last executing test programs: 11.313115548s ago: executing program 2 (id=93): mmap$auto(0x0, 0x8, 0x80000000000000df, 0x10004000eb1, 0x8, 0x8000008000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x101e81, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) r1 = epoll_create$auto(0x3e) mq_open$auto(0x0, 0x7e, 0x9, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x8000003, 0x7) capget$auto(&(0x7f00000000c0)={0x20071026, 0xffffffffffffffff}, 0x0) epoll_ctl$auto(r1, 0x1, 0x8000000000000000, 0x0) ioctl$auto_EVIOCSKEYCODE_V2(r1, 0x40284504, &(0x7f0000000340)={0x8, 0x1, 0x3, 0x1, "e205a4a21d2ddd2d6313691c349dd9f8278b9af0992431a1d29c8fb607713f6c"}) io_uring_setup$auto(0x1, 0x0) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ttyS2\x00', 0x101f81, 0x0) ioctl$auto_TIOCSETD2(r2, 0x5423, 0x0) ioctl$auto_TIOCVHANGUP2(r0, 0x5437, 0x0) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) madvise$auto(0x0, 0xffffffffffff0005, 0x19) socket(0x2, 0x6, 0xfffffffe) socket(0x2b, 0x1, 0x0) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x34, 0x0, 0x10, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_RINGS_CQE_SIZE={0x8, 0xc, 0x9}, @ETHTOOL_A_RINGS_RX_BUF_LEN={0x8, 0xa, 0x1}, @ETHTOOL_A_RINGS_TCP_DATA_SPLIT={0x5, 0xb, 0xc}, @ETHTOOL_A_RINGS_CQE_SIZE={0x8, 0xc, 0x2}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x40800) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/arp\x00', 0xc0a00, 0x0) pread64$auto(r4, &(0x7f0000000040)='/proc/thread-self/net/tcp6\x00\xd2)\x8e\x892\x82\x19\xfd\x03\xc3\x8d\xd7D\x8d\xa8\xcfM9\\\xd6\xcfUq\x05#\xed\x1c\xd1G\bz\xde5u4\xddS\xe6\x1a\x8a`\xad0\x98|\xbc\x00\x98\b\x0ey\xcb`\x9b\x91r\xd5\x13\x9e\xdd4\xe7\xb7\x94p\x8fBlm\x04eAW\xbc0\x9b\xbd\x8f\xf5];\x94\x18\xf0\v\xd7\xf4P\xd3\x9e,Q\xd8\x16\x989l\x03\a\xcc\x1e\xb9\xe9{\xeeS\xa9\xc60\x00\xb5&\x9e\xdbk{F\x18\xa8\xbasG\xd3\x80\xb1G.\xec1\x96uP\x97\x8co\xf1\xa6\xd5\xea\xc8L3|a\xb3\xaa\x90Y\xb19\xad\xdc\x05o\x98g\xd4\x10]5\x95\xd0\xabJC\x06\xd0c\xd1Ra\xf7\xc4n\xdf\xe4\xc7\x03\x19x\xbb\v\x00\t\xde\xf5\x93\xfb\xfb#\xbd\xc0S\f57\x83\xdd\xaa\xf0\x9c\xd3G\xe1', 0x10fd42, 0x9) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x100000000000027, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) 9.634245998s ago: executing program 2 (id=100): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) timer_create$auto(0x0, 0x0, 0x0) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x3, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/lru_gen_full\x00', 0xc0200, 0x0) r1 = socket(0x1e, 0x6, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000340)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccW\x1c\x94t\x98\xc6\xd7\x9dh\xdf\x91\xd9\x1ew\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5,\xcc\xfa`\xfa\x90\xf0C\xdc\xbebBW\x8a\x95\xf4\x14\xc7\x90V\xe7a\xfb*\xcc6\xba\x9ef\x19R\xff\xd2\xd8\x98\xa8\x17\xcb\x84\xe8\xfb\x00`\xc2\xce~U\xca\\\xc1\xb7\xf1\n\xb9\xbfk\x1e\xdb\xed\x81{\x1f\x18j\x16\rk\x0eO\xe3\xa78&Z\x9e\xbf\x84\xd6\x1f\xe8\x88\x1f\xbc\x1eT\xa6{9hb\xbc\x1a\\\xb3\x846&\x1a\xbb\x9c:e\x9c\x18\x11\xf0\x8eQ\xd8\x8a3^?\x13\x00\xcbx\xb2\x18e\x95$\x9d\x804', 0x100000a3d9) sendmsg$auto_HSR_C_GET_NODE_STATUS(r1, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010) mmap$auto(0xfffffffffffffffc, 0x2020009, 0x8000000007, 0x11, 0xffffffffffffffff, 0x8004) mmap$auto(0x0, 0x20009, 0x0, 0xeb1, 0x401, 0x6) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r3 = prctl$auto(0x1000000003b, 0x1, 0x0, 0x5, 0x7) signalfd4$auto(r0, 0x0, 0x1000000fc, 0x2) r4 = syz_open_procfs$namespace(0x0, &(0x7f00000005c0)='ns/mnt\x00') getdents$auto(r4, 0x0, 0xfff) msync$auto(0xffffffff, 0x6, 0x3) clock_nanosleep$auto(0x8001, 0x9, &(0x7f00000001c0)={0xf5d, 0x7f}, &(0x7f0000000240)={0x0, 0x1}) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'}) r6 = socket(0x18, 0x2, 0x4) sendmsg$auto_NFSD_CMD_THREADS_SET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=ANY=[@ANYRES64=r0, @ANYRESOCT=r3, @ANYBLOB="49f7d74a81fe6f64f9102944e2dd24b5e4eb8c2f80bf1efbcb8b1c64ddcfe525f91da47f5262d46049cf9d3ac02b85cd422205b0d919d436c0b2fca20625047757e13419c9edc0795a276f81cb8a9d698950ca4c28e7268912db03caa3227c8aa456af94e2fa26115f51d11be309b2db9bf69ce90eabe6e604381c5b5678e0a60555de3403c83ae841460702dc0447fcf1afa0571e0e299955438d9b38e4aa1f8439c767cfb57b97a55fa1935b15e839525bf8210baecd541077c77742315f9b6ee5afd8523b9c088b6f08ffeb939990fa6a0c750f48c0ca94dda45c2a16e46c760208746f8bfc16186e02b1dee3d79ea816996164d22cdec56264b3", @ANYRESDEC=r2], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/conf/default/drop_gratuitous_arp\x00', 0x141241, 0x0) getsockopt$auto_SO_RXQ_OVFL(r5, 0x3, 0x28, &(0x7f0000000040)='\x00', &(0x7f0000000200)) select$auto(0x4, 0x0, &(0x7f0000000080)={[0x209c, 0xe9e, 0x4, 0x5, 0x1000, 0x100000001, 0xc, 0xf, 0x0, 0x1, 0xe, 0xd59, 0x101, 0xff, 0x5, 0x80080001]}, 0x0, 0x0) unshare$auto(0x40000080) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) 7.142244204s ago: executing program 0 (id=107): mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xfffffffffffffc00, &(0x7f0000000100)="a2b36d0449473b7bcbcd6d7f6186e9de29e708c62b9db37658c96e1ed364c5d867daa7438de65e6d2aa369df7e32e2c897c4bd029f0845c6b5196ced8ef9b1a53b4011ed14a904f19072629f7cc6ed922acba72e") r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = mq_open$auto(&(0x7f0000000200)='\\\x00\xa9A\x00', 0x83, 0x7, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x380000}, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB='x\b\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fbdbdf25010000000800010020100000500007802c007e802200bd00a7379b928b2fe53f4a96cc49fa078eb62dca03ca1694ea60fe7c14e53bd8000004009a8020003b8014001a000000000000000000"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_NBD_CMD_STATUS(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xf4, r4, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x7, 0xa, '{]-'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_SOCKETS={0xc0, 0x7, 0x0, 0x1, [@typed={0xbc, 0x15, 0x0, 0x0, @binary="302137a9e1d1f6f465e7b5ea737a141e7d0dffa0ae07279f954c91fed78bf096aec08879b327de084dd01d906c867b790b16d1f55733fd277fa4e762428b7bcf5c031942400d1df0218ab1e61fa8e20320b5f511028f08d9ef3ccbc7005b58d818724409ee013adfd6253eb309d933da1588412e91def926938dfef2b341582487ba2a326dd81877faf5f0e3cdd55cc03aacc012e5e83098c9afba210ccb1ed5223d1562e0033486f411b783a1e20ce3d768a4c9d162e0bd"}]}]}, 0xf4}}, 0x14) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg/0:0:0:0\x00', 0x121641, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x2272, &(0x7f0000000280)="5fff575a2747b07cd670b8e58610c96d64ba76b6a60cc9bb1796ae711afdd441fab265037d00077ea24bbfc6e776cca12c7aa02bb1ff33618736aa4b3bb525987d076bbb472da95efc") mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, r1, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x9, 0x2, 0x4f4, 0x5}, 0x10) acct$auto(&(0x7f00000000c0)='/proc/net/ipv\a\x00c\x00n\x05\x00\x00\x00\x00\x00\x00\t\x01\x05\xef\x16\x06\xd91\x00\x00\x00\x00\'\x00\xda\x1a?\xde\xe9LJ^\xc6\x98-\xb3\x8e\xa8\xfc\x9e\xfc*\x18 \x9b\xdaq\x8b\xc9X\x9d\x06\xaf\xb6\xcf?\xa1\xd0Cadu\xf21\x96\xd0#{\x1b\x99\xe3\xe9\x00\x00\x00\x00\xf6\xfb\xbe\xf7\xa1\xbf\x89\xb2\\f\xa6J\xb6\xc5\x00\xc9\x00\x00\x8a\xcb\xe1t\xecU\x9e\x00\x00\x00\x00\x00') r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r6, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"]) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) lsm_set_self_attr$auto(0x988, 0x0, 0xe7eb, 0x0) unshare$auto(0x40000080) 5.299809673s ago: executing program 1 (id=115): r0 = socket(0x25, 0x1, 0x0) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) r1 = openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000140), 0x180b03, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bond_slave_0\x00'}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'veth0_to_bridge\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0x78, 0x0, 0x100, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x25, 0x2, 0x0, 0x1, [@generic="9db50a3aafac7df4fb043112c0bce1d7a6", @typed={0x8, 0x64, 0x0, 0x0, @pid}, @typed={0x8, 0xb, 0x0, 0x0, @uid}]}, @ETHTOOL_A_STRSET_HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_PHY_INDEX={0x8, 0x4, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}]}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x80) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(r1, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) shutdown$auto(0xffffffffffffffff, 0x2) socket(0xa, 0x1, 0x100) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) pread64$auto(r3, 0x0, 0x7ff, 0x400) r4 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/firmware/acpi/interrupts/ff_pmtimer\x00', 0x0, 0x0) r6 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) read$auto(r6, 0x0, 0x1) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f0000000000)=""/45, 0x2d) write$auto(r4, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x8000001f, 0x7, 0x6d3e, 0xc, 0x2, 0x6]}, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) socket(0x23, 0x80805, 0x0) mmap$auto(0x0, 0x5, 0x4, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) 5.045383163s ago: executing program 0 (id=117): write$auto(0xffffffffffffffff, 0x0, 0x81) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) r1 = bpf$auto(0x0, 0x0, 0x6f4) mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0xa, 0x3, 0x87) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "00800000ffefffffff0200000001"}, 0x55) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x1f4) ioctl$auto_TUNATTACHFILTER(r1, 0x401054d5, 0x0) eventfd$auto(0x6) syz_genetlink_get_family_id$auto_seg6(0x0, 0xffffffffffffffff) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0x1, 0x8000000008011, 0x3, 0xf000) 4.12036645s ago: executing program 2 (id=118): mmap$auto(0x5, 0x1, 0x2, 0xebd, 0xffffffffffffffff, 0x9) rseq$auto(0x0, 0x8000, 0x0, 0x27) r0 = openat$auto_proc_pid_numa_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/numa_maps\x00', 0x0, 0x0) lseek$auto(r0, 0x7ff, 0x1) mmap$auto(0x4, 0x40000a, 0xdf, 0x3a, r0, 0x31fb000000000000) set_mempolicy$auto(0x6, &(0x7f0000000080)=0x3, 0x21) unshare$auto(0x40000080) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r2 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x109401, 0x0) ioctl$auto(r2, 0x540a, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x7fffffffffffffff, 0x2, 0x8000) socket(0x1a, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000200)={{0x0, 0x2506, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x3a32182}, 0xed7138b}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) msgrcv$auto(0x8, 0x0, 0xfffffffffffffffd, 0x6, 0x80008) 4.07045607s ago: executing program 0 (id=119): mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) (async) set_mempolicy$auto(0x6, &(0x7f0000000000)=0x3, 0x21) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0x2, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) sendto$auto(0x3, 0x0, 0xfdef, 0x2, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) (async) sendto$auto(0x3, 0x0, 0xfdef, 0x2, &(0x7f0000000440)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x20) 3.522399385s ago: executing program 1 (id=122): ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) mq_timedsend$auto(r0, &(0x7f0000000080)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x6b35, 0xd, &(0x7f00000000c0)={0x4, 0x8000000000000000}) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x20000) 3.125030198s ago: executing program 0 (id=124): r0 = timerfd_create$auto(0x8, 0x800) socket(0x10, 0x2, 0x1) setrlimit$auto(0x7, &(0x7f0000001380)={0x7, 0x6}) mmap$auto(0x0, 0x400008, 0x4, 0x40009b72, 0x2, 0x8000) r1 = io_uring_setup$auto(0x89, 0x0) mmap$auto(0x0, 0x2020009, 0xdeb7, 0x1000000000000eb1, r0, 0x8002) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(0x3, 0x0, 0x7fffffff) write$auto(0x1, 0x0, 0x80000000) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0x800}, 0x2, 0x0, 0x8) r2 = socket(0x2b, 0x1, 0x1) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) ioctl$auto_SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f0000000040)="b38fc65a6042f2dc99df8ce9af2a56fcfe744238519bceaee0") munmap$auto(0x8000, 0xffffffff) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0x3, 0x4) r4 = bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x19, 0x4, 0x4, 0x880b, 0x8, 0xd, 0x66b, 0x4, 0x7ff}, 0x6f4) ioctl$auto(0x4000000000000c8, 0x400454d9, 0x3) socket(0x2b, 0xa, 0x9) inotify_init1$auto(0x3000000000000) read$auto_ppp_device_fops_ppp_generic(r0, &(0x7f00000000c0)=""/94, 0x5e) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r5 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xec1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0xf, 0x0, 0x0) read$auto(r4, 0xfffffffffffffffc, 0xfffffffffefffffa) write$auto(r5, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 3.061991608s ago: executing program 1 (id=125): symlink$auto(&(0x7f0000000680)='./file0/../file0\x00', &(0x7f0000000040)='./file0\x00') rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') 3.060898188s ago: executing program 1 (id=126): symlink$auto(&(0x7f0000000680)='./file0/../file0\x00', &(0x7f0000000040)='./file0\x00') rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/../file0\x00') (fail_nth: 3) 2.834362194s ago: executing program 2 (id=127): openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000000), 0x180b01, 0x0) mmap$auto(0x0, 0x400008, 0x3, 0x9b72, 0x2, 0x8000) write$auto(0x4, 0x0, 0x100082) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xa00, 0x0, 0xfffffffffffffffd) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS0\x00', 0x1, 0x0) ioctl$auto(r0, 0x5408, r0) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x48041, 0x0) write$auto_proc_reg_file_ops_compat_inode(r1, &(0x7f0000000100)="2ec762225139a11abe2ece8fa9ab98806a91740e00fe0c178c0f3d39", 0x1c) unshare$auto(0x40000080) socket(0x6, 0xa, 0x5ffd) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sg0\x00', 0x82802, 0x0) openat$auto_sg_fops_sg(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sg0\x00', 0x8081, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5', 0x2000112) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) open(&(0x7f0000000140)='./file0\x00', 0x40, 0xa2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) fanotify_init$auto(0x2208, 0x2) 2.576077865s ago: executing program 1 (id=128): mmap$auto(0x0, 0x402000b, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xfffffffffffffc00, &(0x7f0000000100)="a2b36d0449473b7bcbcd6d7f6186e9de29e708c62b9db37658c96e1ed364c5d867daa7438de65e6d2aa369df7e32e2c897c4bd029f0845c6b5196ced8ef9b1a53b4011ed14a904f19072629f7cc6ed922acba72e") r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000500)='/sys/devices/virtual/block/ram12/queue/read_ahead_kb\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) r1 = mq_open$auto(&(0x7f0000000200)='\\\x00\xa9A\x00', 0x83, 0x7, 0x0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x380000}, 0x3) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nbd(&(0x7f0000000340), 0xffffffffffffffff) sendmsg$auto_NBD_CMD_CONNECT(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB='x\b\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000fbdbdf25010000000800010020100000500007802c007e802200bd00a7379b928b2fe53f4a96cc49fa078eb62dca03ca1694ea60fe7c14e53bd8000004009a8020003b8014001a000000000000000000"], 0x78}, 0x1, 0x0, 0x0, 0x40080}, 0x20040000) sendmsg$auto_NBD_CMD_STATUS(r1, &(0x7f0000000440)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xf4, r4, 0x200, 0x70bd28, 0x25dfdbfe, {}, [@NBD_ATTR_BACKEND_IDENTIFIER={0x7, 0xa, '{]-'}, @NBD_ATTR_DEAD_CONN_TIMEOUT={0xc, 0x8, 0x7}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x1}, @NBD_ATTR_SOCKETS={0xc0, 0x7, 0x0, 0x1, [@typed={0xbc, 0x15, 0x0, 0x0, @binary="302137a9e1d1f6f465e7b5ea737a141e7d0dffa0ae07279f954c91fed78bf096aec08879b327de084dd01d906c867b790b16d1f55733fd277fa4e762428b7bcf5c031942400d1df0218ab1e61fa8e20320b5f511028f08d9ef3ccbc7005b58d818724409ee013adfd6253eb309d933da1588412e91def926938dfef2b341582487ba2a326dd81877faf5f0e3cdd55cc03aacc012e5e83098c9afba210ccb1ed5223d1562e0033486f411b783a1e20ce3d768a4c9d162e0bd"}]}]}, 0xf4}}, 0x14) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) r5 = openat$auto_bsg_fops_bsg(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bsg/0:0:0:0\x00', 0x121641, 0x0) ioctl$auto_SG_GET_RESERVED_SIZE(r5, 0x2272, &(0x7f0000000280)="5fff575a2747b07cd670b8e58610c96d64ba76b6a60cc9bb1796ae711afdd441fab265037d00077ea24bbfc6e776cca12c7aa02bb1ff33618736aa4b3bb525987d076bbb472da95efc") mmap$auto(0x0, 0x20009, 0x4000000000de, 0xeb1, 0x401, 0x8000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0xb, 0xb5, 0x10, 0x4, 0x53000000, r1, 0x9, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x9, 0x2, 0x4f4, 0x5}, 0x10) acct$auto(&(0x7f00000000c0)='/proc/net/ipv\a\x00c\x00n\x05\x00\x00\x00\x00\x00\x00\t\x01\x05\xef\x16\x06\xd91\x00\x00\x01\x00@\x00\xda\x1a?\xde\xe9LJ^\xc6\x98-\xb3\x8e\xa8\xfc\x9e\xfc*\x18 \x9b\xdaq\x8b\xc9X\x9d\x06\xaf\xb6\xcf?\xa1\xd0Cadu\xf21\x96\xd0#{\x1b\x99\xe3\xe9\x00\x00\x00\x00\xf6\xfb\xbe\xf7\xa1\xbf\x89\xb2\\f\xa6J\xb6\xc5\x00\xc9\x00\x00\x8a\xcb\xe1t\xecU\x9e\x00\x00\x00\x00\x00') r6 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000040)='/dev/bus/usb/028/001\x00', 0xa901, 0x0) ioctl$auto_USBDEVFS_SUBMITURB32(r6, 0x802c550a, &(0x7f00000001c0)=ANY=[@ANYBLOB="020000000000000005"]) ioctl$auto_IMADDTIMER(0xffffffffffffffff, 0x80044940, 0x0) lsm_set_self_attr$auto(0x988, 0x0, 0xe7eb, 0x0) unshare$auto(0x40000080) 2.058192283s ago: executing program 3 (id=129): symlink$auto(&(0x7f0000000680)='./file0/../file0\x00', &(0x7f0000000040)='./file0\x00') r0 = openat$auto_proc_coredump_filter_operations_base(0xffffffffffffff9c, &(0x7f0000005700), 0x28000, 0x0) read$auto_proc_coredump_filter_operations_base(r0, 0x0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000340)='/dev/radio29\x00', 0x28002, 0x0) r2 = socket(0x10, 0x2, 0x0) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x7, 0x3e, 0xfffffffffffffffa, 0x1ffde, 0x7, 0x6, 0x2, 0x9, 0x3, 0x6, 0x3, 0x1, 0x9, 0x2, 0x10000, 0x80, 0x7, 0x0, 0x7, 0x2000, 0x200, 0x0, 0x84, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}, 0x1fe, 0x200d) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}}, 0x40000) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) sendmsg$auto_NFSD_CMD_LISTENER_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000036c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3], 0x24}, 0x1, 0x0, 0x0, 0x4000}, 0x40880) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) poll$auto(&(0x7f00000001c0)={r1, 0xffff, 0x29}, 0x6, 0x5) rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') socket(0x11, 0x800, 0x4) r5 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r6 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={0x38, r5, 0x1, 0x70bd2a, 0x25dfdbfe, {}, [@OVS_DP_ATTR_UPCALL_PID={0x8, 0x2, 0xc}, @OVS_DP_ATTR_MASKS_CACHE_SIZE={0x8, 0x7, 0x3}, @OVS_DP_ATTR_NAME={0x11, 0x1, 'ovs_datapath\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x800) timer_create$auto_CLOCK_MONOTONIC(0x1, &(0x7f0000000380)={@sival_int, @inferred=r6, 0x3, @_sigev_thread={&(0x7f0000000300)=&(0x7f0000000280)=0x40, &(0x7f0000000440)="e538c58fe8b0c527d4e7863039562c2c5b42493f2627161555dd575a4d93b28556531b9aebb32fade06c649d4541692ac37f17c5b738863da19a5dd0ef065fb2fa46ef2c090b203ec5892f64e812b06bf31d2804f84433f69c5a1908839c34feb00d6c66b087eca9b36901fcf9118be5dcefd9daede1379c2976ec44c96e7dbb43f616"}}, &(0x7f0000000500)) sendmsg$auto_NL80211_CMD_SET_POWER_SAVE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x50, 0x0, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_ALPHA2={0x19, 0x21, "64b6698fa876c13434397b82dd574e5da012ca6618"}, @NL80211_ATTR_HE_BSS_COLOR={0x20, 0x11b, 0x0, 0x1, [@NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_PARTIAL={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}, @NL80211_HE_BSS_COLOR_ATTR_DISABLED={0x4}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20004800}, 0x48080) sendmsg$auto_HWSIM_CMD_DEL_RADIO(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x24004000) kill$auto(0x80000007, 0x24) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1200"], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) ioctl$auto_UBI_IOCDET(r4, 0x40046f41, &(0x7f0000000000)=0x1) 1.81026504s ago: executing program 3 (id=130): r0 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) getsockopt$auto(r0, 0x11, 0x3, 0xfffffffffffffffc, 0x0) (async, rerun: 64) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyw7\x00', 0x7b5da4a72bd95c45, 0x0) (async, rerun: 64) mmap$auto(0x0, 0x2020009, 0x1, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket(0x2000000000000021, 0x2, 0x10000000000002) setsockopt$auto(r2, 0x110, 0x7, 0x0, 0x4) ioctl$auto_TIOCMSET2(r1, 0x5418, &(0x7f0000000080)="afb211e4582809f9a12d2e643ac240d5b7eba73a02231a82d75045ef81abc99b783a93ecae6280ef9613114c57705d3b49f553f34cf6897dd1ce01b99d9ce24ef97c3f6f8caebae5a6ac06f0ecc3a181fa513381e106581702ac079f0dac30f81ea159d59b56fb1112685bdf0247d2d855dc4eaf0856056d5cc0f19430da8d81a396b3d746275a1db9fa43875485a259534577027f94a98a90ac4614b7d2d72b8b4165cae4198f1b82746366e246eeef2992424c4df24c1e7aea9afd56128c530e3f") 1.339651694s ago: executing program 3 (id=131): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/usbip-vudc.0/usbip_status\x00', 0x8a180, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f00000010c0)=""/4106, 0x100a) r1 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@bpf_attr_7={@prog_id=0x6, 0x6bd, 0x4, r1}, 0x4) ioctl$auto_EVIOCGMASK(r1, 0x80104592, &(0x7f0000000000)={0x7, 0x4, 0x3}) 1.180131921s ago: executing program 0 (id=132): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x2012, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) ioctl$auto_IMDELTIMER(0xffffffffffffffff, 0x80044941, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mount_setattr$auto(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000640)={0x10002c, 0x7f, 0x0, @raw=0xce8}, 0x287) r1 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/pci/00/01.3\x00', 0x100, 0x0) pread64$auto(r1, 0x0, 0x40000000f42c, 0x2) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x5, 0x2) mount$auto(0x0, &(0x7f0000001500)='./file0\x00', &(0x7f0000001540)='\x00\x00i\xffw', 0x4, 0x0) ioctl$auto_XFS_IOC_FREESP64(0xffffffffffffffff, 0x40305825, &(0x7f0000000180)={0x7f, 0x1, 0x1, 0x2, 0xffffffff}) setsockopt$auto(0x3, 0x1, 0x20, 0x0, 0x9) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) socket$nl_generic(0x10, 0x3, 0x10) setreuid$auto(0xffffffffffffffff, 0x8) r2 = socket(0xa, 0x2, 0x0) setsockopt$auto(r2, 0x29, 0x37, 0x0, 0x110) syz_genetlink_get_family_id$auto_nfsd(&(0x7f0000002f00), 0xffffffffffffffff) connect$auto(0xffffffffffffffff, &(0x7f0000000040)=@generic={0x25, "835aabaf5dc454e38226799f73aa"}, 0x3d) shutdown$auto(0x200000003, 0x2) bpf$auto(0x0, 0x0, 0x6f4) r3 = syz_genetlink_get_family_id$auto_macsec(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_TXSA(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000200)={&(0x7f0000002f40)={0x14, r3, 0x100, 0x70bd2d, 0x25dfdbfc}, 0x14}}, 0x4000) 1.038309703s ago: executing program 1 (id=133): setgid$auto(0x7ff) keyctl$auto(0x12, 0x102000000010001, 0x7f, 0x200, 0x3) ioctl$auto(0xffffffffffffffff, 0x1, 0xffffffffffffffff) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000002480)='/dev/amidi2\x00', 0x20141, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x9, 0xb5, 0x2010, 0xb, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x7, 0x6}, 0x10) bpf$auto(0x1a, &(0x7f0000000380)=@link_create={@prog_fd, @target_ifindex, 0x3, 0x40081, @uprobe_multi={0x81, 0x1ff, 0x8, 0x0, 0x1, 0x4}}, 0x81) ioctl$auto_SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, 0x0) unshare$auto(0x40000080) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0xfff) listmount$auto(0x0, &(0x7f00000001c0)=0x4, 0x4, 0x101) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) pidfd_open$auto(0x1, 0x0) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x1842, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vhci_hcd.2/usb13/power/wakeup\x00', 0x284282, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) close_range$auto(0xffffffffffffffff, r2, 0x2) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xa, 0x1, 0x948b, 0x4, 0x15f4da0a, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x6d39, 0x5, 0x800000002, 0x1]}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nlctrl(&(0x7f0000003fc0), 0xffffffffffffffff) sendmsg$auto_CTRL_CMD_GETFAMILY2(r3, &(0x7f00000040c0)={0x0, 0x0, &(0x7f0000004080)={&(0x7f0000004000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="01022cbd7000fddbdf2503000000"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x4000050) syz_genetlink_get_family_id$auto_ovs_ct_limit(&(0x7f0000000840), 0xffffffffffffffff) r5 = socket(0x25, 0x1, 0x0) setsockopt$auto(r5, 0x113, 0x7f, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) 1.038115742s ago: executing program 3 (id=134): ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x3, 0x2, 0x2d12, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) openat$auto_proc_projid_map_operations_base(0xffffffffffffff9c, 0x0, 0x88400, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x10000000000df, 0xeb2, 0x401, 0x8000) r1 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) ioctl$auto(r1, 0x5452, 0x8) ioctl$auto(0x3, 0x40106f52, r0) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x902, 0x0) write$auto(r2, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x20000) 423.160407ms ago: executing program 2 (id=135): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000006c0)='/sys/devices/platform/dummy_hcd.5/usb6/bMaxPower\x00', 0x80, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, &(0x7f0000002c40)=""/25, 0x19) mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xffffffffffffffff, 0x8000) mincore$auto(0xcf40, 0x101, &(0x7f0000000000)='{\x00') setxattrat$auto(0xffffffffffffffff, 0x0, 0xc24, 0x0, 0x0, 0x20005b) ioctl$auto(0xc8, 0xffffffff800454dd, 0x4000000000008) 336.186767ms ago: executing program 3 (id=136): r0 = prctl$auto_PR_TIMER_CREATE_RESTORE_IDS_GET(0x5, 0x2, 0x0, 0x1f9, 0x6) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_CQM(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x58, r1, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@NL80211_ATTR_MNTR_FLAGS={0x41, 0x17, "0604ac1d63dc23c988ffb71b08264af4f8733548a5e13736fc52be35cb43a42a7176ac7b161a491263063c35aa80de8018b1948df4f056c3136d6f746d"}]}, 0x58}, 0x1, 0x0, 0x0, 0x4041}, 0x20008090) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFC_CMD_VENDOR(r0, &(0x7f0000000340)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000300)={&(0x7f0000000240)={0x84, 0x0, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x9}, @NFC_ATTR_DEVICE_POWERED={0x5, 0xc, 0x81}, @NFC_ATTR_FIRMWARE_NAME={0xc, 0x14, 'nl80211\x00'}, @NFC_ATTR_VENDOR_DATA={0x49, 0x1f, "d43cf33e91e90cf8de5590177f59ec86d6421c785503da53b129f7f604078e42e156ab6630916bd955a69cc0cd09c03cbcce0b689962608cdf8e749964ad305b0ce94d4793"}, @NFC_ATTR_DEVICE_NAME={0x6, 0x2, ']&'}]}, 0x84}, 0x1, 0x0, 0x0, 0x24040005}, 0x0) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(r0, &(0x7f0000000380)=']&', 0x5) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000700)='/sys/devices/platform/dummy_hcd.5/usb6/maxchild\x00', 0x0, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000040), 0x34000, 0x0) write$auto(r3, &(0x7f00000001c0)='/dev/ppp\x00', 0x40) ioctl$auto_PPPIOCSMRU(r3, 0xc004743e, 0x0) 162.376287ms ago: executing program 0 (id=137): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0x401, 0x8000) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x40008000) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x4, 0x7) mmap$auto(0x0, 0x4000a, 0x3, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) io_uring_register$auto(0x2, 0x0, &(0x7f0000000000), 0x3) r1 = ioctl$auto_SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f00000001c0)=0x14386b98) ioctl$auto_EVIOCGKEYCODE(r1, 0x80084504, &(0x7f0000000200)=[0xb, 0xee8]) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dri/card1\x00', 0x129a00, 0x0) ioctl$auto(r2, 0x900064b5, 0xc14) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', 0x140242, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) writev$auto(r3, &(0x7f0000000200)={0x0, 0x10}, 0x3) close_range$auto(0x2, 0x8, 0x0) setpgid$auto(0x0, 0xffffffffffffffff) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r5, 0x0, 0x20) r6 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r6, &(0x7f0000000200)={0x0, 0x7}, 0x3) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) syz_clone(0x2360411, 0x0, 0x0, 0x0, 0x0, 0x0) 82.93627ms ago: executing program 3 (id=138): ioctl$auto_TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) unshare$auto(0x20000) 0s ago: executing program 2 (id=139): pwrite64$auto(0xc8, &(0x7f0000000140)='\vX\xb5n\x91p\xe6\x1eRNM\x99\x86\xdde\x1cJ\x99\x00\x00\x00\x00,\x00\xfd\xfd\xd3\xd3\x1d\xf8\xbe\x01\x00\x00\x00\'\x03\x00\x00\x9f\x1e\xf9\xa4*\x01\x00\x00\x00^B\xb8\xe4j\t,\xe4\x90\xcc\x9d\xc5\x0fo\x84\xf4\x89\v\xea\x1b\x95\xafQ;CL\"\x01@\x00\x00\x00\x00\f\x00\xc0\x13\xc8\xe2\xae\xf5\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8d\x81\x81O*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,8\x93\xba\x88\x93\x9d\xb6\x1a\x7f\xc0%\xb0\x83ROJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd6eWj\xdc\xac\x88\xf0\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00\x00\xff\xff\x00'/242, 0xfdf0, 0x39) bpf$auto(0x0, 0x0, 0xee) sendmsg$auto_ETHTOOL_MSG_TUNNEL_INFO_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0x24000000}, 0x4000000) ioctl$auto_TIOCMBIS(0xffffffffffffffff, 0x5416, &(0x7f00000001c0)) openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/pcmC1D1p\x00', 0x2480, 0x0) ioctl$auto_FBIO_CURSOR(0xffffffffffffffff, 0xc0684608, &(0x7f00000001c0)={0x6, 0x1, 0x600, &(0x7f0000000240)='!\x00', {0x1003, 0x9b72}, {0x5, 0x3, 0x2, 0x9, 0x4, 0x7f, 0x9, 0x0, {0x1fe, 0xffffff81, 0x0, 0x0, 0x0, 0x0}}}) write$auto(0xca, &(0x7f0000000040)='\x04>\x01\r\xfb\xff\xf6OL\xc8\xbe\x94\xf2\xa2\x00\x00', 0x2d9) ioprio_set$auto(0x6, 0x0, 0x6) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.92' (ED25519) to the list of known hosts. [ 97.237078][ T24] cfg80211: failed to load regulatory.db [ 97.366435][ T5829] cgroup: Unknown subsys name 'net' [ 97.517979][ T5829] cgroup: Unknown subsys name 'cpuset' [ 97.527968][ T5829] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 99.333896][ T5829] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 101.658984][ T5854] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 101.667126][ T5854] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 101.675745][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 101.691732][ T5855] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 101.699005][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 101.709256][ T5856] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 101.713023][ T5854] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 101.725087][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 101.732995][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 101.743393][ T5856] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 101.750527][ T5159] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 101.759499][ T5159] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 101.768120][ T5159] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 101.771993][ T5857] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 101.776072][ T5159] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 101.797126][ T5159] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 101.806762][ T5159] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 101.821239][ T5159] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 101.828815][ T5159] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 101.837153][ T5159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 102.463210][ T5846] chnl_net:caif_netlink_parms(): no params data found [ 102.501945][ T5843] chnl_net:caif_netlink_parms(): no params data found [ 102.536541][ T5845] chnl_net:caif_netlink_parms(): no params data found [ 102.639995][ T5844] chnl_net:caif_netlink_parms(): no params data found [ 102.788142][ T5845] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.796292][ T5845] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.804301][ T5845] bridge_slave_0: entered allmulticast mode [ 102.811822][ T5845] bridge_slave_0: entered promiscuous mode [ 102.854767][ T5845] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.862813][ T5845] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.870762][ T5845] bridge_slave_1: entered allmulticast mode [ 102.878340][ T5845] bridge_slave_1: entered promiscuous mode [ 102.892417][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.899601][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.906987][ T5846] bridge_slave_0: entered allmulticast mode [ 102.915129][ T5846] bridge_slave_0: entered promiscuous mode [ 102.922913][ T5843] bridge0: port 1(bridge_slave_0) entered blocking state [ 102.930396][ T5843] bridge0: port 1(bridge_slave_0) entered disabled state [ 102.937666][ T5843] bridge_slave_0: entered allmulticast mode [ 102.945736][ T5843] bridge_slave_0: entered promiscuous mode [ 102.954765][ T5843] bridge0: port 2(bridge_slave_1) entered blocking state [ 102.961934][ T5843] bridge0: port 2(bridge_slave_1) entered disabled state [ 102.969185][ T5843] bridge_slave_1: entered allmulticast mode [ 102.976885][ T5843] bridge_slave_1: entered promiscuous mode [ 103.005776][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.012998][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.020356][ T5846] bridge_slave_1: entered allmulticast mode [ 103.027991][ T5846] bridge_slave_1: entered promiscuous mode [ 103.121193][ T5843] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.136841][ T5845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.150648][ T5845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.176423][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.189550][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.201778][ T5843] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.225424][ T5844] bridge0: port 1(bridge_slave_0) entered blocking state [ 103.232652][ T5844] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.240403][ T5844] bridge_slave_0: entered allmulticast mode [ 103.248380][ T5844] bridge_slave_0: entered promiscuous mode [ 103.296648][ T5844] bridge0: port 2(bridge_slave_1) entered blocking state [ 103.306053][ T5844] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.313336][ T5844] bridge_slave_1: entered allmulticast mode [ 103.320776][ T5844] bridge_slave_1: entered promiscuous mode [ 103.360867][ T5845] team0: Port device team_slave_0 added [ 103.386755][ T5846] team0: Port device team_slave_0 added [ 103.408187][ T5843] team0: Port device team_slave_0 added [ 103.418351][ T5845] team0: Port device team_slave_1 added [ 103.425743][ T5846] team0: Port device team_slave_1 added [ 103.435179][ T5844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 103.447929][ T5843] team0: Port device team_slave_1 added [ 103.482605][ T5844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 103.537174][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.544212][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.571503][ T5845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.624078][ T5845] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.631064][ T5845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.657629][ T5845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.669573][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.676992][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.704652][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.718401][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.725741][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.752053][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.765746][ T5844] team0: Port device team_slave_0 added [ 103.772324][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.779442][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.805495][ T5843] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 103.818423][ T5843] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 103.825507][ T5843] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.851473][ T5843] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 103.877349][ T5159] Bluetooth: hci3: command tx timeout [ 103.877349][ T5847] Bluetooth: hci1: command tx timeout [ 103.877688][ T5159] Bluetooth: hci0: command tx timeout [ 103.894896][ T5853] Bluetooth: hci2: command tx timeout [ 103.895592][ T5844] team0: Port device team_slave_1 added [ 103.954460][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 103.961441][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 103.987704][ T5844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 104.000774][ T5844] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 104.008128][ T5844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 104.034371][ T5844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 104.117183][ T5845] hsr_slave_0: entered promiscuous mode [ 104.124039][ T5845] hsr_slave_1: entered promiscuous mode [ 104.150338][ T5846] hsr_slave_0: entered promiscuous mode [ 104.157683][ T5846] hsr_slave_1: entered promiscuous mode [ 104.164176][ T5846] debugfs: 'hsr0' already exists in 'hsr' [ 104.169974][ T5846] Cannot create hsr debugfs directory [ 104.181685][ T5843] hsr_slave_0: entered promiscuous mode [ 104.188417][ T5843] hsr_slave_1: entered promiscuous mode [ 104.194917][ T5843] debugfs: 'hsr0' already exists in 'hsr' [ 104.200680][ T5843] Cannot create hsr debugfs directory [ 104.317420][ T5844] hsr_slave_0: entered promiscuous mode [ 104.325126][ T5844] hsr_slave_1: entered promiscuous mode [ 104.331286][ T5844] debugfs: 'hsr0' already exists in 'hsr' [ 104.337256][ T5844] Cannot create hsr debugfs directory [ 104.795672][ T5843] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 104.815228][ T5843] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 104.827260][ T5843] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 104.840259][ T5843] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 104.907873][ T5846] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 104.926905][ T5846] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 104.938945][ T5846] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 104.952673][ T5846] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 105.074342][ T5844] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 105.087499][ T5844] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 105.111981][ T5844] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 105.128754][ T5844] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 105.239408][ T5845] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 105.269165][ T5845] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 105.281950][ T5845] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 105.296667][ T5845] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 105.336671][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.355131][ T5843] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.414684][ T5846] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.445647][ T2993] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.453080][ T2993] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.480035][ T5843] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.492184][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.499385][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.536374][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.543666][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.571294][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.578463][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.686872][ T5844] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.746234][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 105.785497][ T5844] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.801005][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 105.855946][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.863154][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.912735][ T1144] bridge0: port 1(bridge_slave_0) entered blocking state [ 105.919989][ T1144] bridge0: port 1(bridge_slave_0) entered forwarding state [ 105.942166][ T1144] bridge0: port 2(bridge_slave_1) entered blocking state [ 105.949421][ T1144] bridge0: port 2(bridge_slave_1) entered forwarding state [ 105.957793][ T5853] Bluetooth: hci3: command tx timeout [ 105.964791][ T51] Bluetooth: hci0: command tx timeout [ 105.966100][ T5159] Bluetooth: hci1: command tx timeout [ 105.970221][ T51] Bluetooth: hci2: command tx timeout [ 105.996085][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 106.003343][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 106.250219][ T5843] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.412569][ T5843] veth0_vlan: entered promiscuous mode [ 106.461255][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.481778][ T5843] veth1_vlan: entered promiscuous mode [ 106.620826][ T5843] veth0_macvtap: entered promiscuous mode [ 106.656584][ T5846] veth0_vlan: entered promiscuous mode [ 106.680573][ T5843] veth1_macvtap: entered promiscuous mode [ 106.738447][ T5846] veth1_vlan: entered promiscuous mode [ 106.762619][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.772487][ T5844] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.794725][ T5843] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 106.821227][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 106.830466][ T36] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.843055][ T36] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.856161][ T36] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.880567][ T36] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 106.985628][ T5846] veth0_macvtap: entered promiscuous mode [ 107.030905][ T5846] veth1_macvtap: entered promiscuous mode [ 107.052393][ T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.071674][ T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.091085][ T5844] veth0_vlan: entered promiscuous mode [ 107.130308][ T5845] veth0_vlan: entered promiscuous mode [ 107.141487][ T5844] veth1_vlan: entered promiscuous mode [ 107.155336][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.181667][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.182731][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.198147][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.207072][ T5845] veth1_vlan: entered promiscuous mode [ 107.245364][ T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.298879][ T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.307905][ T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.311737][ T5843] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 107.349159][ T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.461894][ T5844] veth0_macvtap: entered promiscuous mode [ 107.490051][ T5845] veth0_macvtap: entered promiscuous mode [ 107.525438][ T5845] veth1_macvtap: entered promiscuous mode [ 107.567927][ T5844] veth1_macvtap: entered promiscuous mode [ 107.637768][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.665538][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.680381][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.724173][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.746991][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 107.813398][ T5844] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 107.833161][ T5933] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 107.895369][ T36] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.907360][ T36] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.919358][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 107.928451][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 107.946251][ T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 107.961270][ T36] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.026048][ T36] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.034070][ T51] Bluetooth: hci2: command tx timeout [ 108.040994][ T51] Bluetooth: hci1: command tx timeout [ 108.046616][ T5847] Bluetooth: hci3: command tx timeout [ 108.047190][ T5159] Bluetooth: hci0: command tx timeout [ 108.072082][ T36] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.088027][ T36] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.097634][ T36] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.300628][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.316243][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.559847][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.586800][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.677970][ T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.695758][ T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.741535][ T1144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 108.774267][ T1144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 108.859991][ T5939] FAULT_INJECTION: forcing a failure. [ 108.859991][ T5939] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 108.910047][ T5939] CPU: 1 UID: 0 PID: 5939 Comm: syz.3.6 Not tainted syzkaller #0 PREEMPT(full) [ 108.910090][ T5939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 108.910115][ T5939] Call Trace: [ 108.910125][ T5939] [ 108.910138][ T5939] dump_stack_lvl+0x16c/0x1f0 [ 108.910206][ T5939] should_fail_ex+0x512/0x640 [ 108.910243][ T5939] _copy_from_user+0x2e/0xd0 [ 108.910276][ T5939] __sys_bpf+0x248/0x4980 [ 108.910311][ T5939] ? futex_private_hash_put+0x18a/0x300 [ 108.910360][ T5939] ? __pfx___sys_bpf+0x10/0x10 [ 108.910398][ T5939] ? __pfx_futex_wake+0x10/0x10 [ 108.910428][ T5939] ? rcu_is_watching+0x12/0xc0 [ 108.910482][ T5939] ? do_futex+0x122/0x350 [ 108.910551][ T5939] ? __pfx_blkcg_maybe_throttle_current+0x10/0x10 [ 108.910599][ T5939] ? xfd_validate_state+0x61/0x180 [ 108.910638][ T5939] __x64_sys_bpf+0x78/0xc0 [ 108.910673][ T5939] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.910719][ T5939] do_syscall_64+0xcd/0x4b0 [ 108.910769][ T5939] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 108.910802][ T5939] RIP: 0033:0x7f206998eec9 [ 108.910834][ T5939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 108.910865][ T5939] RSP: 002b:00007f206a795038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 108.910895][ T5939] RAX: ffffffffffffffda RBX: 00007f2069be5fa0 RCX: 00007f206998eec9 [ 108.910916][ T5939] RDX: 0000000000000010 RSI: 00002000000001c0 RDI: 0000000000000000 [ 108.910936][ T5939] RBP: 00007f2069a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 108.910955][ T5939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 108.910973][ T5939] R13: 00007f2069be6038 R14: 00007f2069be5fa0 R15: 00007ffe33539408 [ 108.911012][ T5939] [ 109.124391][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.598905][ T5951] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 110.113858][ T5159] Bluetooth: hci1: command tx timeout [ 110.119334][ T5853] Bluetooth: hci3: command tx timeout [ 110.119347][ T51] Bluetooth: hci2: command tx timeout [ 110.128300][ T5853] Bluetooth: hci0: command tx timeout [ 110.339444][ T5962] Zero length message leads to an empty skb [ 110.346561][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.589483][ T5971] netlink: 186 bytes leftover after parsing attributes in process `syz.0.10'. [ 112.265650][ T5990] can0: slcan on pty200. [ 112.577452][ T5992] can0 (unregistered): slcan off pty200. [ 112.674466][ T5996] FAULT_INJECTION: forcing a failure. [ 112.674466][ T5996] name failslab, interval 1, probability 0, space 0, times 1 [ 112.707785][ T5996] CPU: 1 UID: 0 PID: 5996 Comm: syz.3.15 Not tainted syzkaller #0 PREEMPT(full) [ 112.707829][ T5996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 112.707856][ T5996] Call Trace: [ 112.707866][ T5996] [ 112.707879][ T5996] dump_stack_lvl+0x16c/0x1f0 [ 112.707934][ T5996] should_fail_ex+0x512/0x640 [ 112.707963][ T5996] ? __kmalloc_node_noprof+0xc5/0x500 [ 112.708003][ T5996] should_failslab+0xc2/0x120 [ 112.708041][ T5996] __kmalloc_node_noprof+0xd8/0x500 [ 112.708076][ T5996] ? alloc_slab_obj_exts+0x41/0xa0 [ 112.708130][ T5996] alloc_slab_obj_exts+0x41/0xa0 [ 112.708178][ T5996] __memcg_slab_post_alloc_hook+0x255/0x960 [ 112.708224][ T5996] ? kasan_save_track+0x14/0x30 [ 112.708260][ T5996] kmem_cache_alloc_noprof+0x307/0x3b0 [ 112.708293][ T5996] ? alloc_vfsmnt+0x23/0x6b0 [ 112.708336][ T5996] alloc_vfsmnt+0x23/0x6b0 [ 112.708385][ T5996] clone_mnt+0x6d/0xbf0 [ 112.708437][ T5996] copy_tree+0xee/0xbd0 [ 112.708464][ T5996] ? __pfx_down_write+0x10/0x10 [ 112.708530][ T5996] copy_mnt_ns+0x1a9/0xa90 [ 112.708563][ T5996] ? trace_kmem_cache_alloc+0x28/0xc0 [ 112.708605][ T5996] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 112.708638][ T5996] ? create_new_namespaces+0x30/0xa90 [ 112.708685][ T5996] create_new_namespaces+0xd3/0xa90 [ 112.708725][ T5996] ? bpf_lsm_capable+0x9/0x10 [ 112.708777][ T5996] ? security_capable+0x7e/0x260 [ 112.708836][ T5996] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 112.708881][ T5996] ksys_unshare+0x45b/0xa40 [ 112.708966][ T5996] ? __pfx_ksys_unshare+0x10/0x10 [ 112.709016][ T5996] ? xfd_validate_state+0x61/0x180 [ 112.709058][ T5996] __x64_sys_unshare+0x31/0x40 [ 112.709106][ T5996] do_syscall_64+0xcd/0x4b0 [ 112.709157][ T5996] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 112.709189][ T5996] RIP: 0033:0x7f206998eec9 [ 112.709215][ T5996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 112.709245][ T5996] RSP: 002b:00007f206a795038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 112.709276][ T5996] RAX: ffffffffffffffda RBX: 00007f2069be5fa0 RCX: 00007f206998eec9 [ 112.709296][ T5996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 112.709315][ T5996] RBP: 00007f2069a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 112.709334][ T5996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.709352][ T5996] R13: 00007f2069be6038 R14: 00007f2069be5fa0 R15: 00007ffe33539408 [ 112.709393][ T5996] [ 113.182080][ T6000] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 113.554207][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 113.562826][ T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!! [ 113.824263][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 113.963600][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 113.993801][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.036500][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.075194][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 114.143803][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 114.742219][ T6046] FAULT_INJECTION: forcing a failure. [ 114.742219][ T6046] name failslab, interval 1, probability 0, space 0, times 0 [ 114.742340][ T6046] CPU: 0 UID: 0 PID: 6046 Comm: syz.3.24 Not tainted syzkaller #0 PREEMPT(full) [ 114.742399][ T6046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 114.742420][ T6046] Call Trace: [ 114.742431][ T6046] [ 114.742443][ T6046] dump_stack_lvl+0x16c/0x1f0 [ 114.742502][ T6046] should_fail_ex+0x512/0x640 [ 114.742533][ T6046] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 114.742573][ T6046] should_failslab+0xc2/0x120 [ 114.742613][ T6046] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 114.742649][ T6046] ? ptlock_alloc+0x1f/0x70 [ 114.742704][ T6046] ptlock_alloc+0x1f/0x70 [ 114.742756][ T6046] pte_alloc_one+0x82/0x3a0 [ 114.742800][ T6046] __pte_alloc+0x6d/0x3c0 [ 114.742841][ T6046] ? __pfx___pte_alloc+0x10/0x10 [ 114.742886][ T6046] ? __pfx___might_resched+0x10/0x10 [ 114.742926][ T6046] ? copy_page_range+0x1fa8/0x5c80 [ 114.742982][ T6046] copy_page_range+0x3b83/0x5c80 [ 114.743085][ T6046] ? __pfx_copy_page_range+0x10/0x10 [ 114.743152][ T6046] ? __pfx___might_resched+0x10/0x10 [ 114.743189][ T6046] ? __pfx_mas_store+0x10/0x10 [ 114.743218][ T6046] ? __vma_enter_locked+0x163/0x3f0 [ 114.743276][ T6046] ? dup_mmap+0xe37/0x21d0 [ 114.743319][ T6046] ? down_write+0x14d/0x200 [ 114.743352][ T6046] ? up_write+0x1b2/0x520 [ 114.743388][ T6046] dup_mmap+0xe87/0x21d0 [ 114.743450][ T6046] ? __pfx_dup_mmap+0x10/0x10 [ 114.743527][ T6046] copy_process+0x4099/0x76a0 [ 114.743590][ T6046] ? __pfx_copy_process+0x10/0x10 [ 114.743638][ T6046] ? futex_private_hash_put+0x176/0x300 [ 114.743691][ T6046] ? futex_private_hash_put+0x18a/0x300 [ 114.743747][ T6046] kernel_clone+0xfc/0x930 [ 114.743795][ T6046] ? __pfx_futex_wake+0x10/0x10 [ 114.743826][ T6046] ? __pfx_kernel_clone+0x10/0x10 [ 114.743910][ T6046] __do_sys_clone+0xce/0x120 [ 114.743958][ T6046] ? __pfx___do_sys_clone+0x10/0x10 [ 114.744006][ T6046] ? __sys_sendmsg+0x18c/0x220 [ 114.744073][ T6046] ? xfd_validate_state+0x61/0x180 [ 114.744120][ T6046] do_syscall_64+0xcd/0x4b0 [ 114.744174][ T6046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 114.744207][ T6046] RIP: 0033:0x7f206998eec9 [ 114.744234][ T6046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 114.744265][ T6046] RSP: 002b:00007f206a795038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 114.744295][ T6046] RAX: ffffffffffffffda RBX: 00007f2069be5fa0 RCX: 00007f206998eec9 [ 114.744317][ T6046] RDX: 0000200000000480 RSI: 0000000000000008 RDI: 0000000000000007 [ 114.744337][ T6046] RBP: 00007f2069a11f91 R08: 0000000000000008 R09: 0000000000000000 [ 114.744356][ T6046] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000 [ 114.744377][ T6046] R13: 00007f2069be6038 R14: 00007f2069be5fa0 R15: 00007ffe33539408 [ 114.744421][ T6046] [ 114.991891][ T6057] syz.1.25 uses obsolete (PF_INET,SOCK_PACKET) [ 116.798342][ T13] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.008994][ T13] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.194807][ T13] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 117.464129][ T5853] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 117.464171][ T5853] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 117.479457][ T5853] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 117.479541][ T5853] Bluetooth: hci0: adv larger than maximum supported [ 117.486938][ T5853] Bluetooth: hci0: adv larger than maximum supported [ 117.494341][ T5853] Bluetooth: hci0: Malformed LE Event: 0x0d [ 117.510126][ T13] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 118.183201][ T5159] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 118.221791][ T5159] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 118.230279][ T5159] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 118.239580][ T5159] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 118.250363][ T5159] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 118.650105][ T13] bridge_slave_1: left allmulticast mode [ 118.694435][ T13] bridge_slave_1: left promiscuous mode [ 118.701516][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.894828][ T13] bridge_slave_0: left allmulticast mode [ 118.920266][ T13] bridge_slave_0: left promiscuous mode [ 118.943624][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 120.301058][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 120.345823][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 120.354682][ T5159] Bluetooth: hci3: command tx timeout [ 120.444586][ T13] bond0 (unregistering): Released all slaves [ 122.275062][ T6096] chnl_net:caif_netlink_parms(): no params data found [ 122.433800][ T5159] Bluetooth: hci3: command tx timeout [ 122.577262][ T13] hsr_slave_0: left promiscuous mode [ 122.583808][ T13] hsr_slave_1: left promiscuous mode [ 122.590008][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 122.620245][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 122.647418][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 122.664198][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 122.716409][ T6135] hub 1-0:1.0: USB hub found [ 122.741974][ T6135] hub 1-0:1.0: 1 port detected [ 122.804492][ T13] veth1_macvtap: left promiscuous mode [ 122.818822][ T13] veth0_macvtap: left promiscuous mode [ 122.882027][ T13] veth1_vlan: left promiscuous mode [ 122.897705][ T13] veth0_vlan: left promiscuous mode [ 124.079763][ T6149] FAULT_INJECTION: forcing a failure. [ 124.079763][ T6149] name failslab, interval 1, probability 0, space 0, times 0 [ 124.135103][ T6149] CPU: 0 UID: 0 PID: 6149 Comm: syz.2.40 Not tainted syzkaller #0 PREEMPT(full) [ 124.135149][ T6149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 124.135169][ T6149] Call Trace: [ 124.135180][ T6149] [ 124.135194][ T6149] dump_stack_lvl+0x16c/0x1f0 [ 124.135250][ T6149] should_fail_ex+0x512/0x640 [ 124.135281][ T6149] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 124.135322][ T6149] should_failslab+0xc2/0x120 [ 124.135362][ T6149] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 124.135399][ T6149] ? proc_alloc_inode+0x25/0x200 [ 124.135445][ T6149] ? __pfx_proc_alloc_inode+0x10/0x10 [ 124.135484][ T6149] proc_alloc_inode+0x25/0x200 [ 124.135523][ T6149] alloc_inode+0x64/0x240 [ 124.135566][ T6149] new_inode+0x22/0x1c0 [ 124.135613][ T6149] proc_pid_make_inode+0x22/0x160 [ 124.135654][ T6149] proc_pident_instantiate+0x85/0x310 [ 124.135699][ T6149] proc_pident_lookup+0x1f5/0x270 [ 124.135751][ T6149] __lookup_slow+0x24e/0x460 [ 124.135799][ T6149] ? __pfx___lookup_slow+0x10/0x10 [ 124.135884][ T6149] ? lookup_fast+0x156/0x610 [ 124.135941][ T6149] walk_component+0x353/0x5b0 [ 124.135997][ T6149] link_path_walk+0x511/0xe20 [ 124.136064][ T6149] path_openat+0x1b0/0x2cb0 [ 124.136096][ T6149] ? arch_stack_walk+0xa6/0x100 [ 124.136150][ T6149] ? __pfx_path_openat+0x10/0x10 [ 124.136184][ T6149] ? stack_trace_save+0x8e/0xc0 [ 124.136228][ T6149] ? __pfx_stack_trace_save+0x10/0x10 [ 124.136279][ T6149] do_filp_open+0x20b/0x470 [ 124.136313][ T6149] ? __pfx_do_filp_open+0x10/0x10 [ 124.136345][ T6149] ? kasan_save_stack+0x42/0x60 [ 124.136376][ T6149] ? kasan_save_stack+0x33/0x60 [ 124.136422][ T6149] ? __pfx_proc_put_link+0x10/0x10 [ 124.136466][ T6149] ? __pfx_kfree_link+0x10/0x10 [ 124.136537][ T6149] file_open_name+0x2a3/0x450 [ 124.136587][ T6149] ? __pfx_file_open_name+0x10/0x10 [ 124.136652][ T6149] acct_on+0x77/0x870 [ 124.136687][ T6149] __x64_sys_acct+0xaf/0x230 [ 124.136716][ T6149] ? lockdep_hardirqs_on+0x7c/0x110 [ 124.136763][ T6149] do_syscall_64+0xcd/0x4b0 [ 124.136816][ T6149] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.136861][ T6149] RIP: 0033:0x7feed9d8eec9 [ 124.136888][ T6149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.136921][ T6149] RSP: 002b:00007feed7ff6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3 [ 124.136952][ T6149] RAX: ffffffffffffffda RBX: 00007feed9fe5fa0 RCX: 00007feed9d8eec9 [ 124.136975][ T6149] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000000c0 [ 124.136994][ T6149] RBP: 00007feed9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 124.137015][ T6149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 124.137034][ T6149] R13: 00007feed9fe6038 R14: 00007feed9fe5fa0 R15: 00007ffc7c6365e8 [ 124.137079][ T6149] [ 124.434077][ T6150] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 124.513591][ T5159] Bluetooth: hci3: command tx timeout [ 125.122903][ T5159] Bluetooth: hci0: unexpected event 0x3e length: 726 > 260 [ 125.122944][ T5159] Bluetooth: hci0: unexpected subevent 0x0d length: 725 > 260 [ 125.138922][ T5159] Bluetooth: hci0: Unknown advertising packet type: 0x7f [ 125.138949][ T5159] Bluetooth: hci0: adv larger than maximum supported [ 125.146711][ T5159] Bluetooth: hci0: adv larger than maximum supported [ 125.157517][ T5159] Bluetooth: hci0: Malformed LE Event: 0x0d [ 125.851796][ T6164] Console: switching to colour VGA+ 80x25 [ 126.252048][ T13] team0 (unregistering): Port device team_slave_1 removed [ 126.428054][ T13] team0 (unregistering): Port device team_slave_0 removed [ 126.593604][ T5159] Bluetooth: hci3: command tx timeout [ 127.368432][ T6096] bridge0: port 1(bridge_slave_0) entered blocking state [ 127.385684][ T6096] bridge0: port 1(bridge_slave_0) entered disabled state [ 127.395760][ T6096] bridge_slave_0: entered allmulticast mode [ 127.406941][ T6096] bridge_slave_0: entered promiscuous mode [ 127.457876][ T6096] bridge0: port 2(bridge_slave_1) entered blocking state [ 127.465280][ T6096] bridge0: port 2(bridge_slave_1) entered disabled state [ 127.475866][ T6096] bridge_slave_1: entered allmulticast mode [ 127.497382][ T6096] bridge_slave_1: entered promiscuous mode [ 127.897564][ T6096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 128.166107][ T6096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 128.260138][ T6181] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 128.277410][ T6181] netlink: zone id is out of range [ 128.762296][ T6096] team0: Port device team_slave_0 added [ 128.916317][ T6096] team0: Port device team_slave_1 added [ 129.139873][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 129.147305][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.203550][ T6096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 129.217559][ T6096] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 129.228237][ T6096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 129.284098][ T6096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 129.365404][ T6198] random: crng reseeded on system resumption [ 129.586225][ T6096] hsr_slave_0: entered promiscuous mode [ 129.592772][ T6096] hsr_slave_1: entered promiscuous mode [ 129.599243][ T6096] debugfs: 'hsr0' already exists in 'hsr' [ 129.606032][ T6096] Cannot create hsr debugfs directory [ 130.184151][ T6210] random: crng reseeded on system resumption [ 131.172060][ T6224] netlink: 'syz.2.51': attribute type 4 has an invalid length. [ 131.203527][ T6224] netlink: 'syz.2.51': attribute type 1 has an invalid length. [ 131.573997][ T6228] can: request_module (can-proto-0) failed. [ 131.868724][ T6096] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 131.975282][ T6096] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 132.096103][ T6096] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 132.142647][ T6096] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 132.164680][ T6244] FAULT_INJECTION: forcing a failure. [ 132.164680][ T6244] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 132.243415][ T6244] CPU: 0 UID: 0 PID: 6244 Comm: syz.0.54 Not tainted syzkaller #0 PREEMPT(full) [ 132.243455][ T6244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 132.243473][ T6244] Call Trace: [ 132.243483][ T6244] [ 132.243495][ T6244] dump_stack_lvl+0x16c/0x1f0 [ 132.243547][ T6244] should_fail_ex+0x512/0x640 [ 132.243581][ T6244] should_fail_alloc_page+0xe7/0x130 [ 132.243621][ T6244] prepare_alloc_pages+0x3c2/0x610 [ 132.243670][ T6244] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 132.243711][ T6244] ? lock_acquire+0x179/0x350 [ 132.243757][ T6244] ? find_held_lock+0x2b/0x80 [ 132.243799][ T6244] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 132.243830][ T6244] ? finish_task_switch.isra.0+0x221/0xc10 [ 132.243881][ T6244] ? lockdep_hardirqs_on+0x7c/0x110 [ 132.243924][ T6244] ? finish_task_switch.isra.0+0x221/0xc10 [ 132.243972][ T6244] ? __lock_acquire+0x62e/0x1ce0 [ 132.244022][ T6244] ? __lock_acquire+0xb97/0x1ce0 [ 132.244066][ T6244] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 132.244102][ T6244] ? policy_nodemask+0xea/0x4e0 [ 132.244140][ T6244] alloc_pages_mpol+0x1fb/0x550 [ 132.244177][ T6244] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 132.244209][ T6244] ? page_table_check_set+0x627/0x750 [ 132.244252][ T6244] alloc_pages_noprof+0x131/0x390 [ 132.244288][ T6244] pte_alloc_one+0x1c/0x3a0 [ 132.244327][ T6244] __pte_alloc+0x6d/0x3c0 [ 132.244362][ T6244] ? __pfx___pte_alloc+0x10/0x10 [ 132.244397][ T6244] ? __pfx___might_resched+0x10/0x10 [ 132.244431][ T6244] ? copy_page_range+0x1fa8/0x5c80 [ 132.244485][ T6244] copy_page_range+0x3b83/0x5c80 [ 132.244577][ T6244] ? __pfx_copy_page_range+0x10/0x10 [ 132.244638][ T6244] ? __pfx___might_resched+0x10/0x10 [ 132.244671][ T6244] ? __pfx_mas_store+0x10/0x10 [ 132.244696][ T6244] ? __vma_enter_locked+0x163/0x3f0 [ 132.244746][ T6244] ? dup_mmap+0xe37/0x21d0 [ 132.244784][ T6244] ? down_write+0x14d/0x200 [ 132.244814][ T6244] ? up_write+0x1b2/0x520 [ 132.244847][ T6244] dup_mmap+0xe87/0x21d0 [ 132.244909][ T6244] ? __pfx_dup_mmap+0x10/0x10 [ 132.244978][ T6244] copy_process+0x4099/0x76a0 [ 132.245021][ T6244] ? __pfx___futex_wait+0x10/0x10 [ 132.245067][ T6244] ? __pfx_copy_process+0x10/0x10 [ 132.245108][ T6244] ? futex_private_hash_put+0x176/0x300 [ 132.245155][ T6244] ? futex_private_hash_put+0x18a/0x300 [ 132.245203][ T6244] kernel_clone+0xfc/0x930 [ 132.245249][ T6244] ? __pfx_kernel_clone+0x10/0x10 [ 132.245338][ T6244] __do_sys_clone+0xce/0x120 [ 132.245383][ T6244] ? __pfx___do_sys_clone+0x10/0x10 [ 132.245429][ T6244] ? __sys_sendmsg+0x18c/0x220 [ 132.245493][ T6244] ? xfd_validate_state+0x61/0x180 [ 132.245538][ T6244] do_syscall_64+0xcd/0x4b0 [ 132.245590][ T6244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 132.245623][ T6244] RIP: 0033:0x7f901f38eec9 [ 132.245650][ T6244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 132.245680][ T6244] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 132.245709][ T6244] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 132.245729][ T6244] RDX: 0000200000000480 RSI: 0000000000000008 RDI: 0000000000000007 [ 132.245748][ T6244] RBP: 00007f901f411f91 R08: 0000000000000008 R09: 0000000000000000 [ 132.245766][ T6244] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000 [ 132.245785][ T6244] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 132.245827][ T6244] [ 132.834544][ T6096] 8021q: adding VLAN 0 to HW filter on device bond0 [ 132.851932][ T6096] 8021q: adding VLAN 0 to HW filter on device team0 [ 132.885743][ T6096] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 132.896320][ T6096] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 132.939074][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 132.946950][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 132.990183][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 132.997420][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 133.422834][ T6275] FAULT_INJECTION: forcing a failure. [ 133.422834][ T6275] name failslab, interval 1, probability 0, space 0, times 0 [ 133.469316][ T6275] CPU: 1 UID: 0 PID: 6275 Comm: syz.1.56 Not tainted syzkaller #0 PREEMPT(full) [ 133.469361][ T6275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 133.469380][ T6275] Call Trace: [ 133.469392][ T6275] [ 133.469404][ T6275] dump_stack_lvl+0x16c/0x1f0 [ 133.469460][ T6275] should_fail_ex+0x512/0x640 [ 133.469507][ T6275] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 133.469564][ T6275] should_failslab+0xc2/0x120 [ 133.469603][ T6275] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 133.469636][ T6275] ? find_held_lock+0x2b/0x80 [ 133.469673][ T6275] ? vm_area_dup+0x27/0x8d0 [ 133.469724][ T6275] ? dup_mmap+0x5cb/0x21d0 [ 133.469774][ T6275] vm_area_dup+0x27/0x8d0 [ 133.469830][ T6275] dup_mmap+0x876/0x21d0 [ 133.469891][ T6275] ? __pfx_dup_mmap+0x10/0x10 [ 133.469967][ T6275] copy_process+0x4099/0x76a0 [ 133.470034][ T6275] ? __pfx_copy_process+0x10/0x10 [ 133.470081][ T6275] ? futex_private_hash_put+0x176/0x300 [ 133.470134][ T6275] ? futex_private_hash_put+0x18a/0x300 [ 133.470188][ T6275] kernel_clone+0xfc/0x930 [ 133.470235][ T6275] ? __pfx_futex_wake+0x10/0x10 [ 133.470266][ T6275] ? __pfx_kernel_clone+0x10/0x10 [ 133.470339][ T6275] __do_sys_clone+0xce/0x120 [ 133.470387][ T6275] ? __pfx___do_sys_clone+0x10/0x10 [ 133.470435][ T6275] ? __sys_sendmsg+0x18c/0x220 [ 133.470510][ T6275] ? xfd_validate_state+0x61/0x180 [ 133.470556][ T6275] do_syscall_64+0xcd/0x4b0 [ 133.470610][ T6275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.470655][ T6275] RIP: 0033:0x7f63d3b8eec9 [ 133.470681][ T6275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.470712][ T6275] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 133.470744][ T6275] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 133.470765][ T6275] RDX: 0000200000000480 RSI: 0000000000000008 RDI: 0000000000000007 [ 133.470784][ T6275] RBP: 00007f63d3c11f91 R08: 0000000000000008 R09: 0000000000000000 [ 133.470823][ T6275] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000 [ 133.470842][ T6275] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 133.470882][ T6275] [ 134.690740][ T6096] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 134.726113][ T6096] veth0_vlan: entered promiscuous mode [ 134.816104][ T6096] veth1_vlan: entered promiscuous mode [ 135.183207][ T6096] veth0_macvtap: entered promiscuous mode [ 135.191071][ T6308] FAULT_INJECTION: forcing a failure. [ 135.191071][ T6308] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 135.245951][ T6308] CPU: 1 UID: 0 PID: 6308 Comm: syz.1.63 Not tainted syzkaller #0 PREEMPT(full) [ 135.245990][ T6308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 135.246008][ T6308] Call Trace: [ 135.246019][ T6308] [ 135.246030][ T6308] dump_stack_lvl+0x16c/0x1f0 [ 135.246080][ T6308] should_fail_ex+0x512/0x640 [ 135.246113][ T6308] should_fail_alloc_page+0xe7/0x130 [ 135.246153][ T6308] prepare_alloc_pages+0x3c2/0x610 [ 135.246203][ T6308] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 135.246237][ T6308] ? bpf_ksym_find+0x124/0x1c0 [ 135.246276][ T6308] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 135.246322][ T6308] ? is_bpf_text_address+0x94/0x1a0 [ 135.246371][ T6308] ? kernel_text_address+0x8d/0x100 [ 135.246406][ T6308] ? __kernel_text_address+0xd/0x40 [ 135.246439][ T6308] ? unwind_get_return_address+0x59/0xa0 [ 135.246479][ T6308] ? arch_stack_walk+0xa6/0x100 [ 135.246517][ T6308] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 135.246565][ T6308] ? __lock_acquire+0x62e/0x1ce0 [ 135.246622][ T6308] ? __pfx_stack_trace_save+0x10/0x10 [ 135.246670][ T6308] ? look_up_lock_class+0x59/0x150 [ 135.246716][ T6308] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 135.246753][ T6308] ? policy_nodemask+0xea/0x4e0 [ 135.246794][ T6308] alloc_pages_mpol+0x1fb/0x550 [ 135.246834][ T6308] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 135.246876][ T6308] ? __lock_acquire+0x62e/0x1ce0 [ 135.246925][ T6308] folio_alloc_mpol_noprof+0x36/0x2f0 [ 135.246974][ T6308] vma_alloc_folio_noprof+0xed/0x1e0 [ 135.247018][ T6308] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 135.247088][ T6308] do_pte_missing+0x2230/0x3ba0 [ 135.247138][ T6308] ? find_held_lock+0x2b/0x80 [ 135.247185][ T6308] __handle_mm_fault+0x152a/0x2a50 [ 135.247239][ T6308] ? mt_find+0x3ef/0xa30 [ 135.247270][ T6308] ? __pfx___handle_mm_fault+0x10/0x10 [ 135.247316][ T6308] ? __pfx_mt_find+0x10/0x10 [ 135.247369][ T6308] ? find_vma+0xbf/0x140 [ 135.247405][ T6308] ? __pfx_find_vma+0x10/0x10 [ 135.247446][ T6308] handle_mm_fault+0x589/0xd10 [ 135.247495][ T6308] ? __pkru_allows_pkey+0x31/0xb0 [ 135.247529][ T6308] do_user_addr_fault+0x7a6/0x1370 [ 135.247576][ T6308] ? rcu_is_watching+0x12/0xc0 [ 135.247619][ T6308] exc_page_fault+0x5c/0xb0 [ 135.247661][ T6308] asm_exc_page_fault+0x26/0x30 [ 135.247686][ T6308] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 135.247717][ T6308] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 23 04 00 66 66 2e 0f [ 135.247742][ T6308] RSP: 0018:ffffc90003bffae8 EFLAGS: 00050202 [ 135.247763][ T6308] RAX: 0000000000000031 RBX: 0000000000000002 RCX: 0000000000000002 [ 135.247779][ T6308] RDX: ffffed100b4a8c01 RSI: ffff88805a546000 RDI: 00002000000010c0 [ 135.247795][ T6308] RBP: 00002000000010c0 R08: 0000000000000000 R09: ffffed100b4a8c00 [ 135.247811][ T6308] R10: ffff88805a546001 R11: 0000000000000000 R12: ffffc90003bffda0 [ 135.247828][ T6308] R13: 00002000000010c2 R14: ffff88805a546000 R15: 00007ffffffff000 [ 135.247862][ T6308] _copy_to_iter+0x383/0x1710 [ 135.247892][ T6308] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 135.247936][ T6308] ? __pfx__copy_to_iter+0x10/0x10 [ 135.247964][ T6308] ? kernfs_seq_stop+0xcd/0x120 [ 135.248009][ T6308] ? kernfs_put_active+0x86/0xe0 [ 135.248047][ T6308] seq_read_iter+0xcf8/0x12c0 [ 135.248102][ T6308] kernfs_fop_read_iter+0x46c/0x610 [ 135.248143][ T6308] ? rw_verify_area+0xcf/0x6c0 [ 135.248198][ T6308] vfs_read+0x8bf/0xcf0 [ 135.248226][ T6308] ? __pfx___mutex_lock+0x10/0x10 [ 135.248263][ T6308] ? __pfx_vfs_read+0x10/0x10 [ 135.248308][ T6308] ksys_read+0x12a/0x250 [ 135.248331][ T6308] ? __pfx_ksys_read+0x10/0x10 [ 135.248352][ T6308] ? xfd_validate_state+0x61/0x180 [ 135.248384][ T6308] do_syscall_64+0xcd/0x4b0 [ 135.248423][ T6308] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.248447][ T6308] RIP: 0033:0x7f63d3b8eec9 [ 135.248465][ T6308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.248488][ T6308] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 135.248508][ T6308] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 135.248524][ T6308] RDX: 000000000000100a RSI: 00002000000010c0 RDI: 0000000000000003 [ 135.248539][ T6308] RBP: 00007f63d4a2f090 R08: 0000000000000000 R09: 0000000000000000 [ 135.248558][ T6308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 135.248572][ T6308] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 135.248604][ T6308] [ 135.252167][ T6096] veth1_macvtap: entered promiscuous mode [ 135.811595][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 135.827594][ T6096] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 135.841717][ T12] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.937147][ T1167] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 135.969856][ T1167] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.013461][ T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 136.244551][ T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.263398][ T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.399254][ T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 136.409938][ T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 136.860958][ T6336] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 136.942758][ T6318] bond0: option arp_interval: invalid value () [ 136.979318][ T6318] bond0: option arp_interval: allowed values 0 - 2147483647 [ 137.038358][ T6318] FAULT_INJECTION: forcing a failure. [ 137.038358][ T6318] name failslab, interval 1, probability 0, space 0, times 0 [ 137.090472][ T6318] CPU: 0 UID: 0 PID: 6318 Comm: syz.0.67 Not tainted syzkaller #0 PREEMPT(full) [ 137.090525][ T6318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 137.090542][ T6318] Call Trace: [ 137.090551][ T6318] [ 137.090562][ T6318] dump_stack_lvl+0x16c/0x1f0 [ 137.090612][ T6318] should_fail_ex+0x512/0x640 [ 137.090657][ T6318] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 137.090707][ T6318] should_failslab+0xc2/0x120 [ 137.090743][ T6318] __kmalloc_cache_noprof+0x6a/0x3e0 [ 137.090788][ T6318] ? do_raw_spin_lock+0x12c/0x2b0 [ 137.090818][ T6318] ? find_held_lock+0x2b/0x80 [ 137.090850][ T6318] ? alloc_fdtable+0xbd/0x2d0 [ 137.090901][ T6318] alloc_fdtable+0xbd/0x2d0 [ 137.090949][ T6318] dup_fd+0x83b/0xb90 [ 137.090989][ T6318] ksys_unshare+0x831/0xa40 [ 137.091036][ T6318] ? __pfx_ksys_unshare+0x10/0x10 [ 137.091102][ T6318] ? xfd_validate_state+0x61/0x180 [ 137.091140][ T6318] __x64_sys_unshare+0x31/0x40 [ 137.091183][ T6318] do_syscall_64+0xcd/0x4b0 [ 137.091229][ T6318] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.091258][ T6318] RIP: 0033:0x7f901f38eec9 [ 137.091281][ T6318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.091309][ T6318] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 137.091356][ T6318] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 137.091376][ T6318] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000400 [ 137.091397][ T6318] RBP: 00007f901f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 137.091415][ T6318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.091433][ T6318] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 137.091472][ T6318] [ 137.308702][ T6343] FAULT_INJECTION: forcing a failure. [ 137.308702][ T6343] name failslab, interval 1, probability 0, space 0, times 0 [ 137.472168][ T6343] CPU: 1 UID: 0 PID: 6343 Comm: syz.1.69 Not tainted syzkaller #0 PREEMPT(full) [ 137.472208][ T6343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 137.472226][ T6343] Call Trace: [ 137.472235][ T6343] [ 137.472248][ T6343] dump_stack_lvl+0x16c/0x1f0 [ 137.472310][ T6343] should_fail_ex+0x512/0x640 [ 137.472340][ T6343] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 137.472378][ T6343] should_failslab+0xc2/0x120 [ 137.472414][ T6343] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 137.472447][ T6343] ? ptlock_alloc+0x1f/0x70 [ 137.472501][ T6343] ptlock_alloc+0x1f/0x70 [ 137.472547][ T6343] pte_alloc_one+0x82/0x3a0 [ 137.472588][ T6343] __pte_alloc+0x6d/0x3c0 [ 137.472643][ T6343] ? __pfx___pte_alloc+0x10/0x10 [ 137.472683][ T6343] ? _raw_spin_unlock+0x28/0x50 [ 137.472723][ T6343] ? __pmd_alloc+0x3fb/0x930 [ 137.472772][ T6343] copy_page_range+0x3b83/0x5c80 [ 137.472869][ T6343] ? mas_destroy+0x5de/0xa20 [ 137.472902][ T6343] ? __pfx_copy_page_range+0x10/0x10 [ 137.472958][ T6343] ? mas_store+0x7a9/0x1160 [ 137.472991][ T6343] ? find_held_lock+0x2b/0x80 [ 137.473031][ T6343] ? __pfx_mas_store+0x10/0x10 [ 137.473059][ T6343] ? __vma_enter_locked+0x163/0x3f0 [ 137.473130][ T6343] dup_mmap+0xe87/0x21d0 [ 137.473187][ T6343] ? __pfx_dup_mmap+0x10/0x10 [ 137.473261][ T6343] copy_process+0x4099/0x76a0 [ 137.473334][ T6343] ? __pfx_copy_process+0x10/0x10 [ 137.473381][ T6343] ? futex_private_hash_put+0x176/0x300 [ 137.473433][ T6343] ? futex_private_hash_put+0x18a/0x300 [ 137.473486][ T6343] kernel_clone+0xfc/0x930 [ 137.473533][ T6343] ? __pfx_futex_wake+0x10/0x10 [ 137.473563][ T6343] ? __pfx_kernel_clone+0x10/0x10 [ 137.473633][ T6343] __do_sys_clone+0xce/0x120 [ 137.473677][ T6343] ? __pfx___do_sys_clone+0x10/0x10 [ 137.473720][ T6343] ? __sys_sendmsg+0x18c/0x220 [ 137.473781][ T6343] ? xfd_validate_state+0x61/0x180 [ 137.473820][ T6343] do_syscall_64+0xcd/0x4b0 [ 137.473868][ T6343] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.473899][ T6343] RIP: 0033:0x7f63d3b8eec9 [ 137.473922][ T6343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.473964][ T6343] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 137.473991][ T6343] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 137.474011][ T6343] RDX: 0000200000000480 RSI: 0000000000000008 RDI: 0000000000000007 [ 137.474026][ T6343] RBP: 00007f63d3c11f91 R08: 0000000000000008 R09: 0000000000000000 [ 137.474043][ T6343] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000000 [ 137.474061][ T6343] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 137.474101][ T6343] [ 138.007481][ T6352] Invalid ELF header magic: != ELF [ 138.648609][ T6369] FAULT_INJECTION: forcing a failure. [ 138.648609][ T6369] name failslab, interval 1, probability 0, space 0, times 0 [ 138.662779][ T6369] CPU: 1 UID: 0 PID: 6369 Comm: syz.0.74 Not tainted syzkaller #0 PREEMPT(full) [ 138.662816][ T6369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 138.662829][ T6369] Call Trace: [ 138.662836][ T6369] [ 138.662844][ T6369] dump_stack_lvl+0x16c/0x1f0 [ 138.662880][ T6369] should_fail_ex+0x512/0x640 [ 138.662900][ T6369] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 138.662928][ T6369] should_failslab+0xc2/0x120 [ 138.662959][ T6369] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 138.662984][ T6369] ? kstrdup_const+0x63/0x80 [ 138.663010][ T6369] kstrdup+0x53/0x100 [ 138.663032][ T6369] kstrdup_const+0x63/0x80 [ 138.663054][ T6369] alloc_vfsmnt+0xea/0x6b0 [ 138.663081][ T6369] clone_mnt+0x6d/0xbf0 [ 138.663115][ T6369] copy_tree+0xee/0xbd0 [ 138.663133][ T6369] ? __pfx_down_write+0x10/0x10 [ 138.663173][ T6369] copy_mnt_ns+0x1a9/0xa90 [ 138.663196][ T6369] ? trace_kmem_cache_alloc+0x28/0xc0 [ 138.663224][ T6369] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 138.663256][ T6369] ? create_new_namespaces+0x30/0xa90 [ 138.663301][ T6369] create_new_namespaces+0xd3/0xa90 [ 138.663338][ T6369] ? bpf_lsm_capable+0x9/0x10 [ 138.663380][ T6369] ? security_capable+0x7e/0x260 [ 138.663433][ T6369] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 138.663464][ T6369] ksys_unshare+0x45b/0xa40 [ 138.663497][ T6369] ? __pfx_ksys_unshare+0x10/0x10 [ 138.663530][ T6369] ? xfd_validate_state+0x61/0x180 [ 138.663557][ T6369] __x64_sys_unshare+0x31/0x40 [ 138.663588][ T6369] do_syscall_64+0xcd/0x4b0 [ 138.663622][ T6369] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.663643][ T6369] RIP: 0033:0x7f901f38eec9 [ 138.663660][ T6369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.663680][ T6369] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 138.663699][ T6369] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 138.663712][ T6369] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 138.663725][ T6369] RBP: 00007f901f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 138.663738][ T6369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.663751][ T6369] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 138.663778][ T6369] [ 138.999826][ T6373] netlink: 186 bytes leftover after parsing attributes in process `syz.0.74'. [ 139.280187][ T6378] FAULT_INJECTION: forcing a failure. [ 139.280187][ T6378] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 139.294380][ T6378] CPU: 0 UID: 0 PID: 6378 Comm: syz.0.75 Not tainted syzkaller #0 PREEMPT(full) [ 139.294433][ T6378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 139.294449][ T6378] Call Trace: [ 139.294458][ T6378] [ 139.294468][ T6378] dump_stack_lvl+0x16c/0x1f0 [ 139.294514][ T6378] should_fail_ex+0x512/0x640 [ 139.294546][ T6378] should_fail_alloc_page+0xe7/0x130 [ 139.294581][ T6378] prepare_alloc_pages+0x3c2/0x610 [ 139.294625][ T6378] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 139.294654][ T6378] ? bpf_ksym_find+0x124/0x1c0 [ 139.294707][ T6378] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 139.294750][ T6378] ? is_bpf_text_address+0x94/0x1a0 [ 139.294795][ T6378] ? kernel_text_address+0x8d/0x100 [ 139.294826][ T6378] ? __kernel_text_address+0xd/0x40 [ 139.294855][ T6378] ? unwind_get_return_address+0x59/0xa0 [ 139.294894][ T6378] ? arch_stack_walk+0xa6/0x100 [ 139.294939][ T6378] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 139.294975][ T6378] ? __lock_acquire+0x62e/0x1ce0 [ 139.295022][ T6378] ? __pfx_stack_trace_save+0x10/0x10 [ 139.295063][ T6378] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 139.295095][ T6378] ? policy_nodemask+0xea/0x4e0 [ 139.295134][ T6378] alloc_pages_mpol+0x1fb/0x550 [ 139.295167][ T6378] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 139.295202][ T6378] ? __lock_acquire+0x62e/0x1ce0 [ 139.295247][ T6378] folio_alloc_mpol_noprof+0x36/0x2f0 [ 139.295287][ T6378] vma_alloc_folio_noprof+0xed/0x1e0 [ 139.295324][ T6378] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 139.295370][ T6378] do_pte_missing+0x2230/0x3ba0 [ 139.295412][ T6378] ? find_held_lock+0x2b/0x80 [ 139.295454][ T6378] __handle_mm_fault+0x152a/0x2a50 [ 139.295501][ T6378] ? mt_find+0x3ef/0xa30 [ 139.295528][ T6378] ? __pfx___handle_mm_fault+0x10/0x10 [ 139.295568][ T6378] ? __pfx_mt_find+0x10/0x10 [ 139.295614][ T6378] ? find_vma+0xbf/0x140 [ 139.295645][ T6378] ? __pfx_find_vma+0x10/0x10 [ 139.295681][ T6378] handle_mm_fault+0x589/0xd10 [ 139.295724][ T6378] ? __pkru_allows_pkey+0x31/0xb0 [ 139.295755][ T6378] do_user_addr_fault+0x7a6/0x1370 [ 139.295790][ T6378] ? rcu_is_watching+0x12/0xc0 [ 139.295833][ T6378] exc_page_fault+0x5c/0xb0 [ 139.295892][ T6378] asm_exc_page_fault+0x26/0x30 [ 139.295940][ T6378] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 139.295978][ T6378] Code: c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 fd 23 04 00 66 66 2e 0f [ 139.296009][ T6378] RSP: 0018:ffffc90003c9fae8 EFLAGS: 00050202 [ 139.296033][ T6378] RAX: 0000000000000031 RBX: 0000000000000002 RCX: 0000000000000002 [ 139.296051][ T6378] RDX: ffffed100633ac01 RSI: ffff8880319d6000 RDI: 00002000000010c0 [ 139.296072][ T6378] RBP: 00002000000010c0 R08: 0000000000000000 R09: ffffed100633ac00 [ 139.296091][ T6378] R10: ffff8880319d6001 R11: 0000000000000000 R12: ffffc90003c9fda0 [ 139.296111][ T6378] R13: 00002000000010c2 R14: ffff8880319d6000 R15: 00007ffffffff000 [ 139.296163][ T6378] _copy_to_iter+0x383/0x1710 [ 139.296201][ T6378] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 139.296258][ T6378] ? __pfx__copy_to_iter+0x10/0x10 [ 139.296293][ T6378] ? kernfs_seq_stop+0xcd/0x120 [ 139.296347][ T6378] ? kernfs_put_active+0x86/0xe0 [ 139.296396][ T6378] seq_read_iter+0xcf8/0x12c0 [ 139.296464][ T6378] kernfs_fop_read_iter+0x46c/0x610 [ 139.296516][ T6378] ? rw_verify_area+0xcf/0x6c0 [ 139.296570][ T6378] vfs_read+0x8bf/0xcf0 [ 139.296607][ T6378] ? __pfx___mutex_lock+0x10/0x10 [ 139.296655][ T6378] ? __pfx_vfs_read+0x10/0x10 [ 139.296715][ T6378] ksys_read+0x12a/0x250 [ 139.296744][ T6378] ? __pfx_ksys_read+0x10/0x10 [ 139.296789][ T6378] do_syscall_64+0xcd/0x4b0 [ 139.296840][ T6378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 139.296871][ T6378] RIP: 0033:0x7f901f38eec9 [ 139.296897][ T6378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 139.296925][ T6378] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 139.296953][ T6378] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 139.296974][ T6378] RDX: 000000000000100a RSI: 00002000000010c0 RDI: 0000000000000003 [ 139.296993][ T6378] RBP: 00007f902027d090 R08: 0000000000000000 R09: 0000000000000000 [ 139.297011][ T6378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 139.297028][ T6378] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 139.297068][ T6378] [ 139.949492][ T6386] FAULT_INJECTION: forcing a failure. [ 139.949492][ T6386] name failslab, interval 1, probability 0, space 0, times 0 [ 139.998971][ T6386] CPU: 0 UID: 0 PID: 6386 Comm: syz.0.77 Not tainted syzkaller #0 PREEMPT(full) [ 139.999013][ T6386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 139.999031][ T6386] Call Trace: [ 139.999049][ T6386] [ 139.999061][ T6386] dump_stack_lvl+0x16c/0x1f0 [ 139.999115][ T6386] should_fail_ex+0x512/0x640 [ 139.999144][ T6386] ? fs_reclaim_acquire+0xae/0x150 [ 139.999191][ T6386] ? tomoyo_encode2+0x100/0x3e0 [ 139.999231][ T6386] should_failslab+0xc2/0x120 [ 139.999268][ T6386] __kmalloc_noprof+0xd2/0x510 [ 139.999299][ T6386] ? d_absolute_path+0x136/0x1a0 [ 139.999349][ T6386] tomoyo_encode2+0x100/0x3e0 [ 139.999397][ T6386] tomoyo_encode+0x29/0x50 [ 139.999436][ T6386] tomoyo_realpath_from_path+0x18f/0x6e0 [ 139.999493][ T6386] tomoyo_check_open_permission+0x2ab/0x3c0 [ 139.999533][ T6386] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 139.999613][ T6386] ? do_raw_spin_lock+0x12c/0x2b0 [ 139.999660][ T6386] tomoyo_file_open+0x6b/0x90 [ 139.999711][ T6386] security_file_open+0x84/0x1e0 [ 139.999752][ T6386] do_dentry_open+0x596/0x1530 [ 139.999799][ T6386] vfs_open+0x82/0x3f0 [ 139.999850][ T6386] path_openat+0x1de4/0x2cb0 [ 139.999898][ T6386] ? __pfx_path_openat+0x10/0x10 [ 139.999943][ T6386] do_filp_open+0x20b/0x470 [ 139.999977][ T6386] ? __pfx_do_filp_open+0x10/0x10 [ 140.000047][ T6386] ? alloc_fd+0x471/0x7d0 [ 140.000111][ T6386] do_sys_openat2+0x11b/0x1d0 [ 140.000158][ T6386] ? __pfx_do_sys_openat2+0x10/0x10 [ 140.000220][ T6386] __x64_sys_openat+0x174/0x210 [ 140.000267][ T6386] ? __pfx___x64_sys_openat+0x10/0x10 [ 140.000332][ T6386] do_syscall_64+0xcd/0x4b0 [ 140.000385][ T6386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.000418][ T6386] RIP: 0033:0x7f901f38eec9 [ 140.000444][ T6386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 140.000475][ T6386] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 140.000506][ T6386] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 140.000527][ T6386] RDX: 000000000000a901 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 140.000548][ T6386] RBP: 00007f901f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 140.000567][ T6386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 140.000587][ T6386] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 140.000630][ T6386] [ 140.000660][ T6386] ERROR: Out of memory at tomoyo_realpath_from_path. [ 140.393822][ T6392] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 141.033892][ T6406] FAULT_INJECTION: forcing a failure. [ 141.033892][ T6406] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 141.109454][ T6406] CPU: 1 UID: 0 PID: 6406 Comm: syz.2.80 Not tainted syzkaller #0 PREEMPT(full) [ 141.109496][ T6406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 141.109514][ T6406] Call Trace: [ 141.109524][ T6406] [ 141.109535][ T6406] dump_stack_lvl+0x16c/0x1f0 [ 141.109589][ T6406] should_fail_ex+0x512/0x640 [ 141.109624][ T6406] _copy_from_iter+0x29f/0x1720 [ 141.109659][ T6406] ? __alloc_skb+0x200/0x380 [ 141.109691][ T6406] ? __pfx__copy_from_iter+0x10/0x10 [ 141.109716][ T6406] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 141.109750][ T6406] ? __lock_acquire+0xb97/0x1ce0 [ 141.109793][ T6406] netlink_sendmsg+0x829/0xdd0 [ 141.109844][ T6406] ? __pfx_netlink_sendmsg+0x10/0x10 [ 141.109906][ T6406] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 141.109945][ T6406] ____sys_sendmsg+0xa95/0xc70 [ 141.109969][ T6406] ? copy_msghdr_from_user+0x10a/0x160 [ 141.109999][ T6406] ? __pfx_____sys_sendmsg+0x10/0x10 [ 141.110027][ T6406] ? __pfx_futex_wake_mark+0x10/0x10 [ 141.110051][ T6406] ___sys_sendmsg+0x134/0x1d0 [ 141.110083][ T6406] ? __pfx____sys_sendmsg+0x10/0x10 [ 141.110145][ T6406] __sys_sendmsg+0x16d/0x220 [ 141.110176][ T6406] ? __pfx___sys_sendmsg+0x10/0x10 [ 141.110205][ T6406] ? __x64_sys_futex+0x1e0/0x4c0 [ 141.110251][ T6406] do_syscall_64+0xcd/0x4b0 [ 141.110284][ T6406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.110305][ T6406] RIP: 0033:0x7feed9d8eec9 [ 141.110320][ T6406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.110339][ T6406] RSP: 002b:00007feed7ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 141.110358][ T6406] RAX: ffffffffffffffda RBX: 00007feed9fe5fa0 RCX: 00007feed9d8eec9 [ 141.110371][ T6406] RDX: 0000000000048080 RSI: 0000200000000140 RDI: 0000000000000004 [ 141.110383][ T6406] RBP: 00007feed9e11f91 R08: 0000000000000000 R09: 0000000000000000 [ 141.110395][ T6406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 141.110406][ T6406] R13: 00007feed9fe6038 R14: 00007feed9fe5fa0 R15: 00007ffc7c6365e8 [ 141.110432][ T6406] [ 141.677921][ T6415] FAULT_INJECTION: forcing a failure. [ 141.677921][ T6415] name failslab, interval 1, probability 0, space 0, times 0 [ 141.705082][ T6415] CPU: 0 UID: 0 PID: 6415 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT(full) [ 141.705120][ T6415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 141.705137][ T6415] Call Trace: [ 141.705146][ T6415] [ 141.705157][ T6415] dump_stack_lvl+0x16c/0x1f0 [ 141.705207][ T6415] should_fail_ex+0x512/0x640 [ 141.705234][ T6415] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 141.705269][ T6415] should_failslab+0xc2/0x120 [ 141.705304][ T6415] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 141.705336][ T6415] ? security_file_alloc+0x34/0x2b0 [ 141.705379][ T6415] security_file_alloc+0x34/0x2b0 [ 141.705417][ T6415] init_file+0x93/0x4c0 [ 141.705455][ T6415] alloc_empty_file+0x73/0x1e0 [ 141.705496][ T6415] path_openat+0xda/0x2cb0 [ 141.705523][ T6415] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.705567][ T6415] ? __pfx_path_openat+0x10/0x10 [ 141.705603][ T6415] do_filp_open+0x20b/0x470 [ 141.705634][ T6415] ? __pfx_do_filp_open+0x10/0x10 [ 141.705692][ T6415] ? alloc_fd+0x471/0x7d0 [ 141.705750][ T6415] do_sys_openat2+0x11b/0x1d0 [ 141.705792][ T6415] ? __pfx_do_sys_openat2+0x10/0x10 [ 141.705857][ T6415] __x64_sys_openat+0x174/0x210 [ 141.705921][ T6415] ? __pfx___x64_sys_openat+0x10/0x10 [ 141.705985][ T6415] do_syscall_64+0xcd/0x4b0 [ 141.706039][ T6415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.706072][ T6415] RIP: 0033:0x7feed9d8d710 [ 141.706101][ T6415] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 141.706131][ T6415] RSP: 002b:00007feed7ff5fe0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 141.706161][ T6415] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007feed9d8d710 [ 141.706181][ T6415] RDX: 0000000000000002 RSI: 00007feed9e1224b RDI: 00000000ffffff9c [ 141.706201][ T6415] RBP: 00007feed9e1224b R08: 0000000000000000 R09: 00007feedab2f000 [ 141.706221][ T6415] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002 [ 141.706239][ T6415] R13: 00007feed9fe6038 R14: 00007feed9fe5fa0 R15: 00007ffc7c6365e8 [ 141.706281][ T6415] [ 142.220124][ T6420] netlink: 16 bytes leftover after parsing attributes in process `syz.2.84'. [ 142.350095][ T6424] FAULT_INJECTION: forcing a failure. [ 142.350095][ T6424] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 142.375730][ T6424] CPU: 1 UID: 0 PID: 6424 Comm: syz.0.86 Not tainted syzkaller #0 PREEMPT(full) [ 142.375765][ T6424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 142.375780][ T6424] Call Trace: [ 142.375789][ T6424] [ 142.375799][ T6424] dump_stack_lvl+0x16c/0x1f0 [ 142.375846][ T6424] should_fail_ex+0x512/0x640 [ 142.375894][ T6424] _copy_from_user+0x2e/0xd0 [ 142.375942][ T6424] kstrtouint_from_user+0xd6/0x1d0 [ 142.375985][ T6424] ? __pfx_kstrtouint_from_user+0x10/0x10 [ 142.376026][ T6424] ? __lock_acquire+0xb97/0x1ce0 [ 142.376096][ T6424] proc_fail_nth_write+0x83/0x220 [ 142.376132][ T6424] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 142.376175][ T6424] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 142.376204][ T6424] vfs_write+0x29d/0x11d0 [ 142.376243][ T6424] ? __pfx___mutex_lock+0x10/0x10 [ 142.376293][ T6424] ? __pfx_vfs_write+0x10/0x10 [ 142.376337][ T6424] ? __fget_files+0x20e/0x3c0 [ 142.376379][ T6424] ksys_write+0x12a/0x250 [ 142.376409][ T6424] ? __pfx_ksys_write+0x10/0x10 [ 142.376454][ T6424] do_syscall_64+0xcd/0x4b0 [ 142.376506][ T6424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.376538][ T6424] RIP: 0033:0x7f901f38d97f [ 142.376570][ T6424] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48 [ 142.376600][ T6424] RSP: 002b:00007f902027d030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001 [ 142.376629][ T6424] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f901f38d97f [ 142.376649][ T6424] RDX: 0000000000000001 RSI: 00007f902027d0a0 RDI: 0000000000000004 [ 142.376668][ T6424] RBP: 00007f902027d090 R08: 0000000000000000 R09: 0000000000000000 [ 142.376687][ T6424] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 142.376705][ T6424] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 142.376747][ T6424] [ 143.353913][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.360516][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.591597][ T6450] netlink: 334 bytes leftover after parsing attributes in process `syz.1.89'. [ 144.215023][ T6467] FAULT_INJECTION: forcing a failure. [ 144.215023][ T6467] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.239844][ T6464] capability: warning: `syz.2.93' uses deprecated v2 capabilities in a way that may be insecure [ 144.254461][ T6467] CPU: 0 UID: 0 PID: 6467 Comm: syz.3.94 Not tainted syzkaller #0 PREEMPT(full) [ 144.254502][ T6467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 144.254521][ T6467] Call Trace: [ 144.254532][ T6467] [ 144.254543][ T6467] dump_stack_lvl+0x16c/0x1f0 [ 144.254597][ T6467] should_fail_ex+0x512/0x640 [ 144.254634][ T6467] strncpy_from_user+0x3b/0x2e0 [ 144.254689][ T6467] getname_flags.part.0+0x8f/0x550 [ 144.254741][ T6467] getname_flags+0x93/0xf0 [ 144.254794][ T6467] do_sys_openat2+0xb8/0x1d0 [ 144.254841][ T6467] ? __pfx_do_sys_openat2+0x10/0x10 [ 144.254903][ T6467] __x64_sys_openat+0x174/0x210 [ 144.254950][ T6467] ? __pfx___x64_sys_openat+0x10/0x10 [ 144.255014][ T6467] do_syscall_64+0xcd/0x4b0 [ 144.255066][ T6467] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.255100][ T6467] RIP: 0033:0x7f196698eec9 [ 144.255125][ T6467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.255156][ T6467] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 144.255186][ T6467] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 144.255207][ T6467] RDX: 000000000000a901 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 144.255228][ T6467] RBP: 00007f1966a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 144.255248][ T6467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 144.255267][ T6467] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 144.255317][ T6467] [ 145.343929][ T6474] FAULT_INJECTION: forcing a failure. [ 145.343929][ T6474] name failslab, interval 1, probability 0, space 0, times 0 [ 145.343986][ T6474] CPU: 1 UID: 0 PID: 6474 Comm: syz.1.96 Not tainted syzkaller #0 PREEMPT(full) [ 145.344022][ T6474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 145.344040][ T6474] Call Trace: [ 145.344049][ T6474] [ 145.344060][ T6474] dump_stack_lvl+0x16c/0x1f0 [ 145.344112][ T6474] should_fail_ex+0x512/0x640 [ 145.344139][ T6474] ? __kmalloc_noprof+0xbf/0x510 [ 145.344173][ T6474] ? vc_allocate+0x489/0x880 [ 145.344217][ T6474] should_failslab+0xc2/0x120 [ 145.344252][ T6474] __kmalloc_noprof+0xd2/0x510 [ 145.344292][ T6474] vc_allocate+0x489/0x880 [ 145.344340][ T6474] ? __pfx_vc_allocate+0x10/0x10 [ 145.344399][ T6474] con_install+0xa1/0x600 [ 145.344457][ T6474] ? __pfx_con_install+0x10/0x10 [ 145.344512][ T6474] ? __pfx_con_install+0x10/0x10 [ 145.344561][ T6474] tty_init_dev.part.0+0x9c/0x500 [ 145.344596][ T6474] tty_open+0xa4f/0xf90 [ 145.344634][ T6474] ? __pfx_tty_open+0x10/0x10 [ 145.344664][ T6474] ? chrdev_open+0x58c/0x6a0 [ 145.344703][ T6474] ? __pfx_tty_open+0x10/0x10 [ 145.344732][ T6474] chrdev_open+0x231/0x6a0 [ 145.344767][ T6474] ? __pfx_chrdev_open+0x10/0x10 [ 145.344802][ T6474] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 145.344841][ T6474] do_dentry_open+0x97f/0x1530 [ 145.344873][ T6474] ? __pfx_chrdev_open+0x10/0x10 [ 145.344914][ T6474] vfs_open+0x82/0x3f0 [ 145.344960][ T6474] path_openat+0x1de4/0x2cb0 [ 145.345003][ T6474] ? __pfx_path_openat+0x10/0x10 [ 145.345046][ T6474] do_filp_open+0x20b/0x470 [ 145.345077][ T6474] ? __pfx_do_filp_open+0x10/0x10 [ 145.345138][ T6474] ? alloc_fd+0x471/0x7d0 [ 145.345196][ T6474] do_sys_openat2+0x11b/0x1d0 [ 145.345238][ T6474] ? __pfx_do_sys_openat2+0x10/0x10 [ 145.345296][ T6474] __x64_sys_openat+0x174/0x210 [ 145.345340][ T6474] ? __pfx___x64_sys_openat+0x10/0x10 [ 145.345400][ T6474] do_syscall_64+0xcd/0x4b0 [ 145.345465][ T6474] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.345495][ T6474] RIP: 0033:0x7f63d3b8eec9 [ 145.345520][ T6474] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.345549][ T6474] RSP: 002b:00007f63d4a0e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 145.345577][ T6474] RAX: ffffffffffffffda RBX: 00007f63d3de6090 RCX: 00007f63d3b8eec9 [ 145.345596][ T6474] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 145.345616][ T6474] RBP: 00007f63d3c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 145.345634][ T6474] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 145.345652][ T6474] R13: 00007f63d3de6128 R14: 00007f63d3de6090 R15: 00007ffccddd91b8 [ 145.345691][ T6474] [ 146.046302][ T6517] FAULT_INJECTION: forcing a failure. [ 146.046302][ T6517] name failslab, interval 1, probability 0, space 0, times 0 [ 146.046348][ T6517] CPU: 0 UID: 0 PID: 6517 Comm: syz.0.102 Not tainted syzkaller #0 PREEMPT(full) [ 146.046386][ T6517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 146.046404][ T6517] Call Trace: [ 146.046414][ T6517] [ 146.046426][ T6517] dump_stack_lvl+0x16c/0x1f0 [ 146.046481][ T6517] should_fail_ex+0x512/0x640 [ 146.046512][ T6517] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 146.046551][ T6517] should_failslab+0xc2/0x120 [ 146.046590][ T6517] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 146.046625][ T6517] ? getname_flags.part.0+0x4c/0x550 [ 146.046676][ T6517] getname_flags.part.0+0x4c/0x550 [ 146.046727][ T6517] getname_flags+0x93/0xf0 [ 146.046781][ T6517] __x64_sys_rename+0x58/0xa0 [ 146.046821][ T6517] do_syscall_64+0xcd/0x4b0 [ 146.046873][ T6517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.046906][ T6517] RIP: 0033:0x7f901f38eec9 [ 146.046931][ T6517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.046961][ T6517] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 146.046991][ T6517] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 146.047012][ T6517] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080 [ 146.047032][ T6517] RBP: 00007f902027d090 R08: 0000000000000000 R09: 0000000000000000 [ 146.047052][ T6517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.047071][ T6517] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 146.047121][ T6517] [ 146.440238][ T6527] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 147.118774][ T6534] netlink: 4 bytes leftover after parsing attributes in process `syz.0.105'. [ 147.179950][ T6534] netlink: 'syz.0.105': attribute type 1 has an invalid length. [ 148.237309][ T6553] FAULT_INJECTION: forcing a failure. [ 148.237309][ T6553] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 148.250569][ T6553] CPU: 1 UID: 0 PID: 6553 Comm: syz.0.107 Not tainted syzkaller #0 PREEMPT(full) [ 148.250597][ T6553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 148.250610][ T6553] Call Trace: [ 148.250617][ T6553] [ 148.250625][ T6553] dump_stack_lvl+0x16c/0x1f0 [ 148.250660][ T6553] should_fail_ex+0x512/0x640 [ 148.250684][ T6553] strncpy_from_user+0x3b/0x2e0 [ 148.250719][ T6553] getname_flags.part.0+0x8f/0x550 [ 148.250752][ T6553] getname_flags+0x93/0xf0 [ 148.250787][ T6553] do_sys_openat2+0xb8/0x1d0 [ 148.250816][ T6553] ? __pfx_do_sys_openat2+0x10/0x10 [ 148.250855][ T6553] __x64_sys_openat+0x174/0x210 [ 148.250885][ T6553] ? __pfx___x64_sys_openat+0x10/0x10 [ 148.250925][ T6553] do_syscall_64+0xcd/0x4b0 [ 148.250959][ T6553] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.250982][ T6553] RIP: 0033:0x7f901f38eec9 [ 148.250998][ T6553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.251018][ T6553] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 148.251037][ T6553] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 148.251051][ T6553] RDX: 000000000000a901 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 148.251064][ T6553] RBP: 00007f901f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 148.251077][ T6553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.251089][ T6553] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 148.251117][ T6553] [ 149.255567][ T6566] FAULT_INJECTION: forcing a failure. [ 149.255567][ T6566] name failslab, interval 1, probability 0, space 0, times 0 [ 149.269414][ T6566] CPU: 0 UID: 0 PID: 6566 Comm: syz.1.111 Not tainted syzkaller #0 PREEMPT(full) [ 149.269447][ T6566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 149.269460][ T6566] Call Trace: [ 149.269467][ T6566] [ 149.269476][ T6566] dump_stack_lvl+0x16c/0x1f0 [ 149.269515][ T6566] should_fail_ex+0x512/0x640 [ 149.269536][ T6566] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 149.269563][ T6566] should_failslab+0xc2/0x120 [ 149.269589][ T6566] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 149.269613][ T6566] ? alloc_vfsmnt+0x23/0x6b0 [ 149.269645][ T6566] alloc_vfsmnt+0x23/0x6b0 [ 149.269673][ T6566] clone_mnt+0x6d/0xbf0 [ 149.269709][ T6566] copy_tree+0xee/0xbd0 [ 149.269729][ T6566] ? __pfx_down_write+0x10/0x10 [ 149.269773][ T6566] copy_mnt_ns+0x1a9/0xa90 [ 149.269795][ T6566] ? trace_kmem_cache_alloc+0x28/0xc0 [ 149.269824][ T6566] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 149.269854][ T6566] ? create_new_namespaces+0x30/0xa90 [ 149.269889][ T6566] create_new_namespaces+0xd3/0xa90 [ 149.269917][ T6566] ? bpf_lsm_capable+0x9/0x10 [ 149.269979][ T6566] ? security_capable+0x7e/0x260 [ 149.270035][ T6566] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 149.270067][ T6566] ksys_unshare+0x45b/0xa40 [ 149.270105][ T6566] ? __pfx_ksys_unshare+0x10/0x10 [ 149.270141][ T6566] ? xfd_validate_state+0x61/0x180 [ 149.270170][ T6566] __x64_sys_unshare+0x31/0x40 [ 149.270204][ T6566] do_syscall_64+0xcd/0x4b0 [ 149.270240][ T6566] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.270263][ T6566] RIP: 0033:0x7f63d3b8eec9 [ 149.270281][ T6566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.270303][ T6566] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 149.270323][ T6566] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 149.270342][ T6566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 149.270355][ T6566] RBP: 00007f63d3c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 149.270368][ T6566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.270382][ T6566] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 149.270410][ T6566] [ 149.722318][ T6573] FAULT_INJECTION: forcing a failure. [ 149.722318][ T6573] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 149.738819][ T6573] CPU: 0 UID: 0 PID: 6573 Comm: syz.3.114 Not tainted syzkaller #0 PREEMPT(full) [ 149.738857][ T6573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 149.738874][ T6573] Call Trace: [ 149.738884][ T6573] [ 149.738895][ T6573] dump_stack_lvl+0x16c/0x1f0 [ 149.738946][ T6573] should_fail_ex+0x512/0x640 [ 149.738981][ T6573] strncpy_from_user+0x3b/0x2e0 [ 149.739033][ T6573] getname_flags.part.0+0x8f/0x550 [ 149.739082][ T6573] getname_flags+0x93/0xf0 [ 149.739132][ T6573] __x64_sys_rename+0x58/0xa0 [ 149.739169][ T6573] do_syscall_64+0xcd/0x4b0 [ 149.739219][ T6573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.739249][ T6573] RIP: 0033:0x7f196698eec9 [ 149.739273][ T6573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.739302][ T6573] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 149.739331][ T6573] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 149.739351][ T6573] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080 [ 149.739369][ T6573] RBP: 00007f1967877090 R08: 0000000000000000 R09: 0000000000000000 [ 149.739386][ T6573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 149.739403][ T6573] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 149.739443][ T6573] [ 150.053462][ T6577] random: crng reseeded on system resumption [ 150.172696][ T6580] FAULT_INJECTION: forcing a failure. [ 150.172696][ T6580] name failslab, interval 1, probability 0, space 0, times 0 [ 150.202602][ T6580] CPU: 0 UID: 0 PID: 6580 Comm: syz.0.117 Not tainted syzkaller #0 PREEMPT(full) [ 150.202641][ T6580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 150.202666][ T6580] Call Trace: [ 150.202675][ T6580] [ 150.202686][ T6580] dump_stack_lvl+0x16c/0x1f0 [ 150.202736][ T6580] should_fail_ex+0x512/0x640 [ 150.202763][ T6580] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 150.202798][ T6580] should_failslab+0xc2/0x120 [ 150.202833][ T6580] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 150.202864][ T6580] ? mas_alloc_nodes+0x18b/0x8b0 [ 150.202907][ T6580] mas_alloc_nodes+0x18b/0x8b0 [ 150.202954][ T6580] mas_node_count_gfp+0x105/0x130 [ 150.202996][ T6580] mas_preallocate+0x7e0/0xde0 [ 150.203031][ T6580] ? __pfx_mas_preallocate+0x10/0x10 [ 150.203070][ T6580] ? vma_merge_new_range+0x3ae/0xa50 [ 150.203096][ T6580] ? vm_area_alloc+0x1f/0x160 [ 150.203142][ T6580] ? lockdep_init_map_type+0x5c/0x280 [ 150.203194][ T6580] __mmap_region+0x118a/0x27b0 [ 150.203226][ T6580] ? finish_task_switch.isra.0+0x21c/0xc10 [ 150.203265][ T6580] ? __pfx___mmap_region+0x10/0x10 [ 150.203292][ T6580] ? rcu_is_watching+0x12/0xc0 [ 150.203333][ T6580] ? rcu_is_watching+0x12/0xc0 [ 150.203365][ T6580] ? trace_sched_exit_tp+0xd1/0x120 [ 150.203394][ T6580] ? __schedule+0x11a3/0x5de0 [ 150.203428][ T6580] ? __lock_acquire+0x62e/0x1ce0 [ 150.203491][ T6580] ? __pfx___schedule+0x10/0x10 [ 150.203571][ T6580] ? trace_cap_capable+0x18d/0x200 [ 150.203631][ T6580] mmap_region+0x1ab/0x3f0 [ 150.203668][ T6580] ? __get_unmapped_area+0x267/0x440 [ 150.203711][ T6580] do_mmap+0xa3e/0x1210 [ 150.203755][ T6580] ? __pfx_do_mmap+0x10/0x10 [ 150.203793][ T6580] ? __pfx_down_write_killable+0x10/0x10 [ 150.203828][ T6580] vm_mmap_pgoff+0x29e/0x470 [ 150.203871][ T6580] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 150.203916][ T6580] ? __x64_sys_futex+0x1e0/0x4c0 [ 150.203958][ T6580] ? __x64_sys_futex+0x1e9/0x4c0 [ 150.204005][ T6580] ksys_mmap_pgoff+0x7d/0x5c0 [ 150.204040][ T6580] ? xfd_validate_state+0x61/0x180 [ 150.204065][ T6580] ? __pfx_ksys_write+0x10/0x10 [ 150.204099][ T6580] __x64_sys_mmap+0x125/0x190 [ 150.204132][ T6580] do_syscall_64+0xcd/0x4b0 [ 150.204178][ T6580] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.204206][ T6580] RIP: 0033:0x7f901f38eec9 [ 150.204230][ T6580] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 150.204257][ T6580] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 150.204283][ T6580] RAX: ffffffffffffffda RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 150.204302][ T6580] RDX: 00000000000000df RSI: 000000000402000b RDI: 0000000000000000 [ 150.204318][ T6580] RBP: 00007f901f411f91 R08: 0000000000000401 R09: 0000000000008000 [ 150.204336][ T6580] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 150.204353][ T6580] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 150.204389][ T6580] [ 151.615419][ T6605] FAULT_INJECTION: forcing a failure. [ 151.615419][ T6605] name failslab, interval 1, probability 0, space 0, times 0 [ 151.637194][ T6605] CPU: 0 UID: 0 PID: 6605 Comm: syz.1.122 Not tainted syzkaller #0 PREEMPT(full) [ 151.637239][ T6605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 151.637259][ T6605] Call Trace: [ 151.637269][ T6605] [ 151.637293][ T6605] dump_stack_lvl+0x16c/0x1f0 [ 151.637346][ T6605] should_fail_ex+0x512/0x640 [ 151.637373][ T6605] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 151.637409][ T6605] should_failslab+0xc2/0x120 [ 151.637445][ T6605] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 151.637478][ T6605] ? alloc_vfsmnt+0x23/0x6b0 [ 151.637529][ T6605] alloc_vfsmnt+0x23/0x6b0 [ 151.637568][ T6605] clone_mnt+0x6d/0xbf0 [ 151.637616][ T6605] copy_tree+0xee/0xbd0 [ 151.637643][ T6605] ? __pfx_down_write+0x10/0x10 [ 151.637702][ T6605] copy_mnt_ns+0x1a9/0xa90 [ 151.637731][ T6605] ? trace_kmem_cache_alloc+0x28/0xc0 [ 151.637771][ T6605] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 151.637802][ T6605] ? create_new_namespaces+0x30/0xa90 [ 151.637848][ T6605] create_new_namespaces+0xd3/0xa90 [ 151.637885][ T6605] ? bpf_lsm_capable+0x9/0x10 [ 151.637928][ T6605] ? security_capable+0x7e/0x260 [ 151.637981][ T6605] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 151.638024][ T6605] ksys_unshare+0x45b/0xa40 [ 151.638071][ T6605] ? __pfx_ksys_unshare+0x10/0x10 [ 151.638118][ T6605] ? xfd_validate_state+0x61/0x180 [ 151.638157][ T6605] __x64_sys_unshare+0x31/0x40 [ 151.638203][ T6605] do_syscall_64+0xcd/0x4b0 [ 151.638251][ T6605] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 151.638282][ T6605] RIP: 0033:0x7f63d3b8eec9 [ 151.638314][ T6605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 151.638343][ T6605] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 151.638374][ T6605] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 151.638394][ T6605] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 151.638411][ T6605] RBP: 00007f63d3c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 151.638429][ T6605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 151.638447][ T6605] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 151.638487][ T6605] [ 151.975972][ T6607] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 152.287245][ T6619] FAULT_INJECTION: forcing a failure. [ 152.287245][ T6619] name failslab, interval 1, probability 0, space 0, times 0 [ 152.317773][ T6621] random: crng reseeded on system resumption [ 152.351092][ T6619] CPU: 0 UID: 0 PID: 6619 Comm: syz.1.126 Not tainted syzkaller #0 PREEMPT(full) [ 152.351130][ T6619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 152.351147][ T6619] Call Trace: [ 152.351156][ T6619] [ 152.351167][ T6619] dump_stack_lvl+0x16c/0x1f0 [ 152.351218][ T6619] should_fail_ex+0x512/0x640 [ 152.351245][ T6619] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 152.351281][ T6619] should_failslab+0xc2/0x120 [ 152.351318][ T6619] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 152.351352][ T6619] ? getname_flags.part.0+0x4c/0x550 [ 152.351401][ T6619] getname_flags.part.0+0x4c/0x550 [ 152.351459][ T6619] getname_flags+0x93/0xf0 [ 152.351510][ T6619] __x64_sys_rename+0x65/0xa0 [ 152.351549][ T6619] do_syscall_64+0xcd/0x4b0 [ 152.351601][ T6619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.351633][ T6619] RIP: 0033:0x7f63d3b8eec9 [ 152.351657][ T6619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.351686][ T6619] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 152.351714][ T6619] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 152.351735][ T6619] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080 [ 152.351754][ T6619] RBP: 00007f63d4a2f090 R08: 0000000000000000 R09: 0000000000000000 [ 152.351772][ T6619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 152.351790][ T6619] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 152.351830][ T6619] [ 152.684802][ T6614] mmap: syz.0.124 (6614) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 152.707454][ T6624] FAULT_INJECTION: forcing a failure. [ 152.707454][ T6624] name failslab, interval 1, probability 0, space 0, times 0 [ 152.788253][ T6624] CPU: 0 UID: 0 PID: 6624 Comm: syz.1.128 Not tainted syzkaller #0 PREEMPT(full) [ 152.788297][ T6624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 152.788316][ T6624] Call Trace: [ 152.788326][ T6624] [ 152.788339][ T6624] dump_stack_lvl+0x16c/0x1f0 [ 152.788403][ T6624] should_fail_ex+0x512/0x640 [ 152.788436][ T6624] ? fs_reclaim_acquire+0xae/0x150 [ 152.788485][ T6624] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 152.788529][ T6624] should_failslab+0xc2/0x120 [ 152.788568][ T6624] __kmalloc_noprof+0xd2/0x510 [ 152.788612][ T6624] tomoyo_realpath_from_path+0xc2/0x6e0 [ 152.788679][ T6624] tomoyo_check_open_permission+0x2ab/0x3c0 [ 152.788715][ T6624] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 152.788791][ T6624] ? do_raw_spin_lock+0x12c/0x2b0 [ 152.788832][ T6624] tomoyo_file_open+0x6b/0x90 [ 152.788881][ T6624] security_file_open+0x84/0x1e0 [ 152.788921][ T6624] do_dentry_open+0x596/0x1530 [ 152.788966][ T6624] vfs_open+0x82/0x3f0 [ 152.789012][ T6624] path_openat+0x1de4/0x2cb0 [ 152.789056][ T6624] ? __pfx_path_openat+0x10/0x10 [ 152.789098][ T6624] do_filp_open+0x20b/0x470 [ 152.789130][ T6624] ? __pfx_do_filp_open+0x10/0x10 [ 152.789190][ T6624] ? alloc_fd+0x471/0x7d0 [ 152.789250][ T6624] do_sys_openat2+0x11b/0x1d0 [ 152.789292][ T6624] ? __pfx_do_sys_openat2+0x10/0x10 [ 152.789350][ T6624] __x64_sys_openat+0x174/0x210 [ 152.789406][ T6624] ? __pfx___x64_sys_openat+0x10/0x10 [ 152.789467][ T6624] do_syscall_64+0xcd/0x4b0 [ 152.789518][ T6624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.789548][ T6624] RIP: 0033:0x7f63d3b8eec9 [ 152.789573][ T6624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 152.789601][ T6624] RSP: 002b:00007f63d4a2f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 152.789628][ T6624] RAX: ffffffffffffffda RBX: 00007f63d3de5fa0 RCX: 00007f63d3b8eec9 [ 152.789647][ T6624] RDX: 000000000000a901 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 152.789665][ T6624] RBP: 00007f63d3c11f91 R08: 0000000000000000 R09: 0000000000000000 [ 152.789682][ T6624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.789698][ T6624] R13: 00007f63d3de6038 R14: 00007f63d3de5fa0 R15: 00007ffccddd91b8 [ 152.789735][ T6624] [ 152.789747][ T6624] ERROR: Out of memory at tomoyo_realpath_from_path. [ 153.372794][ T6634] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 154.445823][ T6645] FAULT_INJECTION: forcing a failure. [ 154.445823][ T6645] name failslab, interval 1, probability 0, space 0, times 0 [ 154.468983][ T6645] CPU: 1 UID: 0 PID: 6645 Comm: syz.3.134 Not tainted syzkaller #0 PREEMPT(full) [ 154.469024][ T6645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 154.469042][ T6645] Call Trace: [ 154.469052][ T6645] [ 154.469064][ T6645] dump_stack_lvl+0x16c/0x1f0 [ 154.469119][ T6645] should_fail_ex+0x512/0x640 [ 154.469149][ T6645] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 154.469188][ T6645] should_failslab+0xc2/0x120 [ 154.469250][ T6645] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 154.469284][ T6645] ? find_held_lock+0x2b/0x80 [ 154.469318][ T6645] ? alloc_vfsmnt+0x23/0x6b0 [ 154.469364][ T6645] alloc_vfsmnt+0x23/0x6b0 [ 154.469406][ T6645] clone_mnt+0x6d/0xbf0 [ 154.469451][ T6645] ? is_subdir+0x1a8/0x3e0 [ 154.469494][ T6645] copy_tree+0x31d/0xbd0 [ 154.469549][ T6645] copy_mnt_ns+0x1a9/0xa90 [ 154.469581][ T6645] ? trace_kmem_cache_alloc+0x28/0xc0 [ 154.469624][ T6645] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 154.469659][ T6645] ? create_new_namespaces+0x30/0xa90 [ 154.469706][ T6645] create_new_namespaces+0xd3/0xa90 [ 154.469747][ T6645] ? bpf_lsm_capable+0x9/0x10 [ 154.469791][ T6645] ? security_capable+0x7e/0x260 [ 154.469849][ T6645] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 154.469895][ T6645] ksys_unshare+0x45b/0xa40 [ 154.469945][ T6645] ? __pfx_ksys_unshare+0x10/0x10 [ 154.469996][ T6645] ? xfd_validate_state+0x61/0x180 [ 154.470038][ T6645] __x64_sys_unshare+0x31/0x40 [ 154.470087][ T6645] do_syscall_64+0xcd/0x4b0 [ 154.470139][ T6645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.470172][ T6645] RIP: 0033:0x7f196698eec9 [ 154.470205][ T6645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 154.470249][ T6645] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 154.470278][ T6645] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 154.470316][ T6645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 154.470336][ T6645] RBP: 00007f1966a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 154.470355][ T6645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 154.470375][ T6645] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 154.470417][ T6645] [ 155.134165][ T6663] FAULT_INJECTION: forcing a failure. [ 155.134165][ T6663] name failslab, interval 1, probability 0, space 0, times 0 [ 155.182023][ T6663] CPU: 1 UID: 0 PID: 6663 Comm: syz.3.138 Not tainted syzkaller #0 PREEMPT(full) [ 155.182065][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 155.182083][ T6663] Call Trace: [ 155.182092][ T6663] [ 155.182103][ T6663] dump_stack_lvl+0x16c/0x1f0 [ 155.182155][ T6663] should_fail_ex+0x512/0x640 [ 155.182183][ T6663] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 155.182223][ T6663] should_failslab+0xc2/0x120 [ 155.182259][ T6663] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 155.182296][ T6663] ? kstrdup_const+0x63/0x80 [ 155.182333][ T6663] kstrdup+0x53/0x100 [ 155.182366][ T6663] kstrdup_const+0x63/0x80 [ 155.182405][ T6663] alloc_vfsmnt+0xea/0x6b0 [ 155.182447][ T6663] clone_mnt+0x6d/0xbf0 [ 155.182498][ T6663] copy_tree+0xee/0xbd0 [ 155.182524][ T6663] ? __pfx_down_write+0x10/0x10 [ 155.182583][ T6663] copy_mnt_ns+0x1a9/0xa90 [ 155.182614][ T6663] ? trace_kmem_cache_alloc+0x28/0xc0 [ 155.182653][ T6663] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 155.182686][ T6663] ? create_new_namespaces+0x30/0xa90 [ 155.182732][ T6663] create_new_namespaces+0xd3/0xa90 [ 155.182769][ T6663] ? bpf_lsm_capable+0x9/0x10 [ 155.182812][ T6663] ? security_capable+0x7e/0x260 [ 155.182865][ T6663] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 155.182910][ T6663] ksys_unshare+0x45b/0xa40 [ 155.182956][ T6663] ? __pfx_ksys_unshare+0x10/0x10 [ 155.183004][ T6663] ? xfd_validate_state+0x61/0x180 [ 155.183044][ T6663] __x64_sys_unshare+0x31/0x40 [ 155.183090][ T6663] do_syscall_64+0xcd/0x4b0 [ 155.183140][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.183171][ T6663] RIP: 0033:0x7f196698eec9 [ 155.183195][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.183224][ T6663] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 155.183257][ T6663] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 155.183277][ T6663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 155.183295][ T6663] RBP: 00007f1966a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 155.183312][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.183330][ T6663] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 155.183367][ T6663] [ 155.442125][ T6663] ------------[ cut here ]------------ [ 155.448661][ T6663] ida_free called for id=2064 which is not allocated. [ 155.461947][ T6659] FAULT_INJECTION: forcing a failure. [ 155.461947][ T6659] name failslab, interval 1, probability 0, space 0, times 0 [ 155.474831][ T6659] CPU: 1 UID: 0 PID: 6659 Comm: syz.0.137 Not tainted syzkaller #0 PREEMPT(full) [ 155.474861][ T6659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 155.474875][ T6659] Call Trace: [ 155.474882][ T6659] [ 155.474890][ T6659] dump_stack_lvl+0x16c/0x1f0 [ 155.474929][ T6659] should_fail_ex+0x512/0x640 [ 155.474950][ T6659] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 155.474989][ T6659] should_failslab+0xc2/0x120 [ 155.475015][ T6659] __kmalloc_cache_noprof+0x6a/0x3e0 [ 155.475051][ T6659] ? vkms_plane_duplicate_state+0x87/0x130 [ 155.475083][ T6659] ? kasan_save_track+0x14/0x30 [ 155.475110][ T6659] vkms_plane_duplicate_state+0x87/0x130 [ 155.475140][ T6659] drm_atomic_get_plane_state+0x20e/0x590 [ 155.475171][ T6659] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 155.475202][ T6659] ? __pfx___might_resched+0x10/0x10 [ 155.475238][ T6659] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 155.475269][ T6659] ? __mutex_lock+0x1c5/0x1060 [ 155.475302][ T6659] ? rcu_is_watching+0x12/0xc0 [ 155.475363][ T6659] drm_client_modeset_commit_locked+0x14d/0x580 [ 155.475400][ T6659] drm_client_modeset_commit+0x4f/0x80 [ 155.475432][ T6659] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 155.475464][ T6659] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 155.475489][ T6659] drm_fbdev_client_restore+0x2c/0x40 [ 155.475512][ T6659] drm_client_dev_restore+0x1f6/0x2a0 [ 155.475547][ T6659] drm_release+0x2c4/0x360 [ 155.475577][ T6659] ? __pfx_drm_release+0x10/0x10 [ 155.475603][ T6659] __fput+0x402/0xb70 [ 155.475639][ T6659] task_work_run+0x150/0x240 [ 155.475663][ T6659] ? __pfx_task_work_run+0x10/0x10 [ 155.475686][ T6659] ? __pfx___do_sys_close_range+0x10/0x10 [ 155.475708][ T6659] ? syscall_user_dispatch+0x78/0x140 [ 155.475739][ T6659] exit_to_user_mode_loop+0xdd/0x100 [ 155.475762][ T6659] do_syscall_64+0x419/0x4b0 [ 155.475799][ T6659] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.475822][ T6659] RIP: 0033:0x7f901f38eec9 [ 155.475840][ T6659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.475861][ T6659] RSP: 002b:00007f902027d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 155.475900][ T6659] RAX: 0000000000000000 RBX: 00007f901f5e5fa0 RCX: 00007f901f38eec9 [ 155.475915][ T6659] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 155.475928][ T6659] RBP: 00007f901f411f91 R08: 0000000000000000 R09: 0000000000000000 [ 155.475942][ T6659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 155.475956][ T6659] R13: 00007f901f5e6038 R14: 00007f901f5e5fa0 R15: 00007ffdc5c649e8 [ 155.475986][ T6659] [ 155.495309][ T6663] WARNING: CPU: 0 PID: 6663 at lib/idr.c:592 ida_free+0x1f9/0x2e0 [ 155.581604][ T5159] Bluetooth: hci1: unexpected event 0x3e length: 726 > 260 [ 155.584260][ T6663] Modules linked in: [ 155.588831][ T5159] Bluetooth: hci1: unexpected subevent 0x0d length: 725 > 260 [ 155.595896][ T6663] [ 155.600619][ T5159] Bluetooth: hci1: Unknown advertising packet type: 0x7f SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 155.607978][ T6663] CPU: 0 UID: 0 PID: 6663 Comm: syz.3.138 Not tainted syzkaller #0 PREEMPT(full) [ 155.614151][ T5159] Bluetooth: hci1: adv larger than maximum supported [ 155.619516][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 155.624977][ T5159] Bluetooth: hci1: adv larger than maximum supported [ 155.629343][ T6663] RIP: 0010:ida_free+0x1f9/0x2e0 [ 155.634353][ T5159] Bluetooth: hci1: Malformed LE Event: 0x0d [ 155.833390][ T6663] Code: 76 f6 41 83 fe 3e 76 72 e8 24 78 76 f6 48 8b 7c 24 28 4c 89 ee e8 07 39 0d 00 90 48 c7 c7 00 ba cf 8c 89 ee e8 e8 52 35 f6 90 <0f> 0b 90 90 e8 fe 77 76 f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 155.853073][ T6663] RSP: 0018:ffffc90003837c60 EFLAGS: 00010286 [ 155.859652][ T6663] RAX: 0000000000000000 RBX: 1ffff92000706f8d RCX: ffffffff81796528 [ 155.868106][ T6663] RDX: ffff88802f4c3c80 RSI: ffffffff81796535 RDI: 00000000000108d7 [ 155.876328][ T6663] RBP: 0000000000000810 R08: 0000000000000001 R09: 0000000000000000 [ 155.884571][ T6663] R10: 0000000000000001 R11: 0000000000042358 R12: ffff888031e5a200 [ 155.892565][ T6663] R13: 0000000000000202 R14: 0000000000000010 R15: ffff888031e5a200 [ 155.900570][ T6663] FS: 00007f19678776c0(0000) GS:ffff888124e5d000(0000) knlGS:0000000000000000 [ 155.909566][ T6663] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 155.916185][ T6663] CR2: 00000000000000a8 CR3: 0000000030436000 CR4: 00000000003526f0 [ 155.924201][ T6663] Call Trace: [ 155.927486][ T6663] [ 155.930427][ T6663] ? __pfx_ida_free+0x10/0x10 [ 155.935187][ T6663] ? copy_tree+0x7ae/0xbd0 [ 155.939648][ T6663] copy_mnt_ns+0x886/0xa90 [ 155.944130][ T6663] ? trace_kmem_cache_alloc+0x28/0xc0 [ 155.949545][ T6663] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 155.955280][ T6663] ? create_new_namespaces+0x30/0xa90 [ 155.961406][ T6663] create_new_namespaces+0xd3/0xa90 [ 155.967402][ T6663] ? bpf_lsm_capable+0x9/0x10 [ 155.972141][ T6663] ? security_capable+0x7e/0x260 [ 155.977207][ T6663] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 155.982884][ T6663] ksys_unshare+0x45b/0xa40 [ 155.987511][ T6663] ? __pfx_ksys_unshare+0x10/0x10 [ 155.992603][ T6663] ? xfd_validate_state+0x61/0x180 [ 155.997844][ T6663] __x64_sys_unshare+0x31/0x40 [ 156.002684][ T6663] do_syscall_64+0xcd/0x4b0 [ 156.007307][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.013284][ T6663] RIP: 0033:0x7f196698eec9 [ 156.017743][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.037510][ T6663] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 156.046185][ T6663] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 156.054267][ T6663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 156.063201][ T6663] RBP: 00007f1966a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 156.071951][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.080055][ T6663] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 156.088154][ T6663] [ 156.091217][ T6663] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 156.098528][ T6663] CPU: 0 UID: 0 PID: 6663 Comm: syz.3.138 Not tainted syzkaller #0 PREEMPT(full) [ 156.107771][ T6663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025 [ 156.117865][ T6663] Call Trace: [ 156.121171][ T6663] [ 156.124114][ T6663] dump_stack_lvl+0x3d/0x1f0 [ 156.128737][ T6663] vpanic+0x6e8/0x7a0 [ 156.132732][ T6663] ? __pfx_vpanic+0x10/0x10 [ 156.137256][ T6663] ? ida_free+0x1f9/0x2e0 [ 156.141627][ T6663] panic+0xca/0xd0 [ 156.145401][ T6663] ? __pfx_panic+0x10/0x10 [ 156.149838][ T6663] ? check_panic_on_warn+0x1f/0xb0 [ 156.154988][ T6663] check_panic_on_warn+0xab/0xb0 [ 156.159943][ T6663] __warn+0xf6/0x3c0 [ 156.163853][ T6663] ? preempt_schedule_notrace+0x62/0xe0 [ 156.169433][ T6663] ? ida_free+0x1f9/0x2e0 [ 156.173789][ T6663] report_bug+0x3c3/0x580 [ 156.178140][ T6663] ? ida_free+0x1f9/0x2e0 [ 156.182488][ T6663] handle_bug+0x184/0x210 [ 156.186828][ T6663] exc_invalid_op+0x17/0x50 [ 156.191355][ T6663] asm_exc_invalid_op+0x1a/0x20 [ 156.196218][ T6663] RIP: 0010:ida_free+0x1f9/0x2e0 [ 156.201194][ T6663] Code: 76 f6 41 83 fe 3e 76 72 e8 24 78 76 f6 48 8b 7c 24 28 4c 89 ee e8 07 39 0d 00 90 48 c7 c7 00 ba cf 8c 89 ee e8 e8 52 35 f6 90 <0f> 0b 90 90 e8 fe 77 76 f6 48 b8 00 00 00 00 00 fc ff df 48 01 c3 [ 156.220826][ T6663] RSP: 0018:ffffc90003837c60 EFLAGS: 00010286 [ 156.226917][ T6663] RAX: 0000000000000000 RBX: 1ffff92000706f8d RCX: ffffffff81796528 [ 156.234903][ T6663] RDX: ffff88802f4c3c80 RSI: ffffffff81796535 RDI: 00000000000108d7 [ 156.242885][ T6663] RBP: 0000000000000810 R08: 0000000000000001 R09: 0000000000000000 [ 156.250864][ T6663] R10: 0000000000000001 R11: 0000000000042358 R12: ffff888031e5a200 [ 156.258846][ T6663] R13: 0000000000000202 R14: 0000000000000010 R15: ffff888031e5a200 [ 156.266842][ T6663] ? __warn_printk+0x198/0x350 [ 156.271646][ T6663] ? __warn_printk+0x1a5/0x350 [ 156.276451][ T6663] ? __pfx_ida_free+0x10/0x10 [ 156.281167][ T6663] ? copy_tree+0x7ae/0xbd0 [ 156.285603][ T6663] copy_mnt_ns+0x886/0xa90 [ 156.290056][ T6663] ? trace_kmem_cache_alloc+0x28/0xc0 [ 156.295450][ T6663] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 156.301096][ T6663] ? create_new_namespaces+0x30/0xa90 [ 156.306502][ T6663] create_new_namespaces+0xd3/0xa90 [ 156.311768][ T6663] ? bpf_lsm_capable+0x9/0x10 [ 156.316476][ T6663] ? security_capable+0x7e/0x260 [ 156.321457][ T6663] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 156.327130][ T6663] ksys_unshare+0x45b/0xa40 [ 156.331674][ T6663] ? __pfx_ksys_unshare+0x10/0x10 [ 156.336728][ T6663] ? xfd_validate_state+0x61/0x180 [ 156.341872][ T6663] __x64_sys_unshare+0x31/0x40 [ 156.346670][ T6663] do_syscall_64+0xcd/0x4b0 [ 156.351222][ T6663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.357138][ T6663] RIP: 0033:0x7f196698eec9 [ 156.361576][ T6663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.381200][ T6663] RSP: 002b:00007f1967877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 156.389641][ T6663] RAX: ffffffffffffffda RBX: 00007f1966be5fa0 RCX: 00007f196698eec9 [ 156.397652][ T6663] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000020000 [ 156.405634][ T6663] RBP: 00007f1966a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 156.413613][ T6663] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.421592][ T6663] R13: 00007f1966be6038 R14: 00007f1966be5fa0 R15: 00007ffd40b184e8 [ 156.429588][ T6663] [ 156.433004][ T6663] Kernel Offset: disabled [ 156.437341][ T6663] Rebooting in 86400 seconds..