: 00007ffcccb5f398 [ 186.233508][ T7189] [ 186.879158][ T7187] netlink: 28 bytes leftover after parsing attributes in process `syz.2.348'. [ 187.260858][ T7183] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 187.334189][ T7183] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 187.376227][ T7183] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 187.422429][ T7183] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 187.432864][ T7183] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 187.452419][ T7183] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 187.522361][ T7183] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 581238089 [ 187.542601][ T7183] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 187.623647][ T7184] ubi0: detaching mtd0 [ 187.624656][ T7200] ubi0: background thread "ubi_bgt0d" started, PID 7200 [ 187.710405][ T7184] ubi0: mtd0 is detached [ 188.435241][ T7212] netlink: 'syz.0.354': attribute type 1 has an invalid length. [ 188.521856][ T7212] netlink: 9 bytes leftover after parsing attributes in process `syz.0.354'. [ 190.061315][ T7237] sg_write: data in/out 262108/65454 bytes for SCSI command 0x0-- guessing data in; [ 190.061315][ T7237] program syz.2.361 not setting count and/or reply_len properly [ 190.095010][ T7232] FAULT_INJECTION: forcing a failure. [ 190.095010][ T7232] name failslab, interval 1, probability 0, space 0, times 0 [ 190.203652][ T7232] CPU: 1 UID: 0 PID: 7232 Comm: syz.3.360 Not tainted syzkaller #0 PREEMPT(full) [ 190.203695][ T7232] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 190.203713][ T7232] Call Trace: [ 190.203723][ T7232] [ 190.203735][ T7232] dump_stack_lvl+0x100/0x190 [ 190.203797][ T7232] should_fail_ex.cold+0x5/0xa [ 190.203836][ T7232] should_failslab+0xc2/0x120 [ 190.203871][ T7232] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 190.203916][ T7232] ? __mpol_dup+0x74/0x390 [ 190.203957][ T7232] __mpol_dup+0x74/0x390 [ 190.203990][ T7232] ? __pfx___mpol_dup+0x10/0x10 [ 190.204035][ T7232] mbind_range+0x2ad/0x550 [ 190.204075][ T7232] do_mbind+0x7dc/0xfd0 [ 190.204127][ T7232] ? __pfx_do_mbind+0x10/0x10 [ 190.204163][ T7232] ? ksys_write+0x190/0x250 [ 190.204188][ T7232] ? ksys_write+0x190/0x250 [ 190.204232][ T7232] ? __pfx_get_nodes+0x10/0x10 [ 190.204269][ T7232] kernel_mbind+0x1b7/0x200 [ 190.204310][ T7232] ? __pfx_kernel_mbind+0x10/0x10 [ 190.204358][ T7232] do_syscall_64+0x10b/0xf80 [ 190.204384][ T7232] ? clear_bhb_loop+0x40/0x90 [ 190.204418][ T7232] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 190.204446][ T7232] RIP: 0033:0x7fa73759c819 [ 190.204482][ T7232] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 190.204518][ T7232] RSP: 002b:00007fa738486028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 190.204546][ T7232] RAX: ffffffffffffffda RBX: 00007fa737815fa0 RCX: 00007fa73759c819 [ 190.204564][ T7232] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 190.204581][ T7232] RBP: 00007fa737632c91 R08: 0000002000000006 R09: 0000000000000002 [ 190.204598][ T7232] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 190.204615][ T7232] R13: 00007fa737816038 R14: 00007fa737815fa0 R15: 00007ffd32b8d688 [ 190.204653][ T7232] [ 190.904466][ T7243] bridge0: port 3(netdevsim2) entered blocking state [ 190.925561][ T7243] bridge0: port 3(netdevsim2) entered disabled state [ 190.953217][ T7243] netdevsim netdevsim2 netdevsim2: entered allmulticast mode [ 190.969831][ T7243] netdevsim netdevsim2 netdevsim2: entered promiscuous mode [ 191.005779][ T7243] bridge0: port 3(netdevsim2) entered blocking state [ 191.006532][ T7243] bridge0: port 3(netdevsim2) entered forwarding state [ 194.488509][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.495085][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.733044][ T7324] can0: slcan on ttyS2. [ 196.057585][ T7319] can0 (unregistered): slcan off ttyS2. [ 204.525534][ T7421] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 206.161737][ T7473] serio: Serial port ttyS0 [ 208.374177][ T7509] sg_write: data in/out 262108/65454 bytes for SCSI command 0x0-- guessing data in; [ 208.374177][ T7509] program syz.0.432 not setting count and/or reply_len properly [ 209.157028][ T7525] netlink: 25 bytes leftover after parsing attributes in process `syz.0.437'. [ 209.317361][ T7527] netlink: zone id is out of range [ 209.338881][ T7527] netlink: zone id is out of range [ 209.348773][ T7527] netlink: zone id is out of range [ 209.357888][ T7527] netlink: zone id is out of range [ 209.372383][ T7527] netlink: zone id is out of range [ 209.388007][ T7528] netlink: zone id is out of range [ 209.410368][ T7527] netlink: zone id is out of range [ 209.421249][ T7528] netlink: zone id is out of range [ 209.433212][ T7528] netlink: zone id is out of range [ 209.458098][ T7528] netlink: zone id is out of range [ 209.975819][ T7539] FAULT_INJECTION: forcing a failure. [ 209.975819][ T7539] name failslab, interval 1, probability 0, space 0, times 0 [ 210.064896][ T7539] CPU: 0 UID: 0 PID: 7539 Comm: syz.0.442 Not tainted syzkaller #0 PREEMPT(full) [ 210.064936][ T7539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 210.064953][ T7539] Call Trace: [ 210.064963][ T7539] [ 210.064974][ T7539] dump_stack_lvl+0x100/0x190 [ 210.065028][ T7539] should_fail_ex.cold+0x5/0xa [ 210.065067][ T7539] should_failslab+0xc2/0x120 [ 210.065101][ T7539] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 210.065148][ T7539] ? vm_area_alloc+0x1f/0x160 [ 210.065189][ T7539] ? vma_merge_new_range+0x38b/0xa30 [ 210.065232][ T7539] ? __pfx___sanitizer_cov_trace_const_cmp2+0x10/0x10 [ 210.065291][ T7539] vm_area_alloc+0x1f/0x160 [ 210.065332][ T7539] __mmap_region+0x118c/0x2a50 [ 210.065385][ T7539] ? __pfx___mmap_region+0x10/0x10 [ 210.065450][ T7539] ? set_next_entity+0x11e/0x9c0 [ 210.065502][ T7539] ? __lock_acquire+0x4a5/0x2630 [ 210.065559][ T7539] ? find_held_lock+0x2b/0x80 [ 210.065587][ T7539] ? finish_task_switch.isra.0+0x200/0xb80 [ 210.065622][ T7539] ? finish_task_switch.isra.0+0x200/0xb80 [ 210.065672][ T7539] ? trace_sched_exit_tp+0x13a/0x180 [ 210.065710][ T7539] ? __schedule+0x1000/0x6120 [ 210.065806][ T7539] ? rcu_is_watching+0x12/0xc0 [ 210.065854][ T7539] ? cap_capable+0x107/0x460 [ 210.065900][ T7539] mmap_region+0x180/0x3e0 [ 210.065954][ T7539] do_mmap+0xc63/0x12f0 [ 210.065997][ T7539] ? __pfx_do_mmap+0x10/0x10 [ 210.066033][ T7539] ? __pfx_down_write_killable+0x10/0x10 [ 210.066075][ T7539] vm_mmap_pgoff+0x29e/0x470 [ 210.066118][ T7539] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 210.066158][ T7539] ? do_futex+0x192/0x350 [ 210.066198][ T7539] ? __pfx_do_futex+0x10/0x10 [ 210.066237][ T7539] ? find_held_lock+0x2b/0x80 [ 210.066273][ T7539] ksys_mmap_pgoff+0xe1/0x650 [ 210.066307][ T7539] ? __x64_sys_futex+0x34f/0x4d0 [ 210.066346][ T7539] ? __x64_sys_futex+0x358/0x4d0 [ 210.066387][ T7539] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 210.066431][ T7539] ? xfd_validate_state+0x129/0x190 [ 210.066485][ T7539] __x64_sys_mmap+0x125/0x190 [ 210.066538][ T7539] do_syscall_64+0x10b/0xf80 [ 210.066565][ T7539] ? clear_bhb_loop+0x40/0x90 [ 210.066603][ T7539] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.066632][ T7539] RIP: 0033:0x7f837a79c819 [ 210.066657][ T7539] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 210.066683][ T7539] RSP: 002b:00007f837b6c6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 210.066711][ T7539] RAX: ffffffffffffffda RBX: 00007f837aa16180 RCX: 00007f837a79c819 [ 210.066730][ T7539] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 210.066748][ T7539] RBP: 00007f837a832c91 R08: ffffffffffffffff R09: 0000000000008000 [ 210.066767][ T7539] R10: 0040000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 210.066785][ T7539] R13: 00007f837aa16218 R14: 00007f837aa16180 R15: 00007ffcd2e83008 [ 210.066827][ T7539] [ 211.760155][ T7563] QAT: Invalid ioctl 35077 [ 215.235761][ T7597] FAULT_INJECTION: forcing a failure. [ 215.235761][ T7597] name failslab, interval 1, probability 0, space 0, times 0 [ 215.282370][ T7597] CPU: 1 UID: 0 PID: 7597 Comm: syz.1.466 Not tainted syzkaller #0 PREEMPT(full) [ 215.282412][ T7597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 215.282438][ T7597] Call Trace: [ 215.282448][ T7597] [ 215.282460][ T7597] dump_stack_lvl+0x100/0x190 [ 215.282514][ T7597] should_fail_ex.cold+0x5/0xa [ 215.282552][ T7597] should_failslab+0xc2/0x120 [ 215.282588][ T7597] kmem_cache_alloc_node_noprof+0x81/0x6f0 [ 215.282637][ T7597] ? __alloc_skb+0x140/0x710 [ 215.282686][ T7597] __alloc_skb+0x140/0x710 [ 215.282726][ T7597] ? __alloc_skb+0x5b7/0x710 [ 215.282768][ T7597] ? __pfx___alloc_skb+0x10/0x10 [ 215.282809][ T7597] ? is_bpf_text_address+0x8a/0x1a0 [ 215.282862][ T7597] ? __lock_acquire+0x4a5/0x2630 [ 215.282905][ T7597] alloc_skb_with_frags+0xe0/0x810 [ 215.282936][ T7597] ? __lock_acquire+0x4a5/0x2630 [ 215.282983][ T7597] sock_alloc_send_pskb+0x801/0x980 [ 215.283038][ T7597] ? __pfx_sock_alloc_send_pskb+0x10/0x10 [ 215.283088][ T7597] ? __lock_acquire+0x4a5/0x2630 [ 215.283134][ T7597] __ip_append_data+0x227d/0x4690 [ 215.283190][ T7597] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 215.283238][ T7597] ? find_held_lock+0x2b/0x80 [ 215.283266][ T7597] ? ip_dst_mtu_maybe_forward.constprop.0+0x3df/0x750 [ 215.283313][ T7597] ? ip_dst_mtu_maybe_forward.constprop.0+0x3e9/0x750 [ 215.283351][ T7597] ? __pfx___ip_append_data+0x10/0x10 [ 215.283407][ T7597] ip_make_skb+0x28b/0x310 [ 215.283449][ T7597] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 215.283500][ T7597] ? __pfx_ip_make_skb+0x10/0x10 [ 215.283554][ T7597] ? udp_sendmsg+0x17b6/0x2890 [ 215.283598][ T7597] udp_sendmsg+0x17b6/0x2890 [ 215.283652][ T7597] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 215.283702][ T7597] ? __pfx_udp_sendmsg+0x10/0x10 [ 215.283750][ T7597] ? __lock_acquire+0x4a5/0x2630 [ 215.283837][ T7597] ? __pfx_udp_sendmsg+0x10/0x10 [ 215.283886][ T7597] inet_sendmsg+0x105/0x140 [ 215.283923][ T7597] sock_write_iter+0x4ea/0x5a0 [ 215.283956][ T7597] ? __pfx_inet_sendmsg+0x10/0x10 [ 215.283991][ T7597] ? __pfx_sock_write_iter+0x10/0x10 [ 215.284039][ T7597] ? bpf_lsm_file_permission+0x9/0x10 [ 215.284069][ T7597] ? security_file_permission+0x76/0x210 [ 215.284120][ T7597] ? rw_verify_area+0xce/0x6d0 [ 215.284170][ T7597] vfs_write+0x6ac/0x1070 [ 215.284202][ T7597] ? __pfx_sock_write_iter+0x10/0x10 [ 215.284240][ T7597] ? __pfx_vfs_write+0x10/0x10 [ 215.284268][ T7597] ? find_held_lock+0x2b/0x80 [ 215.284322][ T7597] ksys_write+0x1f8/0x250 [ 215.284353][ T7597] ? __pfx_ksys_write+0x10/0x10 [ 215.284395][ T7597] do_syscall_64+0x10b/0xf80 [ 215.284423][ T7597] ? clear_bhb_loop+0x40/0x90 [ 215.284468][ T7597] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.284499][ T7597] RIP: 0033:0x7fe2bf99c819 [ 215.284525][ T7597] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 215.284554][ T7597] RSP: 002b:00007fe2c0796028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 215.284585][ T7597] RAX: ffffffffffffffda RBX: 00007fe2bfc15fa0 RCX: 00007fe2bf99c819 [ 215.284605][ T7597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 215.284623][ T7597] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 215.284641][ T7597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 215.284659][ T7597] R13: 00007fe2bfc16038 R14: 00007fe2bfc15fa0 R15: 00007ffcccb5f398 [ 215.284699][ T7597] [ 216.911046][ T7595] can: request_module (can-proto-3) failed. [ 220.730973][ T7686] netlink: 350 bytes leftover after parsing attributes in process `syz.3.482'. [ 223.172381][ T7723] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 223.265987][ T7723] File: /dev/nullb0 PID: 7723 Comm: syz.1.488 [ 224.884372][ T7754] netlink: 25 bytes leftover after parsing attributes in process `syz.2.498'. [ 225.074421][ T7760] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 225.538529][ T7771] netlink: 25 bytes leftover after parsing attributes in process `syz.2.505'. [ 226.194998][ T7784] random: crng reseeded on system resumption [ 227.154101][ T7799] net_ratelimit: 5 callbacks suppressed [ 227.154127][ T7799] netlink: zone id is out of range [ 227.155358][ T7801] vivid-007: ================= START STATUS ================= [ 227.159725][ T7799] netlink: zone id is out of range [ 227.172394][ T7801] vivid-007: Generate PTS: [ 227.226201][ T7799] netlink: zone id is out of range [ 227.233837][ T7801] true [ 227.242860][ T7799] netlink: zone id is out of range [ 227.243787][ T7801] vivid-007: Generate SCR: true [ 227.258697][ T7799] netlink: zone id is out of range [ 227.267318][ T7801] tpg source WxH: 320x240 (Y'CbCr) [ 227.271818][ T7799] netlink: zone id is out of range [ 227.281119][ T7801] tpg field: 1 [ 227.300410][ T7801] tpg crop: (0,0)/320x240 [ 227.307236][ T7801] tpg compose: (0,0)/320x240 [ 227.311074][ T7799] netlink: set zone limit has 8 unknown bytes [ 227.314773][ T7801] tpg colorspace: 8 [ 227.322001][ T7801] tpg transfer function: 0/0 [ 227.329792][ T7801] tpg Y'CbCr encoding: 0/0 [ 227.338122][ T7804] netlink: zone id is out of range [ 227.343681][ T7804] netlink: zone id is out of range [ 227.348988][ T7804] netlink: zone id is out of range [ 227.364485][ T7801] tpg quantization: 0/0 [ 227.369043][ T7801] tpg RGB range: 0/2 [ 227.386032][ T7801] vivid-007: ================== END STATUS ================== [ 227.663272][ T7809] syz.2.515 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 227.851146][ T7818] FAULT_INJECTION: forcing a failure. [ 227.851146][ T7818] name failslab, interval 1, probability 0, space 0, times 0 [ 227.919052][ T7818] CPU: 1 UID: 0 PID: 7818 Comm: syz.2.515 Not tainted syzkaller #0 PREEMPT(full) [ 227.919092][ T7818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 227.919108][ T7818] Call Trace: [ 227.919118][ T7818] [ 227.919129][ T7818] dump_stack_lvl+0x100/0x190 [ 227.919177][ T7818] should_fail_ex.cold+0x5/0xa [ 227.919214][ T7818] should_failslab+0xc2/0x120 [ 227.919246][ T7818] __kmalloc_cache_noprof+0x7a/0x6f0 [ 227.919282][ T7818] ? trace_pid_list_alloc+0x2fe/0x480 [ 227.919332][ T7818] trace_pid_list_alloc+0x2fe/0x480 [ 227.919377][ T7818] trace_pid_write+0x110/0x460 [ 227.919421][ T7818] ? __pfx_trace_pid_write+0x10/0x10 [ 227.919488][ T7818] event_pid_write.isra.0+0x1e4/0x800 [ 227.919519][ T7818] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 227.919559][ T7818] vfs_write+0x2aa/0x1070 [ 227.919588][ T7818] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 227.919629][ T7818] ? __pfx_vfs_write+0x10/0x10 [ 227.919656][ T7818] ? __fget_files+0x215/0x3d0 [ 227.919695][ T7818] ? __fget_files+0x21f/0x3d0 [ 227.919735][ T7818] ksys_write+0x12a/0x250 [ 227.919764][ T7818] ? __pfx_ksys_write+0x10/0x10 [ 227.919803][ T7818] do_syscall_64+0x10b/0xf80 [ 227.919829][ T7818] ? clear_bhb_loop+0x40/0x90 [ 227.919862][ T7818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.919890][ T7818] RIP: 0033:0x7fcc0f99c819 [ 227.919914][ T7818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.919939][ T7818] RSP: 002b:00007fcc10889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 227.919966][ T7818] RAX: ffffffffffffffda RBX: 00007fcc0fc16090 RCX: 00007fcc0f99c819 [ 227.919984][ T7818] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 227.920001][ T7818] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 227.920016][ T7818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 227.920032][ T7818] R13: 00007fcc0fc16128 R14: 00007fcc0fc16090 R15: 00007ffdab7d9828 [ 227.920071][ T7818] [ 228.663512][ T7830] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 228.749571][ T7832] netlink: 29 bytes leftover after parsing attributes in process `syz.3.521'. [ 230.452454][ T7872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.535'. [ 231.243281][ T7885] netlink: 330 bytes leftover after parsing attributes in process `syz.3.538'. [ 232.134146][ T7915] netlink: 13 bytes leftover after parsing attributes in process `syz.3.545'. [ 235.546009][ T7970] netlink: 318 bytes leftover after parsing attributes in process `syz.3.561'. [ 235.939715][ T7980] netlink: 8 bytes leftover after parsing attributes in process `syz.3.565'. [ 236.102729][ T7980] openvswitch: HfR: Dropping previously announced user features [ 236.389238][ T7987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.574'. [ 236.909560][ T8002] binder: 7999:8002 ioctl c00c620f 2000000001c0 returned -22 [ 237.857464][ T8017] netlink: 13 bytes leftover after parsing attributes in process `syz.2.573'. [ 238.815896][ T8033] netlink: 4 bytes leftover after parsing attributes in process `syz.3.579'. [ 238.862691][ T8033] netlink: 'syz.3.579': attribute type 1 has an invalid length. [ 238.905389][ T8033] netlink: 5 bytes leftover after parsing attributes in process `syz.3.579'. [ 243.142030][ T8105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.598'. [ 243.152177][ T8105] netlink: 'syz.1.598': attribute type 1 has an invalid length. [ 243.159937][ T8105] netlink: 5 bytes leftover after parsing attributes in process `syz.1.598'. [ 243.222105][ T8108] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 247.194540][ T8174] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 247.706969][ T8180] Invalid ELF header magic: != ELF [ 250.754120][ T8244] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 250.768417][ T8244] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 250.784313][ T8244] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 250.790435][ T8244] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 252.806418][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 252.812715][ T5146] Bluetooth: hci0: command 0x0c1a tx timeout [ 252.812757][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 252.818919][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout [ 253.461232][ T8287] sp0: Synchronizing with TNC [ 254.566480][ T8304] random: crng reseeded on system resumption [ 254.578650][ T8302] netlink: 17 bytes leftover after parsing attributes in process `syz.0.650'. [ 254.738918][ T8304] hub 1-0:1.0: USB hub found [ 254.769242][ T8304] hub 1-0:1.0: 1 port detected [ 255.772703][ T5146] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 255.939903][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.946519][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 257.160803][ T8344] FAULT_INJECTION: forcing a failure. [ 257.160803][ T8344] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 257.174036][ T8344] CPU: 1 UID: 0 PID: 8344 Comm: syz.2.660 Not tainted syzkaller #0 PREEMPT(full) [ 257.174062][ T8344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 257.174072][ T8344] Call Trace: [ 257.174081][ T8344] [ 257.174088][ T8344] dump_stack_lvl+0x100/0x190 [ 257.174120][ T8344] should_fail_ex.cold+0x5/0xa [ 257.174144][ T8344] _copy_from_user+0x2e/0xd0 [ 257.174174][ T8344] do_handle_open+0x60e/0xce0 [ 257.174200][ T8344] ? __pfx_do_handle_open+0x10/0x10 [ 257.174223][ T8344] ? __x64_sys_futex+0x34f/0x4d0 [ 257.174250][ T8344] ? xfd_validate_state+0x129/0x190 [ 257.174284][ T8344] ? do_syscall_64+0x10b/0xf80 [ 257.174301][ T8344] do_syscall_64+0x10b/0xf80 [ 257.174316][ T8344] ? clear_bhb_loop+0x40/0x90 [ 257.174338][ T8344] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.174358][ T8344] RIP: 0033:0x7fcc0f99c819 [ 257.174373][ T8344] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.174389][ T8344] RSP: 002b:00007fcc108aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 257.174407][ T8344] RAX: ffffffffffffffda RBX: 00007fcc0fc15fa0 RCX: 00007fcc0f99c819 [ 257.174419][ T8344] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000004 [ 257.174429][ T8344] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 257.174440][ T8344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.174450][ T8344] R13: 00007fcc0fc16038 R14: 00007fcc0fc15fa0 R15: 00007ffdab7d9828 [ 257.174472][ T8344] [ 257.313270][ T8350] Falling back ldisc for ttyS2. [ 259.841678][ T8379] netlink: 'syz.1.671': attribute type 2 has an invalid length. [ 260.399174][ T8395] __vm_enough_memory: pid: 8395, comm: syz.3.676, bytes: 4398046511104 not enough memory for the allocation [ 260.864387][ T8392] Invalid ELF header magic: != ELF [ 262.501724][ T8429] FAULT_INJECTION: forcing a failure. [ 262.501724][ T8429] name failslab, interval 1, probability 0, space 0, times 0 [ 262.535796][ T8429] CPU: 1 UID: 0 PID: 8429 Comm: syz.2.685 Not tainted syzkaller #0 PREEMPT(full) [ 262.535836][ T8429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 262.535853][ T8429] Call Trace: [ 262.535863][ T8429] [ 262.535874][ T8429] dump_stack_lvl+0x100/0x190 [ 262.535925][ T8429] should_fail_ex.cold+0x5/0xa [ 262.535961][ T8429] should_failslab+0xc2/0x120 [ 262.535994][ T8429] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 262.536024][ T8429] ? __addrconf_sysctl_register+0xbb/0x360 [ 262.536078][ T8429] kmemdup_noprof+0x29/0x60 [ 262.536105][ T8429] __addrconf_sysctl_register+0xbb/0x360 [ 262.536149][ T8429] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 262.536197][ T8429] ? __asan_memcpy+0x3c/0x60 [ 262.536259][ T8429] addrconf_init_net+0x5dd/0x8e0 [ 262.536312][ T8429] ? __pfx_addrconf_init_net+0x10/0x10 [ 262.536353][ T8429] ops_init+0x1e2/0x5f0 [ 262.536400][ T8429] setup_net+0x118/0x3a0 [ 262.536429][ T8429] ? __pfx_setup_net+0x10/0x10 [ 262.536454][ T8429] ? lockdep_init_map_type+0x5c/0x250 [ 262.536496][ T8429] ? mutex_init_lockep+0x110/0x150 [ 262.536542][ T8429] copy_net_ns+0x46f/0x7c0 [ 262.536576][ T8429] create_new_namespaces+0x3ea/0xac0 [ 262.536618][ T8429] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 262.536654][ T8429] ksys_unshare+0x473/0xad0 [ 262.536694][ T8429] ? __pfx_ksys_unshare+0x10/0x10 [ 262.536747][ T8429] __x64_sys_unshare+0x31/0x40 [ 262.536783][ T8429] do_syscall_64+0x10b/0xf80 [ 262.536810][ T8429] ? clear_bhb_loop+0x40/0x90 [ 262.536846][ T8429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.536877][ T8429] RIP: 0033:0x7fcc0f99c819 [ 262.536902][ T8429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 262.536928][ T8429] RSP: 002b:00007fcc108aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 262.536957][ T8429] RAX: ffffffffffffffda RBX: 00007fcc0fc15fa0 RCX: 00007fcc0f99c819 [ 262.536976][ T8429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 262.536994][ T8429] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 262.537011][ T8429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 262.537029][ T8429] R13: 00007fcc0fc16038 R14: 00007fcc0fc15fa0 R15: 00007ffdab7d9828 [ 262.537070][ T8429] [ 263.319224][ T8435] ubi0: attaching mtd0 [ 263.332680][ T8435] ubi0: scanning is finished [ 263.502689][ T8435] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 263.510408][ T8435] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 263.534899][ T8435] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 263.546452][ T8435] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 263.555267][ T8435] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 263.563289][ T8435] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 263.578143][ T8435] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 581238089 [ 263.733884][ T8435] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 263.833089][ T8443] ubi0: background thread "ubi_bgt0d" started, PID 8443 [ 263.845788][ T8439] ubi0: detaching mtd0 [ 263.904589][ T8439] ubi0: mtd0 is detached [ 264.440061][ T8450] sp0: Synchronizing with TNC [ 265.464110][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.3.695'. [ 265.794734][ T8477] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 265.837909][ T8477] File: /dev/nullb0 PID: 8477 Comm: syz.2.696 [ 265.913152][ T8484] blktrace: Concurrent blktraces are not allowed on loop2 [ 268.424593][ T8513] netlink: 28 bytes leftover after parsing attributes in process `syz.2.704'. [ 269.518134][ T8532] random: crng reseeded on system resumption [ 269.535127][ T8533] netlink: 25 bytes leftover after parsing attributes in process `syz.2.710'. [ 273.128490][ T8583] netlink: 4 bytes leftover after parsing attributes in process `syz.0.723'. [ 273.144162][ T8583] netlink: 354 bytes leftover after parsing attributes in process `syz.0.723'. [ 273.655124][ T8594] sp0: Synchronizing with TNC [ 275.009788][ T8614] random: crng reseeded on system resumption [ 277.134690][ T8637] random: crng reseeded on system resumption [ 277.146122][ T8635] netlink: 'syz.3.745': attribute type 1 has an invalid length. [ 277.179625][ T8635] netlink: 9 bytes leftover after parsing attributes in process `syz.3.745'. [ 277.230324][ T8637] hub 1-0:1.0: USB hub found [ 277.262061][ T8637] hub 1-0:1.0: 1 port detected [ 277.362934][ T5832] Bluetooth: hci2: unexpected subevent 0x01 length: 123 > 18 [ 278.387906][ T8657] netlink: 'syz.2.742': attribute type 2 has an invalid length. [ 281.914700][ T8717] __vm_enough_memory: pid: 8717, comm: syz.0.754, bytes: 4398046511104 not enough memory for the allocation [ 285.349018][ T8773] netlink: 25 bytes leftover after parsing attributes in process `syz.0.770'. [ 286.877867][ T8797] netlink: 186 bytes leftover after parsing attributes in process `syz.1.776'. [ 286.892035][ T8797] netlink: 186 bytes leftover after parsing attributes in process `syz.1.776'. [ 287.189056][ T8806] FAULT_INJECTION: forcing a failure. [ 287.189056][ T8806] name failslab, interval 1, probability 0, space 0, times 0 [ 287.209137][ T8807] blktrace: Concurrent blktraces are not allowed on loop2 [ 287.243375][ T8806] CPU: 1 UID: 0 PID: 8806 Comm: syz.3.785 Not tainted syzkaller #0 PREEMPT(full) [ 287.243402][ T8806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 287.243412][ T8806] Call Trace: [ 287.243419][ T8806] [ 287.243426][ T8806] dump_stack_lvl+0x100/0x190 [ 287.243462][ T8806] should_fail_ex.cold+0x5/0xa [ 287.243484][ T8806] should_failslab+0xc2/0x120 [ 287.243506][ T8806] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 287.243535][ T8806] ? security_inode_alloc+0x3b/0x2c0 [ 287.243560][ T8806] ? lockdep_init_map_type+0x5c/0x250 [ 287.243588][ T8806] security_inode_alloc+0x3b/0x2c0 [ 287.243614][ T8806] inode_init_always_gfp+0xcc0/0x1000 [ 287.243637][ T8806] alloc_inode+0x8e/0x250 [ 287.243662][ T8806] sock_alloc+0x44/0x280 [ 287.243678][ T8806] ? security_socket_create+0x7f/0x250 [ 287.243703][ T8806] sock_create_lite+0x82/0x120 [ 287.243722][ T8806] __netlink_kernel_create+0xbd/0x750 [ 287.243754][ T8806] ? __pfx___netlink_kernel_create+0x10/0x10 [ 287.243789][ T8806] ? __pfx_genl_pernet_init+0x10/0x10 [ 287.243808][ T8806] genl_pernet_init+0xbd/0x160 [ 287.243827][ T8806] ? __pfx_genl_pernet_init+0x10/0x10 [ 287.243846][ T8806] ? lockdep_init_map_type+0x5c/0x250 [ 287.243871][ T8806] ? __pfx_genl_rcv+0x10/0x10 [ 287.243888][ T8806] ? __pfx_genl_bind+0x10/0x10 [ 287.243905][ T8806] ? __pfx_genl_unbind+0x10/0x10 [ 287.243922][ T8806] ? __pfx_genl_release+0x10/0x10 [ 287.243941][ T8806] ? mutex_init_lockep+0x110/0x150 [ 287.243968][ T8806] ops_init+0x1e2/0x5f0 [ 287.243999][ T8806] setup_net+0x118/0x3a0 [ 287.244016][ T8806] ? __pfx_setup_net+0x10/0x10 [ 287.244030][ T8806] ? lockdep_init_map_type+0x5c/0x250 [ 287.244055][ T8806] ? mutex_init_lockep+0x110/0x150 [ 287.244083][ T8806] copy_net_ns+0x46f/0x7c0 [ 287.244103][ T8806] create_new_namespaces+0x3ea/0xac0 [ 287.244128][ T8806] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 287.244150][ T8806] ksys_unshare+0x473/0xad0 [ 287.244175][ T8806] ? __pfx_ksys_unshare+0x10/0x10 [ 287.244205][ T8806] __x64_sys_unshare+0x31/0x40 [ 287.244294][ T8806] do_syscall_64+0x10b/0xf80 [ 287.244312][ T8806] ? clear_bhb_loop+0x40/0x90 [ 287.244335][ T8806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 287.244354][ T8806] RIP: 0033:0x7fa73759c819 [ 287.244370][ T8806] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 287.244387][ T8806] RSP: 002b:00007fa738465028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 287.244405][ T8806] RAX: ffffffffffffffda RBX: 00007fa737816090 RCX: 00007fa73759c819 [ 287.244416][ T8806] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 287.244427][ T8806] RBP: 00007fa737632c91 R08: 0000000000000000 R09: 0000000000000000 [ 287.244437][ T8806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 287.244447][ T8806] R13: 00007fa737816128 R14: 00007fa737816090 R15: 00007ffd32b8d688 [ 287.244470][ T8806] [ 288.826722][ T5146] Bluetooth: hci1: unexpected subevent 0x03 length: 253 > 9 [ 291.229948][ T8850] netlink: 17 bytes leftover after parsing attributes in process `syz.3.787'. [ 291.292453][ T8850] netlink: 2 bytes leftover after parsing attributes in process `syz.3.787'. [ 291.603378][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 291.993324][ T8861] blktrace: Concurrent blktraces are not allowed on loop2 [ 292.558369][ T8867] can0: slcan on pty238. [ 292.763364][ T8864] can0 (unregistered): slcan off pty238. [ 292.999989][ T8871] netlink: 'syz.0.793': attribute type 1 has an invalid length. [ 293.032251][ T8871] netlink: 9 bytes leftover after parsing attributes in process `syz.0.793'. [ 293.559309][ T8880] FAULT_INJECTION: forcing a failure. [ 293.559309][ T8880] name failslab, interval 1, probability 0, space 0, times 0 [ 293.592526][ T8880] CPU: 0 UID: 0 PID: 8880 Comm: syz.3.795 Not tainted syzkaller #0 PREEMPT(full) [ 293.592566][ T8880] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 293.592581][ T8880] Call Trace: [ 293.592591][ T8880] [ 293.592602][ T8880] dump_stack_lvl+0x100/0x190 [ 293.592651][ T8880] should_fail_ex.cold+0x5/0xa [ 293.592688][ T8880] should_failslab+0xc2/0x120 [ 293.592719][ T8880] __kmalloc_cache_noprof+0x7a/0x6f0 [ 293.592754][ T8880] ? vkms_plane_duplicate_state+0x45/0x130 [ 293.592806][ T8880] vkms_plane_duplicate_state+0x45/0x130 [ 293.592847][ T8880] drm_atomic_get_plane_state+0x279/0x760 [ 293.592898][ T8880] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 293.592935][ T8880] ? trace_contention_end+0x140/0x180 [ 293.592977][ T8880] ? __mutex_lock+0x26a/0x1b90 [ 293.593004][ T8880] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 293.593039][ T8880] ? drm_master_internal_acquire+0x21/0x80 [ 293.593108][ T8880] drm_client_modeset_commit_locked+0x14d/0x580 [ 293.593150][ T8880] drm_client_modeset_commit+0x4f/0x80 [ 293.593184][ T8880] __drm_fb_helper_restore_fbdev_mode_unlocked.part.0+0x137/0x160 [ 293.593222][ T8880] drm_fb_helper_restore_fbdev_mode_unlocked+0x93/0xc0 [ 293.593261][ T8880] drm_fbdev_client_restore+0x1b/0x30 [ 293.593289][ T8880] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 293.593315][ T8880] drm_client_dev_restore+0x205/0x2a0 [ 293.593358][ T8880] drm_release+0x2c6/0x360 [ 293.593389][ T8880] ? __pfx_drm_release+0x10/0x10 [ 293.593420][ T8880] __fput+0x3ff/0xb50 [ 293.593477][ T8880] task_work_run+0x150/0x240 [ 293.593517][ T8880] ? __pfx_task_work_run+0x10/0x10 [ 293.593568][ T8880] exit_to_user_mode_loop+0x100/0x4a0 [ 293.593610][ T8880] do_syscall_64+0x6f2/0xf80 [ 293.593635][ T8880] ? clear_bhb_loop+0x40/0x90 [ 293.593673][ T8880] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 293.593702][ T8880] RIP: 0033:0x7fa73759c819 [ 293.593725][ T8880] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 293.593749][ T8880] RSP: 002b:00007fa738465028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 293.593777][ T8880] RAX: 0000000000000000 RBX: 00007fa737816090 RCX: 00007fa73759c819 [ 293.593794][ T8880] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 293.593808][ T8880] RBP: 00007fa737632c91 R08: 0000000000000000 R09: 0000000000000000 [ 293.593826][ T8880] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 293.593843][ T8880] R13: 00007fa737816128 R14: 00007fa737816090 R15: 00007ffd32b8d688 [ 293.593886][ T8880] [ 297.117602][ T8919] netlink: 17 bytes leftover after parsing attributes in process `syz.1.806'. [ 298.103058][ T8936] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 298.271127][ T8936] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 298.434532][ T8936] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 298.440631][ T8936] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 298.875227][ T8936] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 298.927897][ T8936] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 299.246663][ T30] audit: type=1800 audit(1776167289.371:7): pid=8946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.811" name="sr0" dev="devtmpfs" ino=2840 res=0 errno=0 [ 300.095443][ T8958] FAULT_INJECTION: forcing a failure. [ 300.095443][ T8958] name failslab, interval 1, probability 0, space 0, times 0 [ 300.162598][ T5146] Bluetooth: hci0: command 0x0c1a tx timeout [ 300.172014][ T8958] CPU: 1 UID: 0 PID: 8958 Comm: syz.1.816 Not tainted syzkaller #0 PREEMPT(full) [ 300.172042][ T8958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 300.172052][ T8958] Call Trace: [ 300.172058][ T8958] [ 300.172065][ T8958] dump_stack_lvl+0x100/0x190 [ 300.172099][ T8958] should_fail_ex.cold+0x5/0xa [ 300.172121][ T8958] ? security_inode_init_security+0x113/0x370 [ 300.172144][ T8958] should_failslab+0xc2/0x120 [ 300.172182][ T8958] __kmalloc_noprof+0xe0/0x850 [ 300.172230][ T8958] security_inode_init_security+0x113/0x370 [ 300.172265][ T8958] ? __pfx_shmem_initxattrs+0x10/0x10 [ 300.172302][ T8958] ? __pfx_security_inode_init_security+0x10/0x10 [ 300.172342][ T8958] ? make_vfsgid+0xf1/0x140 [ 300.172392][ T8958] shmem_mknod+0x2bf/0x470 [ 300.172438][ T8958] ? __pfx_shmem_mknod+0x10/0x10 [ 300.172494][ T8958] vfs_create+0x301/0x6c0 [ 300.172544][ T8958] filename_mknodat+0x2de/0x7f0 [ 300.172579][ T8958] ? __pfx_filename_mknodat+0x10/0x10 [ 300.172613][ T8958] ? strncpy_from_user+0x19d/0x2d0 [ 300.172660][ T8958] ? do_getname+0x191/0x390 [ 300.172701][ T8958] __x64_sys_mknod+0x8f/0xc0 [ 300.172732][ T8958] do_syscall_64+0x10b/0xf80 [ 300.172758][ T8958] ? clear_bhb_loop+0x40/0x90 [ 300.172794][ T8958] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.172826][ T8958] RIP: 0033:0x7fe2bf99c819 [ 300.172851][ T8958] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 300.172877][ T8958] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 300.172906][ T8958] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 300.172925][ T8958] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 300.172941][ T8958] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 300.172958][ T8958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 300.172975][ T8958] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 300.173015][ T8958] [ 300.322382][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout [ 300.484115][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout [ 300.885361][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout [ 302.090641][ T30] audit: type=1807 audit(1776167292.211:8): UNKNOWN= res=0 [ 302.146853][ T30] audit: type=1802 audit(1776167292.241:9): pid=8981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.1.823" res=0 errno=0 [ 302.255155][ T8985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.823'. [ 302.357012][ T8985] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.494013][ T8985] bridge_slave_1 (unregistering): left allmulticast mode [ 302.501259][ T8985] bridge_slave_1 (unregistering): left promiscuous mode [ 302.520300][ T8985] bridge0: port 2(bridge_slave_1) entered disabled state [ 302.562294][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout [ 302.906561][ T8980] ima: policy update failed [ 302.922431][ T30] audit: type=1802 audit(1776167293.031:10): pid=8980 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.823" res=0 errno=0 [ 302.962274][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout [ 308.123027][ T9073] FAULT_INJECTION: forcing a failure. [ 308.123027][ T9073] name failslab, interval 1, probability 0, space 0, times 0 [ 308.168901][ T9073] CPU: 0 UID: 0 PID: 9073 Comm: syz.1.837 Not tainted syzkaller #0 PREEMPT(full) [ 308.168947][ T9073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 308.168964][ T9073] Call Trace: [ 308.168972][ T9073] [ 308.168983][ T9073] dump_stack_lvl+0x100/0x190 [ 308.169033][ T9073] should_fail_ex.cold+0x5/0xa [ 308.169068][ T9073] should_failslab+0xc2/0x120 [ 308.169099][ T9073] __kmalloc_cache_noprof+0x7a/0x6f0 [ 308.169147][ T9073] ? uevent_net_init+0xd3/0x330 [ 308.169192][ T9073] uevent_net_init+0xd3/0x330 [ 308.169226][ T9073] ? __pfx_uevent_net_init+0x10/0x10 [ 308.169263][ T9073] ? __pfx_uevent_net_rcv+0x10/0x10 [ 308.169297][ T9073] ? __kmalloc_noprof+0x320/0x850 [ 308.169342][ T9073] ? __pfx_uevent_net_init+0x10/0x10 [ 308.169371][ T9073] ops_init+0x1e2/0x5f0 [ 308.169415][ T9073] setup_net+0x118/0x3a0 [ 308.169441][ T9073] ? __pfx_setup_net+0x10/0x10 [ 308.169462][ T9073] ? lockdep_init_map_type+0x5c/0x250 [ 308.169498][ T9073] ? mutex_init_lockep+0x110/0x150 [ 308.169540][ T9073] copy_net_ns+0x46f/0x7c0 [ 308.169571][ T9073] create_new_namespaces+0x3ea/0xac0 [ 308.169610][ T9073] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 308.169643][ T9073] ksys_unshare+0x473/0xad0 [ 308.169679][ T9073] ? __pfx_ksys_unshare+0x10/0x10 [ 308.169726][ T9073] __x64_sys_unshare+0x31/0x40 [ 308.169758][ T9073] do_syscall_64+0x10b/0xf80 [ 308.169782][ T9073] ? clear_bhb_loop+0x40/0x90 [ 308.169815][ T9073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.169842][ T9073] RIP: 0033:0x7fe2bf99c819 [ 308.169866][ T9073] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 308.169892][ T9073] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 308.169919][ T9073] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 308.169937][ T9073] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 308.169952][ T9073] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 308.169968][ T9073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.169983][ T9073] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 308.170020][ T9073] [ 308.891221][ T30] audit: type=1800 audit(1776167299.011:11): pid=9085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.840" name="dbroot" dev="configfs" ino=28461 res=0 errno=0 [ 309.197860][ T9090] FAULT_INJECTION: forcing a failure. [ 309.197860][ T9090] name failslab, interval 1, probability 0, space 0, times 0 [ 309.388739][ T9090] CPU: 0 UID: 8 PID: 9090 Comm: syz.1.841 Not tainted syzkaller #0 PREEMPT(full) [ 309.388767][ T9090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 309.388778][ T9090] Call Trace: [ 309.388784][ T9090] [ 309.388792][ T9090] dump_stack_lvl+0x100/0x190 [ 309.388826][ T9090] should_fail_ex.cold+0x5/0xa [ 309.388849][ T9090] should_failslab+0xc2/0x120 [ 309.388870][ T9090] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 309.388898][ T9090] ? key_alloc+0x3c5/0x1310 [ 309.388914][ T9090] ? mark_held_locks+0x40/0x70 [ 309.388941][ T9090] key_alloc+0x3c5/0x1310 [ 309.388965][ T9090] ? __pfx_key_alloc+0x10/0x10 [ 309.388981][ T9090] ? __pfx_key_default_cmp+0x10/0x10 [ 309.389001][ T9090] ? __pfx_keyring_search_iterator+0x10/0x10 [ 309.389023][ T9090] keyring_alloc+0x44/0xc0 [ 309.389047][ T9090] look_up_user_keyrings+0x508/0x790 [ 309.389080][ T9090] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 309.389114][ T9090] lookup_user_key+0xbb1/0x1300 [ 309.389143][ T9090] ? __pfx_lookup_user_key+0x10/0x10 [ 309.389178][ T9090] ? __pfx_do_futex+0x10/0x10 [ 309.389206][ T9090] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 309.389238][ T9090] ? xfd_validate_state+0x129/0x190 [ 309.389269][ T9090] keyctl_keyring_unlink+0x1f/0x1b0 [ 309.389294][ T9090] __do_sys_keyctl+0x3dd/0x5a0 [ 309.389320][ T9090] do_syscall_64+0x10b/0xf80 [ 309.389338][ T9090] ? clear_bhb_loop+0x40/0x90 [ 309.389360][ T9090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.389378][ T9090] RIP: 0033:0x7fe2bf99c819 [ 309.389394][ T9090] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 309.389412][ T9090] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 309.389430][ T9090] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 309.389442][ T9090] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 309.389453][ T9090] RBP: 00007fe2bfa32c91 R08: 0000000000000008 R09: 0000000000000000 [ 309.389463][ T9090] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 309.389474][ T9090] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 309.389496][ T9090] [ 311.067391][ T9115] netlink: 17 bytes leftover after parsing attributes in process `syz.0.845'. [ 311.122537][ T9115] netlink: 2 bytes leftover after parsing attributes in process `syz.0.845'. [ 311.626035][ T9123] FAULT_INJECTION: forcing a failure. [ 311.626035][ T9123] name failslab, interval 1, probability 0, space 0, times 0 [ 311.641519][ T9123] CPU: 1 UID: 0 PID: 9123 Comm: syz.2.848 Not tainted syzkaller #0 PREEMPT(full) [ 311.641561][ T9123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 311.641578][ T9123] Call Trace: [ 311.641588][ T9123] [ 311.641600][ T9123] dump_stack_lvl+0x100/0x190 [ 311.641653][ T9123] should_fail_ex.cold+0x5/0xa [ 311.641691][ T9123] ? sk_prot_alloc+0x10b/0x2a0 [ 311.641722][ T9123] should_failslab+0xc2/0x120 [ 311.641756][ T9123] __kmalloc_noprof+0xe0/0x850 [ 311.641801][ T9123] ? security_inode_alloc+0xcf/0x2c0 [ 311.641850][ T9123] sk_prot_alloc+0x10b/0x2a0 [ 311.641886][ T9123] sk_alloc+0x36/0xe80 [ 311.641929][ T9123] __netlink_create+0x5e/0x2c0 [ 311.641975][ T9123] __netlink_kernel_create+0xed/0x750 [ 311.642027][ T9123] ? __pfx___netlink_kernel_create+0x10/0x10 [ 311.642086][ T9123] ? __pfx_genl_pernet_init+0x10/0x10 [ 311.642125][ T9123] genl_pernet_init+0xbd/0x160 [ 311.642164][ T9123] ? __pfx_genl_pernet_init+0x10/0x10 [ 311.642193][ T9123] ? lockdep_init_map_type+0x5c/0x250 [ 311.642232][ T9123] ? __pfx_genl_rcv+0x10/0x10 [ 311.642261][ T9123] ? __pfx_genl_bind+0x10/0x10 [ 311.642288][ T9123] ? __pfx_genl_unbind+0x10/0x10 [ 311.642316][ T9123] ? __pfx_genl_release+0x10/0x10 [ 311.642349][ T9123] ? mutex_init_lockep+0x110/0x150 [ 311.642404][ T9123] ops_init+0x1e2/0x5f0 [ 311.642456][ T9123] setup_net+0x118/0x3a0 [ 311.642485][ T9123] ? __pfx_setup_net+0x10/0x10 [ 311.642511][ T9123] ? lockdep_init_map_type+0x5c/0x250 [ 311.642553][ T9123] ? mutex_init_lockep+0x110/0x150 [ 311.642602][ T9123] copy_net_ns+0x46f/0x7c0 [ 311.642638][ T9123] create_new_namespaces+0x3ea/0xac0 [ 311.642681][ T9123] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 311.642719][ T9123] ksys_unshare+0x473/0xad0 [ 311.642761][ T9123] ? __pfx_ksys_unshare+0x10/0x10 [ 311.642815][ T9123] __x64_sys_unshare+0x31/0x40 [ 311.642854][ T9123] do_syscall_64+0x10b/0xf80 [ 311.642882][ T9123] ? clear_bhb_loop+0x40/0x90 [ 311.642919][ T9123] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.642951][ T9123] RIP: 0033:0x7fcc0f99c819 [ 311.642976][ T9123] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 311.643006][ T9123] RSP: 002b:00007fcc10889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 311.643035][ T9123] RAX: ffffffffffffffda RBX: 00007fcc0fc16090 RCX: 00007fcc0f99c819 [ 311.643054][ T9123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 311.643071][ T9123] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 311.643089][ T9123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.643105][ T9123] R13: 00007fcc0fc16128 R14: 00007fcc0fc16090 R15: 00007ffdab7d9828 [ 311.643145][ T9123] [ 312.701532][ T9136] can0: slcan on pty238. [ 312.842705][ T9129] can0 (unregistered): slcan off pty238. [ 313.647687][ T9141] MTRR 1 not used [ 314.528741][ T9176] QAT: Invalid ioctl 35077 [ 316.828874][ T9211] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 317.002651][ T9216] FAULT_INJECTION: forcing a failure. [ 317.002651][ T9216] name failslab, interval 1, probability 0, space 0, times 0 [ 317.016242][ T9216] CPU: 0 UID: 0 PID: 9216 Comm: syz.1.867 Not tainted syzkaller #0 PREEMPT(full) [ 317.016283][ T9216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 317.016302][ T9216] Call Trace: [ 317.016312][ T9216] [ 317.016324][ T9216] dump_stack_lvl+0x100/0x190 [ 317.016376][ T9216] should_fail_ex.cold+0x5/0xa [ 317.016413][ T9216] should_failslab+0xc2/0x120 [ 317.016447][ T9216] __kmalloc_cache_noprof+0x7a/0x6f0 [ 317.016488][ T9216] ? kernfs_fop_open+0x23d/0xd50 [ 317.016536][ T9216] kernfs_fop_open+0x23d/0xd50 [ 317.016585][ T9216] do_dentry_open+0x6d8/0x1660 [ 317.016618][ T9216] ? __pfx_kernfs_fop_open+0x10/0x10 [ 317.016667][ T9216] vfs_open+0x82/0x3f0 [ 317.016713][ T9216] path_openat+0x208c/0x31a0 [ 317.016762][ T9216] ? __pfx_path_openat+0x10/0x10 [ 317.016811][ T9216] do_file_open+0x20e/0x430 [ 317.016849][ T9216] ? __pfx_do_file_open+0x10/0x10 [ 317.016913][ T9216] ? alloc_fd+0x476/0x790 [ 317.016951][ T9216] ? do_getname+0x191/0x390 [ 317.016996][ T9216] do_sys_openat2+0x10d/0x1e0 [ 317.017039][ T9216] ? __pfx_do_sys_openat2+0x10/0x10 [ 317.017084][ T9216] ? find_held_lock+0x2b/0x80 [ 317.017135][ T9216] __x64_sys_openat+0x12d/0x210 [ 317.017179][ T9216] ? __pfx___x64_sys_openat+0x10/0x10 [ 317.017238][ T9216] do_syscall_64+0x10b/0xf80 [ 317.017268][ T9216] ? clear_bhb_loop+0x40/0x90 [ 317.017308][ T9216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.017339][ T9216] RIP: 0033:0x7fe2bf99c819 [ 317.017365][ T9216] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.017392][ T9216] RSP: 002b:00007fe2bdbf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 317.017420][ T9216] RAX: ffffffffffffffda RBX: 00007fe2bfc16180 RCX: 00007fe2bf99c819 [ 317.017439][ T9216] RDX: 0000000000082002 RSI: 0000200000000480 RDI: ffffffffffffff9c [ 317.017457][ T9216] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 317.017474][ T9216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.017490][ T9216] R13: 00007fe2bfc16218 R14: 00007fe2bfc16180 R15: 00007ffcccb5f398 [ 317.017530][ T9216] [ 317.255696][ T5146] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 317.368439][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.375027][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 318.352278][ T30] audit: type=1807 audit(1776167308.471:12): UNKNOWN= res=0 [ 318.382349][ T30] audit: type=1802 audit(1776167308.471:13): pid=9231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.872" res=0 errno=0 [ 318.621727][ T9231] netlink: 28 bytes leftover after parsing attributes in process `syz.0.872'. [ 318.765145][ T9230] ima: policy update failed [ 318.772049][ T30] audit: type=1802 audit(1776167308.891:14): pid=9230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.872" res=0 errno=0 [ 320.213229][ T9262] hub 1-0:1.0: USB hub found [ 320.219231][ T9262] hub 1-0:1.0: 1 port detected [ 323.000237][ T9309] FAULT_INJECTION: forcing a failure. [ 323.000237][ T9309] name failslab, interval 1, probability 0, space 0, times 0 [ 323.063483][ T9309] CPU: 1 UID: 0 PID: 9309 Comm: syz.1.886 Not tainted syzkaller #0 PREEMPT(full) [ 323.063528][ T9309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 323.063545][ T9309] Call Trace: [ 323.063555][ T9309] [ 323.063566][ T9309] dump_stack_lvl+0x100/0x190 [ 323.063621][ T9309] should_fail_ex.cold+0x5/0xa [ 323.063659][ T9309] ? ops_init+0x77/0x5f0 [ 323.063704][ T9309] should_failslab+0xc2/0x120 [ 323.063740][ T9309] __kmalloc_noprof+0xe0/0x850 [ 323.063788][ T9309] ? mutex_init_lockep+0x110/0x150 [ 323.063834][ T9309] ops_init+0x77/0x5f0 [ 323.063885][ T9309] setup_net+0x118/0x3a0 [ 323.063915][ T9309] ? __pfx_setup_net+0x10/0x10 [ 323.063940][ T9309] ? lockdep_init_map_type+0x5c/0x250 [ 323.063982][ T9309] ? mutex_init_lockep+0x110/0x150 [ 323.064030][ T9309] copy_net_ns+0x46f/0x7c0 [ 323.064065][ T9309] create_new_namespaces+0x3ea/0xac0 [ 323.064117][ T9309] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 323.064154][ T9309] ksys_unshare+0x473/0xad0 [ 323.064196][ T9309] ? __pfx_ksys_unshare+0x10/0x10 [ 323.064250][ T9309] __x64_sys_unshare+0x31/0x40 [ 323.064284][ T9309] do_syscall_64+0x10b/0xf80 [ 323.064312][ T9309] ? clear_bhb_loop+0x40/0x90 [ 323.064348][ T9309] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 323.064379][ T9309] RIP: 0033:0x7fe2bf99c819 [ 323.064404][ T9309] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 323.064432][ T9309] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 323.064461][ T9309] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 323.064480][ T9309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 323.064497][ T9309] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 323.064515][ T9309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 323.064532][ T9309] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 323.064572][ T9309] [ 324.214961][ T9320] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.409950][ T9320] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.470105][ T9320] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.593295][ T9320] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.324211][ T9332] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 325.354498][ T9332] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 325.380526][ T9332] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 325.418281][ T9332] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 326.294761][ T9340] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 326.793559][ T9340] File: /dev/nullb0 PID: 9340 Comm: syz.1.894 [ 327.100956][ T9365] netlink: 'syz.3.901': attribute type 1 has an invalid length. [ 327.119386][ T9365] netlink: 9 bytes leftover after parsing attributes in process `syz.3.901'. [ 327.362345][ T5832] Bluetooth: hci0: command 0x0c1a tx timeout [ 327.369620][ T5146] Bluetooth: hci1: command 0x0c1a tx timeout [ 327.442354][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 327.448555][ T5146] Bluetooth: hci3: command 0x0c1a tx timeout [ 327.709008][ T9369] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 327.734906][ T9369] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 327.752877][ T9369] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 327.784782][ T9369] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 328.060497][ T30] audit: type=1807 audit(1776167318.181:15): UNKNOWN= res=0 [ 328.112536][ T30] audit: type=1802 audit(1776167318.201:16): pid=9373 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.904" res=0 errno=0 [ 328.377867][ T9373] netlink: 28 bytes leftover after parsing attributes in process `syz.3.904'. [ 328.395908][ T9373] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.470906][ T9373] bridge_slave_1 (unregistering): left allmulticast mode [ 328.566139][ T9373] bridge_slave_1 (unregistering): left promiscuous mode [ 328.596879][ T9373] bridge0: port 2(bridge_slave_1) entered disabled state [ 328.767150][ T9372] ima: policy update failed [ 328.771952][ T30] audit: type=1802 audit(1776167318.891:17): pid=9372 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.904" res=0 errno=0 [ 329.772362][ T5146] Bluetooth: hci2: command 0x0c1a tx timeout [ 329.772403][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 329.784536][ T5832] Bluetooth: hci1: command 0x0c1a tx timeout [ 329.852299][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 331.256331][ T9412] random: crng reseeded on system resumption [ 331.575203][ T9416] netlink: 25 bytes leftover after parsing attributes in process `syz.1.914'. [ 332.437356][ T9429] netlink: 25 bytes leftover after parsing attributes in process `syz.0.915'. [ 334.822932][ T9469] QAT: Invalid ioctl 35077 [ 334.882449][ T5835] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 337.605641][ T5835] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 338.677285][ T30] audit: type=1807 audit(1776167328.801:18): UNKNOWN= res=0 [ 338.700630][ T30] audit: type=1802 audit(1776167328.801:19): pid=9506 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.931" res=0 errno=0 [ 338.910449][ T9506] netlink: 28 bytes leftover after parsing attributes in process `syz.2.931'. [ 338.986584][ T9506] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.054240][ T9506] bridge_slave_1 (unregistering): left allmulticast mode [ 339.071746][ T9506] bridge_slave_1 (unregistering): left promiscuous mode [ 339.079245][ T9506] bridge0: port 2(bridge_slave_1) entered disabled state [ 339.392499][ T9505] ima: policy update failed [ 339.405494][ T30] audit: type=1802 audit(1776167329.531:20): pid=9505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.931" res=0 errno=0 [ 340.211394][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 341.118955][ T9536] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 344.544693][ T9601] hub 1-0:1.0: USB hub found [ 344.578442][ T9601] hub 1-0:1.0: 1 port detected [ 346.686037][ T9637] Process accounting resumed [ 347.087656][ T9641] usb usb3: usbfs: process 9641 (syz.2.961) did not claim interface 0 before use [ 349.985235][ T9679] zero sized request [ 349.990968][ T9687] FAULT_INJECTION: forcing a failure. [ 349.990968][ T9687] name failslab, interval 1, probability 0, space 0, times 0 [ 350.022362][ T9687] CPU: 0 UID: 0 PID: 9687 Comm: syz.2.973 Not tainted syzkaller #0 PREEMPT(full) [ 350.022392][ T9687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 350.022403][ T9687] Call Trace: [ 350.022410][ T9687] [ 350.022417][ T9687] dump_stack_lvl+0x100/0x190 [ 350.022450][ T9687] should_fail_ex.cold+0x5/0xa [ 350.022474][ T9687] should_failslab+0xc2/0x120 [ 350.022496][ T9687] __kmalloc_cache_noprof+0x7a/0x6f0 [ 350.022521][ T9687] ? alloc_super+0x52/0xd20 [ 350.022558][ T9687] alloc_super+0x52/0xd20 [ 350.022589][ T9687] ? __pfx_mqueue_fill_super+0x10/0x10 [ 350.022612][ T9687] sget_fc+0x117/0xc70 [ 350.022635][ T9687] ? __pfx_set_anon_super_fc+0x10/0x10 [ 350.022664][ T9687] ? __pfx_mqueue_fill_super+0x10/0x10 [ 350.022685][ T9687] get_tree_nodev+0x28/0x190 [ 350.022704][ T9687] mqueue_get_tree+0xf1/0x130 [ 350.022726][ T9687] vfs_get_tree+0x92/0x320 [ 350.022753][ T9687] fc_mount_longterm+0x1a/0x270 [ 350.022782][ T9687] mq_init_ns+0x482/0x820 [ 350.022817][ T9687] copy_ipcs+0x3dd/0x7e0 [ 350.022845][ T9687] create_new_namespaces+0x20a/0xac0 [ 350.022866][ T9687] ? security_capable+0x80/0x260 [ 350.022893][ T9687] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 350.022915][ T9687] ksys_unshare+0x473/0xad0 [ 350.022940][ T9687] ? __pfx_ksys_unshare+0x10/0x10 [ 350.022964][ T9687] ? pipe_ioctl+0x226/0x2c0 [ 350.022993][ T9687] __x64_sys_unshare+0x31/0x40 [ 350.023016][ T9687] do_syscall_64+0x10b/0xf80 [ 350.023033][ T9687] ? clear_bhb_loop+0x40/0x90 [ 350.023056][ T9687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 350.023075][ T9687] RIP: 0033:0x7fcc0f99c819 [ 350.023091][ T9687] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 350.023108][ T9687] RSP: 002b:00007fcc10889028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 350.023126][ T9687] RAX: ffffffffffffffda RBX: 00007fcc0fc16090 RCX: 00007fcc0f99c819 [ 350.023138][ T9687] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000006c000000 [ 350.023148][ T9687] RBP: 00007fcc0fa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 350.023158][ T9687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 350.023177][ T9687] R13: 00007fcc0fc16128 R14: 00007fcc0fc16090 R15: 00007ffdab7d9828 [ 350.023200][ T9687] [ 351.786021][ T9718] netlink: 4 bytes leftover after parsing attributes in process `syz.1.980'. [ 351.843156][ T9718] netlink: 25 bytes leftover after parsing attributes in process `syz.1.980'. [ 352.515237][ T9731] netlink: 4 bytes leftover after parsing attributes in process `syz.3.985'. [ 352.525859][ T9731] netlink: 'syz.3.985': attribute type 1 has an invalid length. [ 352.534585][ T9731] netlink: 'syz.3.985': attribute type 6 has an invalid length. [ 352.662496][ T9734] netlink: 186 bytes leftover after parsing attributes in process `syz.2.986'. [ 354.032446][ T9759] QAT: Invalid ioctl 35077 [ 356.404300][ T5835] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 356.965066][ T9781] netlink: 28 bytes leftover after parsing attributes in process `syz.0.996'. [ 357.733684][ T9786] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 357.747161][ T9786] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 357.773379][ T9786] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 357.799171][ T9786] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 358.152412][ T9804] random: crng reseeded on system resumption [ 359.036787][ T30] audit: type=1807 audit(1776167349.161:21): UNKNOWN=0"û]$|Ë1jë0B|d™¹ýÓ‰OŸ¬+ö×/ÉéxÔóÈõWÓ¦–Ó^¸´gq%ḦrêOŽ res=0 [ 359.059643][ T30] audit: type=1802 audit(1776167349.161:22): pid=9815 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.2.1004" res=0 errno=0 [ 359.102669][ T9818] ima: policy update failed [ 359.107370][ T30] audit: type=1802 audit(1776167349.231:23): pid=9818 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.2.1004" res=0 errno=0 [ 359.762443][ T5835] Bluetooth: hci1: command 0x0c1a tx timeout [ 359.768523][ T5835] Bluetooth: hci0: command 0x0c1a tx timeout [ 359.850096][ T5835] Bluetooth: hci3: command 0x0c1a tx timeout [ 359.850107][ T5832] Bluetooth: hci2: command 0x0c1a tx timeout [ 360.448463][ T9833] program syz.2.1007 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 360.896685][ T9842] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1008'. [ 360.927296][ T9842] netlink: 'syz.0.1008': attribute type 1 has an invalid length. [ 360.959749][ T9842] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1008'. [ 361.353396][ T9850] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1011'. [ 362.832461][ T9863] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 363.704236][ T9875] netlink: 326 bytes leftover after parsing attributes in process `syz.0.1028'. [ 363.763709][ T9875] FAULT_INJECTION: forcing a failure. [ 363.763709][ T9875] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 363.819197][ T9875] CPU: 1 UID: 0 PID: 9875 Comm: syz.0.1028 Not tainted syzkaller #0 PREEMPT(full) [ 363.819240][ T9875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 363.819256][ T9875] Call Trace: [ 363.819266][ T9875] [ 363.819277][ T9875] dump_stack_lvl+0x100/0x190 [ 363.819334][ T9875] should_fail_ex.cold+0x5/0xa [ 363.819375][ T9875] core_sys_select+0x9b9/0xbb0 [ 363.819417][ T9875] ? __pfx_core_sys_select+0x10/0x10 [ 363.819489][ T9875] ? ktime_get_ts64+0x2d2/0x3f0 [ 363.819528][ T9875] ? read_tsc+0x9/0x20 [ 363.819563][ T9875] ? ktime_get_ts64+0x256/0x3f0 [ 363.819603][ T9875] kern_select+0x20c/0x270 [ 363.819638][ T9875] ? __pfx_kern_select+0x10/0x10 [ 363.819684][ T9875] __x64_sys_select+0xbd/0x160 [ 363.819715][ T9875] ? do_syscall_64+0x90/0xf80 [ 363.819745][ T9875] ? lockdep_hardirqs_on+0x78/0x100 [ 363.819794][ T9875] do_syscall_64+0x10b/0xf80 [ 363.819822][ T9875] ? clear_bhb_loop+0x40/0x90 [ 363.819859][ T9875] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 363.819890][ T9875] RIP: 0033:0x7f837a79c819 [ 363.819917][ T9875] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 363.819946][ T9875] RSP: 002b:00007f837b708028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 363.819986][ T9875] RAX: ffffffffffffffda RBX: 00007f837aa15fa0 RCX: 00007f837a79c819 [ 363.820007][ T9875] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 363.820026][ T9875] RBP: 00007f837a832c91 R08: 00002000000001c0 R09: 0000000000000000 [ 363.820044][ T9875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 363.820062][ T9875] R13: 00007f837aa16038 R14: 00007f837aa15fa0 R15: 00007ffcd2e83008 [ 363.820104][ T9875] [ 364.322702][ T5835] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 364.702505][ T9897] QAT: Invalid ioctl 35077 [ 367.375391][ T5835] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 371.702809][ T9983] FAULT_INJECTION: forcing a failure. [ 371.702809][ T9983] name failslab, interval 1, probability 0, space 0, times 0 [ 371.731650][ T9983] CPU: 1 UID: 0 PID: 9983 Comm: syz.1.1044 Not tainted syzkaller #0 PREEMPT(full) [ 371.731677][ T9983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 371.731688][ T9983] Call Trace: [ 371.731694][ T9983] [ 371.731701][ T9983] dump_stack_lvl+0x100/0x190 [ 371.731735][ T9983] should_fail_ex.cold+0x5/0xa [ 371.731758][ T9983] should_failslab+0xc2/0x120 [ 371.731779][ T9983] __kmalloc_cache_noprof+0x7a/0x6f0 [ 371.731804][ T9983] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 371.731831][ T9983] ? alloc_file_pseudo+0x1a5/0x230 [ 371.731858][ T9983] __io_uring_add_tctx_node+0x1ac/0x4c0 [ 371.731886][ T9983] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 371.731916][ T9983] ? __anon_inode_getfile+0x17c/0x280 [ 371.731942][ T9983] io_uring_setup.cold+0x1993/0x1c7e [ 371.731975][ T9983] ? __pfx_io_uring_setup+0x10/0x10 [ 371.731998][ T9983] ? __pfx_do_futex+0x10/0x10 [ 371.732034][ T9983] ? xfd_validate_state+0x129/0x190 [ 371.732067][ T9983] __x64_sys_io_uring_setup+0xc2/0x170 [ 371.732089][ T9983] do_syscall_64+0x10b/0xf80 [ 371.732106][ T9983] ? clear_bhb_loop+0x40/0x90 [ 371.732128][ T9983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.732159][ T9983] RIP: 0033:0x7fe2bf99c819 [ 371.732184][ T9983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 371.732213][ T9983] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 371.732236][ T9983] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 371.732248][ T9983] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 371.732258][ T9983] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 371.732277][ T9983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.732287][ T9983] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 371.732310][ T9983] [ 372.086114][ T9983] ------------[ cut here ]------------ [ 372.091741][ T9983] !test_bit(IO_WQ_BIT_EXIT, &wq->state) [ 372.091763][ T9983] WARNING: io_uring/io-wq.c:1396 at io_wq_put_and_exit+0x8a7/0x9d0, CPU#0: syz.1.1044/9983 [ 372.107723][ T9983] Modules linked in: [ 372.111676][ T9983] CPU: 0 UID: 0 PID: 9983 Comm: syz.1.1044 Not tainted syzkaller #0 PREEMPT(full) [ 372.122485][ T9983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 372.133309][ T9983] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 372.139378][ T9983] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 372.159381][ T9983] RSP: 0018:ffffc90005ecfb50 EFLAGS: 00010287 [ 372.165584][ T9983] RAX: 000000000001217e RBX: ffff88803ef5d000 RCX: ffffc9000f355000 [ 372.173758][ T9983] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff888033550000 [ 372.181866][ T9983] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 372.190011][ T9983] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000bd9f8c [ 372.198246][ T9983] R13: 0000000000000000 R14: ffff888033550970 R15: ffff88803418a418 [ 372.206421][ T9983] FS: 00007fe2c07756c0(0000) GS:ffff888124332000(0000) knlGS:0000000000000000 [ 372.215718][ T9983] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 372.223611][ T9983] CR2: 0000001b30ddbff8 CR3: 000000005b8a0000 CR4: 00000000003526f0 [ 372.231727][ T9983] Call Trace: [ 372.235591][ T9983] [ 372.238679][ T9983] ? dump_stack_lvl+0x17c/0x190 [ 372.243852][ T9983] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 372.249530][ T9983] ? rcu_is_watching+0x12/0xc0 [ 372.254582][ T9983] ? trace_kmalloc+0x101/0x130 [ 372.259406][ T9983] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 372.265020][ T9983] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 372.271099][ T9983] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 372.276793][ T9983] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 372.283014][ T9983] ? __anon_inode_getfile+0x17c/0x280 [ 372.288471][ T9983] io_uring_setup.cold+0x1993/0x1c7e [ 372.294017][ T9983] ? __pfx_io_uring_setup+0x10/0x10 [ 372.299386][ T9983] ? __pfx_do_futex+0x10/0x10 [ 372.304161][ T9983] ? xfd_validate_state+0x129/0x190 [ 372.309396][ T9983] __x64_sys_io_uring_setup+0xc2/0x170 [ 372.314948][ T9983] do_syscall_64+0x10b/0xf80 [ 372.319649][ T9983] ? clear_bhb_loop+0x40/0x90 [ 372.324871][ T9983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.330800][ T9983] RIP: 0033:0x7fe2bf99c819 [ 372.335574][ T9983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 372.355313][ T9983] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 372.364050][ T9983] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 372.372184][ T9983] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 372.380287][ T9983] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 372.388341][ T9983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.396348][ T9983] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 372.404417][ T9983] [ 372.407453][ T9983] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 372.414740][ T9983] CPU: 0 UID: 0 PID: 9983 Comm: syz.1.1044 Not tainted syzkaller #0 PREEMPT(full) [ 372.424121][ T9983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 372.434235][ T9983] Call Trace: [ 372.437561][ T9983] [ 372.440585][ T9983] dump_stack_lvl+0x100/0x190 [ 372.445326][ T9983] vpanic+0x552/0x970 [ 372.449449][ T9983] ? __pfx_vpanic+0x10/0x10 [ 372.454167][ T9983] panic+0xd1/0xe0 [ 372.457922][ T9983] ? __pfx_panic+0x10/0x10 [ 372.462390][ T9983] check_panic_on_warn.cold+0x19/0x34 [ 372.467832][ T9983] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 372.473158][ T9983] __warn.cold+0x191/0x348 [ 372.477614][ T9983] __report_bug+0x296/0x3d0 [ 372.482158][ T9983] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 372.487435][ T9983] ? __pfx___report_bug+0x10/0x10 [ 372.492619][ T9983] ? __pfx___schedule+0x10/0x10 [ 372.497500][ T9983] ? is_bpf_text_address+0x8a/0x1a0 [ 372.502819][ T9983] ? bpf_ksym_find+0x124/0x1c0 [ 372.507633][ T9983] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 372.512856][ T9983] report_bug+0xb2/0x220 [ 372.517121][ T9983] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 372.522336][ T9983] handle_bug+0x16a/0x2a0 [ 372.526712][ T9983] exc_invalid_op+0x17/0x50 [ 372.531258][ T9983] asm_exc_invalid_op+0x1a/0x20 [ 372.536125][ T9983] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 372.541962][ T9983] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 372.561603][ T9983] RSP: 0018:ffffc90005ecfb50 EFLAGS: 00010287 [ 372.568000][ T9983] RAX: 000000000001217e RBX: ffff88803ef5d000 RCX: ffffc9000f355000 [ 372.576013][ T9983] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff888033550000 [ 372.583998][ T9983] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 372.591986][ T9983] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff92000bd9f8c [ 372.599990][ T9983] R13: 0000000000000000 R14: ffff888033550970 R15: ffff88803418a418 [ 372.607989][ T9983] ? io_wq_put_and_exit+0x8a6/0x9d0 [ 372.613211][ T9983] ? dump_stack_lvl+0x17c/0x190 [ 372.618096][ T9983] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 372.623660][ T9983] ? rcu_is_watching+0x12/0xc0 [ 372.628552][ T9983] ? trace_kmalloc+0x101/0x130 [ 372.633338][ T9983] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 372.639105][ T9983] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 372.644851][ T9983] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 372.650421][ T9983] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 372.656510][ T9983] ? __anon_inode_getfile+0x17c/0x280 [ 372.661904][ T9983] io_uring_setup.cold+0x1993/0x1c7e [ 372.667214][ T9983] ? __pfx_io_uring_setup+0x10/0x10 [ 372.672435][ T9983] ? __pfx_do_futex+0x10/0x10 [ 372.677157][ T9983] ? xfd_validate_state+0x129/0x190 [ 372.682471][ T9983] __x64_sys_io_uring_setup+0xc2/0x170 [ 372.688003][ T9983] do_syscall_64+0x10b/0xf80 [ 372.692621][ T9983] ? clear_bhb_loop+0x40/0x90 [ 372.697327][ T9983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 372.703243][ T9983] RIP: 0033:0x7fe2bf99c819 [ 372.707673][ T9983] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 372.727640][ T9983] RSP: 002b:00007fe2c0775028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 372.736157][ T9983] RAX: ffffffffffffffda RBX: 00007fe2bfc16090 RCX: 00007fe2bf99c819 [ 372.744136][ T9983] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 372.752121][ T9983] RBP: 00007fe2bfa32c91 R08: 0000000000000000 R09: 0000000000000000 [ 372.760112][ T9983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 372.768089][ T9983] R13: 00007fe2bfc16128 R14: 00007fe2bfc16090 R15: 00007ffcccb5f398 [ 372.776552][ T9983] [ 372.780314][ T9983] Kernel Offset: disabled [ 372.784738][ T9983] Rebooting in 86400 seconds..