last executing test programs: 5.2135814s ago: executing program 1 (id=2476): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0xc0000, 0x0) socket(0xa, 0x2, 0x73) recvfrom$auto(0x3, 0x0, 0x800000000e, 0xfffff4a4, 0x0, 0xfffffffffffffffd) syz_open_procfs$namespace(0x0, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) memfd_secret$auto(0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) 3.742416248s ago: executing program 0 (id=2483): ioctl$auto_SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) mmap$auto(0x0, 0x6, 0xdb, 0x9b72, 0xffffffffffffffff, 0x8000) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0xf, 0x3, 0x2) syz_genetlink_get_family_id$auto_ipvs(0x0, r2) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/security/tomoyo/stat\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xfdef) 3.687019461s ago: executing program 1 (id=2484): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, r0, 0x999) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f00000000c0)="7eb547a3c5d44595598a97dc6e207d60bd1dea57e9f8111c3c02c25aaf735b723e5528db1fc61307e4cfafb8a206708a1f0b986f3b617c334a5915a2dd59176326d627a147628bbc746bb7365f31e8639c746e42ba567825d79067a18e4256", 0x6}, 0x4000000000000000, 0x5, 0x10001) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r2, r3, 0x0, 0x1000200) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x5, 0xe983, 0x1, 0xebf, r1, 0x10000008) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr12/power/runtime_suspended_time\x00', 0x313360, 0x0) read$auto(r6, 0x0, 0x20) writev$auto(r5, &(0x7f0000000200)={0x0, 0xfffffffffffffffb}, 0x9) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x10c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MPATH_NEXT_HOP={0xd2, 0x1a, "cad1c26a85dcf8f337fd87206ea19639b8abe29f4508ac72080d9b28c90d915df0520d4327378158160f3456649a764db1c09d496452d2b98b644ef675bac322acc3af89d17515a74ae544bab6b9ec83a2ee665679cc745151dd0ed75bcdde7fae50c91500e3b0d87fe166ccbb82a49681d3f03d6d34e2bc7e01ada2b8d73903d2bffe2843e1f24d4e0e008060e7668f3d41060399df1dc933498ad1539deb2a423f5a05e370e6fae3913afe06b1b0cc82010d97e190bd43d0e42a5aaa89ec40195ecc588cb857e629c963c98bd4"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x8}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xcb5}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x10c}}, 0x44000) keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af03, r4) 3.599964933s ago: executing program 0 (id=2486): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', 0x0}) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) fanotify_init$auto(0x5, 0x2000000000002) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) socket(0x11, 0x80003, 0x300) r2 = socket(0xa, 0x3, 0x6) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) bpf$auto(0x0, &(0x7f0000000040)=@bpf_attr_5={@target_ifindex=r1, 0x7f, 0x99, 0x8, 0x1, @relative_fd=r2, 0xd}, 0x92) bpf$auto(0x2, &(0x7f00000001c0)=@raw_tracepoint={0x5, r2, 0x0, 0x3}, 0x4) r3 = open(0x0, 0x261c2, 0x84) bpf$auto(0x4, &(0x7f00000001c0)=@raw_tracepoint={0x5, r3, 0x0, 0x3}, 0xc) 3.424991188s ago: executing program 0 (id=2488): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC0\x00', 0x802, 0x0) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) getrandom$auto(0x0, 0x6000000, 0x3) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0x80900, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = openat$auto_ucma_fops_ucma(0xffffffffffffff9c, &(0x7f0000000180), 0x101002, 0x0) write$auto(r0, 0x0, 0xc3) 2.974748113s ago: executing program 0 (id=2489): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, r0, 0x999) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="110000", 0x3) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv6/conf/all/forwarding\x00', 0x42a81, 0x0) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f00000000c0)="7eb547a3c5d44595598a97dc6e207d60bd1dea57e9f8111c3c02c25aaf735b723e5528db1fc61307e4cfafb8a206708a1f0b986f3b617c334a5915a2dd59176326d627a147628bbc746bb7365f31e8639c746e42ba567825d79067a18e4256", 0x6}, 0x4000000000000000, 0x5, 0x10001) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r2, r3, 0x0, 0x1000200) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x5, 0xe983, 0x1, 0xebf, r1, 0x10000008) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr12/power/runtime_suspended_time\x00', 0x313360, 0x0) read$auto(r6, 0x0, 0x20) writev$auto(r5, &(0x7f0000000200)={0x0, 0xfffffffffffffffb}, 0x9) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x10c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MPATH_NEXT_HOP={0xd2, 0x1a, "cad1c26a85dcf8f337fd87206ea19639b8abe29f4508ac72080d9b28c90d915df0520d4327378158160f3456649a764db1c09d496452d2b98b644ef675bac322acc3af89d17515a74ae544bab6b9ec83a2ee665679cc745151dd0ed75bcdde7fae50c91500e3b0d87fe166ccbb82a49681d3f03d6d34e2bc7e01ada2b8d73903d2bffe2843e1f24d4e0e008060e7668f3d41060399df1dc933498ad1539deb2a423f5a05e370e6fae3913afe06b1b0cc82010d97e190bd43d0e42a5aaa89ec40195ecc588cb857e629c963c98bd4"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x8}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xcb5}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x10c}}, 0x44000) keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af03, r4) 2.707406212s ago: executing program 1 (id=2490): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/kernel/task_delayacct\x00', 0x80282, 0x0) socket(0x2, 0x80002, 0x73) r0 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r1 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r1, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) ppoll$auto(&(0x7f00000002c0)={r0, 0x1, 0xd75}, 0x2, 0x0, 0x0, 0x8) 2.396267947s ago: executing program 1 (id=2492): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram11\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) bind$auto(0x3, 0x0, 0x6b) select$auto(0x10, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket(0xa, 0x2, 0x73) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socket(0x1, 0x3, 0x0) bind$auto(0x3, 0x0, 0x6b) 2.396073344s ago: executing program 2 (id=2493): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, r0, 0x999) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x42a81, 0x0) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f00000000c0)="7eb547a3c5d44595598a97dc6e207d60bd1dea57e9f8111c3c02c25aaf735b723e5528db1fc61307e4cfafb8a206708a1f0b986f3b617c334a5915a2dd59176326d627a147628bbc746bb7365f31e8639c746e42ba567825d79067a18e4256", 0x6}, 0x4000000000000000, 0x5, 0x10001) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r2, r3, 0x0, 0x1000200) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x5, 0xe983, 0x1, 0xebf, r1, 0x10000008) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr12/power/runtime_suspended_time\x00', 0x313360, 0x0) read$auto(r6, 0x0, 0x20) writev$auto(r5, &(0x7f0000000200)={0x0, 0xfffffffffffffffb}, 0x9) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x10c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MPATH_NEXT_HOP={0xd2, 0x1a, "cad1c26a85dcf8f337fd87206ea19639b8abe29f4508ac72080d9b28c90d915df0520d4327378158160f3456649a764db1c09d496452d2b98b644ef675bac322acc3af89d17515a74ae544bab6b9ec83a2ee665679cc745151dd0ed75bcdde7fae50c91500e3b0d87fe166ccbb82a49681d3f03d6d34e2bc7e01ada2b8d73903d2bffe2843e1f24d4e0e008060e7668f3d41060399df1dc933498ad1539deb2a423f5a05e370e6fae3913afe06b1b0cc82010d97e190bd43d0e42a5aaa89ec40195ecc588cb857e629c963c98bd4"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x8}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xcb5}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x10c}}, 0x44000) keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af03, r4) 2.1148464s ago: executing program 3 (id=2494): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_allowed_congestion_control\x00', 0x0, 0x0) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x3, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0xa, 0x2, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c082) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 1.906482662s ago: executing program 3 (id=2495): r0 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0x5e9482, 0x0) read$auto_state_fops_(r0, &(0x7f0000000180)=""/61, 0xfffffeeb) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio1\x00', 0x8000, 0x0) read$auto(r1, 0x0, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0x1e, 0x805, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000010c0)='/dev/snd/controlC1\x00', 0x60840, 0x0) ioctl$auto(0x3, 0x40045532, 0x38) r2 = openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snd/pcmC1D0c\x00', 0x88c00, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_WRITEI_FRAMES2(r2, 0x40184150, &(0x7f0000000080)={0x3ff, &(0x7f0000000240), 0x2}) ioctl$auto_SNDRV_PCM_IOCTL_DRAIN2(r2, 0x4144, 0x0) 1.744530938s ago: executing program 0 (id=2496): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="88120000", @ANYRES16=0x0, @ANYBLOB="010025bd700002dcdf2503000000050009000500000004000600040006003d1202805000a500c667d9d0cca65d36490648637f04abd8489cc9506022c8fdacd8c22e41b7d2fa985dddd4b2a5bc76074abe9f0f7649f33e5d77a8ea4c3b443b183ae146e3f9ca235415abb72b1863c0166ebb22114580bbb94c93b312191f84de52174ef5b9d6d59c8cc74f0058dded57a7a541a3008eb7fd96705f9056abb12127a7a862b213720a9138cc5e515206c2c67d96a85f4ed00755cfe9337a385153519e144b6a1b58dac5d963d89bb2577d048c71bc80aac3c8f21168defd407d32a5321443eeff8e5942c2f43bc93e0a8cb1dd317a9e8b1666edf829be42389b40da3cdd62d74927de8a89201eddd9a799cacaf4d1f69a7427eed9b3e7fc5555965125c44ee35d835ee3e1c3db437900c59e9531f473c9a25420a693b5a0a4230bdd74b2a3d9958215efa47728727a4b736b", @ANYRES32=0x0, @ANYBLOB="04000e800400ca80a460d59f0efc3ec0a8f45a2dffef8a5cfae44d01fa055aa6d8cb6e80e241c7fdafa1507648930aa38ac11fc5dce5a5c212e08e90cd03dd2ba51fa1ba6de7d7923f6c5b1bb5df15bdbe08efb50a2a7cd8ca3a9f84a1fd14b82a54bd53d97adf75dc06592e771ff690f6cc86f47e322ccc2016ba8dc6a56d1779b8456135662ed3460767ac2c65f0f4acf3fb9e5f9b658e7d5e66d07b94cb5036ea9bd52f9bbf86f6fc799652339b54b5e3bf124439837d19096822f67cfce1269b3472d31d7e8dcb810dc6fc448e72910a4d44421f2909fba66402ddd7a6745511b5055ec23a9fe98772e61f8e66f7ecc87bd1bb336c666f02438ce4ec91522be8a9554ee7341badefdd75d4445131d0b5a711938f34b780512f24e6690aa76ea00980c2295936a008bcccd73d802abd50e99696e7e31c89c79ce4a9b8d52c3a1eb6ab7f2588f794695d921d3ebf5dd669e893ccd6c5d4d3bd9f014dca2303bc4d623178ff664517d4c65161d377b34341bbaa4b033922ad7847346a5581ceda1dab107e9f5109a5c8af8457ba7764b1eee0343be94d2b299b9eb8d1f0b4d4523051df7f2277a9087e230565ac893f19d83fbc7cc351602a1a08570b05d674ea37f9afb6bc62f5f7657dd3713a2ea6b58c32f8e7c57ca13a66f8f80e7e1fb0736a1d2342f7ccbbc86eecb0c8e5aa110b7f6808281b68d6f7b6ddf9a9b11507ff2b121cf75b79c32ad582b73e07721d1054c88776640acbdc38a7e7ea0df4159c1b2da3e686e024f16acb46b3eb03563e59c509542f67d4c5ff1b388eab4a8dec42786af1e3376181c3943981430de83802a44edf42f68a7d619960404f80bd08508b18382dab65e3cffc5fa942245102abd7be2c5d4c68401d2f6d2a2c42f8968509b95aec53af6a4082eabf2c7447aabfc36dc1da8163e934587d8835e61c8453a94e1b127b8d9784b75498e7ae73dc42e65b0afbfb41e3a802c5027a65b494d62b19365c382d66844880760196cd40712c78e2e288820cb2f34379df51a85ffbee675e1598c2a9a113255efe73cca36f087cbfa885491a2f3e68449436e0fca75598a4e8a15fd3704d302c4405cbeabe3d57567ad993cc92f879343be898b945c69ba5f5f1d64deaffa32c79808620e95f6fc31090dbca556da91d595f5867f45f23cc8fce505b38e63bc6f4a236556713339d5d4aa664c44f7826129538d0e157f336135ea4795bd66da491815172af611ea76ce42cb713f4e2c8b4ea92f10c2c99e78693ed70fce906aaab57ff48801c9fa03d09dc7706252ca29458af66616a42934ad215cc47c776bb4793bc856ce67524e1e74f4b3686051ebbeb6ac03e735e5a70411316aaf96499792da9f54f81761c707ee6a5adb8b3d5f8d070ebec81ab1733ec2e4abb364bfef0430396402f2950ab40c25e475ae51613d2c5fdf44e879f36528dc83d34a314ced34fb83b64d25bf548cc79dbc8583503b8ef03e36ef313b870d1f84a666ab362e29d25eb3dad6021972c3c45e30d224b29f3f03e0ca26790cb594ab705368fc76a6bd8d0fc883e3566c50739318feddcfca26268830b8f1621747ce77c8e809930a68d9969ce5741df3bdc2142c17b99a71d6da05348a58890d5978259a7cecc0a28ecb61681c84e5a59ed8c3478b2f4384342c1ea0d83d79f8aa00c40a66fb07d90b10ab049848ad54f7765a707c63c059b0d11841ea3d046cb1f47962f48420ced1697fda0bca7d9813045172391db71c42eff09db637020e927289877df4a3f7a2fae5a43859896d662a339bf80e50cc7563f8e4a3ccc39d846169bf2ccc486af07e35059829a783535ca03371e7a826825e4549a2e9422af50c25b3e5accd0f9602f5b50d69c3a7c83eb8ddf49050b429913539bc3f9e440cd506b410c9518cd62f9bacb4aecd9e588881f4acac5a867132e68a070e094393654695ed4f3a7e7619fbfd98668a9ee077460b0ca6832eaeb53340ec449172c25dcc56e3afb20c706cc0f175835635b2b052c77012e25721c4bdae210979eb691d3c8fb6d552b8eaa56f4876bce7e034ef08567b905e94e7209fee65de32e4faa4ed34c99478d784b6f302c8b87fdfdde132a5fe333d5fefa4231e4264f944a7d1a4cc1cee8dbba444b9ea9196d4c97f04d543b0c37f9a5dc9af0ee8e57ae631d291af40714a192343db5b32c241b840fcc1cb9aeb72e46ed7b42abcac4ad8edf2e2f9db14c2377b8a75b700bac7bc85d097530362b3cbce5e2da7384c2ca8538ba368cd08d09a182c83ca34704bb428828358155de5b15c2b1805a029c7aa123bd2c34189e1561a27700c495b9ad0e14fead9f618ce2abcbcf93d392f63aa2386dde1312ac0657d6280195305c75547208e9e7ba64ee1105136e76a7248ead12313bbc3f6c9afd4219d31917775da5efc363b5d76af78ef62e61849e8d43fbeaca7e0500e9ab76e7dcd855273c1e0b70ed0f4ee54064fa189eb7d5b41b5d948037bbf92bee5bc1b511c3fa3381a881d6b293feb6072b1e7c2e592281b8f7eda430f4c4eb89c8abb08ce3757863a726c8c531e0300cafafa3b85c588372ef3bcca6fc65fcbba544deea1cfe52a345ded4f752c07923105177c183bfe02b95a3f1f580547b76a56c6a3f26600c1b992d287179b771dc5560e11013787080dd0259231b0145db8e63f8130b03f47ad2af6c27f44aae9b063a45f6122e58b868fdd0703d086b328643db27206a6fcd73bd8dc64d28191eee9f6a29c3c48f149d43a4dd4af67cd232510ac0dfb963800a1736317c0582e7d3ad2babba44faacb094fa592237a87f51582eb608e7ed487b4a6f4a7a486e33d397ca1ceb9c9f3f6943e7355c4a4905086bc727b6100b18778999adafbc275060780c8ff3d491d2373a559fae0054e296d67471b6c5f100bc46dd2998adc9d5d73bb4ae734159a6b252749c11ca27be84fb1ed3e5e7e08170cd4ef705e098d1b99f870fcf434de7edc3f921b820a854de549d156b9c2c2dc385f045318d8c741b82065b2db4b7bb7eb657436680cb136e899e96c43f9c8b05edcf76ddc9b874227bde3abed5c7a209b2de9bc4a697d113bee2a0671ddad481c60646a07333a8ee6c26b59aa52d3a52ac78c4521db522bf7068a7cd0bc94b57256bd95f9fd5d7e8f5038b1ae156dd222ed5636695a4974875252c6f4ffea7bbc592a7f983c48b2a1d28c2899ade27eab4b84e5e8df5748aaabfcbb11bf81493db4bd11c17ae38160e7f369e5d349ac689bbd469ee29c14ea392e0a90b4bef7827feb854866a4b708c04d6f5555234fba6115b2e9997754bbf178c049b7d77b2223f83ebf60a8cb99c9ad6a999033e15f0050af031cef4926eb14b0902c4f668c4768c206f28d3725a83f638ec55241a67b6e50a1c16541fcc0eead0a6175ee1477c8823978d7bc21241faee47b18cc7d193cbdbd9855eb90066fb3810790d80dea9315c3dc9a7238a80655f4849707772bb879b1ce9d91458ac4c16a7c0c6677b1ef17bc4fa0a83a1817b1f3d8ba64db14986dba57a633ae0080e8e0f5c298d8f56caad1430abd28e6c375ac80867a58b35cfb064b64acf0544492cf86752e5787a067678abe314f4d38390402f955737b995c798eae18a20cf5eef02de3fb2fcbb38daebd6fc6f7a4e4c25a3b8fc83728020effd05bca49f420cbde29dcd7f6bf18ca49dcc6b0c15db0229a3dae6ba9a579cce34fb13f881c450e6b4b27ac8af9eb4c718812e6d9ffea41f9bd4fc31be63248d7451bea9e7cb39bb29ed116af7904e93d3f2ee8fd37a822b2a4dc9b055e38d534b561176e0e527e2cfc9225915c998ab73ab3efe400f363e86f866d079ff62520492a7fbc0a0eb028c760cf667b8ec142790055b1bb4d901ce623e7dbfbe847247d76993213745babcc990931c27275094199cdf191bc6e356b166dc6c2b1a7044e54369b42fd455359c892dabd2d643e30da4b6f5bbdfee5932baff5d3dcd242c9a6b547c9ca08e598c87bbc31119349c70d2d68dabea4046e0006d876021cd7f831f7295a6bd9c234a73c1161a79a4b48930d9cd61cca69c0a888138ba501a99125615cbe18c1d22b86dc2066b74b37c6d122177b763ad1b4f7804838408a3f0d9d0d1ff7fa7b06b8b4d232f76b8aaf8c0c24baebdc18e0d5ee9b87c53bfe82a483daea7607f1da9a1ffecf0d9ce845ed70fae10b78fc0e60dde135f20b9c979683dadaf8c1938027c602a47061fd27ad705017fb7d8d857b09173ac4dc2092b7cafd16a068580182d4385f948e11cffc2997cd51b268d6c49906227e70200d5f2d39d461454d75c643144869d87583aec09cdea198f1c9ea613fbe9336df22dbd21fd6242d186ae209a351d4eb9911f361e0dd6f8bcdd1a00d938044aecbeaf00abb3df9b3af99c6f6d90c3520d36fe2a55addecc0086a58aeffff6e6cade5afe58351d168dc40eeeef01fc3e31c8c67d264be94f71cd4db810a57b9c330d9d5ef732f0d6a7658b5a0175bfbb5ff479ec494a1f4ca44b68670ebfa35066b5b0b465618eba7ba32cdbde54a908f85cb496545389a98a23f78f5c99438da7038071cf9173609d447260d58eb114e7d14ba8d5dcac54abb50dffad1f8e6c9393233981eccdb87202c5681b8904fbe095fb1a0c834cec31afcde2de9969879c2c7211397a62fcfef5568fa2a62bbf9376ac14f014ad7c53dacfc334ab43e8f08bebe1e8c96dd51b1b93ab9c7bb4d547948232193db13c43a0e8ec9d5af4a2c1006888ca3f441bb378a6aa94f6602b9b80d84cdfc4cfa57f91ab034bdabbdec3521c429409dcb22236222eb79bd1cd29aeebffb54df1fd04e7f7c8ee4c3ec9635d6331d2a3e789ddcb59d573d3b694d1d07d703584deda17ed458cc889d5e189de77985edef0dde8c896db2924d91df41a3ee08e32c25a6117adb55d160ff922926e0aac203416c7acdb65526305b840247192934748d60db993eb645812b9b7d7ab1b79d45c530417415a22dd9546178b54e6842faa8e478061af2197ddc4e30bde39c8b3e4cb09da50cccece72370bfa0482c04931f1bde40235a201c6e5890cdee9c29fa0c6b4565730ee7cb163ba6a63f1e3678046ad73cc241f49c876df73113204834337bc5ccd2b7297a2d6bec1c30204a05b6ba91fc1370dbbde622c7072abe925d9237ddcf5dc47d1784337fd3f25107e236bcfc1dc352aa0cf3ebf576c0dfd1890c283b30892fe0b9bf75b8294813ea89ca367f7cc330e781ea25380d02923142019d4b45db31c8cdce3188809cc453dabf1648e5286da1f0aa4fb4f199616ac48501f70069db6595540c1e80f9556956fa5e31565ec0bcdff39c5de8268c5831ef03c98149561241472ad30c3f5659921019f6d7f4f1ac62dfcfcc740b94813ea2531745c3f03caa0d52097a1328d515c6eee016aad65125c1a3b8b6cd41333a9cf353045d8c35315adb7d5b4b3c66ef34c7cc255054f7ce845f6dea3e5ddb020f34973dce7ae2345a80cdb8d1db6507075e6893fabc5db1e3e0330d3fc7d669d596000ae64dd397b71d9d88562c096a12dfe4c9f2a888bba68cf23de27ef7e533f87636c78b1de7617d34289854aaf54d3626b9fa6ecf2ae5cf8c40a5ec083c44f1c0da260296ea4b9222bcdb0eef3baa0ab7fb7a98ed86a9f3634ca9dd622efcd2786bc0a22acec3453e74fcee407a94d381638f4e9f423b89d251ae2393d1e4d713dead8c0c162d009434eb8eda45e35dd8225dc1e36069e5024c922d355770ac93549a874f4e322163aa8ceeb0a6d4c3cdf29b95513c4c2678fa24e53c167241bca67bc106bca9c3eac1eff1c5b0ab789c81ba931d60dcd8463f02e8822c2f863bd1d77e3e5c300000400bd000800f300", @ANYRES32=0x0, @ANYBLOB="734a876aa29b0877d493e5227c137e1a990b8b782049218d349441c21f23170613015579f29ee902f9c2388c408b595db629b83e27d874bf6d7ae93f84828698fe30ba5d42734269e07bcceb6b7a47b83245f96d4790d73596a2b559ad7c85278728d8e1a55e9d0a3f312fb9463dc5b1d85846e7289b5988b761fb263925105db3684eaf210ce936eb0e61f2f853357b9b995bd909fc9f8e85a672bbc21d8e04c2dffd97b55818bc913196bf863ecaf0929215468edb307eb24a9dffb78b03d6a58927ff490700000008000a00070000000c00028008001000e600000008000a00c066ffff0500090001000000"], 0x1288}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, r0) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x9, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r5, 0x0, 0x594c, 0x9fffffffd) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r2) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r8, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) r9 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r9, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r10 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xc00, 0x2c, 0x2c, 0x3, 0x2}) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) 1.457033888s ago: executing program 2 (id=2497): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="72010000", @ANYBLOB="120027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x2000c004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[], 0x1ac}}, 0x40000) recvmmsg$auto(r0, &(0x7f0000000100)={{0x0, 0x4, 0x0, 0x3, 0x0, 0x80000000, 0x6}, 0x9}, 0x7, 0x200, 0x0) sendmsg$auto_ETHTOOL_MSG_PLCA_SET_CFG(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_PLCA_BURST_TMR={0x8, 0x9, 0x7}, @ETHTOOL_A_PLCA_NODE_ID={0x8}, @ETHTOOL_A_PLCA_ENABLED={0x5}, @ETHTOOL_A_PLCA_NODE_ID={0x8}, @ETHTOOL_A_PLCA_NODE_CNT={0x8, 0x5, 0x1ff}, @ETHTOOL_A_PLCA_NODE_ID={0x8, 0x6, 0x6}, @ETHTOOL_A_PLCA_NODE_ID={0x8, 0x6, 0xfffffffb}]}, 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x800) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs1\x00', 0x108002, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.452106569s ago: executing program 1 (id=2498): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) r0 = prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r1, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="88120000", @ANYRES16=0x0, @ANYBLOB="010025bd700002dcdf2503000000050009000500000004000600040006003d1202805000a500c667d9d0cca65d36490648637f04abd8489cc9506022c8fdacd8c22e41b7d2fa985dddd4b2a5bc76074abe9f0f7649f33e5d77a8ea4c3b443b183ae146e3f9ca235415abb72b1863c0166ebb22114580bbb94c93b312191f84de52174ef5b9d6d59c8cc74f0058dded57a7a541a3008eb7fd96705f9056abb12127a7a862b213720a9138cc5e515206c2c67d96a85f4ed00755cfe9337a385153519e144b6a1b58dac5d963d89bb2577d048c71bc80aac3c8f21168defd407d32a5321443eeff8e5942c2f43bc93e0a8cb1dd317a9e8b1666edf829be42389b40da3cdd62d74927de8a89201eddd9a799cacaf4d1f69a7427eed9b3e7fc5555965125c44ee35d835ee3e1c3db437900c59e9531f473c9a25420a693b5a0a4230bdd74b2a3d9958215efa47728727a4b736b4f44b2", @ANYRES32=0x0, @ANYBLOB="04000e800400ca80a460d59f0efc3ec0a8f45a2dffef8a5cfae44d01fa055aa6d8cb6e80e241c7fdafa1507648930aa38ac11fc5dce5a5c212e08e90cd03dd2ba51fa1ba6de7d7923f6c5b1bb5df15bdbe08efb50a2a7cd8ca3a9f84a1fd14b82a54bd53d97adf75dc06592e771ff690f6cc86f47e322ccc2016ba8dc6a56d1779b8456135662ed3460767ac2c65f0f4acf3fb9e5f9b658e7d5e66d07b94cb5036ea9bd52f9bbf86f6fc799652339b54b5e3bf124439837d19096822f67cfce1269b3472d31d7e8dcb810dc6fc448e72910a4d44421f2909fba66402ddd7a6745511b5055ec23a9fe98772e61f8e66f7ecc87bd1bb336c666f02438ce4ec91522be8a9554ee7341badefdd75d4445131d0b5a711938f34b780512f24e6690aa76ea00980c2295936a008bcccd73d802abd50e99696e7e31c89c79ce4a9b8d52c3a1eb6ab7f2588f794695d921d3ebf5dd669e893ccd6c5d4d3bd9f014dca2303bc4d623178ff664517d4c65161d377b34341bbaa4b033922ad7847346a5581ceda1dab107e9f5109a5c8af8457ba7764b1eee0343be94d2b299b9eb8d1f0b4d4523051df7f2277a9087e230565ac893f19d83fbc7cc351602a1a08570b05d674ea37f9afb6bc62f5f7657dd3713a2ea6b58c32f8e7c57ca13a66f8f80e7e1fb0736a1d2342f7ccbbc86eecb0c8e5aa110b7f6808281b68d6f7b6ddf9a9b11507ff2b121cf75b79c32ad582b73e07721d1054c88776640acbdc38a7e7ea0df4159c1b2da3e686e024f16acb46b3eb03563e59c509542f67d4c5ff1b388eab4a8dec42786af1e3376181c3943981430de83802a44edf42f68a7d619960404f80bd08508b18382dab65e3cffc5fa942245102abd7be2c5d4c68401d2f6d2a2c42f8968509b95aec53af6a4082eabf2c7447aabfc36dc1da8163e934587d8835e61c8453a94e1b127b8d9784b75498e7ae73dc42e65b0afbfb41e3a802c5027a65b494d62b19365c382d66844880760196cd40712c78e2e288820cb2f34379df51a85ffbee675e1598c2a9a113255efe73cca36f087cbfa885491a2f3e68449436e0fca75598a4e8a15fd3704d302c4405cbeabe3d57567ad993cc92f879343be898b945c69ba5f5f1d64deaffa32c79808620e95f6fc31090dbca556da91d595f5867f45f23cc8fce505b38e63bc6f4a236556713339d5d4aa664c44f7826129538d0e157f336135ea4795bd66da491815172af611ea76ce42cb713f4e2c8b4ea92f10c2c99e78693ed70fce906aaab57ff48801c9fa03d09dc7706252ca29458af66616a42934ad215cc47c776bb4793bc856ce67524e1e74f4b3686051ebbeb6ac03e735e5a70411316aaf96499792da9f54f81761c707ee6a5adb8b3d5f8d070ebec81ab1733ec2e4abb364bfef0430396402f2950ab40c25e475ae51613d2c5fdf44e879f36528dc83d34a314ced34fb83b64d25bf548cc79dbc8583503b8ef03e36ef313b870d1f84a666ab362e29d25eb3dad6021972c3c45e30d224b29f3f03e0ca26790cb594ab705368fc76a6bd8d0fc883e3566c50739318feddcfca26268830b8f1621747ce77c8e809930a68d9969ce5741df3bdc2142c17b99a71d6da05348a58890d5978259a7cecc0a28ecb61681c84e5a59ed8c3478b2f4384342c1ea0d83d79f8aa00c40a66fb07d90b10ab049848ad54f7765a707c63c059b0d11841ea3d046cb1f47962f48420ced1697fda0bca7d9813045172391db71c42eff09db637020e927289877df4a3f7a2fae5a43859896d662a339bf80e50cc7563f8e4a3ccc39d846169bf2ccc486af07e35059829a783535ca03371e7a826825e4549a2e9422af50c25b3e5accd0f9602f5b50d69c3a7c83eb8ddf49050b429913539bc3f9e440cd506b410c9518cd62f9bacb4aecd9e588881f4acac5a867132e68a070e094393654695ed4f3a7e7619fbfd98668a9ee077460b0ca6832eaeb53340ec449172c25dcc56e3afb20c706cc0f175835635b2b052c77012e25721c4bdae210979eb691d3c8fb6d552b8eaa56f4876bce7e034ef08567b905e94e7209fee65de32e4faa4ed34c99478d784b6f302c8b87fdfdde132a5fe333d5fefa4231e4264f944a7d1a4cc1cee8dbba444b9ea9196d4c97f04d543b0c37f9a5dc9af0ee8e57ae631d291af40714a192343db5b32c241b840fcc1cb9aeb72e46ed7b42abcac4ad8edf2e2f9db14c2377b8a75b700bac7bc85d097530362b3cbce5e2da7384c2ca8538ba368cd08d09a182c83ca34704bb428828358155de5b15c2b1805a029c7aa123bd2c34189e1561a27700c495b9ad0e14fead9f618ce2abcbcf93d392f63aa2386dde1312ac0657d6280195305c75547208e9e7ba64ee1105136e76a7248ead12313bbc3f6c9afd4219d31917775da5efc363b5d76af78ef62e61849e8d43fbeaca7e0500e9ab76e7dcd855273c1e0b70ed0f4ee54064fa189eb7d5b41b5d948037bbf92bee5bc1b511c3fa3381a881d6b293feb6072b1e7c2e592281b8f7eda430f4c4eb89c8abb08ce3757863a726c8c531e0300cafafa3b85c588372ef3bcca6fc65fcbba544deea1cfe52a345ded4f752c07923105177c183bfe02b95a3f1f580547b76a56c6a3f26600c1b992d287179b771dc5560e11013787080dd0259231b0145db8e63f8130b03f47ad2af6c27f44aae9b063a45f6122e58b868fdd0703d086b328643db27206a6fcd73bd8dc64d28191eee9f6a29c3c48f149d43a4dd4af67cd232510ac0dfb963800a1736317c0582e7d3ad2babba44faacb094fa592237a87f51582eb608e7ed487b4a6f4a7a486e33d397ca1ceb9c9f3f6943e7355c4a4905086bc727b6100b18778999adafbc275060780c8ff3d491d2373a559fae0054e296d67471b6c5f100bc46dd2998adc9d5d73bb4ae734159a6b252749c11ca27be84fb1ed3e5e7e08170cd4ef705e098d1b99f870fcf434de7edc3f921b820a854de549d156b9c2c2dc385f045318d8c741b82065b2db4b7bb7eb657436680cb136e899e96c43f9c8b05edcf76ddc9b874227bde3abed5c7a209b2de9bc4a697d113bee2a0671ddad481c60646a07333a8ee6c26b59aa52d3a52ac78c4521db522bf7068a7cd0bc94b57256bd95f9fd5d7e8f5038b1ae156dd222ed5636695a4974875252c6f4ffea7bbc592a7f983c48b2a1d28c2899ade27eab4b84e5e8df5748aaabfcbb11bf81493db4bd11c17ae38160e7f369e5d349ac689bbd469ee29c14ea392e0a90b4bef7827feb854866a4b708c04d6f5555234fba6115b2e9997754bbf178c049b7d77b2223f83ebf60a8cb99c9ad6a999033e15f0050af031cef4926eb14b0902c4f668c4768c206f28d3725a83f638ec55241a67b6e50a1c16541fcc0eead0a6175ee1477c8823978d7bc21241faee47b18cc7d193cbdbd9855eb90066fb3810790d80dea9315c3dc9a7238a80655f4849707772bb879b1ce9d91458ac4c16a7c0c6677b1ef17bc4fa0a83a1817b1f3d8ba64db14986dba57a633ae0080e8e0f5c298d8f56caad1430abd28e6c375ac80867a58b35cfb064b64acf0544492cf86752e5787a067678abe314f4d38390402f955737b995c798eae18a20cf5eef02de3fb2fcbb38daebd6fc6f7a4e4c25a3b8fc83728020effd05bca49f420cbde29dcd7f6bf18ca49dcc6b0c15db0229a3dae6ba9a579cce34fb13f881c450e6b4b27ac8af9eb4c718812e6d9ffea41f9bd4fc31be63248d7451bea9e7cb39bb29ed116af7904e93d3f2ee8fd37a822b2a4dc9b055e38d534b561176e0e527e2cfc9225915c998ab73ab3efe400f363e86f866d079ff62520492a7fbc0a0eb028c760cf667b8ec142790055b1bb4d901ce623e7dbfbe847247d76993213745babcc990931c27275094199cdf191bc6e356b166dc6c2b1a7044e54369b42fd455359c892dabd2d643e30da4b6f5bbdfee5932baff5d3dcd242c9a6b547c9ca08e598c87bbc31119349c70d2d68dabea4046e0006d876021cd7f831f7295a6bd9c234a73c1161a79a4b48930d9cd61cca69c0a888138ba501a99125615cbe18c1d22b86dc2066b74b37c6d122177b763ad1b4f7804838408a3f0d9d0d1ff7fa7b06b8b4d232f76b8aaf8c0c24baebdc18e0d5ee9b87c53bfe82a483daea7607f1da9a1ffecf0d9ce845ed70fae10b78fc0e60dde135f20b9c979683dadaf8c1938027c602a47061fd27ad705017fb7d8d857b09173ac4dc2092b7cafd16a068580182d4385f948e11cffc2997cd51b268d6c49906227e70200d5f2d39d461454d75c643144869d87583aec09cdea198f1c9ea613fbe9336df22dbd21fd6242d186ae209a351d4eb9911f361e0dd6f8bcdd1a00d938044aecbeaf00abb3df9b3af99c6f6d90c3520d36fe2a55addecc0086a58aeffff6e6cade5afe58351d168dc40eeeef01fc3e31c8c67d264be94f71cd4db810a57b9c330d9d5ef732f0d6a7658b5a0175bfbb5ff479ec494a1f4ca44b68670ebfa35066b5b0b465618eba7ba32cdbde54a908f85cb496545389a98a23f78f5c99438da7038071cf9173609d447260d58eb114e7d14ba8d5dcac54abb50dffad1f8e6c9393233981eccdb87202c5681b8904fbe095fb1a0c834cec31afcde2de9969879c2c7211397a62fcfef5568fa2a62bbf9376ac14f014ad7c53dacfc334ab43e8f08bebe1e8c96dd51b1b93ab9c7bb4d547948232193db13c43a0e8ec9d5af4a2c1006888ca3f441bb378a6aa94f6602b9b80d84cdfc4cfa57f91ab034bdabbdec3521c429409dcb22236222eb79bd1cd29aeebffb54df1fd04e7f7c8ee4c3ec9635d6331d2a3e789ddcb59d573d3b694d1d07d703584deda17ed458cc889d5e189de77985edef0dde8c896db2924d91df41a3ee08e32c25a6117adb55d160ff922926e0aac203416c7acdb65526305b840247192934748d60db993eb645812b9b7d7ab1b79d45c530417415a22dd9546178b54e6842faa8e478061af2197ddc4e30bde39c8b3e4cb09da50cccece72370bfa0482c04931f1bde40235a201c6e5890cdee9c29fa0c6b4565730ee7cb163ba6a63f1e3678046ad73cc241f49c876df73113204834337bc5ccd2b7297a2d6bec1c30204a05b6ba91fc1370dbbde622c7072abe925d9237ddcf5dc47d1784337fd3f25107e236bcfc1dc352aa0cf3ebf576c0dfd1890c283b30892fe0b9bf75b8294813ea89ca367f7cc330e781ea25380d02923142019d4b45db31c8cdce3188809cc453dabf1648e5286da1f0aa4fb4f199616ac48501f70069db6595540c1e80f9556956fa5e31565ec0bcdff39c5de8268c5831ef03c98149561241472ad30c3f5659921019f6d7f4f1ac62dfcfcc740b94813ea2531745c3f03caa0d52097a1328d515c6eee016aad65125c1a3b8b6cd41333a9cf353045d8c35315adb7d5b4b3c66ef34c7cc255054f7ce845f6dea3e5ddb020f34973dce7ae2345a80cdb8d1db6507075e6893fabc5db1e3e0330d3fc7d669d596000ae64dd397b71d9d88562c096a12dfe4c9f2a888bba68cf23de27ef7e533f87636c78b1de7617d34289854aaf54d3626b9fa6ecf2ae5cf8c40a5ec083c44f1c0da260296ea4b9222bcdb0eef3baa0ab7fb7a98ed86a9f3634ca9dd622efcd2786bc0a22acec3453e74fcee407a94d381638f4e9f423b89d251ae2393d1e4d713dead8c0c162d009434eb8eda45e35dd8225dc1e36069e5024c922d355770ac93549a874f4e322163aa8ceeb0a6d4c3cdf29b95513c4c2678fa24e53c167241bca67bc106bca9c3eac1eff1c5b0ab789c81ba931d60dcd8463f02e8822c2f863bd1d77e3e5c300000400bd000800f300", @ANYRES32=0x0, @ANYBLOB="734a876aa29b0877d493e5227c137e1a990b8b782049218d349441c21f23170613015579f29ee902f9c2388c408b595db629b83e27d874bf6d7ae93f84828698fe30ba5d42734269e07bcceb6b7a47b83245f96d4790d73596a2b559ad7c85278728d8e1a55e9d0a3f312fb9463dc5b1d85846e7289b5988b761fb263925105db3684eaf210ce936eb0e61f2f853357b9b995bd909fc9f8e85a672bbc21d8e04c2dffd97b55818bc913196bf863ecaf09292"], 0x1288}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) syz_genetlink_get_family_id$auto_macsec(0x0, r0) sendfile$auto(r0, r0, &(0x7f0000000340)=0x7, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x9, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r3 = syz_genetlink_get_family_id$auto_ovs_flow(&(0x7f0000000180), 0xffffffffffffffff) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/pcm\x00', 0x88002, 0x0) pread64$auto(r5, 0x0, 0x594c, 0x9fffffffd) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) fdatasync$auto(r2) r8 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/sit0/flags\x00', 0x143262, 0x0) write$auto(r8, &(0x7f00000000c0)='1\x00\xc7k\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00j(=\xd1<\xf9\x96\x10>\xb9\x05\xbe\xc8v\x81-ILplM\x98\x88J\xfd\x17\xc8K\xdd\x89;T@d\xa3_\xfcb8\x7fA\x11\xba\xefL\xe1L\x8aE}\xa7\x05\b\xd7\xe2\xae\xfek\xbbw\x8c\x88\x1emW-\xf5\x94\xdak\x81\xe4\x1e\x1dS\xf2~>\xb1\xc6\xd1\xee\xc8\x19e\xc1w\xf05%\xd76]\x0f\v\x01\xa4(\xec\xd3\xca\a\x15&nv\xc1}\xfcD', 0x81) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000400)={0x14, r6, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x68, 0x0, 0x4000000}, 0x0) sendmsg$auto_NL80211_CMD_GET_SURVEY(0xffffffffffffffff, 0x0, 0x14) sendmsg$auto_OVS_FLOW_CMD_GET(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010029bd700002dcdf25030000000400087918000180140010800c"], 0x30}, 0x1, 0x0, 0x0, 0x200400f0}, 0x800) r9 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r9, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400004, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) r10 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) ioctl$auto_PAGEMAP_SCAN(r10, 0xc0606610, &(0x7f000000c380)={0x60, 0x0, 0x100000, 0x7fffffffefff, 0xfffffffffffffffe, 0x1, 0x8, 0xc00, 0x2c, 0x2c, 0x3, 0x2}) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) 1.136148697s ago: executing program 2 (id=2499): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2b, 0x1, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) r3 = socket(0x10, 0x2, 0xc) sendmsg$auto_TIPC_NL_BEARER_ENABLE(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f0000003740)={&(0x7f0000000000)=ANY=[@ANYBLOB="b1000000", @ANYRES16, @ANYBLOB="01002dbd7000fddbdf25030000000c0001"], 0x20}, 0x1, 0x0, 0x0, 0x41}, 0x40080) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES8=r3, @ANYBLOB="18000000", @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x40000f0) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 1.135354965s ago: executing program 3 (id=2500): openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/default/forwarding\x00', 0x141241, 0x0) mmap$auto(0x0, 0xdf33, 0xe2, 0xeb1, 0x405, 0x8000) socketpair$auto(0x2, 0x7, 0x1, 0x0) close_range$auto(0x2, 0xa, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r1 = ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/net/ip6tnl0/name_assign_type\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0xae60, 0x10000000000402) r2 = socket$nl_generic(0x10, 0x3, 0x10) mkdir$auto(&(0x7f0000000040)='}[,&*}\x00', 0x6) statfs$auto(&(0x7f0000000180)='}[,&*}\x00', 0x0) ioctl$auto(r1, 0x4008ae6a, r2) 894.387308ms ago: executing program 2 (id=2501): openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) socket(0x11, 0x3, 0x9) socket(0xa, 0x2, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x5, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000000)='/proc/cpuinfo\x00', 0x8800, 0x0) socket(0xa, 0x2, 0x0) r0 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x787806, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r0], 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x2000c082) write$auto(r1, &(0x7f0000000000)='-\x00', 0xfdef) 720.35541ms ago: executing program 3 (id=2502): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x2) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) r0 = socket(0x22, 0x2, 0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x129000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r2) fstat$auto(r0, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0x4048aecb, 0x0) mremap$auto(0x0, 0x7, 0x3fd6, 0x3, 0x20000000) 645.989575ms ago: executing program 2 (id=2503): open(&(0x7f0000000000)='X))\x00', 0x145042, 0x1d0) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0xa, 0x2, 0x73) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r1) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="2f212cbd7000fcdbdf253100000008000300", @ANYRES32=r3], 0x48}}, 0x4000000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) 428.233379ms ago: executing program 3 (id=2504): r0 = socket(0x2, 0x2, 0x88) mmap$auto(0x0, 0x400009, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) open(0x0, 0x22240, 0x155) close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) openat$auto_loop_ctl_fops_loop(0xffffffffffffff9c, 0x0, 0x20100, 0x0) socket(0x10, 0x2, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/block/ram10/io-timeout-fail\x00', 0x10b142, 0x0) sendfile$auto(r0, r1, 0x0, 0x1000200) 353.125338ms ago: executing program 2 (id=2505): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getpid() unshare$auto(0x40000080) r0 = openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, &(0x7f0000000500)='/dev/cpu/0/cpuid\x00', 0x88900, 0x0) readv$auto(r0, &(0x7f0000000680)={&(0x7f0000000540), 0x40200}, 0x3) ioctl$auto_SNDCTL_DSP_SPEED(0xffffffffffffffff, 0xc0045002, 0x0) ppoll$auto(&(0x7f0000000240)={0xffffffffffffffff, 0x5, 0x2}, 0x68, 0x0, 0x0, 0x8) ioctl$auto_SNDCTL_DSP_SYNC(0xffffffffffffffff, 0x5001, 0xfffffffffffffffc) mmap$auto(0x0, 0x3, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) r1 = socket(0xa, 0x5, 0x84) bpf$auto(0xfffffffd, &(0x7f0000000000)=@bpf_attr_5={@target_ifindex, 0xffffffffffffffff, 0x4, 0x6, 0xffffffffffffffff, @relative_fd=r1, 0xa}, 0xa3) sendto$auto(r1, 0x0, 0x401, 0xffff, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe8000"}, 0x1c) 193.014044ms ago: executing program 1 (id=2506): r0 = socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x9, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x10000000400008, 0xdf, 0x9b72, r0, 0x999) socket$nl_generic(0x10, 0x3, 0x10) write$auto_fuse_dev_operations_fuse_i(0xffffffffffffffff, &(0x7f0000000440)="11000000", 0x4) ioctl$auto_TCFLSH2(0xffffffffffffffff, 0x540b, 0xfffffffffffffffd) socket(0xf, 0x3, 0x2) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x42a81, 0x0) process_madvise$auto_PIDFD_SELF_THREAD(0xffffffffffffd8f0, &(0x7f0000000140)={&(0x7f00000000c0)="7eb547a3c5d44595598a97dc6e207d60bd1dea57e9f8111c3c02c25aaf735b723e5528db1fc61307e4cfafb8a206708a1f0b986f3b617c334a5915a2dd59176326d627a147628bbc746bb7365f31e8639c746e42ba567825d79067a18e4256", 0x6}, 0x4000000000000000, 0x5, 0x10001) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/bdi/43:288/max_ratio_fine\x00', 0x10b142, 0x0) sendfile$auto(r2, r3, 0x0, 0x1000200) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x5, 0xe983, 0x1, 0xebf, r1, 0x10000008) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, 0x0, 0x111800, 0x0) r4 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) r5 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/net/nr12/power/runtime_suspended_time\x00', 0x313360, 0x0) read$auto(r6, 0x0, 0x20) writev$auto(r5, &(0x7f0000000200)={0x0, 0xfffffffffffffffb}, 0x9) ioctl$auto_CEC_TRANSMIT(0xffffffffffffffff, 0xc0386105, 0x0) sendmsg$auto_NL80211_CMD_SET_PMKSA(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x10c, 0x0, 0x2, 0x70bd2d, 0x25dfdbfd, {}, [@NL80211_ATTR_VIF_RADIO_MASK={0x8, 0x14d, 0x2}, @NL80211_ATTR_TSID={0x5, 0xd2, 0x7}, @NL80211_ATTR_MPATH_NEXT_HOP={0xd2, 0x1a, "cad1c26a85dcf8f337fd87206ea19639b8abe29f4508ac72080d9b28c90d915df0520d4327378158160f3456649a764db1c09d496452d2b98b644ef675bac322acc3af89d17515a74ae544bab6b9ec83a2ee665679cc745151dd0ed75bcdde7fae50c91500e3b0d87fe166ccbb82a49681d3f03d6d34e2bc7e01ada2b8d73903d2bffe2843e1f24d4e0e008060e7668f3d41060399df1dc933498ad1539deb2a423f5a05e370e6fae3913afe06b1b0cc82010d97e190bd43d0e42a5aaa89ec40195ecc588cb857e629c963c98bd4"}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x8}, @NL80211_ATTR_WIPHY_ANTENNA_TX={0x8, 0x69, 0xcb5}, @NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED={0x4}]}, 0x10c}}, 0x44000) keyctl$auto(0x1e, 0xfffffffffffffffc, 0xfffffffffffffffd, 0xfffffffffffffffd, 0x1) ioctl$auto_VHOST_SET_OWNER(r4, 0xaf01, 0x5) ioctl$auto(r4, 0x4008af03, r4) 107.698849ms ago: executing program 0 (id=2507): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/vtconsole/vtcon1/bind\x00', 0x182b02, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) lseek$auto(0x3, 0x2, 0x4) unshare$auto(0x40000080) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, 0x0, 0x2280, 0x0) socket(0x1e, 0x1, 0x0) lsm_set_self_attr$auto(0x11, 0x0, 0x7e, 0x0) openat$auto_cpuid_fops_cpuid(0xffffffffffffff9c, 0x0, 0x101500, 0x0) r1 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/snd/controlC0\x00', 0x80, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000001700)={@inferred, 0xc, 0x3, 0x9, "9d4724b76f4d07faf46cb94d85033d940fdf05ecff75c12163ddeab942ed73d07dadd6f419694d591eca8162"}) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snd/midiC2D2\x00', 0x80980, 0x0) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv6/neigh/bond_slave_1/ucast_solicit\x00', 0x101202, 0x0) sendfile$auto(r0, r2, 0x0, 0x1) 0s ago: executing program 3 (id=2508): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0xc0a00, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) write$auto(0x3, 0x0, 0x100082) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) pread64$auto(r0, 0x0, 0x10fd42, 0x9) r1 = prctl$auto_PR_SET_MM_BRK(0x3, 0x7, 0xffffffffffffffff, 0x9d2, 0x5) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000001480), r2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00'}) msync$auto(0x110c230000, 0x200001, 0x6) sendmsg$auto_ETHTOOL_MSG_CHANNELS_SET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x14, r3, 0x1, 0x70bd2a, 0x25dfdc00}, 0x14}, 0x1, 0x0, 0x0, 0x20008800}, 0x4) sendmsg$auto_MACSEC_CMD_DEL_TXSA(r1, 0x0, 0x90) kernel console output (not intermixed with test programs): 8] ? do_user_addr_fault+0x843/0x1370 [ 467.667966][T19588] do_syscall_64+0xcd/0x490 [ 467.667997][T19588] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.668021][T19588] RIP: 0033:0x7f5fbeb8d550 [ 467.668038][T19588] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 467.668061][T19588] RSP: 002b:00007f5fbf9fbf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 467.668082][T19588] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5fbeb8d550 [ 467.668097][T19588] RDX: 0000000000000002 RSI: 00007f5fbf9fbfa0 RDI: 00000000ffffff9c [ 467.668111][T19588] RBP: 00007f5fbf9fbfa0 R08: 0000000000000000 R09: 0000000000000000 [ 467.668125][T19588] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 467.668139][T19588] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 467.668160][T19588] syzkaller syzkaller login: [ 469.954573][T19626] blktrace: Concurrent blktraces are not allowed on ram7 [ 471.785020][T19719] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 472.862940][T19744] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 473.794735][T19769] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 474.999077][T19813] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 475.013913][T19804] ptp ptp0: only physical clock in use now [ 476.257454][T19838] blktrace: Concurrent blktraces are not allowed on ram7 [ 477.683230][T19875] random: crng reseeded on system resumption [ 478.805019][T19935] FAULT_INJECTION: forcing a failure. [ 478.805019][T19935] name failslab, interval 1, probability 0, space 0, times 0 [ 478.864807][T19935] CPU: 0 UID: 0 PID: 19935 Comm: syz.1.1107 Not tainted syzkaller #0 PREEMPT(full) [ 478.864848][T19935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 478.864867][T19935] Call Trace: [ 478.864876][T19935] [ 478.864887][T19935] dump_stack_lvl+0x16c/0x1f0 [ 478.864930][T19935] should_fail_ex+0x512/0x640 [ 478.864977][T19935] should_failslab+0xc2/0x120 [ 478.865019][T19935] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 478.865056][T19935] ? lock_release+0x201/0x2f0 [ 478.865126][T19935] ? __proc_create+0x2ce/0x8e0 [ 478.865195][T19935] __proc_create+0x2ce/0x8e0 [ 478.865244][T19935] ? __pfx___proc_create+0x10/0x10 [ 478.865291][T19935] ? lock_release+0x201/0x2f0 [ 478.865337][T19935] ? _raw_write_unlock+0x28/0x50 [ 478.865376][T19935] ? proc_register+0x314/0x5f0 [ 478.865425][T19935] _proc_mkdir+0xb9/0x210 [ 478.865474][T19935] ? __pfx__proc_mkdir+0x10/0x10 [ 478.865534][T19935] ? lock_release+0x201/0x2f0 [ 478.865582][T19935] nfs_fs_proc_net_init+0x9b/0x1e0 [ 478.865624][T19935] nfs_net_init+0x130/0x340 [ 478.865664][T19935] ? __pfx_nfs_net_init+0x10/0x10 [ 478.865703][T19935] ops_init+0x1df/0x5f0 [ 478.865747][T19935] setup_net+0x10f/0x380 [ 478.865790][T19935] ? lockdep_init_map_type+0x5c/0x280 [ 478.865837][T19935] ? __pfx_setup_net+0x10/0x10 [ 478.865882][T19935] ? debug_mutex_init+0x37/0x70 [ 478.865915][T19935] copy_net_ns+0x2a6/0x5f0 [ 478.865966][T19935] create_new_namespaces+0x3ea/0xa90 [ 478.866008][T19935] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 478.866047][T19935] ksys_unshare+0x45b/0xa40 [ 478.866091][T19935] ? __pfx_ksys_unshare+0x10/0x10 [ 478.866135][T19935] ? xfd_validate_state+0x61/0x180 [ 478.866189][T19935] __x64_sys_unshare+0x31/0x40 [ 478.866235][T19935] do_syscall_64+0xcd/0x490 [ 478.866280][T19935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.866313][T19935] RIP: 0033:0x7fe6f078ebe9 [ 478.866338][T19935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.866381][T19935] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 478.866411][T19935] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 478.866432][T19935] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 478.866451][T19935] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 478.866470][T19935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 478.866489][T19935] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 478.866525][T19935] [ 479.514821][T19942] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 479.922853][T19953] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 480.774038][T19962] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 480.989115][T19967] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 482.315496][T19992] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 482.842345][T20004] mkiss: ax0: crc mode is auto. [ 483.792815][T20092] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 484.995711][T20137] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 486.541063][T20175] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 488.123527][T20273] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 488.196205][T20276] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 488.847748][T20280] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 490.119132][T20399] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 491.635696][T20455] ubi0: attaching mtd0 [ 491.689682][T20455] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 491.729474][T20463] random: crng reseeded on system resumption [ 493.170424][T20532] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 494.795018][T20555] ptrace attach of ""[20557] was attempted by "./syz-executor exec"[20555] [ 496.951584][T20667] ubi0: attaching mtd0 [ 496.981193][T20667] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 498.130174][T20703] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 498.184602][T20695] FAULT_INJECTION: forcing a failure. [ 498.184602][T20695] name failslab, interval 1, probability 0, space 0, times 0 [ 498.198728][T20695] CPU: 1 UID: 0 PID: 20695 Comm: syz.0.1157 Not tainted syzkaller #0 PREEMPT(full) [ 498.198768][T20695] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 498.198785][T20695] Call Trace: [ 498.198795][T20695] [ 498.198806][T20695] dump_stack_lvl+0x16c/0x1f0 [ 498.198850][T20695] should_fail_ex+0x512/0x640 [ 498.198897][T20695] should_failslab+0xc2/0x120 [ 498.198939][T20695] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 498.198977][T20695] ? lock_release+0x201/0x2f0 [ 498.199017][T20695] ? __proc_create+0x2ce/0x8e0 [ 498.199065][T20695] __proc_create+0x2ce/0x8e0 [ 498.199109][T20695] ? __pfx___proc_create+0x10/0x10 [ 498.199153][T20695] ? lock_release+0x201/0x2f0 [ 498.199204][T20695] ? _raw_write_unlock+0x28/0x50 [ 498.199250][T20695] ? proc_register+0x314/0x5f0 [ 498.199294][T20695] proc_create_reg+0x7d/0x180 [ 498.199339][T20695] proc_create_net_data+0x8e/0x1c0 [ 498.199383][T20695] ? __pfx_proc_create_net_data+0x10/0x10 [ 498.199427][T20695] ? lock_release+0x201/0x2f0 [ 498.199466][T20695] nfs_fs_proc_net_init+0x141/0x1e0 [ 498.199502][T20695] nfs_net_init+0x130/0x340 [ 498.199535][T20695] ? __pfx_nfs_net_init+0x10/0x10 [ 498.199567][T20695] ops_init+0x1df/0x5f0 [ 498.199626][T20695] setup_net+0x10f/0x380 [ 498.199665][T20695] ? lockdep_init_map_type+0x5c/0x280 [ 498.199708][T20695] ? __pfx_setup_net+0x10/0x10 [ 498.199750][T20695] ? debug_mutex_init+0x37/0x70 [ 498.199781][T20695] copy_net_ns+0x2a6/0x5f0 [ 498.199828][T20695] create_new_namespaces+0x3ea/0xa90 [ 498.199865][T20695] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 498.199902][T20695] ksys_unshare+0x45b/0xa40 [ 498.199943][T20695] ? __pfx_ksys_unshare+0x10/0x10 [ 498.199984][T20695] ? xfd_validate_state+0x61/0x180 [ 498.200033][T20695] __x64_sys_unshare+0x31/0x40 [ 498.200072][T20695] do_syscall_64+0xcd/0x490 [ 498.200114][T20695] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 498.200143][T20695] RIP: 0033:0x7fca6798ebe9 [ 498.200166][T20695] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 498.200206][T20695] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 498.200236][T20695] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 498.200256][T20695] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 498.200274][T20695] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 498.200292][T20695] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 498.200308][T20695] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 498.200334][T20695] [ 498.744867][T20733] sd 0:0:1:0: PR command failed: 1026 [ 498.750340][T20733] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 498.785738][T20733] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 501.542153][T20798] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 501.985920][T20823] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 503.016898][T20888] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 504.539895][T20931] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 504.639311][T20936] mkiss: ax0: crc mode is auto. [ 505.615055][T21006] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 506.570987][T21021] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 506.672602][T21026] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 507.024017][T21039] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input15 [ 507.208098][T21056] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input16 [ 509.013694][T21119] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 509.057583][T21113] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 509.656458][T21129] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 510.079483][T21141] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 510.994714][T21146] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 511.223646][T21153] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 512.182725][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 512.189765][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 512.763562][T21173] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 513.346715][T21176] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input18 [ 514.318116][T21275] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 516.543952][T21323] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 518.749086][T21384] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 520.415102][T21392] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 521.930861][T21498] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 524.255870][T21564] ubi0: attaching mtd0 [ 524.260021][T21564] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 524.368397][T21570] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 524.536185][T21572] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 527.154398][T21646] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input19 [ 527.398279][T21648] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 527.787366][T21653] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input20 [ 528.823927][T21706] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 529.801043][T21738] ubi0: attaching mtd0 [ 529.805185][T21738] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 529.822869][T21739] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input21 [ 530.073347][T21744] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input22 [ 531.454096][T21811] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 531.463065][T21827] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 532.526506][T21861] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1247'. [ 533.000183][T21870] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 533.604669][T21887] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1251'. [ 533.613895][T21887] bridge_slave_1: left allmulticast mode [ 533.621538][T21887] bridge_slave_1: left promiscuous mode [ 533.666235][T21887] bridge0: port 2(bridge_slave_1) entered disabled state [ 533.738326][T21887] bridge_slave_0: left allmulticast mode [ 533.818936][T21887] bridge_slave_0: left promiscuous mode [ 533.839191][T21887] bridge0: port 1(bridge_slave_0) entered disabled state [ 534.033989][T21900] ubi0: attaching mtd0 [ 534.057713][T21900] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 534.571897][T21923] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 535.592592][T21942] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 535.874477][T21949] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 538.640045][T22020] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 539.162033][T22034] nbd: socks must be embedded in a SOCK_ITEM attr [ 539.182433][T22034] block nbd0: shutting down sockets [ 539.823743][T22053] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 540.423274][T22067] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 540.441775][T22061] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 541.302835][T22076] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 544.212513][T22160] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 544.361097][T22169] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 545.524448][T22185] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 546.717976][T22232] syz.3.1295 uses obsolete (PF_INET,SOCK_PACKET) [ 546.835150][T22234] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 547.356767][T22238] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 548.315925][T22250] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 550.078471][T22295] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 550.803573][T22302] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 552.163514][T22356] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1308'. [ 552.200349][T22356] netlink: 338 bytes leftover after parsing attributes in process `syz.1.1308'. [ 552.259211][T22358] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1308'. [ 552.285695][T22358] veth0_macvtap: left promiscuous mode [ 552.317076][T22356] netlink: 290 bytes leftover after parsing attributes in process `syz.1.1308'. [ 552.881305][T22371] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 553.743672][T22383] blktrace: Concurrent blktraces are not allowed on ram7 [ 555.372715][T22440] zram: Cannot change disksize for initialized device [ 556.542974][T22481] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 556.741403][T22500] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 558.806885][T22559] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 560.071569][T22595] random: crng reseeded on system resumption [ 560.700017][T22624] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 561.104494][T22601] mkiss: ax0: crc mode is auto. [ 562.478014][T22603] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 563.018333][T22709] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 564.205785][T22744] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 567.382256][T22890] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 567.969102][T22896] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 570.579772][T22965] block nbd9: NBD_DISCONNECT [ 570.591040][T22965] openvswitch: netlink: Tunnel attr 242 out of range max 16 [ 570.848454][T22964] mkiss: ax0: crc mode is auto. [ 571.680930][T23031] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 573.671511][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 573.677811][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 575.474367][T23141] zram: Cannot change disksize for initialized device [ 575.754240][T23070] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 576.322600][T23201] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 576.539003][T23209] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 579.743526][ T31] audit: type=1800 audit(6050568980.510:5): pid=23345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1397" name="dbroot" dev="configfs" ino=41316 res=0 errno=0 [ 580.196434][T23362] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 580.973615][T23377] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 582.934375][T23421] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 585.778140][T23482] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 586.347342][T23527] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 586.537237][T23530] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 587.290302][T23550] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 588.802695][T23580] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 588.848331][T23582] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 591.048646][T23649] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 591.088585][T23632] random: crng reseeded on system resumption [ 592.900865][T23694] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 594.257828][T23756] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 595.613764][T23806] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 596.388159][T23818] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 596.797537][T23837] ima: policy update failed [ 596.812875][ T31] audit: type=1802 audit(6050568997.581:6): pid=23837 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.1455" res=0 errno=0 [ 597.537958][T23858] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 598.650795][T23900] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 599.342691][T23918] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 599.763287][T23919] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 599.787860][T23927] warning: `syz.0.1471' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 600.272504][T23945] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 601.353507][T23971] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 601.887670][T23974] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 604.799304][T24044] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 607.265822][T24109] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 607.730563][T24130] binder: 24129:24130 ioctl c018620c 200000000080 returned -22 [ 608.288188][T24140] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 610.115046][T24202] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 610.476001][T24207] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 611.813234][ T55] smpboot: CPU 1 is now offline [ 612.003959][T24246] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 612.396039][T24268] rnbd_client L213: map_device: Parameters missing [ 613.390087][T24289] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 615.407900][T24344] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 617.625460][T24417] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 618.573055][T24438] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 620.229133][T24480] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 621.862015][T24514] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 623.972229][T24569] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 624.562502][T24590] netlink: 'syz.0.1572': attribute type 1 has an invalid length. [ 624.862584][T24596] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 626.373928][T24647] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 626.460409][T24649] vhci_hcd: invalid port number 23 [ 626.967465][T24664] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 627.574278][T24681] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 628.244411][T24698] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 629.086509][T24716] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 630.190360][T24739] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 630.523555][T24746] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 630.979375][T24756] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 634.223351][T24849] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 635.118276][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 635.127708][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 635.740085][T24897] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 638.163873][T24968] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 639.892731][T25016] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 641.455039][T25077] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 641.661449][T25078] svc: failed to register nfsdv3 RPC service (errno 111). [ 641.708355][T25078] svc: failed to register nfsaclv3 RPC service (errno 111). [ 642.757703][T25111] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 643.021697][T25118] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 643.869854][T25141] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 644.256352][T25148] FAULT_INJECTION: forcing a failure. [ 644.256352][T25148] name failslab, interval 1, probability 0, space 0, times 0 [ 644.321453][T25148] CPU: 0 UID: 0 PID: 25148 Comm: syz.3.1659 Not tainted syzkaller #0 PREEMPT(full) [ 644.321486][T25148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 644.321501][T25148] Call Trace: [ 644.321508][T25148] [ 644.321516][T25148] dump_stack_lvl+0x16c/0x1f0 [ 644.321558][T25148] should_fail_ex+0x512/0x640 [ 644.321596][T25148] ? create_ruleset+0x21/0x140 [ 644.321622][T25148] should_failslab+0xc2/0x120 [ 644.321654][T25148] __kmalloc_noprof+0xd2/0x510 [ 644.321681][T25148] ? __might_fault+0xe3/0x190 [ 644.321708][T25148] ? __might_fault+0x13b/0x190 [ 644.321734][T25148] ? rcu_is_watching+0x12/0xc0 [ 644.321761][T25148] create_ruleset+0x21/0x140 [ 644.321787][T25148] landlock_create_ruleset+0x77/0x230 [ 644.321817][T25148] __do_sys_landlock_create_ruleset+0x255/0x4e0 [ 644.321844][T25148] ? __pfx___do_sys_landlock_create_ruleset+0x10/0x10 [ 644.321878][T25148] do_syscall_64+0xcd/0x490 [ 644.321910][T25148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 644.321939][T25148] RIP: 0033:0x7f5a1118ebe9 [ 644.321956][T25148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 644.321979][T25148] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001bc [ 644.322001][T25148] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 644.322017][T25148] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 0000200000000000 [ 644.322032][T25148] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 644.322046][T25148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 644.322060][T25148] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 644.322083][T25148]         syzkaller syzkaller login: [ 649.808535][T25288] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 650.984100][T25321] FAULT_INJECTION: forcing a failure. [ 650.984100][T25321] name failslab, interval 1, probability 0, space 0, times 0 [ 651.059256][T25321] CPU: 0 UID: 0 PID: 25321 Comm: syz.1.1687 Not tainted syzkaller #0 PREEMPT(full) [ 651.059289][T25321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 651.059303][T25321] Call Trace: [ 651.059310][T25321] [ 651.059318][T25321] dump_stack_lvl+0x16c/0x1f0 [ 651.059354][T25321] should_fail_ex+0x512/0x640 [ 651.059390][T25321] ? sk_prot_alloc+0x1a8/0x2a0 [ 651.059426][T25321] should_failslab+0xc2/0x120 [ 651.059458][T25321] __kmalloc_noprof+0xd2/0x510 [ 651.059488][T25321] sk_prot_alloc+0x1a8/0x2a0 [ 651.059524][T25321] sk_alloc+0x36/0xc20 [ 651.059551][T25321] alg_create+0x9e/0x150 [ 651.059580][T25321] __sock_create+0x338/0x8d0 [ 651.059603][T25321] __sys_socket+0x14d/0x260 [ 651.059638][T25321] ? __pfx___sys_socket+0x10/0x10 [ 651.059660][T25321] ? xfd_validate_state+0x61/0x180 [ 651.059699][T25321] __x64_sys_socket+0x72/0xb0 [ 651.059721][T25321] do_syscall_64+0xcd/0x490 [ 651.059752][T25321] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.059776][T25321] RIP: 0033:0x7fe6f078ebe9 [ 651.059793][T25321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.059815][T25321] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 651.059837][T25321] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 651.059871][T25321] RDX: 0000000000000000 RSI: 0000000000080805 RDI: 0000000000000026 [ 651.059885][T25321] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 651.059899][T25321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.059913][T25321] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 651.059936][T25321] [ 652.565239][T25372] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 653.093477][T25383] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 653.906630][T25397] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 655.875372][T25462] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 656.551824][T25482] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 658.649898][T25533] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 659.088194][T25545] FAULT_INJECTION: forcing a failure. [ 659.088194][T25545] name failslab, interval 1, probability 0, space 0, times 0 [ 659.154918][T25545] CPU: 0 UID: 0 PID: 25545 Comm: syz.1.1723 Not tainted syzkaller #0 PREEMPT(full) [ 659.154952][T25545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 659.154966][T25545] Call Trace: [ 659.154974][T25545] [ 659.154982][T25545] dump_stack_lvl+0x16c/0x1f0 [ 659.155017][T25545] should_fail_ex+0x512/0x640 [ 659.155054][T25545] should_failslab+0xc2/0x120 [ 659.155087][T25545] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 659.155117][T25545] ? key_alloc+0x3e0/0x1330 [ 659.155149][T25545] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 659.155190][T25545] key_alloc+0x3e0/0x1330 [ 659.155225][T25545] ? rcu_is_watching+0x12/0xc0 [ 659.155248][T25545] ? __pfx_key_alloc+0x10/0x10 [ 659.155278][T25545] ? __kmalloc_noprof+0x242/0x510 [ 659.155309][T25545] keyring_alloc+0x44/0xc0 [ 659.155345][T25545] install_thread_keyring_to_cred+0xc1/0x140 [ 659.155376][T25545] keyctl_set_reqkey_keyring+0xcf/0x1c0 [ 659.155403][T25545] __do_sys_keyctl+0x6d/0x590 [ 659.155430][T25545] do_syscall_64+0xcd/0x490 [ 659.155463][T25545] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.155487][T25545] RIP: 0033:0x7fe6f078ebe9 [ 659.155505][T25545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.155528][T25545] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 659.155550][T25545] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 659.155567][T25545] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000000e [ 659.155583][T25545] RBP: 00007fe6f0811e19 R08: 0000000000000008 R09: 0000000000000000 [ 659.155600][T25545] R10: 0000000000005eaf R11: 0000000000000246 R12: 0000000000000000 [ 659.155614][T25545] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 659.155646][T25545] [ 659.779031][T25550] capability: warning: `syz.0.1733' uses 32-bit capabilities (legacy support in use) [ 660.007101][T25553] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 661.479071][T25602] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 662.108396][T25628] ubi0: attaching mtd0 [ 662.138053][T25628] ubi0: scanning is finished [ 662.180212][T25628] ubi0: empty MTD device detected [ 662.445840][T25628] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 662.488623][T25628] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 662.535776][T25628] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 662.585795][T25628] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 662.625517][T25628] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 662.672438][T25628] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 662.720033][T25628] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3682377409 [ 662.779418][T25628] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 662.884513][T25636] ubi0: background thread "ubi_bgt0d" started, PID 25636 [ 662.977007][T25639] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 663.536793][T25663] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 666.615348][T25773] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 667.666225][T25803] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 669.467287][T25831] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 669.975885][T25836] program syz.1.1774 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 670.478998][T25850] FAULT_INJECTION: forcing a failure. [ 670.478998][T25850] name failslab, interval 1, probability 0, space 0, times 0 [ 670.589844][T25850] CPU: 0 UID: 0 PID: 25850 Comm: syz.3.1767 Not tainted syzkaller #0 PREEMPT(full) [ 670.589877][T25850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 670.589891][T25850] Call Trace: [ 670.589898][T25850] [ 670.589907][T25850] dump_stack_lvl+0x16c/0x1f0 [ 670.589941][T25850] should_fail_ex+0x512/0x640 [ 670.589978][T25850] should_failslab+0xc2/0x120 [ 670.590011][T25850] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 670.590039][T25850] ? __pfx___might_resched+0x10/0x10 [ 670.590063][T25850] ? __anon_vma_prepare+0xae/0x5e0 [ 670.590091][T25850] __anon_vma_prepare+0xae/0x5e0 [ 670.590116][T25850] ? __filemap_get_folio+0x32b/0xc30 [ 670.590150][T25850] __vmf_anon_prepare+0x11c/0x240 [ 670.590187][T25850] hugetlb_fault+0x1ba4/0x2f40 [ 670.590212][T25850] ? __pfx_hugetlb_fault+0x10/0x10 [ 670.590247][T25850] ? find_vma+0xbf/0x140 [ 670.590278][T25850] ? __pfx_find_vma+0x10/0x10 [ 670.590312][T25850] handle_mm_fault+0xbfa/0xd10 [ 670.590336][T25850] ? __bpf_trace_exceptions+0x1/0x40 [ 670.590374][T25850] do_user_addr_fault+0x7a6/0x1370 [ 670.590414][T25850] ? rcu_is_watching+0x12/0xc0 [ 670.590440][T25850] exc_page_fault+0x5c/0xb0 [ 670.590468][T25850] asm_exc_page_fault+0x26/0x30 [ 670.590504][T25850] RIP: 0010:rep_movs_alternative+0x11/0x90 [ 670.590527][T25850] Code: e9 14 1f 04 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 66 2e 0f [ 670.590549][T25850] RSP: 0018:ffffc90003587db0 EFLAGS: 00050206 [ 670.590567][T25850] RAX: 000000000000002f RBX: 0000000000000005 RCX: 0000000000000005 [ 670.590581][T25850] RDX: ffffed100f03e640 RSI: ffff8880781f31fb RDI: 0000000000000000 [ 670.590596][T25850] RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed100f03e63f [ 670.590610][T25850] R10: ffff8880781f31ff R11: 0000000000000001 R12: ffff8880781f31fb [ 670.590624][T25850] R13: 0000000000000005 R14: 00007ffffffff000 R15: 0000000000000000 [ 670.590645][T25850] _copy_to_user+0xbb/0xd0 [ 670.590666][T25850] __do_sys_getcwd+0x483/0x930 [ 670.590702][T25850] ? __pfx___do_sys_getcwd+0x10/0x10 [ 670.590735][T25850] ? xfd_validate_state+0x61/0x180 [ 670.590768][T25850] ? __pfx_ksys_write+0x10/0x10 [ 670.590798][T25850] do_syscall_64+0xcd/0x490 [ 670.590847][T25850] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 670.590871][T25850] RIP: 0033:0x7f5a1118ebe9 [ 670.590888][T25850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 670.590914][T25850] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 000000000000004f [ 670.590936][T25850] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 670.590951][T25850] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000000 [ 670.590966][T25850] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 670.590980][T25850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 670.590994][T25850] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 670.591016][T25850] [ 670.921700][T25864] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 672.027704][T25889] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 672.546733][T25901] ima: policy update failed [ 672.626255][T25901] FAULT_INJECTION: forcing a failure. [ 672.626255][T25901] name failslab, interval 1, probability 0, space 0, times 0 [ 672.641761][ T31] audit: type=1802 audit(4294967342.039:7): pid=25901 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1779" res=0 errno=0 [ 672.739928][T25901] CPU: 0 UID: 0 PID: 25901 Comm: syz.3.1779 Not tainted syzkaller #0 PREEMPT(full) [ 672.739961][T25901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 672.739976][T25901] Call Trace: [ 672.739983][T25901] [ 672.739992][T25901] dump_stack_lvl+0x16c/0x1f0 [ 672.740025][T25901] should_fail_ex+0x512/0x640 [ 672.740062][T25901] ? tomoyo_encode2+0x100/0x3e0 [ 672.740095][T25901] should_failslab+0xc2/0x120 [ 672.740126][T25901] __kmalloc_noprof+0xd2/0x510 [ 672.740153][T25901] ? d_absolute_path+0x136/0x1a0 [ 672.740188][T25901] tomoyo_encode2+0x100/0x3e0 [ 672.740222][T25901] tomoyo_encode+0x29/0x50 [ 672.740254][T25901] tomoyo_realpath_from_path+0x18f/0x6e0 [ 672.740292][T25901] tomoyo_path_number_perm+0x245/0x580 [ 672.740320][T25901] ? tomoyo_path_number_perm+0x237/0x580 [ 672.740349][T25901] ? lock_release+0x160/0x2f0 [ 672.740379][T25901] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 672.740421][T25901] ? do_raw_spin_unlock+0x172/0x230 [ 672.740458][T25901] ? _raw_spin_unlock+0x28/0x50 [ 672.740482][T25901] ? current_check_access_path+0x33c/0x460 [ 672.740517][T25901] ? __pfx_current_check_access_path+0x10/0x10 [ 672.740552][T25901] ? simple_lookup+0x105/0x1d0 [ 672.740578][T25901] tomoyo_path_mknod+0x10c/0x190 [ 672.740600][T25901] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 672.740622][T25901] ? rcu_is_watching+0x12/0xc0 [ 672.740645][T25901] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 672.740682][T25901] security_path_mknod+0x161/0x310 [ 672.740712][T25901] do_mknodat+0x239/0x5d0 [ 672.740738][T25901] ? __pfx_do_mknodat+0x10/0x10 [ 672.740762][T25901] ? getname_flags.part.0+0x1c5/0x550 [ 672.740801][T25901] __x64_sys_mknod+0x87/0xb0 [ 672.740835][T25901] do_syscall_64+0xcd/0x490 [ 672.740869][T25901] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 672.740893][T25901] RIP: 0033:0x7f5a1118ebe9 [ 672.740910][T25901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 672.740934][T25901] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 672.740955][T25901] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 672.740976][T25901] RDX: 0000000000000809 RSI: 000000000000000a RDI: 0000200000000200 [ 672.740991][T25901] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 672.741005][T25901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 672.741019][T25901] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 672.741041][T25901] [ 673.260646][T25901] ERROR: Out of memory at tomoyo_realpath_from_path. [ 673.401646][T25903] sd 0:0:1:0: PR command failed: 1026 [ 673.409860][T25903] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 673.425790][T25903] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 674.389586][T25952] program syz.0.1787 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 674.990433][T25964] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 675.749447][T26004] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 678.500989][T26117] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 678.743348][T26132] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 680.009276][T26161] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 680.730124][T26177] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 681.102083][T26187] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 682.248800][T26234] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 682.260168][T26218] zswap: compressor 000 not available [ 682.402621][T26245] __vm_enough_memory: pid: 26245, comm: syz.3.1830, bytes: 4398046511104 not enough memory for the allocation [ 683.768682][T26285] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 684.342468][T26304] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 687.109336][T26381] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 688.086325][T26414] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 688.222798][T26422] FAULT_INJECTION: forcing a failure. [ 688.222798][T26422] name failslab, interval 1, probability 0, space 0, times 0 [ 688.292395][T26422] CPU: 0 UID: 0 PID: 26422 Comm: syz.0.1862 Not tainted syzkaller #0 PREEMPT(full) [ 688.292429][T26422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 688.292444][T26422] Call Trace: [ 688.292451][T26422] [ 688.292459][T26422] dump_stack_lvl+0x16c/0x1f0 [ 688.292494][T26422] should_fail_ex+0x512/0x640 [ 688.292532][T26422] ? tomoyo_encode2+0x100/0x3e0 [ 688.292566][T26422] should_failslab+0xc2/0x120 [ 688.292599][T26422] __kmalloc_noprof+0xd2/0x510 [ 688.292626][T26422] ? d_absolute_path+0x136/0x1a0 [ 688.292664][T26422] tomoyo_encode2+0x100/0x3e0 [ 688.292700][T26422] tomoyo_encode+0x29/0x50 [ 688.292733][T26422] tomoyo_realpath_from_path+0x18f/0x6e0 [ 688.292793][T26422] tomoyo_check_open_permission+0x2ab/0x3c0 [ 688.292824][T26422] ? init_file+0x93/0x4c0 [ 688.292858][T26422] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 688.292889][T26422] ? do_sys_openat2+0x11b/0x1d0 [ 688.292933][T26422] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.292962][T26422] ? rcu_is_watching+0x12/0xc0 [ 688.292996][T26422] ? do_raw_spin_lock+0x12c/0x2b0 [ 688.293034][T26422] ? path_get+0x61/0x80 [ 688.293066][T26422] ? rcu_is_watching+0x12/0xc0 [ 688.293091][T26422] tomoyo_file_open+0x6b/0x90 [ 688.293114][T26422] security_file_open+0x84/0x1e0 [ 688.293148][T26422] do_dentry_open+0x596/0x1530 [ 688.293181][T26422] vfs_open+0x82/0x3f0 [ 688.293218][T26422] path_openat+0x1de4/0x2cb0 [ 688.293250][T26422] ? __pfx_path_openat+0x10/0x10 [ 688.293282][T26422] do_filp_open+0x20b/0x470 [ 688.293310][T26422] ? __pfx_do_filp_open+0x10/0x10 [ 688.293364][T26422] ? alloc_fd+0x471/0x7d0 [ 688.293392][T26422] do_sys_openat2+0x11b/0x1d0 [ 688.293428][T26422] ? __pfx_do_sys_openat2+0x10/0x10 [ 688.293470][T26422] __x64_sys_openat+0x174/0x210 [ 688.293508][T26422] ? __pfx___x64_sys_openat+0x10/0x10 [ 688.293551][T26422] do_syscall_64+0xcd/0x490 [ 688.293582][T26422] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 688.293605][T26422] RIP: 0033:0x7fca6798ebe9 [ 688.293622][T26422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 688.293646][T26422] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 688.293668][T26422] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 688.293684][T26422] RDX: 0000000000000400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 688.293699][T26422] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 688.293715][T26422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 688.293729][T26422] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 688.293752][T26422] [ 688.293768][T26422] ERROR: Out of memory at tomoyo_realpath_from_path. [ 689.621426][T26487] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 690.161373][T26502] zswap: compressor not available [ 690.271679][T26512] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 690.601446][T26516] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 690.648720][T26525] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input24 [ 690.806472][T26543] FAULT_INJECTION: forcing a failure. [ 690.806472][T26543] name failslab, interval 1, probability 0, space 0, times 0 [ 690.880885][T26543] CPU: 0 UID: 0 PID: 26543 Comm: syz.0.1873 Not tainted syzkaller #0 PREEMPT(full) [ 690.880917][T26543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 690.880932][T26543] Call Trace: [ 690.880939][T26543] [ 690.880947][T26543] dump_stack_lvl+0x16c/0x1f0 [ 690.880980][T26543] should_fail_ex+0x512/0x640 [ 690.881016][T26543] should_failslab+0xc2/0x120 [ 690.881048][T26543] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 690.881074][T26543] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 690.881111][T26543] ? __pmd_alloc+0xbf/0x930 [ 690.881147][T26543] __pmd_alloc+0xbf/0x930 [ 690.881182][T26543] walk_pgd_range+0x88b/0x1f50 [ 690.881212][T26543] ? lock_release+0x201/0x2f0 [ 690.881241][T26543] ? __pfx_guard_install_set_pte+0x10/0x10 [ 690.881272][T26543] ? mt_find+0x3ef/0xa30 [ 690.881302][T26543] ? __pfx_guard_install_set_pte+0x10/0x10 [ 690.881333][T26543] ? __pfx_guard_install_set_pte+0x10/0x10 [ 690.881364][T26543] ? __pfx_walk_pgd_range+0x10/0x10 [ 690.881395][T26543] __walk_page_range+0x163/0x820 [ 690.881425][T26543] ? find_vma+0xbf/0x140 [ 690.881454][T26543] ? __pfx_find_vma+0x10/0x10 [ 690.881484][T26543] ? rcu_is_watching+0x12/0xc0 [ 690.881506][T26543] ? walk_page_test+0x9b/0x180 [ 690.881533][T26543] walk_page_range_mm+0x461/0xb40 [ 690.881564][T26543] ? __pfx_walk_page_range_mm+0x10/0x10 [ 690.881596][T26543] ? __anon_vma_prepare+0x2e2/0x5e0 [ 690.881621][T26543] madvise_vma_behavior+0xa62/0x2d60 [ 690.881656][T26543] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 690.881684][T26543] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 690.881719][T26543] ? __pfx_mas_prev+0x10/0x10 [ 690.881757][T26543] ? find_vma_prev+0xda/0x160 [ 690.881792][T26543] ? __pfx_find_vma_prev+0x10/0x10 [ 690.881826][T26543] ? lock_release+0x201/0x2f0 [ 690.881859][T26543] ? __futex_wait+0x24c/0x2f0 [ 690.881897][T26543] madvise_walk_vmas+0x31f/0x9c0 [ 690.881933][T26543] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 690.881976][T26543] madvise_do_behavior+0x1e2/0x530 [ 690.882028][T26543] ? futex_private_hash_put+0x11c/0x300 [ 690.882056][T26543] ? __pfx_madvise_do_behavior+0x10/0x10 [ 690.882093][T26543] ? down_read+0x13d/0x480 [ 690.882134][T26543] do_madvise+0x176/0x240 [ 690.882168][T26543] ? __pfx_do_madvise+0x10/0x10 [ 690.882202][T26543] ? do_futex+0x122/0x350 [ 690.882240][T26543] ? xfd_validate_state+0x61/0x180 [ 690.882276][T26543] ? __pfx_ksys_write+0x10/0x10 [ 690.882307][T26543] __x64_sys_madvise+0xa9/0x110 [ 690.882342][T26543] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 690.882380][T26543] do_syscall_64+0xcd/0x490 [ 690.882413][T26543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 690.882438][T26543] RIP: 0033:0x7fca6798ebe9 [ 690.882455][T26543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 690.882480][T26543] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 690.882502][T26543] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 690.882519][T26543] RDX: 0000000000000066 RSI: 0000000002021000 RDI: 0000000000000000 [ 690.882534][T26543] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 690.882549][T26543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.882564][T26543] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 690.882587][T26543] [ 693.584125][T26610] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 695.681873][T26663] Invalid ELF header magic: != ELF [ 696.051968][T26673] FAULT_INJECTION: forcing a failure. [ 696.051968][T26673] name failslab, interval 1, probability 0, space 0, times 0 [ 696.108963][T26673] CPU: 0 UID: 0 PID: 26673 Comm: syz.3.1893 Not tainted syzkaller #0 PREEMPT(full) [ 696.108995][T26673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 696.109010][T26673] Call Trace: [ 696.109017][T26673] [ 696.109025][T26673] dump_stack_lvl+0x16c/0x1f0 [ 696.109059][T26673] should_fail_ex+0x512/0x640 [ 696.109095][T26673] should_failslab+0xc2/0x120 [ 696.109128][T26673] __kmalloc_cache_noprof+0x6a/0x3e0 [ 696.109152][T26673] ? debug_mutex_init+0x37/0x70 [ 696.109174][T26673] ? single_open+0x4d/0x1f0 [ 696.109210][T26673] ? __pfx_blk_mq_debugfs_show+0x10/0x10 [ 696.109236][T26673] single_open+0x4d/0x1f0 [ 696.109271][T26673] blk_mq_debugfs_open+0xde/0x1b0 [ 696.109299][T26673] ? __pfx_blk_mq_debugfs_open+0x10/0x10 [ 696.109325][T26673] full_proxy_open_regular+0x1b9/0x360 [ 696.109349][T26673] do_dentry_open+0x97f/0x1530 [ 696.109378][T26673] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 696.109404][T26673] vfs_open+0x82/0x3f0 [ 696.109440][T26673] path_openat+0x1de4/0x2cb0 [ 696.109482][T26673] ? __pfx_path_openat+0x10/0x10 [ 696.109512][T26673] do_filp_open+0x20b/0x470 [ 696.109539][T26673] ? __pfx_do_filp_open+0x10/0x10 [ 696.109581][T26673] ? alloc_fd+0x471/0x7d0 [ 696.109608][T26673] do_sys_openat2+0x11b/0x1d0 [ 696.109644][T26673] ? __pfx_do_sys_openat2+0x10/0x10 [ 696.109686][T26673] __x64_sys_openat+0x174/0x210 [ 696.109723][T26673] ? __pfx___x64_sys_openat+0x10/0x10 [ 696.109766][T26673] do_syscall_64+0xcd/0x490 [ 696.109798][T26673] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 696.109821][T26673] RIP: 0033:0x7f5a1118ebe9 [ 696.109839][T26673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 696.109861][T26673] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 696.109884][T26673] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 696.109900][T26673] RDX: 0000000000000002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 696.109914][T26673] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 696.109929][T26673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 696.109942][T26673] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 696.109964][T26673] [ 696.676117][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 696.682509][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 696.691630][T26674] nvme_fabrics: missing parameter 'transport=%s' [ 696.745728][T26674] nvme_fabrics: missing parameter 'nqn=%s' [ 696.961238][T26671] nvme_fabrics: missing parameter 'transport=%s' [ 696.988315][T26671] nvme_fabrics: missing parameter 'nqn=%s' [ 697.255055][T26693] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1896'. [ 697.290518][T26693] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1896'. [ 697.517581][T26696] netlink: 330 bytes leftover after parsing attributes in process `syz.2.1897'. [ 697.764515][T26701] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 698.625280][ T31] audit: type=1326 audit(4294967368.039:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26727 comm="syz.1.1901" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe6f078ebe9 code=0x0 [ 700.390165][T26739] kexec: Could not allocate control_code_buffer [ 701.677965][T26845] ubi: mtd0 is already attached to ubi0 [ 701.717076][T26845] ubi0: detaching mtd0 [ 701.770247][T26845] ubi0: mtd0 is detached [ 703.206273][T26887] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 704.079276][T26918] nvme_fcloop: unknown parameter or missing value '7' [ 704.475829][T26924] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 704.593592][T26935] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 705.152202][T26943] FAULT_INJECTION: forcing a failure. [ 705.152202][T26943] name failslab, interval 1, probability 0, space 0, times 0 [ 705.290626][T26943] CPU: 0 UID: 0 PID: 26943 Comm: syz.1.1933 Not tainted syzkaller #0 PREEMPT(full) [ 705.290660][T26943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 705.290676][T26943] Call Trace: [ 705.290683][T26943] [ 705.290692][T26943] dump_stack_lvl+0x16c/0x1f0 [ 705.290727][T26943] should_fail_ex+0x512/0x640 [ 705.290765][T26943] should_failslab+0xc2/0x120 [ 705.290798][T26943] __kmalloc_cache_noprof+0x6a/0x3e0 [ 705.290822][T26943] ? lockdep_init_map_type+0x5c/0x280 [ 705.290856][T26943] ? userio_char_open+0xdb/0x210 [ 705.290885][T26943] ? __init_waitqueue_head+0xca/0x150 [ 705.290925][T26943] ? __pfx_userio_char_open+0x10/0x10 [ 705.290961][T26943] userio_char_open+0xdb/0x210 [ 705.290990][T26943] ? __pfx_userio_char_open+0x10/0x10 [ 705.291019][T26943] misc_open+0x35a/0x420 [ 705.291044][T26943] ? __pfx_misc_open+0x10/0x10 [ 705.291069][T26943] chrdev_open+0x231/0x6a0 [ 705.291099][T26943] ? __pfx_apparmor_file_open+0x10/0x10 [ 705.291126][T26943] ? __pfx_chrdev_open+0x10/0x10 [ 705.291160][T26943] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 705.291191][T26943] do_dentry_open+0x97f/0x1530 [ 705.291221][T26943] ? __pfx_chrdev_open+0x10/0x10 [ 705.291255][T26943] vfs_open+0x82/0x3f0 [ 705.291291][T26943] path_openat+0x1de4/0x2cb0 [ 705.291330][T26943] ? __pfx_path_openat+0x10/0x10 [ 705.291362][T26943] do_filp_open+0x20b/0x470 [ 705.291390][T26943] ? __pfx_do_filp_open+0x10/0x10 [ 705.291428][T26943] ? alloc_fd+0x471/0x7d0 [ 705.291460][T26943] do_sys_openat2+0x11b/0x1d0 [ 705.291497][T26943] ? __pfx_do_sys_openat2+0x10/0x10 [ 705.291540][T26943] __x64_sys_openat+0x174/0x210 [ 705.291579][T26943] ? __pfx___x64_sys_openat+0x10/0x10 [ 705.291623][T26943] do_syscall_64+0xcd/0x490 [ 705.291656][T26943] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 705.291681][T26943] RIP: 0033:0x7fe6f078ebe9 [ 705.291699][T26943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 705.291724][T26943] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 705.291747][T26943] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 705.291783][T26943] RDX: 0000000000002000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 705.291799][T26943] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 705.291815][T26943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 705.291830][T26943] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 705.291853][T26943] [ 706.543549][ T5874] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 707.149249][T26985] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 707.449692][T26988] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 707.811333][T27006] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 708.696862][T27044] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 708.920241][T27047] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 710.241549][T27079] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 710.599115][T27098] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 711.698620][T27138] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1955'. [ 712.246560][T27152] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 712.490675][T27162] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 713.744814][T27184] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 714.414797][T27201] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 715.338687][T27224] FAULT_INJECTION: forcing a failure. [ 715.338687][T27224] name failslab, interval 1, probability 0, space 0, times 0 [ 715.406602][T27224] CPU: 0 UID: 0 PID: 27224 Comm: syz.1.1968 Not tainted syzkaller #0 PREEMPT(full) [ 715.406636][T27224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 715.406650][T27224] Call Trace: [ 715.406658][T27224] [ 715.406665][T27224] dump_stack_lvl+0x16c/0x1f0 [ 715.406701][T27224] should_fail_ex+0x512/0x640 [ 715.406738][T27224] should_failslab+0xc2/0x120 [ 715.406771][T27224] __kvmalloc_node_noprof+0x137/0x620 [ 715.406798][T27224] ? io_alloc_cache_init+0x33/0x170 [ 715.406840][T27224] ? io_alloc_cache_init+0x33/0x170 [ 715.406874][T27224] io_alloc_cache_init+0x33/0x170 [ 715.406909][T27224] io_uring_setup+0x63b/0x2080 [ 715.406941][T27224] ? __pfx_io_uring_setup+0x10/0x10 [ 715.406970][T27224] ? do_futex+0x122/0x350 [ 715.407000][T27224] ? __pfx_do_futex+0x10/0x10 [ 715.407036][T27224] ? xfd_validate_state+0x61/0x180 [ 715.407071][T27224] ? __pfx___x64_sys_pwrite64+0x10/0x10 [ 715.407103][T27224] __x64_sys_io_uring_setup+0xc2/0x170 [ 715.407135][T27224] do_syscall_64+0xcd/0x490 [ 715.407167][T27224] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 715.407190][T27224] RIP: 0033:0x7fe6f078ebe9 [ 715.407208][T27224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 715.407231][T27224] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 715.407253][T27224] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 715.407269][T27224] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000406 [ 715.407283][T27224] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 715.407297][T27224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 715.407311][T27224] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 715.407351][T27224] [ 716.083621][T27234] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 719.186869][T27310] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 719.769666][T27320] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 719.852553][T27314] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 722.601844][T27406] FAULT_INJECTION: forcing a failure. [ 722.601844][T27406] name failslab, interval 1, probability 0, space 0, times 0 [ 722.686497][T27406] CPU: 0 UID: 0 PID: 27406 Comm: syz.0.1995 Not tainted syzkaller #0 PREEMPT(full) [ 722.686529][T27406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 722.686544][T27406] Call Trace: [ 722.686551][T27406] [ 722.686559][T27406] dump_stack_lvl+0x16c/0x1f0 [ 722.686593][T27406] should_fail_ex+0x512/0x640 [ 722.686634][T27406] should_failslab+0xc2/0x120 [ 722.686666][T27406] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 722.686695][T27406] ? seq_open+0x55/0x170 [ 722.686730][T27406] seq_open+0x55/0x170 [ 722.686764][T27406] ftrace_event_set_npid_open+0x13a/0x270 [ 722.686801][T27406] do_dentry_open+0x97f/0x1530 [ 722.686830][T27406] ? __pfx_ftrace_event_set_npid_open+0x10/0x10 [ 722.686887][T27406] vfs_open+0x82/0x3f0 [ 722.686924][T27406] path_openat+0x1de4/0x2cb0 [ 722.686956][T27406] ? __pfx_path_openat+0x10/0x10 [ 722.686988][T27406] do_filp_open+0x20b/0x470 [ 722.687016][T27406] ? __pfx_do_filp_open+0x10/0x10 [ 722.687055][T27406] ? alloc_fd+0x471/0x7d0 [ 722.687083][T27406] do_sys_openat2+0x11b/0x1d0 [ 722.687120][T27406] ? __pfx_do_sys_openat2+0x10/0x10 [ 722.687164][T27406] __x64_sys_openat+0x174/0x210 [ 722.687207][T27406] ? __pfx___x64_sys_openat+0x10/0x10 [ 722.687252][T27406] do_syscall_64+0xcd/0x490 [ 722.687286][T27406] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.687310][T27406] RIP: 0033:0x7fca6798ebe9 [ 722.687328][T27406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 722.687352][T27406] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 722.687375][T27406] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 722.687392][T27406] RDX: 0000000000080400 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 722.687407][T27406] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 722.687422][T27406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 722.687437][T27406] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 722.687459][T27406] [ 722.915984][T27413] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 723.097198][T27417] FAULT_INJECTION: forcing a failure. [ 723.097198][T27417] name failslab, interval 1, probability 0, space 0, times 0 [ 723.111389][T27417] CPU: 0 UID: 0 PID: 27417 Comm: syz.0.1997 Not tainted syzkaller #0 PREEMPT(full) [ 723.111421][T27417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 723.111436][T27417] Call Trace: [ 723.111443][T27417] [ 723.111452][T27417] dump_stack_lvl+0x16c/0x1f0 [ 723.111486][T27417] should_fail_ex+0x512/0x640 [ 723.111524][T27417] should_failslab+0xc2/0x120 [ 723.111557][T27417] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 723.111591][T27417] ? chrdev_open+0x231/0x6a0 [ 723.111621][T27417] ? do_dentry_open+0x97f/0x1530 [ 723.111650][T27417] ? vfs_open+0x82/0x3f0 [ 723.111683][T27417] ? kasprintf+0xc7/0x100 [ 723.111707][T27417] kvasprintf+0xbc/0x160 [ 723.111729][T27417] ? __pfx_kvasprintf+0x10/0x10 [ 723.111757][T27417] kasprintf+0xc7/0x100 [ 723.111778][T27417] ? __pfx_kasprintf+0x10/0x10 [ 723.111803][T27417] ? aa_get_newest_label+0xd2/0x250 [ 723.111829][T27417] ? lockdep_init_map_type+0x5c/0x280 [ 723.111878][T27417] drm_debugfs_clients_add+0x48/0x200 [ 723.111916][T27417] drm_file_alloc+0x5c6/0xb40 [ 723.111942][T27417] drm_open_helper+0x204/0x550 [ 723.111968][T27417] drm_open+0x1a0/0x3e0 [ 723.111988][T27417] ? __pfx_drm_open+0x10/0x10 [ 723.112009][T27417] drm_stub_open+0x20f/0x380 [ 723.112030][T27417] ? __pfx_drm_stub_open+0x10/0x10 [ 723.112052][T27417] chrdev_open+0x231/0x6a0 [ 723.112080][T27417] ? __pfx_apparmor_file_open+0x10/0x10 [ 723.112105][T27417] ? __pfx_chrdev_open+0x10/0x10 [ 723.112135][T27417] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 723.112164][T27417] do_dentry_open+0x97f/0x1530 [ 723.112192][T27417] ? __pfx_chrdev_open+0x10/0x10 [ 723.112224][T27417] vfs_open+0x82/0x3f0 [ 723.112259][T27417] path_openat+0x1de4/0x2cb0 [ 723.112290][T27417] ? __pfx_path_openat+0x10/0x10 [ 723.112320][T27417] do_filp_open+0x20b/0x470 [ 723.112346][T27417] ? __pfx_do_filp_open+0x10/0x10 [ 723.112383][T27417] ? alloc_fd+0x471/0x7d0 [ 723.112410][T27417] do_sys_openat2+0x11b/0x1d0 [ 723.112445][T27417] ? __pfx_do_sys_openat2+0x10/0x10 [ 723.112486][T27417] __x64_sys_openat+0x174/0x210 [ 723.112522][T27417] ? __pfx___x64_sys_openat+0x10/0x10 [ 723.112564][T27417] do_syscall_64+0xcd/0x490 [ 723.112595][T27417] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 723.112619][T27417] RIP: 0033:0x7fca6798ebe9 [ 723.112636][T27417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 723.112660][T27417] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 723.112682][T27417] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 723.112697][T27417] RDX: 0000000000129800 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 723.112712][T27417] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 723.112727][T27417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 723.112741][T27417] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 723.112763][T27417] [ 724.157890][T27438] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 724.311774][T27442] netlink: 'syz.2.2002': attribute type 19 has an invalid length. [ 724.359214][T27442] netlink: 334 bytes leftover after parsing attributes in process `syz.2.2002'. [ 724.790758][T27454] FAULT_INJECTION: forcing a failure. [ 724.790758][T27454] name failslab, interval 1, probability 0, space 0, times 0 [ 724.879763][T27454] CPU: 0 UID: 0 PID: 27454 Comm: syz.3.2004 Not tainted syzkaller #0 PREEMPT(full) [ 724.879804][T27454] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 724.879820][T27454] Call Trace: [ 724.879827][T27454] [ 724.879836][T27454] dump_stack_lvl+0x16c/0x1f0 [ 724.879871][T27454] should_fail_ex+0x512/0x640 [ 724.879909][T27454] should_failslab+0xc2/0x120 [ 724.879943][T27454] __kmalloc_cache_noprof+0x6a/0x3e0 [ 724.879968][T27454] ? __v4l2_subdev_state_alloc+0x53/0x400 [ 724.879996][T27454] __v4l2_subdev_state_alloc+0x53/0x400 [ 724.880022][T27454] subdev_open+0xa6/0x560 [ 724.880045][T27454] v4l2_open+0x225/0x490 [ 724.880074][T27454] ? __pfx_v4l2_open+0x10/0x10 [ 724.880102][T27454] chrdev_open+0x231/0x6a0 [ 724.880134][T27454] ? __pfx_apparmor_file_open+0x10/0x10 [ 724.880161][T27454] ? __pfx_chrdev_open+0x10/0x10 [ 724.880193][T27454] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 724.880224][T27454] do_dentry_open+0x97f/0x1530 [ 724.880254][T27454] ? __pfx_chrdev_open+0x10/0x10 [ 724.880289][T27454] vfs_open+0x82/0x3f0 [ 724.880325][T27454] path_openat+0x1de4/0x2cb0 [ 724.880358][T27454] ? __pfx_path_openat+0x10/0x10 [ 724.880390][T27454] do_filp_open+0x20b/0x470 [ 724.880419][T27454] ? __pfx_do_filp_open+0x10/0x10 [ 724.880457][T27454] ? alloc_fd+0x471/0x7d0 [ 724.880485][T27454] do_sys_openat2+0x11b/0x1d0 [ 724.880522][T27454] ? __pfx_do_sys_openat2+0x10/0x10 [ 724.880565][T27454] __x64_sys_openat+0x174/0x210 [ 724.880604][T27454] ? __pfx___x64_sys_openat+0x10/0x10 [ 724.880649][T27454] do_syscall_64+0xcd/0x490 [ 724.880681][T27454] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 724.880706][T27454] RIP: 0033:0x7f5a1118ebe9 [ 724.880724][T27454] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 724.880748][T27454] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 724.880775][T27454] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 724.880792][T27454] RDX: 0000000000080000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 724.880807][T27454] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 724.880822][T27454] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 724.880837][T27454] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 724.880860][T27454] [ 725.119504][ C0] vkms_vblank_simulate: vblank timer overrun [ 726.175092][T27482] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 727.002735][T27512] FAULT_INJECTION: forcing a failure. [ 727.002735][T27512] name failslab, interval 1, probability 0, space 0, times 0 [ 727.103595][T27512] CPU: 0 UID: 0 PID: 27512 Comm: syz.2.2014 Not tainted syzkaller #0 PREEMPT(full) [ 727.103636][T27512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 727.103651][T27512] Call Trace: [ 727.103658][T27512] [ 727.103667][T27512] dump_stack_lvl+0x16c/0x1f0 [ 727.103701][T27512] should_fail_ex+0x512/0x640 [ 727.103740][T27512] ? mpi_resize+0x188/0x230 [ 727.103764][T27512] should_failslab+0xc2/0x120 [ 727.103797][T27512] __kmalloc_noprof+0xd2/0x510 [ 727.103828][T27512] mpi_resize+0x188/0x230 [ 727.103854][T27512] mpi_sub_ui+0x173/0x8d0 [ 727.103875][T27512] ? __kasan_kmalloc+0xaa/0xb0 [ 727.103904][T27512] rsa_check_payload+0x58/0xc0 [ 727.103930][T27512] rsa_enc+0x198/0x3b0 [ 727.103955][T27512] ? __pfx_rsa_enc+0x10/0x10 [ 727.103980][T27512] ? __virt_addr_valid+0x81/0x610 [ 727.104010][T27512] ? __phys_addr+0xe8/0x180 [ 727.104039][T27512] ? sg_init_one+0xf5/0x1b0 [ 727.104071][T27512] rsassa_pkcs1_verify+0x502/0xb60 [ 727.104107][T27512] ? __pfx_rsassa_pkcs1_verify+0x10/0x10 [ 727.104145][T27512] ? rsa_max_size+0xd/0x70 [ 727.104169][T27512] ? rsassa_pkcs1_set_pub_key+0x17d/0x1f0 [ 727.104202][T27512] public_key_verify_signature+0x672/0x970 [ 727.104229][T27512] ? __pfx_public_key_verify_signature+0x10/0x10 [ 727.104266][T27512] x509_check_for_self_signed+0x31a/0x500 [ 727.104297][T27512] x509_cert_parse+0x5f8/0x900 [ 727.104320][T27512] ? kasan_save_stack+0x42/0x60 [ 727.104346][T27512] ? kasan_save_stack+0x33/0x60 [ 727.104373][T27512] ? kasan_save_track+0x14/0x30 [ 727.104401][T27512] pkcs7_extract_cert+0xa4/0x320 [ 727.104432][T27512] asn1_ber_decoder+0xc5f/0x1df0 [ 727.104476][T27512] ? __pfx_asn1_ber_decoder+0x10/0x10 [ 727.104524][T27512] pkcs7_parse_message+0x288/0x720 [ 727.104555][T27512] verify_pkcs7_signature+0x30/0xa0 [ 727.104604][T27512] valid_regdb+0x211/0x590 [ 727.104638][T27512] ? __pfx___mutex_lock+0x10/0x10 [ 727.104670][T27512] ? __pfx_valid_regdb+0x10/0x10 [ 727.104701][T27512] reg_reload_regdb+0x11a/0x460 [ 727.104734][T27512] ? __pfx_reg_reload_regdb+0x10/0x10 [ 727.104769][T27512] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 727.104793][T27512] ? nl80211_pre_doit+0x1b0/0xb10 [ 727.104818][T27512] genl_family_rcv_msg_doit+0x206/0x2f0 [ 727.104856][T27512] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 727.104893][T27512] ? rcu_is_watching+0x12/0xc0 [ 727.104921][T27512] ? bpf_lsm_capable+0x9/0x10 [ 727.104942][T27512] ? security_capable+0x7e/0x260 [ 727.104967][T27512] genl_rcv_msg+0x55c/0x800 [ 727.105004][T27512] ? __pfx_genl_rcv_msg+0x10/0x10 [ 727.105040][T27512] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 727.105063][T27512] ? __pfx_nl80211_reload_regdb+0x10/0x10 [ 727.105094][T27512] ? __pfx_nl80211_post_doit+0x10/0x10 [ 727.105131][T27512] netlink_rcv_skb+0x155/0x420 [ 727.105163][T27512] ? __pfx_genl_rcv_msg+0x10/0x10 [ 727.105199][T27512] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 727.105236][T27512] ? netlink_deliver_tap+0x1ae/0xd30 [ 727.105267][T27512] genl_rcv+0x28/0x40 [ 727.105299][T27512] netlink_unicast+0x5aa/0x870 [ 727.105332][T27512] ? __pfx_netlink_unicast+0x10/0x10 [ 727.105383][T27512] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 727.105420][T27512] netlink_sendmsg+0x8d1/0xdd0 [ 727.105454][T27512] ? __pfx_netlink_sendmsg+0x10/0x10 [ 727.105489][T27512] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 727.105516][T27512] ____sys_sendmsg+0xa95/0xc70 [ 727.105556][T27512] ? copy_msghdr_from_user+0x10a/0x160 [ 727.105587][T27512] ? __pfx_____sys_sendmsg+0x10/0x10 [ 727.105637][T27512] ? __pfx_futex_wake_mark+0x10/0x10 [ 727.105676][T27512] ___sys_sendmsg+0x134/0x1d0 [ 727.105707][T27512] ? __pfx____sys_sendmsg+0x10/0x10 [ 727.105738][T27512] ? futex_private_hash_put+0x11c/0x300 [ 727.105771][T27512] ? rcu_is_watching+0x12/0xc0 [ 727.105805][T27512] __sys_sendmsg+0x16d/0x220 [ 727.105836][T27512] ? __pfx___sys_sendmsg+0x10/0x10 [ 727.105867][T27512] ? __x64_sys_futex+0x1e0/0x4c0 [ 727.105906][T27512] do_syscall_64+0xcd/0x490 [ 727.105939][T27512] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 727.105964][T27512] RIP: 0033:0x7f5fbeb8ebe9 [ 727.105982][T27512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 727.106006][T27512] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 727.106029][T27512] RAX: ffffffffffffffda RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 727.106045][T27512] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000005 [ 727.106061][T27512] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 727.106075][T27512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 727.106090][T27512] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 727.106113][T27512] [ 727.563438][ C0] vkms_vblank_simulate: vblank timer overrun [ 728.898414][T27570] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 728.907954][T27574] FAULT_INJECTION: forcing a failure. [ 728.907954][T27574] name failslab, interval 1, probability 0, space 0, times 0 [ 728.945505][T27574] CPU: 0 UID: 0 PID: 27574 Comm: syz.0.2022 Not tainted syzkaller #0 PREEMPT(full) [ 728.945548][T27574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 728.945562][T27574] Call Trace: [ 728.945569][T27574] [ 728.945577][T27574] dump_stack_lvl+0x16c/0x1f0 [ 728.945615][T27574] should_fail_ex+0x512/0x640 [ 728.945650][T27574] should_failslab+0xc2/0x120 [ 728.945683][T27574] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 728.945711][T27574] ? vm_area_alloc+0x1f/0x160 [ 728.945736][T27574] vm_area_alloc+0x1f/0x160 [ 728.945759][T27574] create_init_stack_vma+0x29/0x700 [ 728.945793][T27574] alloc_bprm+0x420/0x710 [ 728.945818][T27574] do_execveat_common.isra.0+0x1ce/0x610 [ 728.945848][T27574] __x64_sys_execve+0x8e/0xb0 [ 728.945874][T27574] do_syscall_64+0xcd/0x490 [ 728.945906][T27574] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.945930][T27574] RIP: 0033:0x7fca6798ebe9 [ 728.945969][T27574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.945993][T27574] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 728.946016][T27574] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 728.946032][T27574] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 728.946046][T27574] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 728.946061][T27574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.946076][T27574] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 728.946099][T27574] [ 729.105720][ C0] vkms_vblank_simulate: vblank timer overrun [ 729.430454][T27582] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 731.126534][T27621] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 731.164274][T27622] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 731.722817][T27640] FAULT_INJECTION: forcing a failure. [ 731.722817][T27640] name failslab, interval 1, probability 0, space 0, times 0 [ 731.796905][T27640] CPU: 0 UID: 0 PID: 27640 Comm: syz.1.2033 Not tainted syzkaller #0 PREEMPT(full) [ 731.796938][T27640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 731.796953][T27640] Call Trace: [ 731.796960][T27640] [ 731.796968][T27640] dump_stack_lvl+0x16c/0x1f0 [ 731.797002][T27640] should_fail_ex+0x512/0x640 [ 731.797037][T27640] ? landlock_init_hierarchy_log+0x17f/0x810 [ 731.797074][T27640] should_failslab+0xc2/0x120 [ 731.797105][T27640] __kmalloc_noprof+0xd2/0x510 [ 731.797136][T27640] landlock_init_hierarchy_log+0x17f/0x810 [ 731.797175][T27640] landlock_merge_ruleset+0x6e1/0x870 [ 731.797203][T27640] ? prepare_creds+0x583/0x7d0 [ 731.797239][T27640] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 731.797267][T27640] do_syscall_64+0xcd/0x490 [ 731.797305][T27640] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 731.797329][T27640] RIP: 0033:0x7fe6f078ebe9 [ 731.797346][T27640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 731.797377][T27640] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 731.797400][T27640] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 731.797416][T27640] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000005 [ 731.797430][T27640] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 731.797445][T27640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 731.797459][T27640] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 731.797481][T27640] [ 732.382586][T27645] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 733.952562][T27710] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 734.678671][T27730] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 735.465555][T27745] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 736.950851][T27792] FAULT_INJECTION: forcing a failure. [ 736.950851][T27792] name failslab, interval 1, probability 0, space 0, times 0 [ 737.008662][T27792] CPU: 0 UID: 0 PID: 27792 Comm: syz.2.2053 Not tainted syzkaller #0 PREEMPT(full) [ 737.008696][T27792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 737.008711][T27792] Call Trace: [ 737.008718][T27792] [ 737.008726][T27792] dump_stack_lvl+0x16c/0x1f0 [ 737.008760][T27792] should_fail_ex+0x512/0x640 [ 737.008797][T27792] should_failslab+0xc2/0x120 [ 737.008831][T27792] __kmalloc_cache_noprof+0x6a/0x3e0 [ 737.008855][T27792] ? ww_mutex_lock+0x37/0x160 [ 737.008886][T27792] ? ww_mutex_lock+0x37/0x160 [ 737.008916][T27792] ? vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 737.008947][T27792] vkms_atomic_crtc_duplicate_state+0x78/0x1d0 [ 737.008975][T27792] drm_atomic_get_crtc_state+0x171/0x450 [ 737.009017][T27792] drm_atomic_get_plane_state+0x436/0x590 [ 737.009067][T27792] drm_client_modeset_commit_atomic+0x237/0x7e0 [ 737.009094][T27792] ? __pfx___might_resched+0x10/0x10 [ 737.009123][T27792] ? __pfx_drm_client_modeset_commit_atomic+0x10/0x10 [ 737.009150][T27792] ? __mutex_lock+0x1c5/0x1060 [ 737.009181][T27792] ? rcu_is_watching+0x12/0xc0 [ 737.009217][T27792] drm_client_modeset_commit_locked+0x14d/0x580 [ 737.009247][T27792] drm_client_modeset_commit+0x4f/0x80 [ 737.009274][T27792] __drm_fb_helper_restore_fbdev_mode_unlocked+0x19f/0x200 [ 737.009301][T27792] ? __pfx_drm_fbdev_client_restore+0x10/0x10 [ 737.009337][T27792] drm_fbdev_client_restore+0x2c/0x40 [ 737.009372][T27792] drm_client_dev_restore+0x1f3/0x2a0 [ 737.009399][T27792] drm_release+0x2c4/0x360 [ 737.009422][T27792] ? __pfx_drm_release+0x10/0x10 [ 737.009444][T27792] __fput+0x3ff/0xb70 [ 737.009481][T27792] task_work_run+0x14d/0x240 [ 737.009521][T27792] ? __pfx_task_work_run+0x10/0x10 [ 737.009559][T27792] ? __pfx___do_sys_close_range+0x10/0x10 [ 737.009592][T27792] exit_to_user_mode_loop+0xeb/0x110 [ 737.009630][T27792] do_syscall_64+0x3f6/0x490 [ 737.009663][T27792] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 737.009688][T27792] RIP: 0033:0x7f5fbeb8ebe9 [ 737.009706][T27792] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 737.009731][T27792] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 737.009754][T27792] RAX: 0000000000000000 RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 737.009770][T27792] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 737.009784][T27792] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 737.009799][T27792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 737.009814][T27792] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 737.009837][T27792] [ 737.343600][T27799] netlink: 'syz.2.2055': attribute type 10 has an invalid length. [ 737.351514][T27799] netlink: 210 bytes leftover after parsing attributes in process `syz.2.2055'. [ 737.650195][T27807] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 740.093920][T27871] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 740.337477][T27870] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 741.388375][T27903] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 741.682300][T27916] [U]  [ 741.685142][T27916] [U] [ 741.687852][T27916] [U] [ 741.690561][T27916] [U] [ 741.740516][T27916] [U] [ 741.743273][T27916] [U] [ 741.745982][T27916] [U] [ 741.748689][T27916] [U] [ 741.796626][T27916] [U] [ 741.799381][T27916] [U] [ 741.802093][T27916] [U] [ 741.804799][T27916] [U] [ 741.854424][T27916] [U] [ 741.857176][T27916] [U] [ 741.859884][T27916] [U] [ 741.862591][T27916] [U] [ 741.915194][T27916] [U] [ 741.917944][T27916] [U] [ 741.920654][T27916] [U] [ 741.923374][T27916] [U] [ 741.971841][T27916] [U] [ 741.974597][T27916] [U] [ 741.977307][T27916] [U] [ 741.980023][T27916] [U] [ 742.050761][T27916] [U] [ 742.053558][T27916] [U] [ 742.056273][T27916] [U] [ 742.058977][T27916] [U] [ 742.106680][T27916] [U] [ 742.109434][T27916] [U] [ 742.112143][T27916] [U] [ 742.114849][T27916] [U] [ 742.160704][T27916] [U] [ 742.163466][T27916] [U] [ 742.166182][T27916] [U] [ 742.168902][T27916] [U] [ 742.224681][T27916] [U] [ 742.227483][T27916] [U] [ 742.230193][T27916] [U] [ 742.232899][T27916] [U] [ 742.270770][T27916] [U] [ 742.273521][T27916] [U] [ 742.276230][T27916] [U] [ 742.278935][T27916] [U] [ 742.319410][T27916] [U] [ 742.322165][T27916] [U] [ 742.324876][T27916] [U] [ 742.327598][T27916] [U] [ 742.378817][T27916] [U] [ 742.381578][T27916] [U] [ 742.384324][T27916] [U] [ 742.387044][T27916] [U] [ 742.439320][T27916] [U] [ 742.442104][T27916] [U] [ 742.444853][T27916] [U] [ 742.447573][T27916] [U] [ 742.470236][T27928] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 742.525782][T27916] [U] [ 743.678876][T27970] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 744.839308][T27999] FAULT_INJECTION: forcing a failure. [ 744.839308][T27999] name fail_futex, interval 1, probability 0, space 0, times 1 [ 744.895079][T27993] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 744.928394][T27999] CPU: 0 UID: 0 PID: 27999 Comm: syz.0.2086 Not tainted syzkaller #0 PREEMPT(full) [ 744.928428][T27999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 744.928443][T27999] Call Trace: [ 744.928450][T27999] [ 744.928458][T27999] dump_stack_lvl+0x16c/0x1f0 [ 744.928491][T27999] should_fail_ex+0x512/0x640 [ 744.928527][T27999] get_futex_key+0x1d0/0x1560 [ 744.928557][T27999] ? __pfx_get_futex_key+0x10/0x10 [ 744.928597][T27999] futex_wake+0xea/0x530 [ 744.928633][T27999] ? __pfx_futex_wake+0x10/0x10 [ 744.928667][T27999] ? key_user_lookup+0x4ee/0x560 [ 744.928698][T27999] ? rcu_is_watching+0x12/0xc0 [ 744.928724][T27999] ? refcount_dec_not_one+0x138/0x1d0 [ 744.928763][T27999] do_futex+0x1e3/0x350 [ 744.928793][T27999] ? __pfx_do_futex+0x10/0x10 [ 744.928822][T27999] ? refcount_dec_and_lock+0x32/0xc0 [ 744.928859][T27999] ? key_user_put+0x2c/0x70 [ 744.928891][T27999] __x64_sys_futex+0x1e0/0x4c0 [ 744.928923][T27999] ? __pfx___x64_sys_futex+0x10/0x10 [ 744.928953][T27999] ? xfd_validate_state+0x61/0x180 [ 744.928988][T27999] ? __pfx_ksys_write+0x10/0x10 [ 744.929019][T27999] do_syscall_64+0xcd/0x490 [ 744.929051][T27999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 744.929075][T27999] RIP: 0033:0x7fca6798ebe9 [ 744.929092][T27999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 744.929115][T27999] RSP: 002b:00007fca6872e0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 744.929137][T27999] RAX: ffffffffffffffda RBX: 00007fca67bb5fa8 RCX: 00007fca6798ebe9 [ 744.929153][T27999] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fca67bb5fac [ 744.929168][T27999] RBP: 00007fca67bb5fa0 R08: 00007fca6872f000 R09: 0000000000000000 [ 744.929182][T27999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 744.929196][T27999] R13: 00007fca67bb6038 R14: 00007ffece278a10 R15: 00007ffece278af8 [ 744.929218][T27999] [ 746.413064][T28032] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 748.216441][T28075] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 749.696520][T28134] FAULT_INJECTION: forcing a failure. [ 749.696520][T28134] name failslab, interval 1, probability 0, space 0, times 0 [ 749.862805][T28134] CPU: 0 UID: 0 PID: 28134 Comm: syz.1.2106 Not tainted syzkaller #0 PREEMPT(full) [ 749.862839][T28134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 749.862854][T28134] Call Trace: [ 749.862861][T28134] [ 749.862870][T28134] dump_stack_lvl+0x16c/0x1f0 [ 749.862904][T28134] should_fail_ex+0x512/0x640 [ 749.862945][T28134] should_failslab+0xc2/0x120 [ 749.862979][T28134] __kmalloc_cache_noprof+0x6a/0x3e0 [ 749.863004][T28134] ? userio_char_open+0x45/0x210 [ 749.863037][T28134] ? __pfx_userio_char_open+0x10/0x10 [ 749.863066][T28134] userio_char_open+0x45/0x210 [ 749.863094][T28134] ? __pfx_userio_char_open+0x10/0x10 [ 749.863123][T28134] misc_open+0x35a/0x420 [ 749.863149][T28134] ? __pfx_misc_open+0x10/0x10 [ 749.863186][T28134] chrdev_open+0x231/0x6a0 [ 749.863216][T28134] ? __pfx_apparmor_file_open+0x10/0x10 [ 749.863242][T28134] ? __pfx_chrdev_open+0x10/0x10 [ 749.863273][T28134] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 749.863310][T28134] do_dentry_open+0x97f/0x1530 [ 749.863338][T28134] ? __pfx_chrdev_open+0x10/0x10 [ 749.863372][T28134] vfs_open+0x82/0x3f0 [ 749.863408][T28134] path_openat+0x1de4/0x2cb0 [ 749.863439][T28134] ? __pfx_path_openat+0x10/0x10 [ 749.863470][T28134] do_filp_open+0x20b/0x470 [ 749.863497][T28134] ? __pfx_do_filp_open+0x10/0x10 [ 749.863534][T28134] ? alloc_fd+0x471/0x7d0 [ 749.863562][T28134] do_sys_openat2+0x11b/0x1d0 [ 749.863598][T28134] ? __pfx_do_sys_openat2+0x10/0x10 [ 749.863639][T28134] __x64_sys_openat+0x174/0x210 [ 749.863677][T28134] ? __pfx___x64_sys_openat+0x10/0x10 [ 749.863719][T28134] do_syscall_64+0xcd/0x490 [ 749.863751][T28134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.863775][T28134] RIP: 0033:0x7fe6f078ebe9 [ 749.863792][T28134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.863816][T28134] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 749.863837][T28134] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 749.863853][T28134] RDX: 0000000000002000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 749.863868][T28134] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 749.863883][T28134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 749.863897][T28134] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 749.863919][T28134] [ 751.641192][T28180] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 751.726011][T28173] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 754.018878][T28236] FAULT_INJECTION: forcing a failure. [ 754.018878][T28236] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 754.097378][T28237] FAULT_INJECTION: forcing a failure. [ 754.097378][T28237] name failslab, interval 1, probability 0, space 0, times 0 [ 754.164782][T28236] CPU: 0 UID: 0 PID: 28236 Comm: syz.3.2120 Not tainted syzkaller #0 PREEMPT(full) [ 754.164814][T28236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 754.164827][T28236] Call Trace: [ 754.164834][T28236] [ 754.164841][T28236] dump_stack_lvl+0x16c/0x1f0 [ 754.164873][T28236] should_fail_ex+0x512/0x640 [ 754.164907][T28236] _copy_from_iter+0x29f/0x16f0 [ 754.164944][T28236] ? __build_skb_around+0x278/0x3b0 [ 754.164966][T28236] ? __pfx__copy_from_iter+0x10/0x10 [ 754.165001][T28236] ? __pfx___alloc_skb+0x10/0x10 [ 754.165028][T28236] ? common_file_perm+0x1a9/0x340 [ 754.165057][T28236] vhci_write+0x150/0x480 [ 754.165087][T28236] vfs_write+0x7d3/0x11d0 [ 754.165112][T28236] ? __pfx_vhci_write+0x10/0x10 [ 754.165150][T28236] ? __pfx_vfs_write+0x10/0x10 [ 754.165175][T28236] ? lock_release+0x201/0x2f0 [ 754.165210][T28236] ksys_write+0x12a/0x250 [ 754.165235][T28236] ? __pfx_ksys_write+0x10/0x10 [ 754.165264][T28236] do_syscall_64+0xcd/0x490 [ 754.165312][T28236] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.165335][T28236] RIP: 0033:0x7f5a1118ebe9 [ 754.165351][T28236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.165373][T28236] RSP: 002b:00007f5a11f98038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 754.165394][T28236] RAX: ffffffffffffffda RBX: 00007f5a113b6090 RCX: 00007f5a1118ebe9 [ 754.165409][T28236] RDX: 000000000000007f RSI: 00002000000004c0 RDI: 00000000000000ca [ 754.165423][T28236] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 754.165437][T28236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.165449][T28236] R13: 00007f5a113b6128 R14: 00007f5a113b6090 R15: 00007ffe29172708 [ 754.165470][T28236] [ 754.344319][T28237] CPU: 0 UID: 0 PID: 28237 Comm: syz.2.2121 Not tainted syzkaller #0 PREEMPT(full) [ 754.344353][T28237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 754.344368][T28237] Call Trace: [ 754.344375][T28237] [ 754.344383][T28237] dump_stack_lvl+0x16c/0x1f0 [ 754.344417][T28237] should_fail_ex+0x512/0x640 [ 754.344455][T28237] should_failslab+0xc2/0x120 [ 754.344488][T28237] __kmalloc_cache_noprof+0x6a/0x3e0 [ 754.344513][T28237] ? userio_char_open+0x45/0x210 [ 754.344545][T28237] ? __pfx_userio_char_open+0x10/0x10 [ 754.344573][T28237] userio_char_open+0x45/0x210 [ 754.344602][T28237] ? __pfx_userio_char_open+0x10/0x10 [ 754.344631][T28237] misc_open+0x35a/0x420 [ 754.344656][T28237] ? __pfx_misc_open+0x10/0x10 [ 754.344681][T28237] chrdev_open+0x231/0x6a0 [ 754.344712][T28237] ? __pfx_apparmor_file_open+0x10/0x10 [ 754.344739][T28237] ? __pfx_chrdev_open+0x10/0x10 [ 754.344771][T28237] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 754.344801][T28237] do_dentry_open+0x97f/0x1530 [ 754.344831][T28237] ? __pfx_chrdev_open+0x10/0x10 [ 754.344865][T28237] vfs_open+0x82/0x3f0 [ 754.344914][T28237] path_openat+0x1de4/0x2cb0 [ 754.344946][T28237] ? __pfx_path_openat+0x10/0x10 [ 754.344977][T28237] do_filp_open+0x20b/0x470 [ 754.345003][T28237] ? __pfx_do_filp_open+0x10/0x10 [ 754.345041][T28237] ? alloc_fd+0x471/0x7d0 [ 754.345068][T28237] do_sys_openat2+0x11b/0x1d0 [ 754.345104][T28237] ? __pfx_do_sys_openat2+0x10/0x10 [ 754.345154][T28237] __x64_sys_openat+0x174/0x210 [ 754.345193][T28237] ? __pfx___x64_sys_openat+0x10/0x10 [ 754.345236][T28237] do_syscall_64+0xcd/0x490 [ 754.345268][T28237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 754.345292][T28237] RIP: 0033:0x7f5fbeb8ebe9 [ 754.345309][T28237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 754.345332][T28237] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 754.345354][T28237] RAX: ffffffffffffffda RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 754.345370][T28237] RDX: 0000000000002000 RSI: 0000200000000340 RDI: ffffffffffffff9c [ 754.345386][T28237] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 754.345400][T28237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 754.345414][T28237] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 754.345436][T28237] [ 755.409157][T28247] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 755.935736][T28260] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 756.676047][T28271] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 757.836597][T28298] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 757.997873][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 758.005011][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 758.527626][T28306] FAULT_INJECTION: forcing a failure. [ 758.527626][T28306] name failslab, interval 1, probability 0, space 0, times 0 [ 758.628299][T28306] CPU: 0 UID: 0 PID: 28306 Comm: syz.0.2133 Not tainted syzkaller #0 PREEMPT(full) [ 758.628335][T28306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 758.628350][T28306] Call Trace: [ 758.628357][T28306] [ 758.628366][T28306] dump_stack_lvl+0x16c/0x1f0 [ 758.628401][T28306] should_fail_ex+0x512/0x640 [ 758.628438][T28306] should_failslab+0xc2/0x120 [ 758.628471][T28306] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 758.628500][T28306] ? __kernfs_new_node+0xd2/0x8e0 [ 758.628533][T28306] __kernfs_new_node+0xd2/0x8e0 [ 758.628565][T28306] ? rcu_is_watching+0x12/0xc0 [ 758.628589][T28306] ? __pfx___kernfs_new_node+0x10/0x10 [ 758.628640][T28306] ? __pfx___might_resched+0x10/0x10 [ 758.628667][T28306] ? rcu_is_watching+0x12/0xc0 [ 758.628690][T28306] ? kernfs_root+0xee/0x2a0 [ 758.628717][T28306] ? rcu_is_watching+0x12/0xc0 [ 758.628739][T28306] ? lock_release+0x201/0x2f0 [ 758.628779][T28306] kernfs_new_node+0x13c/0x1e0 [ 758.628817][T28306] __kernfs_create_file+0x53/0x350 [ 758.628843][T28306] sysfs_add_file_mode_ns+0x207/0x3c0 [ 758.628875][T28306] internal_create_group+0x578/0xf30 [ 758.628911][T28306] ? __pfx_internal_create_group+0x10/0x10 [ 758.628946][T28306] ? kernfs_create_link+0x1bd/0x240 [ 758.628972][T28306] internal_create_groups+0x9d/0x150 [ 758.629006][T28306] device_add+0xf30/0x1aa0 [ 758.629028][T28306] ? __pfx_device_add+0x10/0x10 [ 758.629049][T28306] ? lockdep_init_map_type+0x5c/0x280 [ 758.629083][T28306] ? __init_waitqueue_head+0xca/0x150 [ 758.629125][T28306] netdev_register_kobject+0x1a9/0x3d0 [ 758.629165][T28306] register_netdevice+0x13dc/0x2270 [ 758.629204][T28306] ? __pfx_register_netdevice+0x10/0x10 [ 758.629238][T28306] ? rcu_is_watching+0x12/0xc0 [ 758.629262][T28306] ? trace_kmalloc+0x2b/0xd0 [ 758.629295][T28306] ? __kmalloc_noprof+0x242/0x510 [ 758.629330][T28306] register_netdev+0x34/0x50 [ 758.629363][T28306] mkiss_open+0x4cd/0x9a0 [ 758.629387][T28306] ? __pfx_mkiss_open+0x10/0x10 [ 758.629410][T28306] tty_ldisc_open+0x9f/0x120 [ 758.629439][T28306] tty_set_ldisc+0x32b/0x780 [ 758.629469][T28306] tty_ioctl+0xc2e/0x1680 [ 758.629502][T28306] ? __pfx_tty_ioctl+0x10/0x10 [ 758.629537][T28306] ? rcu_is_watching+0x12/0xc0 [ 758.629561][T28306] ? __fget_files+0x204/0x3c0 [ 758.629586][T28306] ? hook_file_ioctl_common+0x145/0x410 [ 758.629621][T28306] ? __fget_files+0x20e/0x3c0 [ 758.629649][T28306] ? __pfx_tty_ioctl+0x10/0x10 [ 758.629681][T28306] __x64_sys_ioctl+0x18b/0x210 [ 758.629720][T28306] do_syscall_64+0xcd/0x490 [ 758.629753][T28306] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 758.629783][T28306] RIP: 0033:0x7fca6798ebe9 [ 758.629801][T28306] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 758.629825][T28306] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 758.629848][T28306] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 758.629865][T28306] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 758.629881][T28306] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 758.629895][T28306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 758.629910][T28306] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 758.629933][T28306] [ 759.294802][T28306] Falling back ldisc for ttyS2. [ 759.532340][T28320] FAULT_INJECTION: forcing a failure. [ 759.532340][T28320] name failslab, interval 1, probability 0, space 0, times 0 [ 759.572848][T28320] CPU: 0 UID: 0 PID: 28320 Comm: syz.0.2134 Not tainted syzkaller #0 PREEMPT(full) [ 759.572882][T28320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 759.572897][T28320] Call Trace: [ 759.572905][T28320] [ 759.572913][T28320] dump_stack_lvl+0x16c/0x1f0 [ 759.572948][T28320] should_fail_ex+0x512/0x640 [ 759.572986][T28320] should_failslab+0xc2/0x120 [ 759.573019][T28320] __kmalloc_cache_noprof+0x6a/0x3e0 [ 759.573044][T28320] ? do_epoll_create+0x62/0x480 [ 759.573072][T28320] do_epoll_create+0x62/0x480 [ 759.573096][T28320] __x64_sys_epoll_create+0x45/0x70 [ 759.573123][T28320] do_syscall_64+0xcd/0x490 [ 759.573156][T28320] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 759.573180][T28320] RIP: 0033:0x7fca6798ebe9 [ 759.573198][T28320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 759.573222][T28320] RSP: 002b:00007fca65bf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 759.573244][T28320] RAX: ffffffffffffffda RBX: 00007fca67bb6090 RCX: 00007fca6798ebe9 [ 759.573261][T28320] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 759.573288][T28320] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 759.573302][T28320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 759.573316][T28320] R13: 00007fca67bb6128 R14: 00007fca67bb6090 R15: 00007ffece278af8 [ 759.573337][T28320] [ 761.447941][T28344] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 761.956336][T28363] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 762.379096][T28380] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 763.326006][T28414] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 764.451197][T28445] netlink: 306 bytes leftover after parsing attributes in process `syz.0.2156'. [ 764.997470][T28461] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 765.451529][T28477] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 765.538189][T28476] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 767.017348][T28515] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 769.009132][T28568] netlink: 146 bytes leftover after parsing attributes in process `syz.3.2178'. [ 770.926154][T28611] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 771.480208][T28629] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 771.654021][T28638] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 772.061307][T28647] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 773.727103][T28674] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 774.789284][T28708] debugfs: '!PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„L̓÷ÓÄ]' already exists in 'ieee80211' [ 775.126877][T28723] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 775.135445][T28724] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 775.655845][T28736] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 776.422543][T28750] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 776.449736][T28743] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 777.533621][T28770] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 777.902070][T28774] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 779.088178][T28811] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 779.212210][T28814] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 779.594051][T28818] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 780.885397][T28865] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 781.278327][T28875] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 781.485871][T28884] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 782.053091][T28895] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 782.420603][T28899] FAULT_INJECTION: forcing a failure. [ 782.420603][T28899] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 782.490644][T28899] CPU: 0 UID: 0 PID: 28899 Comm: syz.2.2234 Not tainted syzkaller #0 PREEMPT(full) [ 782.490677][T28899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 782.490692][T28899] Call Trace: [ 782.490699][T28899] [ 782.490707][T28899] dump_stack_lvl+0x16c/0x1f0 [ 782.490741][T28899] should_fail_ex+0x512/0x640 [ 782.490778][T28899] _copy_from_user+0x2e/0xd0 [ 782.490816][T28899] copy_msghdr_from_user+0x98/0x160 [ 782.490847][T28899] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 782.490880][T28899] ? kfree+0x24f/0x4d0 [ 782.490901][T28899] ? futex_unqueue+0x133/0x2c0 [ 782.490928][T28899] ? rcu_is_watching+0x12/0xc0 [ 782.490952][T28899] ? lock_release+0x201/0x2f0 [ 782.490984][T28899] ___sys_sendmsg+0xfe/0x1d0 [ 782.491014][T28899] ? __pfx____sys_sendmsg+0x10/0x10 [ 782.491043][T28899] ? __pfx___futex_wait+0x10/0x10 [ 782.491078][T28899] ? rcu_is_watching+0x12/0xc0 [ 782.491105][T28899] ? rcu_is_watching+0x12/0xc0 [ 782.491133][T28899] ? __pfx___might_resched+0x10/0x10 [ 782.491160][T28899] __sys_sendmmsg+0x200/0x420 [ 782.491192][T28899] ? __pfx___sys_sendmmsg+0x10/0x10 [ 782.491222][T28899] ? ip6_datagram_connect+0x38/0x50 [ 782.491256][T28899] ? __pfx_do_futex+0x10/0x10 [ 782.491293][T28899] ? xfd_validate_state+0x61/0x180 [ 782.491327][T28899] ? __pfx_do_writev+0x10/0x10 [ 782.491354][T28899] __x64_sys_sendmmsg+0x9c/0x100 [ 782.491385][T28899] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 782.491423][T28899] do_syscall_64+0xcd/0x490 [ 782.491481][T28899] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 782.491507][T28899] RIP: 0033:0x7f5fbeb8ebe9 [ 782.491524][T28899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 782.491549][T28899] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 782.491571][T28899] RAX: ffffffffffffffda RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 782.491588][T28899] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000003 [ 782.491602][T28899] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 782.491617][T28899] R10: 0000000000005e61 R11: 0000000000000246 R12: 0000000000000000 [ 782.491631][T28899] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 782.491654][T28899] [ 784.196730][T28957] netlink: 252 bytes leftover after parsing attributes in process `syz.2.2244'. [ 784.247738][T28957] unsupported nla_type 65535 [ 784.287541][T28958] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 785.062409][T28979] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 785.265982][T28982] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 788.138419][T29080] FAULT_INJECTION: forcing a failure. [ 788.138419][T29080] name failslab, interval 1, probability 0, space 0, times 0 [ 788.151074][T29080] CPU: 0 UID: 0 PID: 29080 Comm: syz.0.2267 Not tainted syzkaller #0 PREEMPT(full) [ 788.151107][T29080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 788.151122][T29080] Call Trace: [ 788.151133][T29080] [ 788.151142][T29080] dump_stack_lvl+0x116/0x1f0 [ 788.151178][T29080] should_fail_ex+0x512/0x640 [ 788.151216][T29080] should_failslab+0xc2/0x120 [ 788.151256][T29080] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 788.151286][T29080] ? __send_signal_locked+0x159/0x12c0 [ 788.151309][T29080] ? sig_get_ucounts+0x1c0/0x5b0 [ 788.151346][T29080] __send_signal_locked+0x159/0x12c0 [ 788.151371][T29080] group_send_sig_info+0x2a4/0x300 [ 788.151402][T29080] ? __pfx_group_send_sig_info+0x10/0x10 [ 788.151432][T29080] ? lock_acquire+0x2cd/0x350 [ 788.151464][T29080] ? rcu_is_watching+0x12/0xc0 [ 788.151490][T29080] ? kill_pid_info_type+0x1a/0x2a0 [ 788.151519][T29080] kill_pid_info_type+0x92/0x2a0 [ 788.151551][T29080] kill_proc_info+0x6f/0x1b0 [ 788.151581][T29080] kill_something_info+0x2a2/0x310 [ 788.151610][T29080] ? __task_pid_nr_ns+0x186/0x500 [ 788.151646][T29080] __x64_sys_kill+0xd7/0x140 [ 788.151678][T29080] ? __pfx___x64_sys_kill+0x10/0x10 [ 788.151714][T29080] ? rcu_is_watching+0x12/0xc0 [ 788.151739][T29080] do_syscall_64+0xcd/0x490 [ 788.151772][T29080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 788.151796][T29080] RIP: 0033:0x7fca6798ebe9 [ 788.151815][T29080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 788.151840][T29080] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 000000000000003e [ 788.151862][T29080] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 788.151879][T29080] RDX: 0000000000000000 RSI: 0000000000000011 RDI: 0000000000000a72 [ 788.151894][T29080] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 788.151908][T29080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 788.151923][T29080] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 788.151945][T29080] [ 789.174253][T29110] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 790.988566][T29153] input: f¬ as /devices/virtual/input/input25 [ 791.707780][T29169] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 792.240355][T29184] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 792.844243][T29217] FAULT_INJECTION: forcing a failure. [ 792.844243][T29217] name failslab, interval 1, probability 0, space 0, times 0 [ 792.918849][T29217] CPU: 0 UID: 0 PID: 29217 Comm: syz.2.2288 Not tainted syzkaller #0 PREEMPT(full) [ 792.918883][T29217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 792.918897][T29217] Call Trace: [ 792.918904][T29217] [ 792.918912][T29217] dump_stack_lvl+0x16c/0x1f0 [ 792.918945][T29217] should_fail_ex+0x512/0x640 [ 792.918981][T29217] ? iter_file_splice_write+0x1cc/0x1270 [ 792.919008][T29217] should_failslab+0xc2/0x120 [ 792.919039][T29217] __kmalloc_noprof+0xd2/0x510 [ 792.919069][T29217] iter_file_splice_write+0x1cc/0x1270 [ 792.919094][T29217] ? trace_irq_enable.constprop.0+0xd4/0x120 [ 792.919134][T29217] ? kfree+0x2b4/0x4d0 [ 792.919158][T29217] ? copy_splice_read+0x89c/0xc20 [ 792.919179][T29217] ? __pfx_iter_file_splice_write+0x10/0x10 [ 792.919208][T29217] ? __pfx_copy_splice_read+0x10/0x10 [ 792.919231][T29217] ? look_up_lock_class+0x59/0x150 [ 792.919264][T29217] ? __pfx___might_resched+0x10/0x10 [ 792.919287][T29217] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 792.919315][T29217] ? __pfx_iter_file_splice_write+0x10/0x10 [ 792.919342][T29217] direct_splice_actor+0x18f/0x6c0 [ 792.919367][T29217] splice_direct_to_actor+0x342/0xa30 [ 792.919392][T29217] ? __pfx_direct_splice_actor+0x10/0x10 [ 792.919419][T29217] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 792.919444][T29217] ? futex_private_hash_put+0x11c/0x300 [ 792.919473][T29217] do_splice_direct+0x174/0x240 [ 792.919497][T29217] ? __pfx_do_splice_direct+0x10/0x10 [ 792.919520][T29217] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 792.919543][T29217] ? bpf_lsm_file_permission+0x9/0x10 [ 792.919578][T29217] ? security_file_permission+0x71/0x210 [ 792.919611][T29217] ? rw_verify_area+0xcf/0x6c0 [ 792.919636][T29217] do_sendfile+0xb06/0xe50 [ 792.919662][T29217] ? __pfx_do_sendfile+0x10/0x10 [ 792.919689][T29217] ? __x64_sys_futex+0x1e0/0x4c0 [ 792.919719][T29217] ? __x64_sys_futex+0x1e9/0x4c0 [ 792.919750][T29217] __x64_sys_sendfile64+0x1d8/0x220 [ 792.919791][T29217] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 792.919829][T29217] do_syscall_64+0xcd/0x490 [ 792.919861][T29217] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.919885][T29217] RIP: 0033:0x7f5fbeb8ebe9 [ 792.919902][T29217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 792.919926][T29217] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 792.919947][T29217] RAX: ffffffffffffffda RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 792.919963][T29217] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004 [ 792.919977][T29217] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 792.919992][T29217] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000 [ 792.920006][T29217] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 792.920028][T29217] [ 793.713012][T29233] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 795.512734][T29306] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 796.032802][T29308] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 799.208263][T29424] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 800.028052][T29448] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 800.540698][T29458] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 801.658564][T29478] FAULT_INJECTION: forcing a failure. [ 801.658564][T29478] name failslab, interval 1, probability 0, space 0, times 0 [ 801.702298][T29478] CPU: 0 UID: 0 PID: 29478 Comm: syz.3.2322 Not tainted syzkaller #0 PREEMPT(full) [ 801.702332][T29478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 801.702348][T29478] Call Trace: [ 801.702355][T29478] [ 801.702363][T29478] dump_stack_lvl+0x16c/0x1f0 [ 801.702397][T29478] should_fail_ex+0x512/0x640 [ 801.702434][T29478] should_failslab+0xc2/0x120 [ 801.702468][T29478] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 801.702498][T29478] ? __d_alloc+0x32/0xae0 [ 801.702529][T29478] __d_alloc+0x32/0xae0 [ 801.702557][T29478] ? __kasan_slab_alloc+0x89/0x90 [ 801.702586][T29478] ? kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 801.702616][T29478] d_alloc_parallel+0x111/0x1480 [ 801.702653][T29478] ? do_syscall_64+0xcd/0x490 [ 801.702684][T29478] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.702713][T29478] ? __pfx_d_alloc_parallel+0x10/0x10 [ 801.702752][T29478] ? lockdep_init_map_type+0x5c/0x280 [ 801.702786][T29478] ? lockdep_init_map_type+0x5c/0x280 [ 801.702822][T29478] __lookup_slow+0x193/0x460 [ 801.702859][T29478] ? __pfx___lookup_slow+0x10/0x10 [ 801.702896][T29478] ? rcu_is_watching+0x12/0xc0 [ 801.702928][T29478] ? d_lookup+0xe7/0x190 [ 801.702966][T29478] lookup_noperm+0xe1/0x110 [ 801.703004][T29478] simple_start_creating+0xd1/0x1b0 [ 801.703031][T29478] rpc_new_file+0x2f/0x430 [ 801.703067][T29478] ? rpc_new_dir+0x2d7/0x440 [ 801.703102][T29478] ? d_instantiate+0x77/0x90 [ 801.703133][T29478] rpc_fill_super+0x386/0x4f0 [ 801.703172][T29478] ? __pfx_rpc_fill_super+0x10/0x10 [ 801.703221][T29478] get_tree_keyed+0x10b/0x1d0 [ 801.703247][T29478] vfs_get_tree+0x8e/0x340 [ 801.703294][T29478] vfs_cmd_create+0xd7/0x2a0 [ 801.703331][T29478] __do_sys_fsconfig+0x7b8/0xbe0 [ 801.703365][T29478] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 801.703405][T29478] do_syscall_64+0xcd/0x490 [ 801.703438][T29478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.703462][T29478] RIP: 0033:0x7f5a1118ebe9 [ 801.703480][T29478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.703504][T29478] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 801.703530][T29478] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 801.703548][T29478] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 801.703563][T29478] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 801.703578][T29478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.703594][T29478] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 801.703617][T29478] [ 802.961065][T29498] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 803.931144][T29524] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 806.497416][T29626] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 806.594535][T29631] netlink: 330 bytes leftover after parsing attributes in process `syz.3.2338'. [ 806.638333][T29631] : renamed from bond0 (while UP) [ 809.189741][T29733] netlink: 330 bytes leftover after parsing attributes in process `syz.1.2351'. [ 809.246288][T29733] : renamed from bond0 (while UP) [ 811.917066][T29819] futex_wake_op: syz.0.2363 tries to shift op by -2048; fix this program [ 812.094929][T29828] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 813.914310][T29876] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 815.940229][T29961] FAULT_INJECTION: forcing a failure. [ 815.940229][T29961] name failslab, interval 1, probability 0, space 0, times 0 [ 815.994165][T29961] CPU: 0 UID: 0 PID: 29961 Comm: syz.3.2381 Not tainted syzkaller #0 PREEMPT(full) [ 815.994198][T29961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 815.994212][T29961] Call Trace: [ 815.994219][T29961] [ 815.994227][T29961] dump_stack_lvl+0x16c/0x1f0 [ 815.994260][T29961] should_fail_ex+0x512/0x640 [ 815.994295][T29961] should_failslab+0xc2/0x120 [ 815.994328][T29961] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 815.994356][T29961] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 815.994396][T29961] acpi_ut_create_generic_state+0x5c/0xb0 [ 815.994422][T29961] acpi_ps_init_scope+0x1a/0x1c0 [ 815.994453][T29961] acpi_ds_init_aml_walk+0x1d9/0x590 [ 815.994487][T29961] acpi_ps_execute_method+0x32d/0xb30 [ 815.994522][T29961] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 815.994561][T29961] acpi_ns_evaluate+0x76c/0xca0 [ 815.994595][T29961] ? kasan_save_track+0x14/0x30 [ 815.994623][T29961] acpi_evaluate_object+0x1fa/0xa90 [ 815.994649][T29961] ? __kvmalloc_node_noprof+0x27b/0x620 [ 815.994674][T29961] ? seq_read_iter+0x826/0x12c0 [ 815.994696][T29961] ? kernfs_fop_read_iter+0x40f/0x5a0 [ 815.994718][T29961] ? do_syscall_64+0xcd/0x490 [ 815.994747][T29961] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.994772][T29961] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 815.994799][T29961] ? __mutex_trylock_common+0xe9/0x250 [ 815.994834][T29961] acpi_evaluate_integer+0xdd/0x200 [ 815.994857][T29961] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 815.994885][T29961] ? __pfx_status_show+0x10/0x10 [ 815.994914][T29961] status_show+0xa0/0x120 [ 815.994941][T29961] ? __pfx_status_show+0x10/0x10 [ 815.994969][T29961] ? rcu_is_watching+0x12/0xc0 [ 815.994993][T29961] ? lock_release+0x201/0x2f0 [ 815.995025][T29961] dev_attr_show+0x53/0xe0 [ 815.995062][T29961] ? __pfx_dev_attr_show+0x10/0x10 [ 815.995097][T29961] sysfs_kf_seq_show+0x213/0x3e0 [ 815.995125][T29961] seq_read_iter+0x509/0x12c0 [ 815.995148][T29961] ? __mutex_trylock_common+0xe9/0x250 [ 815.995184][T29961] kernfs_fop_read_iter+0x40f/0x5a0 [ 815.995205][T29961] ? rw_verify_area+0xcf/0x6c0 [ 815.995229][T29961] vfs_read+0x8bf/0xcf0 [ 815.995256][T29961] ? __pfx___mutex_lock+0x10/0x10 [ 815.995287][T29961] ? __pfx_vfs_read+0x10/0x10 [ 815.995321][T29961] ksys_read+0x12a/0x250 [ 815.995347][T29961] ? __pfx_ksys_read+0x10/0x10 [ 815.995377][T29961] do_syscall_64+0xcd/0x490 [ 815.995414][T29961] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.995437][T29961] RIP: 0033:0x7f5a1118ebe9 [ 815.995455][T29961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.995478][T29961] RSP: 002b:00007f5a11fb9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 815.995500][T29961] RAX: ffffffffffffffda RBX: 00007f5a113b5fa0 RCX: 00007f5a1118ebe9 [ 815.995516][T29961] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 815.995530][T29961] RBP: 00007f5a11211e19 R08: 0000000000000000 R09: 0000000000000000 [ 815.995544][T29961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 815.995563][T29961] R13: 00007f5a113b6038 R14: 00007f5a113b5fa0 R15: 00007ffe29172708 [ 815.995585][T29961] [ 816.308372][T29966] FAULT_INJECTION: forcing a failure. [ 816.308372][T29966] name failslab, interval 1, probability 0, space 0, times 0 [ 816.321064][T29966] CPU: 0 UID: 0 PID: 29966 Comm: syz.1.2383 Not tainted syzkaller #0 PREEMPT(full) [ 816.321096][T29966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 816.321111][T29966] Call Trace: [ 816.321120][T29966] [ 816.321128][T29966] dump_stack_lvl+0x16c/0x1f0 [ 816.321163][T29966] should_fail_ex+0x512/0x640 [ 816.321200][T29966] should_failslab+0xc2/0x120 [ 816.321233][T29966] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 816.321263][T29966] ? sctp_get_port_local+0x54d/0x1670 [ 816.321294][T29966] sctp_get_port_local+0x54d/0x1670 [ 816.321326][T29966] ? __pfx_sctp_get_port_local+0x10/0x10 [ 816.321354][T29966] ? lock_release+0x201/0x2f0 [ 816.321389][T29966] ? sctp_bind_addr_match+0x19d/0x300 [ 816.321424][T29966] sctp_do_bind+0x223/0x700 [ 816.321460][T29966] sctp_connect_new_asoc+0x5e7/0x770 [ 816.321495][T29966] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 816.321529][T29966] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 816.321567][T29966] __sctp_connect+0x3f3/0xc60 [ 816.321601][T29966] ? do_raw_spin_lock+0x12c/0x2b0 [ 816.321637][T29966] ? __pfx___sctp_connect+0x10/0x10 [ 816.321669][T29966] ? sctp_inet_connect+0xac/0x200 [ 816.321702][T29966] ? sctp_inet_connect+0xac/0x200 [ 816.321733][T29966] ? rcu_is_watching+0x12/0xc0 [ 816.321756][T29966] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 816.321792][T29966] ? __pfx_sctp_inet_connect+0x10/0x10 [ 816.321826][T29966] sctp_inet_connect+0x15f/0x200 [ 816.321861][T29966] __sys_connect_file+0x13e/0x1a0 [ 816.321891][T29966] __sys_connect+0x13b/0x160 [ 816.321916][T29966] ? __pfx___sys_connect+0x10/0x10 [ 816.321948][T29966] ? xfd_validate_state+0x61/0x180 [ 816.321987][T29966] __x64_sys_connect+0x72/0xb0 [ 816.322015][T29966] do_syscall_64+0xcd/0x490 [ 816.322047][T29966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.322073][T29966] RIP: 0033:0x7fe6f078ebe9 [ 816.322092][T29966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.322116][T29966] RSP: 002b:00007fe6f1623038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 816.322139][T29966] RAX: ffffffffffffffda RBX: 00007fe6f09b5fa0 RCX: 00007fe6f078ebe9 [ 816.322156][T29966] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 816.322171][T29966] RBP: 00007fe6f0811e19 R08: 0000000000000000 R09: 0000000000000000 [ 816.322185][T29966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 816.322201][T29966] R13: 00007fe6f09b6038 R14: 00007fe6f09b5fa0 R15: 00007fff9f45ed48 [ 816.322224][T29966] [ 817.406255][T29976] FAULT_INJECTION: forcing a failure. [ 817.406255][T29976] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 817.449830][T29976] CPU: 0 UID: 0 PID: 29976 Comm: syz.2.2385 Not tainted syzkaller #0 PREEMPT(full) [ 817.449862][T29976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 817.449877][T29976] Call Trace: [ 817.449884][T29976] [ 817.449891][T29976] dump_stack_lvl+0x16c/0x1f0 [ 817.449925][T29976] should_fail_ex+0x512/0x640 [ 817.449960][T29976] should_fail_alloc_page+0xe7/0x130 [ 817.449994][T29976] prepare_alloc_pages+0x3c2/0x610 [ 817.450032][T29976] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 817.450080][T29976] ? alloc_file_pseudo+0x13a/0x230 [ 817.450117][T29976] ? __x64_sys_io_setup+0xc9/0x210 [ 817.450145][T29976] ? do_syscall_64+0xcd/0x490 [ 817.450176][T29976] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.450206][T29976] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 817.450257][T29976] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 817.450293][T29976] ? policy_nodemask+0xea/0x4e0 [ 817.450333][T29976] alloc_pages_mpol+0x1fb/0x550 [ 817.450364][T29976] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 817.450394][T29976] ? __raw_spin_lock_init+0x3a/0x110 [ 817.450431][T29976] ? lockdep_init_map_type+0x5c/0x280 [ 817.450464][T29976] ? percpu_counter_add_batch+0xb8/0x1f0 [ 817.450495][T29976] ? ioctx_alloc+0x1679/0x2120 [ 817.450520][T29976] ___kmalloc_large_node+0xed/0x160 [ 817.450558][T29976] ? ioctx_alloc+0x1679/0x2120 [ 817.450582][T29976] __kmalloc_large_node_noprof+0x1c/0x70 [ 817.450621][T29976] __kmalloc_noprof.cold+0xc/0x61 [ 817.450658][T29976] ioctx_alloc+0x1679/0x2120 [ 817.450688][T29976] ? rcu_is_watching+0x12/0xc0 [ 817.450711][T29976] ? __might_fault+0xe3/0x190 [ 817.450738][T29976] ? __pfx_ioctx_alloc+0x10/0x10 [ 817.450762][T29976] ? __might_fault+0xe3/0x190 [ 817.450792][T29976] __x64_sys_io_setup+0xc9/0x210 [ 817.450820][T29976] do_syscall_64+0xcd/0x490 [ 817.450851][T29976] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 817.450874][T29976] RIP: 0033:0x7f5fbeb8ebe9 [ 817.450891][T29976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 817.450915][T29976] RSP: 002b:00007f5fbf9fc038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce [ 817.450936][T29976] RAX: ffffffffffffffda RBX: 00007f5fbedb5fa0 RCX: 00007f5fbeb8ebe9 [ 817.450952][T29976] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 000000000000ffff [ 817.450967][T29976] RBP: 00007f5fbec11e19 R08: 0000000000000000 R09: 0000000000000000 [ 817.450981][T29976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 817.450995][T29976] R13: 00007f5fbedb6038 R14: 00007f5fbedb5fa0 R15: 00007fffac510a78 [ 817.451017][T29976] [ 818.697414][T29997] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 819.439532][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 819.447749][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 820.424919][T30062] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2399'. [ 820.905018][T30072] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 821.531042][T30107] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 822.108273][T30131] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 822.883339][T30145] sp0: Synchronizing with TNC [ 822.957209][T30160] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 823.626429][T30183] FAULT_INJECTION: forcing a failure. [ 823.626429][T30183] name failslab, interval 1, probability 0, space 0, times 0 [ 823.626463][T30183] CPU: 0 UID: 0 PID: 30183 Comm: syz.0.2415 Not tainted syzkaller #0 PREEMPT(full) [ 823.626490][T30183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 823.626505][T30183] Call Trace: [ 823.626511][T30183] [ 823.626519][T30183] dump_stack_lvl+0x16c/0x1f0 [ 823.626551][T30183] should_fail_ex+0x512/0x640 [ 823.626587][T30183] ? vc_allocate+0x489/0x880 [ 823.626617][T30183] should_failslab+0xc2/0x120 [ 823.626648][T30183] __kmalloc_noprof+0xd2/0x510 [ 823.626678][T30183] vc_allocate+0x489/0x880 [ 823.626708][T30183] ? __pfx_vc_allocate+0x10/0x10 [ 823.626738][T30183] ? rcu_is_watching+0x12/0xc0 [ 823.626765][T30183] con_install+0xa1/0x600 [ 823.626796][T30183] ? __pfx_con_install+0x10/0x10 [ 823.626828][T30183] ? __pfx_con_install+0x10/0x10 [ 823.626859][T30183] tty_init_dev.part.0+0x99/0x500 [ 823.626895][T30183] tty_open+0xa50/0xf90 [ 823.626930][T30183] ? __pfx_tty_open+0x10/0x10 [ 823.626963][T30183] ? chrdev_open+0x58c/0x6a0 [ 823.626992][T30183] ? lock_release+0x201/0x2f0 [ 823.627038][T30183] ? __pfx_tty_open+0x10/0x10 [ 823.627070][T30183] chrdev_open+0x231/0x6a0 [ 823.627100][T30183] ? __pfx_chrdev_open+0x10/0x10 [ 823.627132][T30183] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 823.627163][T30183] do_dentry_open+0x97f/0x1530 [ 823.627192][T30183] ? __pfx_chrdev_open+0x10/0x10 [ 823.627228][T30183] vfs_open+0x82/0x3f0 [ 823.627264][T30183] path_openat+0x1de4/0x2cb0 [ 823.627295][T30183] ? __pfx_path_openat+0x10/0x10 [ 823.627326][T30183] do_filp_open+0x20b/0x470 [ 823.627353][T30183] ? __pfx_do_filp_open+0x10/0x10 [ 823.627390][T30183] ? alloc_fd+0x471/0x7d0 [ 823.627418][T30183] do_sys_openat2+0x11b/0x1d0 [ 823.627453][T30183] ? __pfx_do_sys_openat2+0x10/0x10 [ 823.627495][T30183] __x64_sys_openat+0x174/0x210 [ 823.627532][T30183] ? __pfx___x64_sys_openat+0x10/0x10 [ 823.627575][T30183] do_syscall_64+0xcd/0x490 [ 823.627607][T30183] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 823.627631][T30183] RIP: 0033:0x7fca6798ebe9 [ 823.627649][T30183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 823.627674][T30183] RSP: 002b:00007fca6872e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 823.627707][T30183] RAX: ffffffffffffffda RBX: 00007fca67bb5fa0 RCX: 00007fca6798ebe9 [ 823.627721][T30183] RDX: 0000000000040002 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 823.627734][T30183] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 823.627746][T30183] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000 [ 823.627759][T30183] R13: 00007fca67bb6038 R14: 00007fca67bb5fa0 R15: 00007ffece278af8 [ 823.627779][T30183] [ 825.835918][T28368] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 827.041417][T30306] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 827.286107][T30307] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 828.800187][T30375] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 830.268875][T30420] zswap: compressor not available [ 830.367546][T30429] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 830.419900][T30431] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 832.427484][T30492] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 832.616912][T30499] netlink: 25 bytes leftover after parsing attributes in process `syz.0.2453'. [ 832.739753][T30499] ima: policy update failed [ 832.781673][ T31] audit: type=1802 audit(4294967502.200:9): pid=30499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.2453" res=0 errno=0 [ 832.823841][T30497] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 833.088578][T30507] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 833.561268][T30525] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 834.330949][T30536] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2460'. [ 834.379498][T30536] netlink: 13 bytes leftover after parsing attributes in process `syz.0.2460'. [ 835.727467][T30622] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 837.209088][T30681] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2478'. [ 837.263515][T30681] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2478'. [ 837.307838][T30685] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2480'. [ 839.898522][T30753] netlink: 25 bytes leftover after parsing attributes in process `syz.3.2494'. [ 840.389396][T30760] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 840.522685][T30764] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2497'. [ 840.563938][T30764] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2497'. [ 840.665090][T30768] netlink: 338 bytes leftover after parsing attributes in process `syz.2.2497'. [ 840.721400][T30769] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 840.890509][T30774] netlink: 13 bytes leftover after parsing attributes in process `syz.2.2499'. [ 841.145994][T30780] netlink: 25 bytes leftover after parsing attributes in process `syz.2.2501'. [ 841.393318][T30788] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2503'. [ 841.441050][T30788] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2503'. [ 842.126703][T30831] ================================================================== [ 842.126722][T30831] BUG: KASAN: slab-out-of-bounds in fbcon_prepare_logo+0xa03/0xc70 [ 842.126763][T30831] Read of size 126 at addr ffff88807e127c30 by task syz.0.2507/30831 [ 842.126783][T30831] [ 842.126794][T30831] CPU: 0 UID: 0 PID: 30831 Comm: syz.0.2507 Not tainted syzkaller #0 PREEMPT(full) [ 842.126827][T30831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 842.126842][T30831] Call Trace: [ 842.126851][T30831] [ 842.126859][T30831] dump_stack_lvl+0x116/0x1f0 [ 842.126890][T30831] print_report+0xcd/0x630 [ 842.126921][T30831] ? __virt_addr_valid+0x81/0x610 [ 842.126950][T30831] ? __phys_addr+0xe8/0x180 [ 842.126979][T30831] ? fbcon_prepare_logo+0xa03/0xc70 [ 842.127008][T30831] kasan_report+0xe0/0x110 [ 842.127038][T30831] ? fbcon_prepare_logo+0xa03/0xc70 [ 842.127071][T30831] kasan_check_range+0x100/0x1b0 [ 842.127106][T30831] __asan_memcpy+0x23/0x60 [ 842.127129][T30831] fbcon_prepare_logo+0xa03/0xc70 [ 842.127164][T30831] fbcon_init+0xd77/0x1900 [ 842.127192][T30831] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 842.127218][T30831] visual_init+0x320/0x620 [ 842.127243][T30831] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 842.127277][T30831] store_bind+0x61d/0x760 [ 842.127308][T30831] ? __pfx_store_bind+0x10/0x10 [ 842.127335][T30831] dev_attr_store+0x58/0x80 [ 842.127370][T30831] ? __pfx_dev_attr_store+0x10/0x10 [ 842.127404][T30831] sysfs_kf_write+0xef/0x150 [ 842.127430][T30831] kernfs_fop_write_iter+0x351/0x510 [ 842.127451][T30831] ? __pfx_sysfs_kf_write+0x10/0x10 [ 842.127477][T30831] iter_file_splice_write+0x918/0x1270 [ 842.127510][T30831] ? copy_splice_read+0x89c/0xc20 [ 842.127531][T30831] ? __pfx_iter_file_splice_write+0x10/0x10 [ 842.127559][T30831] ? __pfx_copy_splice_read+0x10/0x10 [ 842.127583][T30831] ? look_up_lock_class+0x59/0x150 [ 842.127613][T30831] ? __pfx___might_resched+0x10/0x10 [ 842.127636][T30831] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 842.127663][T30831] ? __pfx_iter_file_splice_write+0x10/0x10 [ 842.127689][T30831] direct_splice_actor+0x18f/0x6c0 [ 842.127715][T30831] splice_direct_to_actor+0x342/0xa30 [ 842.127744][T30831] ? __pfx_direct_splice_actor+0x10/0x10 [ 842.127772][T30831] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 842.127797][T30831] ? futex_private_hash_put+0x11c/0x300 [ 842.127833][T30831] do_splice_direct+0x174/0x240 [ 842.127857][T30831] ? __pfx_do_splice_direct+0x10/0x10 [ 842.127881][T30831] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 842.127905][T30831] ? bpf_lsm_file_permission+0x9/0x10 [ 842.127942][T30831] ? security_file_permission+0x71/0x210 [ 842.127975][T30831] ? rw_verify_area+0xcf/0x6c0 [ 842.127999][T30831] do_sendfile+0xb06/0xe50 [ 842.128027][T30831] ? __pfx_do_sendfile+0x10/0x10 [ 842.128055][T30831] ? __x64_sys_futex+0x1e0/0x4c0 [ 842.128084][T30831] ? __x64_sys_futex+0x1e9/0x4c0 [ 842.128116][T30831] __x64_sys_sendfile64+0x1d8/0x220 [ 842.128149][T30831] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 842.128187][T30831] do_syscall_64+0xcd/0x490 [ 842.128219][T30831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.128244][T30831] RIP: 0033:0x7fca6798ebe9 [ 842.128262][T30831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.128286][T30831] RSP: 002b:00007fca65bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 842.128308][T30831] RAX: ffffffffffffffda RBX: 00007fca67bb6090 RCX: 00007fca6798ebe9 [ 842.128324][T30831] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003 [ 842.128339][T30831] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 842.128354][T30831] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 842.128369][T30831] R13: 00007fca67bb6128 R14: 00007fca67bb6090 R15: 00007ffece278af8 [ 842.128391][T30831] [ 842.128399][T30831] [ 842.128405][T30831] Allocated by task 5860: [ 842.128416][T30831] kasan_save_stack+0x33/0x60 [ 842.128443][T30831] kasan_save_track+0x14/0x30 [ 842.128468][T30831] __kasan_kmalloc+0xaa/0xb0 [ 842.128493][T30831] __kmalloc_node_noprof+0x21e/0x500 [ 842.128520][T30831] qdisc_alloc+0xbb/0xc50 [ 842.128545][T30831] qdisc_create_dflt+0x94/0x490 [ 842.128571][T30831] dev_activate+0x63f/0x12d0 [ 842.128596][T30831] __dev_open+0x432/0x7c0 [ 842.128623][T30831] __dev_change_flags+0x55d/0x720 [ 842.128651][T30831] netif_change_flags+0x8d/0x160 [ 842.128679][T30831] do_setlink.constprop.0+0xb53/0x4380 [ 842.128710][T30831] rtnl_newlink+0x1446/0x2000 [ 842.128740][T30831] rtnetlink_rcv_msg+0x95b/0xe90 [ 842.128771][T30831] netlink_rcv_skb+0x155/0x420 [ 842.128801][T30831] netlink_unicast+0x5aa/0x870 [ 842.128841][T30831] netlink_sendmsg+0x8d1/0xdd0 [ 842.128871][T30831] __sys_sendto+0x4a3/0x520 [ 842.128895][T30831] __x64_sys_sendto+0xe0/0x1c0 [ 842.128920][T30831] do_syscall_64+0xcd/0x490 [ 842.128949][T30831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.128971][T30831] [ 842.128976][T30831] The buggy address belongs to the object at ffff88807e127800 [ 842.128976][T30831] which belongs to the cache kmalloc-1k of size 1024 [ 842.128995][T30831] The buggy address is located 368 bytes to the right of [ 842.128995][T30831] allocated 704-byte region [ffff88807e127800, ffff88807e127ac0) [ 842.129020][T30831] [ 842.129025][T30831] The buggy address belongs to the physical page: [ 842.129042][T30831] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7e120 [ 842.129063][T30831] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 842.129082][T30831] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 842.129106][T30831] page_type: f5(slab) [ 842.129126][T30831] raw: 00fff00000000040 ffff88801b841dc0 ffffea00009bf800 dead000000000002 [ 842.129148][T30831] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 842.129176][T30831] head: 00fff00000000040 ffff88801b841dc0 ffffea00009bf800 dead000000000002 [ 842.129198][T30831] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 842.129220][T30831] head: 00fff00000000003 ffffea0001f84801 00000000ffffffff 00000000ffffffff [ 842.129241][T30831] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 842.129254][T30831] page dumped because: kasan: bad access detected [ 842.129266][T30831] page_owner tracks the page as allocated [ 842.129273][T30831] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5866, tgid 5866 (syz-executor), ts 87731419991, free_ts 87592735536 [ 842.129315][T30831] post_alloc_hook+0x1c0/0x230 [ 842.129338][T30831] get_page_from_freelist+0x132b/0x38e0 [ 842.129364][T30831] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 842.129391][T30831] alloc_pages_mpol+0x1fb/0x550 [ 842.129420][T30831] new_slab+0x247/0x330 [ 842.129439][T30831] ___slab_alloc+0xcf2/0x1740 [ 842.129459][T30831] __slab_alloc.constprop.0+0x56/0xb0 [ 842.129481][T30831] __kmalloc_node_noprof+0x2ed/0x500 [ 842.129508][T30831] qdisc_alloc+0xbb/0xc50 [ 842.129533][T30831] qdisc_create_dflt+0x94/0x490 [ 842.129558][T30831] dev_activate+0x63f/0x12d0 [ 842.129583][T30831] __dev_open+0x432/0x7c0 [ 842.129609][T30831] netif_open+0xf2/0x160 [ 842.129635][T30831] dev_open+0xb2/0x260 [ 842.129667][T30831] team_add_slave+0xaf9/0x2180 [ 842.129690][T30831] do_set_master+0x40c/0x730 [ 842.129716][T30831] page last free pid 5860 tgid 5860 stack trace: [ 842.129729][T30831] __free_frozen_pages+0x7d5/0x10f0 [ 842.129749][T30831] __put_partials+0x165/0x1c0 [ 842.129770][T30831] qlist_free_all+0x4d/0x120 [ 842.129793][T30831] kasan_quarantine_reduce+0x195/0x1e0 [ 842.129819][T30831] __kasan_slab_alloc+0x69/0x90 [ 842.129852][T30831] kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 842.129879][T30831] __alloc_skb+0x2b2/0x380 [ 842.129905][T30831] netlink_ack+0x15d/0xb80 [ 842.129934][T30831] netlink_rcv_skb+0x332/0x420 [ 842.129963][T30831] netlink_unicast+0x5aa/0x870 [ 842.129993][T30831] netlink_sendmsg+0x8d1/0xdd0 [ 842.130022][T30831] __sys_sendto+0x4a3/0x520 [ 842.130046][T30831] __x64_sys_sendto+0xe0/0x1c0 [ 842.130070][T30831] do_syscall_64+0xcd/0x490 [ 842.130099][T30831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.130121][T30831] [ 842.130126][T30831] Memory state around the buggy address: [ 842.130137][T30831] ffff88807e127b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 842.130154][T30831] ffff88807e127b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 842.130170][T30831] >ffff88807e127c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 842.130183][T30831] ^ [ 842.130196][T30831] ffff88807e127c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 842.130212][T30831] ffff88807e127d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 842.130225][T30831] ================================================================== [ 842.160784][ T5214] ERROR: Out of memory at tomoyo_memory_ok. [ 842.200889][T30831] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 842.200911][T30831] CPU: 0 UID: 0 PID: 30831 Comm: syz.0.2507 Not tainted syzkaller #0 PREEMPT(full) [ 842.200940][T30831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 842.200955][T30831] Call Trace: [ 842.200964][T30831] [ 842.200973][T30831] dump_stack_lvl+0x3d/0x1f0 [ 842.201010][T30831] vpanic+0x6e8/0x7a0 [ 842.201045][T30831] ? __pfx_vpanic+0x10/0x10 [ 842.201079][T30831] ? __pfx_vprintk_emit+0x10/0x10 [ 842.201106][T30831] ? fbcon_prepare_logo+0xa03/0xc70 [ 842.201138][T30831] panic+0xca/0xd0 [ 842.201181][T30831] ? __pfx_panic+0x10/0x10 [ 842.201230][T30831] ? fbcon_prepare_logo+0xa03/0xc70 [ 842.201260][T30831] ? preempt_schedule_common+0x44/0xc0 [ 842.201290][T30831] ? preempt_schedule_thunk+0x16/0x30 [ 842.201328][T30831] check_panic_on_warn+0xab/0xb0 [ 842.201364][T30831] end_report+0x107/0x170 [ 842.201394][T30831] kasan_report+0xee/0x110 [ 842.201426][T30831] ? fbcon_prepare_logo+0xa03/0xc70 [ 842.201460][T30831] kasan_check_range+0x100/0x1b0 [ 842.201497][T30831] __asan_memcpy+0x23/0x60 [ 842.201521][T30831] fbcon_prepare_logo+0xa03/0xc70 [ 842.201557][T30831] fbcon_init+0xd77/0x1900 [ 842.201587][T30831] ? __pfx_drm_fb_helper_set_par+0x10/0x10 [ 842.201613][T30831] visual_init+0x320/0x620 [ 842.201639][T30831] do_bind_con_driver.isra.0+0x57a/0xbf0 [ 842.201674][T30831] store_bind+0x61d/0x760 [ 842.201707][T30831] ? __pfx_store_bind+0x10/0x10 [ 842.201736][T30831] dev_attr_store+0x58/0x80 [ 842.201772][T30831] ? __pfx_dev_attr_store+0x10/0x10 [ 842.201807][T30831] sysfs_kf_write+0xef/0x150 [ 842.201841][T30831] kernfs_fop_write_iter+0x351/0x510 [ 842.201864][T30831] ? __pfx_sysfs_kf_write+0x10/0x10 [ 842.201892][T30831] iter_file_splice_write+0x918/0x1270 [ 842.201927][T30831] ? copy_splice_read+0x89c/0xc20 [ 842.201950][T30831] ? __pfx_iter_file_splice_write+0x10/0x10 [ 842.201979][T30831] ? __pfx_copy_splice_read+0x10/0x10 [ 842.202008][T30831] ? look_up_lock_class+0x59/0x150 [ 842.202040][T30831] ? __pfx___might_resched+0x10/0x10 [ 842.202083][T30831] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 842.202113][T30831] ? __pfx_iter_file_splice_write+0x10/0x10 [ 842.202141][T30831] direct_splice_actor+0x18f/0x6c0 [ 842.202169][T30831] splice_direct_to_actor+0x342/0xa30 [ 842.202196][T30831] ? __pfx_direct_splice_actor+0x10/0x10 [ 842.202225][T30831] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 842.202252][T30831] ? futex_private_hash_put+0x11c/0x300 [ 842.202283][T30831] do_splice_direct+0x174/0x240 [ 842.202308][T30831] ? __pfx_do_splice_direct+0x10/0x10 [ 842.202334][T30831] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 842.202359][T30831] ? bpf_lsm_file_permission+0x9/0x10 [ 842.202396][T30831] ? security_file_permission+0x71/0x210 [ 842.202431][T30831] ? rw_verify_area+0xcf/0x6c0 [ 842.202457][T30831] do_sendfile+0xb06/0xe50 [ 842.202486][T30831] ? __pfx_do_sendfile+0x10/0x10 [ 842.202515][T30831] ? __x64_sys_futex+0x1e0/0x4c0 [ 842.202545][T30831] ? __x64_sys_futex+0x1e9/0x4c0 [ 842.202579][T30831] __x64_sys_sendfile64+0x1d8/0x220 [ 842.202614][T30831] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 842.202654][T30831] do_syscall_64+0xcd/0x490 [ 842.202688][T30831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 842.202713][T30831] RIP: 0033:0x7fca6798ebe9 [ 842.202732][T30831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 842.202756][T30831] RSP: 002b:00007fca65bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 842.202780][T30831] RAX: ffffffffffffffda RBX: 00007fca67bb6090 RCX: 00007fca6798ebe9 [ 842.202797][T30831] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003 [ 842.202812][T30831] RBP: 00007fca67a11e19 R08: 0000000000000000 R09: 0000000000000000 [ 842.202828][T30831] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000000 [ 842.202850][T30831] R13: 00007fca67bb6128 R14: 00007fca67bb6090 R15: 00007ffece278af8 [ 842.202873][T30831] [ 842.202942][T30831] Kernel Offset: disabled