last executing test programs: 38.161126074s ago: executing program 1 (id=4314): openat$auto_i2cdev_fops_i2c_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x80001, 0x0) (fail_nth: 2) close_range$auto(0x2, 0x8000, 0x0) 37.813111373s ago: executing program 1 (id=4316): r0 = socket(0xa, 0x1, 0x84) setsockopt$auto_SO_LINGER(r0, 0x1, 0xd, &(0x7f00000000c0)='/sys/kernel/debug/sync/sw_sync\x00', 0x4) 37.56156377s ago: executing program 1 (id=4317): r0 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec4\x00', 0xa41, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r0, 0x805c6103, &(0x7f00000003c0)={"d606bd7a", 0x5, 0x25, 0x7, 0x0, 0x3, "5bcfff2bde6f40a8099f188a540d1f", "bc7f47a5", "9403f86d", "c87874b3", ["84915d93d5004aeaf0ff06ff", "dc24ab929a2d3af41782c2ca", "25acc95b9e34e519e1486b11", "b356e18bb347aad673482fbb"]}) r1 = openat$auto_long_retry_limit_ops_(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/ieee80211/phy0/long_retry_limit\x00', 0x400, 0x0) read$auto_long_retry_limit_ops_(r1, 0x0, 0x0) 37.454980066s ago: executing program 1 (id=4318): r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000001c0)={{&(0x7f0000000000), 0x1aa, &(0x7f0000000100)={&(0x7f00000003c0)="4a67d23edb317545d9bc87452a055975210d2de45906c24c7be790", 0x49}, 0x5, &(0x7f0000000180), 0x5, 0x1000}, 0x5}, 0x2, 0x100) (fail_nth: 2) 36.878524026s ago: executing program 1 (id=4322): socket(0x23, 0x80805, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/lockd/nlm_end_grace\x00', 0x2800, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r0, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r1 = open(0x0, 0x22240, 0x154) execveat$auto(r1, 0x0, 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000000)='./file0\x00', 0x0) unshare$auto(0x40000080) 36.3107119s ago: executing program 1 (id=4326): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x40, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r1) ioctl$auto_EVIOCSREP(r0, 0x40084503, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) mmap$auto(0x0, 0x420008, 0xdf, 0x12, 0x2, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4008af04, 0x0) msgctl$auto(0x9, 0xff, &(0x7f0000000540)={{0x8db, 0x0, 0xee00, 0x8, 0x8, 0x4d6c, 0x7c}, &(0x7f00000004c0)=0xfd, 0x0, 0x2, 0xf, 0xf57c, 0x7, 0x800000003, 0x9, 0x10, 0xfff, @raw=0xffffffff, @raw=0x8}) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x84981, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x400008, 0x400000000000df, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/tty/ttyx4/power/runtime_suspended_time\x00', 0x20001, 0x0) 20.840455984s ago: executing program 32 (id=4326): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000002ec0), 0xffffffffffffffff) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000140)='/dev/input/event1\x00', 0x40, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), r1) ioctl$auto_EVIOCSREP(r0, 0x40084503, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, 0x0, 0x82000, 0x0) mmap$auto(0x0, 0x420008, 0xdf, 0x12, 0x2, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$auto(0x3, 0x0, 0x80) getsockopt$auto_SO_RCVPRIORITY(0xffffffffffffffff, 0x2, 0x52, 0x0, 0x0) r2 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r2, 0xaf01, 0x5) ioctl$auto(r2, 0x4008af04, 0x0) msgctl$auto(0x9, 0xff, &(0x7f0000000540)={{0x8db, 0x0, 0xee00, 0x8, 0x8, 0x4d6c, 0x7c}, &(0x7f00000004c0)=0xfd, 0x0, 0x2, 0xf, 0xf57c, 0x7, 0x800000003, 0x9, 0x10, 0xfff, @raw=0xffffffff, @raw=0x8}) pread64$auto(0xffffffffffffffff, 0x0, 0x7ff, 0x400) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x84981, 0x0) socket(0x10, 0x2, 0x0) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, 0x0, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x400000000000948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x3, 0x1, 0x9, 0x1, 0x1]}, 0x0) write$auto(r3, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) move_pages$auto(0x1, 0x2000000000003, 0x0, 0x0, 0x0, 0x8000400000000000) ioctl$auto(0x3, 0x400454ca, 0x38) mmap$auto(0x0, 0x400008, 0x400000000000df, 0x9b72, 0x2, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/tty/ttyx4/power/runtime_suspended_time\x00', 0x20001, 0x0) 4.92109101s ago: executing program 3 (id=4442): r0 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r0, 0x402, 0x8000007fffffdf) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000040)) fcntl$auto(r1, 0x402, 0x2) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) 4.808287078s ago: executing program 3 (id=4445): r0 = socket(0x25, 0x1, 0x5) recvfrom$auto(r0, 0x0, 0x0, 0x40, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/de\xef\xe7auDio1\x00\f\'\x8b\xd9\xfeN\xcd#)\x8c\x89>-o\xd7\x8f$\xac\xfc\xa2\xccm\x0e \xfb\xe5\xe9\x92\xaa\xef\x84$\x84Ia>6pV;{\'\xaa\xbeS\x14\xb6\xd2\xf6\xb7\xcd\xf6P\x05X\x1dK\x18\x99\x02\xb3\x0fY0\x80\x99\xe3\x0e\xa2D\xc0\xecE\x86\xd9J\x9c\xa8\x98\x02\xdb\xf1\x81TMpS\xc5\xab\xa1\x1bG\v>\x03\xf7\xe1\xaf\xe3\x04\xc3 ffF\x0f\xa6}\xa3\xa8\xd1\xe2\xd0QG\xa6\xa6\x8e7\x80\xd9\xd0\xdf\xad\xb1\x15\xca\xbb\xd5j\x94\xc6<\x18\x15\xcc\x8d\x14\xd8\xb8L\x03\xdd~\xe7%\xcb\xdd\xda!\xd45Z\xd0\xfc\x1b\xf0\xe1\xd6:\xd7\xe9N\xc1W\xe3\xae\xe9\xb27>k\xf8\xdf\xe1\xf9\xcc\xcb\v\x01D\xc3\xa9T\xb9UY\xaf\xa4\xe4\xfec\xa3\x9bI@\xb7w\xf8\x14\xc0\xd5\xd5\x95', 0x8) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x48840}, 0x40000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x2, 0xb5, 0x200, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x7, 0x6}, 0x10) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x807}, 0xfffffffd, 0x8) 4.564691322s ago: executing program 3 (id=4448): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x214000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) connect$auto(r0, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x54) sendmsg$auto_NL80211_CMD_START_SCHED_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00'], 0x9c}, 0x1, 0x0, 0x0, 0x20000045}, 0x20044025) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) 3.901393072s ago: executing program 3 (id=4452): mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) r0 = openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000180)='/dev/input/event0\x00', 0x8000, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14f682, 0x0) socket(0x10, 0x2, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D3\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f00000000c0)='/dev/audio1\x00', 0x100000a3d9) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000000)={{0x0, 0x2, 0x0, 0x3, 0x0, 0xfffffffffffffffc, 0x696b}, 0xed7138c}, 0x2, 0x9) r3 = socket(0xa, 0x5, 0x84) sendto$auto(r3, 0x0, 0x401, 0x7f, &(0x7f0000000000)=@generic={0xa, "e2e18340cba8fe80000700"}, 0x1c) r4 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/net/sctp/assocs\x00', 0x0, 0x0) read$auto_proc_reg_file_ops_compat_inode(r4, 0x0, 0xfffffe36) ioctl$auto_BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000140)={"2252f65ca1b92f72a92538725b0694521629e8c3e6ba91c62e2e9d42cf4aef15", 0x4, 0x3, 0x8004, 0x6, 0xff}) ioctl$auto_EVIOCGEFFECTS(r0, 0x80044584, 0x0) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000bc0), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'batadv0\x00'}) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) socket(0xa, 0x2, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r6 = clone$auto(0x3, 0x0, &(0x7f0000000080)=0xcd, &(0x7f00000000c0)=0xe0, 0x1000) prctl$auto(0xa134, 0x22, r6, 0x800, 0x5) socket(0x2, 0x1, 0x106) socket(0x2, 0x3, 0xa) 3.811104663s ago: executing program 0 (id=4453): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0xc000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x3) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4080aebf, 0x0) 2.919800668s ago: executing program 0 (id=4456): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x214000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) r0 = socket(0x25, 0x1, 0x0) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(0xffffffffffffffff, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x3) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) io_uring_setup$auto(0x85, 0x0) socket(0xa, 0x1, 0x84) ioctl$sock_SIOCGIFINDEX(r3, 0x3b72, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) 2.352625411s ago: executing program 2 (id=4459): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) r0 = openat$auto_udf_dir_operations_udfdecl(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/mac80211_hwsim/hwsim15\x00', 0x880, 0x0) read$auto_udf_dir_operations_udfdecl(r0, &(0x7f0000000280)=""/206, 0xce) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x2e00, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x808, 0xc, 0xe3, 0x400000000a, 0x3}, 0x200) prctl$auto(0xc, 0x1, 0x4, 0x5, 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2d, 0x2, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r1, 0x4b33, r1) 2.199405044s ago: executing program 4 (id=4460): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x20000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r3) ioctl$auto_KVM_CREATE_VM(r2, 0xae80, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) timer_create$auto_CLOCK_TAI(0xb, &(0x7f0000000140)={@sival_int=0x812b, @raw=0x7ff, 0xfff, @_tid}, &(0x7f0000000180)=0x5) ioctl$auto_KVM_GET_MSRS(r0, 0x4090ae82, 0x0) 2.126286433s ago: executing program 2 (id=4461): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) (fail_nth: 3) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) writev$auto(0x3, 0x0, 0x8) kill$auto(0x80000007, 0x24) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda1\x00', 0xe6e43, 0x0) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) keyctl$auto(0x4, 0xfffffffe, 0xffffffffffffffff, 0xffffffffffffffff, 0x8000000e) 2.007182815s ago: executing program 3 (id=4462): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x214000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) r0 = socket(0x25, 0x1, 0x0) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(0xffffffffffffffff, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x3) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) io_uring_setup$auto(0x85, 0x0) r4 = socket(0xa, 0x1, 0x84) getsockopt$auto(r4, 0x0, 0x487, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x3b72, 0x0) 1.869282972s ago: executing program 0 (id=4463): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8", 0x3d) (async, rerun: 32) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) (async, rerun: 32) ustat$auto(0x801, 0x0) (async) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0xa1, 0x1, 0x0, 0x1, 0x80000000) (async) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) mmap$auto(0x0, 0x2000c, 0xdf, 0x20eb1, 0xff1, 0x8000) (async, rerun: 32) io_uring_setup$auto(0x101, 0x0) (async, rerun: 32) bpf$auto(0x5, 0x0, 0x102) (async) getpid() openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/graphics/fbcon/cursor_blink\x00', 0xa001, 0x0) write$auto(r2, &(0x7f0000000140)='7\x81=\"\xad\xff\x8d\xf9P\x18\xa4\xb0\xb4\xd9\x82=\xe1P\x05\x00\xfb&\xe8\xbf\x901\a2\xa2X`\a\xf1y\xb3\"=', 0xd4d0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 64) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) (async, rerun: 64) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mremap$auto(0x4000, 0xb8, 0x13fd4, 0x3, 0xfffff000) (async) io_uring_setup$auto(0x59, &(0x7f0000000080)={0x7fffffff, 0xd, 0x4002, 0x6, 0x7, 0x8, 0xffffffffffffffff, [0x4], {0xa, 0x4006, 0xf, 0x29f, 0x20000102, 0x7f, 0xff, 0x6, 0x2000}, {0x100, 0x1, 0x52, 0x5, 0x1, 0x2d, 0x76c5, 0xc, 0x100000000}}) (async, rerun: 32) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) (async, rerun: 32) mmap$auto(0x400000615, 0x20009, 0x2, 0x400eb2, 0xffffffffffffffff, 0x808000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) (async) openat$auto_vhci_fops_hci_vhci(0xffffffffffffff9c, &(0x7f0000000140), 0x880, 0x0) (async) r3 = epoll_create$auto(0x3e) epoll_ctl$auto(r3, 0x1, 0x8000000000000000, 0x0) madvise$auto(0x0, 0x400053, 0x9) 1.812078895s ago: executing program 2 (id=4464): r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8040, 0x0) (fail_nth: 3) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r0, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x2) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r2, 0x0, 0x81) fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0x7) ioctl$auto(0xffffffffffffffff, 0x4004556e, 0x1f) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) getsockopt$auto_SO_LOCK_FILTER(r2, 0x9, 0x2c, &(0x7f0000000280)='@,\\#\x00', &(0x7f0000000300)=0xc) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) 1.573137505s ago: executing program 2 (id=4465): r0 = timerfd_create$auto(0x9, 0x0) timerfd_gettime$auto(r0, &(0x7f0000000080)={{0x1, 0xc8}, {0x7, 0x1}}) 1.399450071s ago: executing program 2 (id=4466): openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/clk/clk_summary\x00', 0x80, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x40000000f42c, 0x80002) io_uring_setup$auto(0x4, 0x0) mmap$auto(0x0, 0x20004, 0x1ff, 0xeb1, 0x8000000000000024, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r1, r1, 0x0, 0x3) 999.958377ms ago: executing program 0 (id=4467): io_uring_setup$auto(0x2002, 0x0) 816.734611ms ago: executing program 4 (id=4468): ptrace$auto_ARCH_GET_GS(0x8, 0x0, 0x3, 0x1004) (async) r0 = prctl$auto_SIGCONT(0x8, 0x12, 0x0, 0x9, 0x100) (async) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_REMOVE_LINK_STA(r0, &(0x7f00000007c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000780)={&(0x7f0000000080)={0x6dc, r1, 0x4, 0x70bd26, 0x25dfdbfb, {}, [@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x5}, @NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS={0x6, 0x151, 0x100}, @NL80211_ATTR_SCHED_SCAN_MULTI={0x4}, @NL80211_ATTR_TDLS_PEER_CAPABILITY={0x8}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x2}, @NL80211_ATTR_IE_ASSOC_RESP={0x69c, 0x80, "29e4bcef0a480cde50b35402f122f105985cc8357043babc5c26743a6db0319dc324a4a22220793fd70c72aba02bf31ff7a26b1c7d942708075bbc38c8d7e53075c7a90b93f6a3164b58354f9d44cdf60cdff16ff2abb31b213ed84df435e55761229cc55fd9df184e2c129856304e78e83927fe843a5e6d72ca3c1d4e8edca4d83ac311467972b44c2612f36b605e202116fab5ce0c39927612733587035dbfdb2d2c605f44e4ef440352958ad697aac17e4973e764dfa97fa7d012e3562f9f996f1e3d726e2bc932be56353652ace24434a30d931283a84ba160d08b69e991acda87da59c546b241ff454d2ff0add48460406884174eca933401a5acc10864639092e75c6c34a74874543418f06cc02affd902d022188d558ad8a6f5d57c9bb564dca476683e01c14186e55bc6d6140be7d05923c509627cae23df34551bc4c2a9a64294917533bb47c63ed14f470d864365a395553d4cd8bd4bcb30a0ab112994ae6322b71694a0b9831c0ce6b86479be5c1de591a88b6e14ce60d5a9b7a3707d480bae1a4a4e01b3282da762c3700b0c1f4b1ba064488f802a58d56b4750339ae413e62ac0f90b77f21fa6b43d2d296e8972f5e80e05e73f5898a769caf6881f725690ca475beb2f8865362bf23c901c0cb0d0a3158890ee5c3d73d876d0a6519e9ae19d555424a246057501624f2c9b1d0b1b6a33da5a92e75b4bf02559daa620ecba9ee9e939792502d3d63443ac6908c14edcf7d1fdf1fbb5447d8879fb92c6177c9f5670ef45a7d73f06344679b74e93dcb35be090cf1d98ebfa21d57e4095fe9028bff4f7b74028962d3dca40a86f4a645aa9017ef9b873437f7a70f243326feca1338e002dc03dee21a5436df1c91fa7dd7372ba14f3f1cc3e847b881d607e3d5ed07f97e1c06e8cc8c8ae46dc9ac5a0d62352a9beebf0048d933937b517b342beb6b0a0c5cfc79da2625430250ad7bf9a45e237e4c5e7558c0b9e4fc633e94bd5005c31f9d7afc9f5e1b330b01df791ee38b925284cd6f312cfcb77532e532a435861afa3e1c89ed1f897e6a0066da61a30cc6797d7cd09d3c03d7c59fc7d4f005978dead277131e29be7d8241a085199476991098b08590375ceb3cba67b2f79a5299054273207f05fccad9fa0592aff48a111501533402997e1210191a85823669ddfd51c4d8999cea635bfa91915dff25328f85decea9f92a05ad28fcbb79901f275d32ed064af40a570cc450392052f8918d8d3b6136abd5ba74a954088e5de34b441fa4fb7a3528f635877834346c04d2dbbc0f4c4a78d8a58ed1e2e561509de9a70fdbd404c9b197c9d59ac087f0b8f6eec90006848b48be8de892d8ed52ee59cbb00d2ce0df0855cace3187af3606f71ff5aad588099523078bccb12db3c396d4e55f439b782dbd7969f49f38e8be8e2d9fcb733e6222c32cbb4ec9767143b445ab77d814600eaac06ccf2665e0541b73746cfdbfcd924064a7aaad299f43299196ec2334c3f06eac07b771e45023618ec929b0a7ec1061d4c3a81f680546d4358568b35a378c47d3e0dad128cfec12fc731683daef3a94c56ac63b8ffc92bcc4efb30c21ee33e0a6394dda7ae6bffe47188734eec293c3736e4c2a3e8751fcec0b013bc47b13712f6de71f4e4c66f03d1d9e649d978d1d0f95708ab023bb7046ee457210272cd33c7378288001688d852e4403dbabd8d5daf0d464e3c0e0bbc2f297f220d8b227cb2fd300a0148e8fa90adcc10528979a3bd2a20774b73f850316ee776212fdf2eca3e5ca1352ee6f8583f5a81ccf0ba90ee4ae107aa3e2cadb2a0995a963a52523ca37386dc4a4c1f09410c0a8de550b0e0ef18c767ba373b8fe60fc5bdaf09d523420b990b531a5ae5f062d40317b75a1813a6ba77a6b1dafab4306c0316a7a724b9e19c274dbc051b255f5ef6e0f51e7abc5cae6c05dc6e5738634ad895cbcd675efefdff695a355857553438ec960ab1dfc4574dd8fb540ba39064adb9d7dcd78f0fc2eb8a8770e3f4f03c5429d239a49e37955b81a545201e637f187fae9079126de89e5563b0615bcef6b3a2cda0c392ef1b8af38c5b062348f07e5f2d5aa2b29f4b7ec527e48fe53ceadf69336d11f28616e936fc29f4df647062e2ecd21b406e673798a1b41125338f03ab87cd4cf99572ab13c856f5167fa71de66c58e99b53611239ac183eb208e10e212231db693249b4c2e60820dc0f1afa1342fc93f86a0b28d62c36953c3f905e0fe08191ef54e7d545c069b0da291956deee4df9610734465f898bd6b1e8168f2f48735b115049b0629116bd99a7a55ee08dfbea6c22bab4adbd13b426146023fd9b1648113197f2320274a41a8ba1743ed7568528fe095a83f0"}]}, 0x6dc}, 0x1, 0x0, 0x0, 0x1}, 0x4040000) (async) ioctl$auto_FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x9) (async) bpf$auto_BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000800)=@bpf_attr_4={0x8, r0, 0x4ea, r0}, 0xfffffff9) ioctl$auto(r2, 0x1, r0) (async) r4 = ioctl$auto_NS_GET_TGID_FROM_PIDNS(r0, 0x8004b707, &(0x7f00000008c0)=0x3) (async) r5 = syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000940), r0) sendmsg$auto_BATADV_CMD_TP_METER(r4, &(0x7f0000000a00)={&(0x7f0000000900)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000009c0)={&(0x7f0000000980)={0x30, r5, 0x200, 0x70bd2a, 0x25dfdbff, {}, [@BATADV_ATTR_TPMETER_BYTES={0xc, 0xc, 0x8001}, @BATADV_ATTR_DAT_CACHE_IP4ADDRESS={0x8, 0x23, @empty}, @BATADV_ATTR_LOG_LEVEL={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x400448d1) connect$auto(r0, &(0x7f0000000a40)=@vsock={0x28, 0x0, 0x2711, @host}, 0x631) (async) prctl$auto_PR_RISCV_SET_ICACHE_FLUSH_CTX(0x47, 0x2, 0xe1, 0xfffffffffffffffe, 0x8960) (async) setsockopt$auto_SO_DEVMEM_DONTNEED(r4, 0xc000, 0x50, &(0x7f0000000a80)='batadv\x00', 0x0) (async) sendmsg$auto_BATADV_CMD_GET_TRANSTABLE_GLOBAL(r2, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x18, r5, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_ACTIVE={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x880}, 0x10040890) (async) r6 = syz_genetlink_get_family_id$auto_nl802154(&(0x7f0000000c00), r2) fstat$auto(r3, &(0x7f0000000c40)={0x2, 0xb, 0x9, 0x3, 0xffffffffffffffff, 0x0, 0x0, 0x100, 0x1800000, 0x6, 0xfffffffffffffffb, 0x101, 0x40, 0x7, 0x9, 0x4, 0xae4}) sendmsg$auto_NL802154_CMD_SET_MAX_FRAME_RETRIES(r0, &(0x7f0000002080)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000002040)={&(0x7f0000000d00)={0x1338, r6, 0x80, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_MIN_BE={0x5, 0x11, 0x1}, @NL802154_ATTR_MAX_ASSOCIATIONS={0x8, 0x27, 0x80000000}, @NL802154_ATTR_SHORT_ADDR={0x6, 0xa, 0x7fff}, @NL802154_ATTR_BEACON_INTERVAL={0x5, 0x26, 0x7}, @NL802154_ATTR_SEC_LEVEL={0x12ec, 0x2d, 0x0, 0x1, [@generic="4f449046d140941ba74d20d53783d90cb70c470b8aa455603d9dde13322f27b379db76695877eb3c7ceb208b4aee35511aa073135ded48194def7a05a37768e49e48cdaa2566560e5c5fa1227e8939554ae1f0ae64aeac3b8082ab763ec38d21466da6799151716029d43997349c862ca3e16c40b70c2c42a5106ee91b83adcb2b0101a6228ef05eb5cb86843f2eba3af6324354d84595d2cefcd980a49695a23b95b0c682880e02530b676ac4894f8203d4c514aec77add3e9ae128d3e706189411557f97737847ad5e9cef14e34878cc04899c010ac304bd55e9b84a90895438ed8500a6431c9272966012736db1b8408c30f5444b238d3c06e97e9628640443ccfccae932af1f00b6a55cc98c80584683f77670f52c05be95ea306ea0cb0e0e88eb96105926ebe97189fa4e68836117241f91cf88617bac9ae0fcce08c34cbf4b3e48426a617caaeaacf1ba9064ca8812ffccd1dad60b8d7e86ffc7fc3d9a14891f9b6e524035513dbfc41f491f832b57db83116cbb23d49ce175c3a4a8057d8562f15787a55ad6a2930941e526e356da926e9124c279d3a1b4d37f041a8b49230502ac2cf0d2bddb89c2e4ac85235b662ea031ae6b83b25f695208da9c00a7d130c0f1a7bc28ba11f9cb2df9b4268c3f48764d3a7596101de9a495eeb67e1f0a94bcff3be58ddbc95564c24c57e02da8eae5109f3ca308f57443b3e74bd1a631239ee9927365a08413615a1b085bb2b11d1d926c4cf10b8354004830e6c115dd48246f0702b7ccc434e99cd5ffc6e7ddfa8e7904443274ff017c39d18e55faa92a065fd403cad0439d66be4eb078cc60e9ed10f88ebfe739b05e48d4edb30f1958d10d66f67d59ae53be82a008f4a65c95a93fc4b37dd33050f2f446fd985fa1c134fafca8370ef5272c63f8f6c2a5f099c0dfa0a0f24a50a83680aacac42b2385b7d4e8331fd975c3335db859656d39d269b1596871546952c78572cdcb9001dfbff2a30f9558ecf69def8e073fe11412e8cd1ee9613928fa144edbc4e0278de56b043d982b6197a229d34f28acb0625f6c01940eb38ab54af9fb57ee9276de6f6c6d1ea190af706038cd026a4fa56b46d1656370b1ff82ace74861339d6c0831b4910ab3f950a87368e391a8b3c69e7a492e330cc00cb67c7f79262937b46ddda1d29596b6c9d51274eaea8acee12b9f6e5183623fd0b9c1348f2252f345c82bd220c0178f758d957aebc82c34370790c9c6396cb41344dfc25e4daf177d92f3a50266af9def5c2b9f5a77a814bd7e3390bc5c7754d2eff1f5352744b50de439db2b411d4bdcf64262c7e57453d72bf05792aaf4c19d5f748b2f9a536eee8cd541bbf18ebaae142e7111a4f5f8236c84f12cadc6e3313a61ba41979384c544056a6f7278bf04cc323cfa75be1abbb9fc7790c7b76ccc166b212deedb72d0b5650b99f267cc8e13782ea5807a4af9a47fa01ad8a254ef18c368126a031121d52c3779218c2ac2f84edae0fd87c0dcb57e7eee06a0c317394d0857990fc7be5a5a798513c1e889611b3fcbd10757e09e52ed410e399fab3d19c55c36bb300005c98801c5e803c4e41b1c4f977d05a562e6bd3e6cb22312c98ddeaad18a41127f2cffd0c9f13878482d7b985d1497f477206ca94799249cf0d96471e9cca3bee7859264c02648977055b044e5a01116f6d24ad3b90005848d558a37b598846c30fcfdbd88284d6ff11df72c388ffaca833615056f6f62ebff0622b80e3d559ae4a17feed5e4d4d95967c5b3375939755e05e40a1064c210ac03b2e6c439ea3d4071d15fc3e690e18f49c9da865348aca21e16640163bb35e1dbfda1734c0b4cd8647144296efb40e6b5b2f619a9e42533bdf9556283c553bd0d9cb6a4ddae4dc12083bc8631025bb96220588046c02a1dc65c0e93c74b9ed45b1696ba647d364f0abf0ce39fe8100b75e6c8c686619c46d72feb7176e88570cb637d8334ea0dd61677c7f26502cb86327170538450df8cc85a33dd89feeef5c7a7a1c295c804d119f30240fd62f9ae64c34ffbb8aece5e55d715c700f60259a4e4d296d8e5d941c8f20aeb4975921908405364e9d08cfdf9c2372a3c3c924fb37c45dc4f0c8dbe29387bb40c5ebe169e619a6123fad4ce755ddb6629b7c4cb4e9cedf8ed671dae3a3025285b41b9520fcb985b1711152e97037c538483f0561b79632ef442d581e3da08f3bc12cf6352eca2976c6f78d0c9901e0a0d9f35a1a1f64a899e6f282b9e2d6bcd22889285f9071174bf98684a39b04a73f3fd18c7db900f34f216758f28604e755f565f1603019611055d22b5f02598af378e00d3738850cbd8a737c87d5051789c39e1d34bac610543109f8c55047e68b57d3c188f890a7f1a42aa3a064e6ef4c6126009349379a91a756656bf5a013bdfa99f1374c1fa0a2cb8b398e6579cfecac4da1d76f37c4f9c7e47c0fe075fbc0f5b3f20f7b312dda6fc4fb8fcca8b2863b484bfca4cd95a734384ae2ad38014d8a94e987a0f4b6704e2e25960da1e02aec1271a7b93818d09035deff80eea262ddfcf0edd478030df8441112b558ba4a1f4750d4e47b1f228bfc60b97e84a7755a711d6860bfae0ec06541950b76502dfe6f89c67542ea4c213cd2e10a83dd08f32359638e0cc4b5ffdd9da1b98743004d58d6290b516637d9eb994a58d62b23195373a14a474e31c51368626344e06aa7775b5866aa2fab0fedbf4c1d2b3d53deff6ee7001513fb391d2c00f128bb06a11369f39e70a51404460719715e1353f64e7bb20ca4edd2650c57115cc3da123f0b415f93c87806cc8fe8ac8d2c812e65034a681f376b03aaa545e38c6f9c5bfdbe171916806972e8688181230a8142651aa4c676c0e6f2277159da12c137d76d257b35cca0a0316d340373076a11ef8b01bcbfe4d295a72e34526e203fa339bc0f9d74f30ac6a016c813bd4627fc8e03343288a942300ffb57def44129d56d614beb037216c1edbc0d4c9772c1d8fbaa3b24739544c1b0be0c2075e36d1981148844461d03be35d752b70de98ecf8b4f42ca9dbf4e30ba552209d6fae811ec400f88a26b73be0539422ff17443f5ca5e01916acd0f34069d92979222da0d55dcf74f0f6827610d81cdb0b715a857eae83d8112f491cfc67b6d488d1e68a418b9e7beabdb7db533b4905b696ae7b742f24c3289d4a086027a3917cdb194a654cc7247f53e2f9b9c1d936aa62b62eaf42fbf470fb9be721dad8c18f6681246e27865bdee0e01528e489cdd5f8a368f32616e5cc7456d537bbc96b268fcc756be2d3cd91bf7b9dc6d8baa3432e41bf098fdae0f18b610d526650247e05608be27d65f30e7563ee96448363a8c2c42776ff24ad39bf82887000bd1a35a3952ecc51e1bd2ddabae1561f69cfbb15495cff78e057628ce1011b689e8756c6693c8ded29027af08ce60cca6b5db885b925d7c6d6d67f95219828e7a7ae72b77d471e439d7d816bda74b654370739225ffd30079265acd0c2ced50db1f6f7a4e58b8a543be669c746ac999b214b79163398bbd7c3d88f8e319af8a471cf2bebe4b426eca5d94a924044b95e0298534e8eee885442b59581a421ac4a949a46bcee6699c1799a2e5805ec28663a4958a448b764d20e427ca92ebd3c78aafae3a135448be3db2bdf09fcd64100ba5433f957df5bbc17794f85362cd7702d18db0928077ee4714c715991f83bd9ef6937aead75b13427b15a7a83d2110e5a2004d5d5419e4857d80903ca869f4340f54aac45b3277c6cadbc7a041554396490b1be0f7df8bf71b8a792384b0287e9da5bb945321dc130528c0f148de5c1485aa2cb2310fceb84860ea0013f73e9bc71259fd50d01c2f5e5b6d5b8f68097173f6670f3f80f798cd7c77d0ba62b4b3922d48f90de3f7e80e5c15dab5252ebbcbebb2797525dbccf4dff47ca12ed8dc671e7702a41590606bc861a8681ae92877cba80ef634c58c932ac17f7b5fac926a00ba1426d141d9a8aca77740254de3ac21b3e2f8a42024df9ff338582f9857e6090921daa74afa703c929115cfee491362f4d43bd2b22e097cd317ef0edb1a7d77b9237d84a7ad8e2480d41b3d2149a7ecfb9d21c9d389006913a90acb79adb2f18a83dc968b42e234c60d8024268af67841721b196fb4afe6d3718caed0edca7bef37e190dd3a0634308a08bb152ac67dfbc4427af83b53ec7f0fdabd16925f01d66f299102099bd469129723f3003f214bbcea15ee37f22bf71b70e15e966d255b0ccf371efd0ee63a87e270ecad28fe83ecc1ecb6980fbd54e44b71cbe497444744d6e1834934fe320dff3fa943b392964b74984f7848728618f3dd5e599c19e1a7e1f6bdebe76036ee5cdc3abbf1d45f12cccc15003035211240e9d7529b4d94ed7eb6106dbdd8731cd7d276b55a94c754643971989f195096ecaba017ce585bd3bcb126ed8751871532b3b824bee9469f9d199c315073b4dfa69190d5ef222177036eeac7b0cafc0f8cc256195bfd14eecc9ad43e00d2c48371902fcbde260dcf77d6dad759984a363ef3b1b27b8b1e7fbfcfe7f1f12bcd501dc64a0bbe4158d32f55bd63410b94bc30fb92c8a2ac5f3a891e267f8a3c11117c8b680254e9f596ef51ecb913c9dc4860b487a791891642dc4b3e3a878819cf380aff8a42e482e70eae0fcbc0d0aeadb2a796518eb3f6785495a9dbba2efe55f53dcb70561d9fe71b90b79dd3a5de0580fd4ed25003192138d98f8b685f30f151118fcce94add5d06c4b4236c460fd6376fa5933e4dc70a035a73154da255243ba0beedc3c1977b6a04a9ed50f0c1c8a1c5d427d376674218823dba1848d10274df46123578fd7d70eee334edf7eb0504e4754d0793151a1b3393ca57a3f3543f251a3c22551eef960785447a9373ea535fe9333ed2fa49923a04e4542ca029451a1e3f2a24be9bf4576d761671ffd88d4f0fe1f8b9de8a9d02eecddc64b49f77aaa955ba3d203bc1045118a45039913593165e7aa66c10a05f168cafe74b58e741a2522380c0f7e3a975346eb802127a5d35b5f84eb8c55206d963b83fd0895ad939e5536523201956af35b013319579f83e0a91a1ca7a0d09c8b9b9cac14ef6df83ac07ab0fd85847d69e61a2d723624dbea8cb7d37af49cd5cb3d0c12a4b5803443ce77592adfb9693b8037fb04453e4f462806a0d1c03a97ce26fd719b596002f6041b51e4948c67e252a4f373ddeaf9b47f6848bba4995ff136a0f1a2beedc47108a9c8083c02b914192dab0db36a5da64d0f9b983191790246ddb2a50960367a78b9ab6b70ab9178c45db31e2ecfd4ecd1870c44ba58088cde9db51967a2e14ff141a30d1f987ca9f88d8643151ddc3f542cf1becc6954261fb78e3bb31556ef4847865d3e78b366014ea2d8a5ca8f41ded31f070c7cb9b76502c182fd8b468f3f75111d82b1f6a2a6f4cfc0174ed91dc91b29fac3e3fc63971c134be10d1fa92e48748a9dbe9b2ec73860322037e8725351dfddc2386726e167b621f2e51c7f19d4e54464d59891d948f6eece2ee54d2f0ddfdf74395624dd701c5b5821f555a70105118accb3740983dec9ab2d4d27f735ad64722c841d6746b30984f5e6c7492d3e1827efdb95b6979e5419b847f856e519693ee4340def3f7fefc7be583ae3668652387b2f4f1252f93cc266a3b4b1de2dccf3948732fd516dda6b2331f743605ee353a88c576b5c4d0668aef7b1c9229345c058d4222438c2c93667c09f65a61beb1f45bd9bcf56f53371b1a989dc", @typed={0x5, 0xf9, 0x0, 0x0, @str='\x00'}, @typed={0x8, 0xa1, 0x0, 0x0, @fd=r3}, @typed={0x14, 0x141, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @nested={0x1c9, 0x5, 0x0, 0x1, [@generic="9bb526a513730654950a7f908e26652c3beeefa73b5d0aab60605d185a8bae126289dec7c6417c0304613b64d26bd315d6518b9b61cd3b83813fe074de2db126118973fadc029e70c4a8a5e127574f11b598ce37a3680da2a73332e9f0966b3794b8e92d5fe0737e1da732b4fdbb19a1c93b54d44dfc1670af0ff822a820b444ea44c42d170581408338468cd04a554d83ee529dc55da7cf03c3c2595a76d9d6f1c54bc564d8b15f", @generic="7cb2", @generic="5cff0cf42d20005a922bd048796dee4fcf457534930e0dae003e4c7c9947047981fcfe94a82c224288e45ccb11578a555cea8007fe337f09f06e7737560f31b8d59e67ec383e7ba7bde97d546a5a9660ee3552e417013862b25bea4f5f2f133e36d6693cfb02bc4edaf249f743f428b4cf1393ba367d3bddcb676cdad211f1b0d3e487690d5580f11521e4ec5b7411c7e49668d9757e9756ac7b02c37142c4cd3a5d6b811a8630e7e44f45637d551f8872e8b9061f16bb5e8185f66b501677d3eeb6abcf4adef94763610c084d8f946197b70983b99a2b234f8e833279ccfe2461459ce6226cad824695c213404553d92c4d997feaed54", @nested={0x4, 0x12f}, @nested={0x4, 0x3d}, @nested={0x4, 0xce}, @typed={0x7, 0x7, 0x0, 0x0, @str='/$\x00'}, @typed={0x8, 0xba, 0x0, 0x0, @fd}, @nested={0x4, 0xc1}, @nested={0x4, 0x51}]}, @nested={0xf6, 0x14c, 0x0, 0x1, [@generic="7d9d7a300dfbfe6a346a471ae585df343afa7227be3b9df405063dda68b861649aa9b5ef2dee3076b11c3b75f473705d50d00f958a2fdc0204acd22abdaa3f337592860cb8f9ea5f8360027ef520dac6f263dfd38ae3825b76628ff46329c11bbfde9e50f7fe28da5ccc7d7110c6e1fea99ec6de7320a56ab223526b51f51eac632f0362602af30fadd54078e8c1dc712aeb77e96b90560971fa843de8f88ffb10b051268549b072d77428a8211faa3e87d05942ad71ea1995eb8565c0529526f56d1e12d430cc487293ed24390e0f75ac7bdf47120137dd45c55b84c1de", @nested={0x4, 0xb}, @nested={0x4, 0xea}, @typed={0x4, 0x12}, @typed={0x8, 0x53, 0x0, 0x0, @uid=r7}]}]}, @NL802154_ATTR_MIN_BE={0x5, 0x11, 0x3}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x8}, @NL802154_ATTR_CCA_ED_LEVEL={0x8, 0xe, 0x8}]}, 0x1338}, 0x1, 0x0, 0x0, 0x10}, 0x80) r8 = openat$dir(0xffffffffffffff9c, &(0x7f00000020c0)='./file0\x00', 0x40000, 0x40) connect$auto(r8, &(0x7f0000002100)=@qipcrtr={0x2a, 0x3, 0x7fff}, 0x81) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) (async) msgget$auto(0x535, 0xff) (async) ioctl$auto_BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000002140)={"f0b384a31234a192d48a8e0890eee23a376c8c7e08818261e6aaae2b62195e65", 0x9, 0xe, 0x4, 0x7f, 0x8, 0x0}) ioctl$auto_BLKTRACESETUP2(r0, 0xc0481273, &(0x7f00000021c0)={"0be03b88a6d60b5aadc9ba9534bec6aba246aa0d20cc79cdba2699ba9492c5fc", 0x3, 0xfffffffe, 0x0, 0x0, 0xf, r9}) (async) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000002280)={'veth1_virt_wifi\x00', 0x0}) sendmsg$auto_NL802154_CMD_SET_BACKOFF_EXPONENT(r4, &(0x7f0000002340)={&(0x7f0000002240)={0x10, 0x0, 0x0, 0x4018240c}, 0xc, &(0x7f0000002300)={&(0x7f00000022c0)={0x24, r6, 0x800, 0x70bd2a, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}, @NL802154_ATTR_CHANNEL={0x5, 0x8, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x60010010) r11 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_netdev(&(0x7f0000002380), r11) r12 = syz_genetlink_get_family_id$auto_mac802154_hwsim(&(0x7f0000002400), r11) sendmsg$auto_MAC802154_HWSIM_CMD_NEW_EDGE(r11, &(0x7f0000003200)={&(0x7f00000023c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000031c0)={&(0x7f0000002440)={0xd50, r12, 0x10, 0x70bd2d, 0x25dfdbff, {}, [@MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0xae3}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8, 0x1, 0x1}, @MAC802154_HWSIM_ATTR_RADIO_EDGE={0x720, 0x2, 0x0, 0x1, [@generic="79226e0d9b186535d6eda91237e1fbc045c6bd72af7f1aab213f95ad79a5b0ba6a2b6c1afeea8d97d680c20c8c7012569a49489103d5a24342a88fb8fa5062965da131bbe5f15f3a9e3888c5d0af00aea0a2ecf4a880eac03f082d7f24bb004f1c5a28857b7b2e172b8f779785c9ac62775f5270", @typed={0x4, 0x8e}, @nested={0x237, 0xa, 0x0, 0x1, [@generic="ed28f615954d0c83d3d58837c74b26664ca578c7b70bd5ec18313a41a4ba670ba197d88cf1e11d6fd02051c78df8ce318e8a5db2b3d6d941fb782f04f221c6f70c98da2296bcab129b5de90e1d", @generic="ad8cca2419ea6f950da0b486e66e19d9683efac536c1b975918385efc78b79b688438fbe4dab1a77336b4b6ce6bdfb9534b37891a80fccc8aa6d97267b3caf8027957f6357fb5e05830aa8b4b22e77e8b0113d3872acef7be5943cc3399a2071340e6a037ecec7640778d97c5e8eee4a59b17a90b7cd2ff3d4f92669c04fd9f5589c3682e65c5f1ec44148", @typed={0xb8, 0x5a, 0x0, 0x0, @binary="a7a35e5b1654b76f6950596b59d9e497c4208691ab02b22986dec47d6d65849ab21783a7404de257e66fcbfa72ce1a2055822b1cadea4012c80ef8494fa8464d1adc4343d372bd9a9e6b4b7bedf587a81e1f1f819c78ece835ce29e7b1a4c846249e6b1d4c3b3186fd3c6e1c82bfe82e2e199be55a859d55b13a377566cac5691f714bc5e0b54e628b354d8716ea95708fd6317d5eeff112b5ce5ed24fa7bdaff1dda0fef600c376d2e858e6af7228e20ee1701c"}, @generic="913c2be1f00532e265ff755e51d0ba2fcea34fb0c8a6c2363a44e4d5b0731bfd0fd0bc32cfec713a0889df2cf2bf79d4f4e1cd2b9dffc468485909d01312d287baf118e1fd40590bde38706388045f2e41bf64a2ba2bcea58eebf2ecd4797bf6c16bc2f3222d28c8f628d4eeaa41e1802f2613cb07b5569808e3e2de866a1cb71ecba912700615fd0216ddedf36d91edcaf9996b026ed39557725bfe0135322335f7dd"]}, @nested={0x45a, 0x8c, 0x0, 0x1, [@generic="23c55702a561b2ce0b9931d6d9db4a2996139855363ab2ed716d914de97b1886dcee2d82d03f0c8a7d00215909ca96d7e460a2db768effa651ce267de9e0e65de82f025a938833d8192efaf2e43dcaf5f1c1d209e48e207cce0693e956faf1511d0650fbda75c8ef05b4fc45bfe993980c9e15e78a6037c7becad49d3bedd28553607a7f7b07e86d73d54b12afbb0e08a75a5ed3adcc8c13b5f0304c4fc153af50717c38f89f5e8fe9e12415b77c48df53fc9d15671b4a8b2227b6256f99ed2acfd5", @generic="f48dd06e02504c39302cdae1a1a482d4e5496d02094b9fd5431210bb022cf9cc6533c2445f4c9ea809a0960388581fa91231f06ec6126d6b868b8f8ed0c2fc1afa9e806034c69872080c58308849f2b5bde55a0e587b88bc49a6459c652db9aab966ce9b5baea415f87461d584347b9cad82505defbdbcf8751511c5dae84afa96ae8043c9bb0fb3b80ace0e8df7487f32f35025546081f020abe778b1a90037fe2a06d753a4e99b903267b8e8ccba1b4cc18ed0bb025ed0f5371aaef73385766191b426adbbe7520a4ba4d5fa1d2a7058a7e7647399c2e59814f5b81a8341e18e3ca99881036bb2f3528fda3161826b", @generic="044732f4cfe74aeb2f03c444d79d558e6ff8d829416ca8bde601a5b2e32bfc17af9bf410c60e240da80c3ea4463d2da277d31d5e725cfe03289cff6c53d8446c32a7e851fed74a5ffaa64284ee4fa01ce35a9a8ce96147f75181f3ef25e2", @nested={0x4, 0x15}, @generic="ff484ec5c83ceddee5a5736872efaed534cfa7bb7dab884e1c3502c26efb4087a34f3205f5ab5bf1f3ee1bab0def2a30c262e94be194b1b6e5578e7a2d93668f9daa3100ffe9562a3a5d3b4a42fa1106e03aeaec9b7468a18d65b3170e55e56b9cf927d63e8ef2150c2867cc1b7b50d2aa147508e2834c2ba4c7396733d3d754b0b2a430c0165e667effb08d06b68b", @nested={0x4, 0x3d}, @typed={0xc, 0x15, 0x0, 0x0, @u64=0xa}, @generic="4fa40e6513584495141713f2fb1d618020b9cc9970edfbada4ccd517cc6807e0ec70d350e292a71f6d1fc50b4e75a4d5f70cb1672d4d56bc9fcd47b79d5b98bba99f38dac3449a800a25d68c17cd16f3e4e4b2b25fcaa69b1839a6ce19d5107e63e492bbc7d2888cb328b78423751ba8a199026affdcf827f725d698c6f7536030b5802373bbbec95c797aaa39deb2274abd016aab155b4a29ee63e6abb5dd58455a8f8c0e5764dee6830380e6a728cab099a1b888f6220cb685da14ec938961084a7c77342d4cae0d823e7991f6639bcd41c3f54bac3e5cde5cd20776c0cb20d3e3a6f5561476e0569fab", @generic="608b5b67f909e25e531605e9980afd5962e54889b8c29bc6155f5de8157d2d4ebdca61b036c38bc1142be81e62b8c7f53b8bf17960b3fde386bd933ce0cad0e6eb48c27aac7ce9639512d1617255e680d72740d211106c75804b8c861833e6a120dc9247f4c74abc1cc4c277ce93731872c8d70fe1ca62fabeb661265eb3772614b4c5a11134339af0e6fe1026bbacbf7488fb79de6f9ca7c44926ce6f35936c3ad74f7f569d07ce564ab2bec071fbbbd1a14c2dafc8c0fa"]}, @typed={0xf, 0x34, 0x0, 0x0, @str='\xfb,@](-+H[%\x00'}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x125, 0x3, 0x0, 0x1, [@typed={0x4, 0x7b}, @typed={0x8, 0x104, 0x0, 0x0, @ipv4=@local}, @generic="9217be40c64554947d4bffe07cb801a660e3c4ffdf7060f7508ddb2187c4b531f97e2168ded7b81846d8edb8f22186968b9f4aec3e96aa21c95c4a04bd43cae7815b0a5318c585b72b15ceef7875a6e3eb12ad131e759d1b226d01732aef066fbd2a8c6f81a1ac081f8e5131dbd669cab1d4999381a3a851b75da86383373d2a1b7e06002498f1f4c7daba5e06c41c753051946c94ade10bbdf36464166d860c902c27e477875a1ae2a14f6070894ad83f12afb586ffdf0e9266960d9d6aec3f6c6325a9c13350e72b5288ea723bde0eeb8b3d1ef69cc255fb5c373c6418520e40638e4ae2315ec32ce1597bb8", @nested={0x1c, 0x3, 0x0, 0x1, [@nested={0x4, 0x107}, @typed={0x14, 0xea, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, @typed={0xc, 0xeb, 0x0, 0x0, @u64=0xffffffffffffffff}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x1e7, 0x3, 0x0, 0x1, [@generic="a4c53d47275d1aeea9a1cd04c58435cb15c529fc5757c01dcfe58b0036403ca0a368dad09fe1e666ba12ce68167f2cd4d91080a33d4ef8f69dd73738e137cc5f5c406d33bd7bf5ee20b76438ca33b93a4f3d8e31c0ed5f8b0ce257a6343d1a3c9f63010e1107c7c97ad115da585ded8cbf791902f50778d53fa5bd4e803d3ff1eb2ea06caeb008ba2b6c4ea5d6ff6512d73f1dbdf0b1db86c567c94209511df834fb1e63668018eb4ad36883821b3887fa99f78bce60133998d40b5ffcc0a65e0bd34ee57a7b3bddca38ce6692832c0c39798acf22fbbd309e93c8e233ae4a0baa38ada729fb55d6", @generic="5bee338e0f8020b7836511167bc72f8662ecd0df9b6faea0dd1b5416f5089ace0b2344dcd911d111a6034e8318a53646570128a8e839ecc4c4d8a7bf8b22b38b6aac75f179338d556de75d21acab0ea74cb31660a88ddab7e086014ed766fdcf88c5bd595423117166b2dee3d3c5d9cfaa11b7ecac5bd5d41ad10ad99d21b60421027e42d77f694b82691b5ae08e008941f0274c6601655d0515a31b974bddc1e0bb82b169e0f19e5d973a20895bd8746e3328", @typed={0x8, 0x12e, 0x0, 0x0, @u32=0x8}, @nested={0x40, 0x8a, 0x0, 0x1, [@generic="c7305e3d793f4b160f28dd63cda7e679dfc8536124bdcb91e0de12a25fb2652552b007e1e39d958451c9e2d1b143307ea25a49c9bce7759678190b4e"]}]}, @MAC802154_HWSIM_ATTR_RADIO_EDGES={0x2f1, 0x3, 0x0, 0x1, [@nested={0x1b, 0x145, 0x0, 0x1, [@generic="8a8482bf240c44b3c1bde141aa9ff826665dfaed7dc094"]}, @generic="bf6818c76e003e48b4baff8d6f7a3c0d3e82e6b5a588ae379b26bb465cea27c8cdfc14aaea32ed0bccc6ff5ac8f2c9cbce99334e91f42401a5fd1a605899c3cccd8d7592dd942f4683017184d12b719128a883acb63a623e1fe5405a3aea644f8215f25c699fc01dfb267681099a540d99b86f8215a21887e10da94d255bd88c284140bf103fa2ed627f7e7672cabbf11551408114edbeb9ee530431803741a935fb0f9917208e4bc939b96519043056390c4da4c76006925210ec6cfd8e8f1a5c8b1eb4ca29b06df3bbdcb242427abd5876aafac0abac66c1f0e293f9de9a233aefe973fd4dfa", @nested={0x18, 0xcd, 0x0, 0x1, [@typed={0x14, 0xc0, 0x0, 0x0, @ipv6=@local}]}, @nested={0x149, 0xdf, 0x0, 0x1, [@generic="b45b367e185efbe0a9a1af88535ff3ad34987592e468649a1094bc3c471c4772c9c2fc3e43942b9a0cd702cca63b759f38e446e0c0d6330159b53901dbb7cf2b075ce847e572c3bceadebdd82ebcee3649aad2311d4b5b0e1762af53b8527395c7214886fb2e249aa81cb520c588002e61909ca3e400b53e0adb5f71", @nested={0x4, 0x119}, @nested={0x4, 0x44}, @nested={0x4, 0x2f}, @generic="4fb4e9539c89c4fb98da0847dbb1cb9f166b2fa74bed84e90e8483e3b8fb32028ac995c9b0a4b7639323fe51e0aedcfce680d4cdbf1b82e4637b5f5e6007f06308cddb4b1a61be2bb1a35b8a73264a2faa6bc861d0c9c341c1eb3ce267224ea8f8e0b9dabc2fed8f84a5d5d161b71e7e5f45972de7c149dc9e3bf36b6b6fc8f56cc740e71aa8eee22f78be0bda3d937b7616d8652c4a5b1eb01dccfc0f115afd3280798ee6d8e73d91fc4632f995cd9d0766c843a7b0fd3a32bc282671"]}, @generic="b711b303000197c59a4a7a7399cf80efea15820fd80ecc962882e7c5e3c9202b5b6b3c184e47332fdd056ff66577b578a30849d680f8a59a6879900b42267e03d5fd3d12e4be7e04558be6d1c9f73a1838d5b17c2064389a254301284da8b1bf3c41045c06ffb09c0bc4c5a58027e6a222f1f1e57773d2c5ecb3602d536eb13cc5e3105b04f8"]}, @MAC802154_HWSIM_ATTR_RADIO_ID={0x8}]}, 0xd50}, 0x1, 0x0, 0x0, 0x4040084}, 0x40) (async) sendmsg$auto_VDPA_CMD_DEV_NEW(r0, &(0x7f0000003340)={&(0x7f0000003240)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000003300)={&(0x7f00000032c0)={0x40, 0x0, 0x300, 0x8, 0x25dfdbfc, {}, [@VDPA_ATTR_DEV_QUEUE_INDEX={0x8, 0x11, 0x1}, @VDPA_ATTR_DEV_QUEUE_INDEX={0x8, 0x11, 0x6}, @VDPA_ATTR_DEV_QUEUE_INDEX={0x8, 0x11, 0xfffffffb}, @VDPA_ATTR_DEV_NET_CFG_MTU={0x6, 0xd, 0x5}, @VDPA_ATTR_DEV_FEATURES={0xc, 0x14, 0xd5}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x801) 682.259349ms ago: executing program 0 (id=4469): close_range$auto(0x2, 0x8, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000400)='/de\xef\xe7auDio1\x00\f\'\x8b\xd9\xfeN\xcd#)\x8c\x89>-o\xd7\x8f$\xac\xfc\xa2\xccm\x0e \xfb\xe5\xe9\x92\xaa\xef\x84$\x84Ia>6pV;{\'\xaa\xbeS\x14\xb6\xd2\xf6\xb7\xcd\xf6P\x05X\x1dK\x18\x99\x02\xb3\x0fY0\x80\x99\xe3\x0e\xa2D\xc0\xecE\x86\xd9J\x9c\xa8\x98\x02\xdb\xf1\x81TMpS\xc5\xab\xa1\x1bG\v>\x03\xf7\xe1\xaf\xe3\x04\xc3 ffF\x0f\xa6}\xa3\xa8\xd1\xe2\xd0QG\xa6\xa6\x8e7\x80\xd9\xd0\xdf\xad\xb1\x15\xca\xbb\xd5j\x94\xc6<\x18\x15\xcc\x8d\x14\xd8\xb8L\x03\xdd~\xe7%\xcb\xdd\xda!\xd45Z\xd0\xfc\x1b\xf0\xe1\xd6:\xd7\xe9N\xc1W\xe3\xae\xe9\xb27>k\xf8\xdf\xe1\xf9\xcc\xcb\v\x01D\xc3\xa9T\xb9UY\xaf\xa4\xe4\xfec\xa3\x9bI@\xb7w\xf8\x14\xc0\xd5\xd5\x95', 0x8) r0 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='f\x00'], 0x1ac}, 0x1, 0x0, 0x0, 0x48840}, 0x40000) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_0={0x2, 0xb5, 0x200, 0x4, 0x4, 0xffffffffffffffff, 0xa, "2af051b26b658a20d8dc6b36c83ce63f", 0x0, 0xffffffffffffffff, 0x5, 0x3, 0x7, 0x6}, 0x10) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000580), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x807}, 0xfffffffd, 0x8) 582.528572ms ago: executing program 4 (id=4470): r0 = openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x8040, 0x0) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, r0, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) unshare$auto(0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000340), r1) sendmsg$auto_TIPC_NL_NET_SET(r1, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x2) keyctl$auto(0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x6) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/i8042/serio0/softrepeat\x00', 0xc2481, 0x0) write$auto(r2, 0x0, 0x81) fcntl$auto_F_GETFD(0xffffffffffffffff, 0x1, 0x7) ioctl$auto(0xffffffffffffffff, 0x4004556e, 0x1f) setsockopt$auto(0x3, 0x1, 0x4c, 0x0, 0x9) getsockopt$auto_SO_LOCK_FILTER(r2, 0x9, 0x2c, &(0x7f0000000280)='@,\\#\x00', &(0x7f0000000300)=0xc) mprotect$auto(0x0, 0x806121, 0x6) bpf$auto(0x0, &(0x7f0000000380)=@task_fd_query={0x12, 0x3, 0x4, 0x88, 0x8, 0xae85, 0x66b, 0x4, 0x7ff}, 0x6f4) 382.249533ms ago: executing program 0 (id=4471): madvise$auto(0x0, 0x2000040080000004, 0xe) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r0, &(0x7f0000000040)='//\xf2\x00', 0x80000000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x80000001, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x103800, 0x0) r2 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) close_range$auto(0x2, 0xa, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000280)='/dev/radio26\x00', 0x169100, 0x0) fremovexattr$auto(r2, &(0x7f0000000000)='system.posix_acl_access\x00') sendmsg$auto_ILA_CMD_ADD(0xffffffffffffffff, 0x0, 0x4) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) readv$auto(0x3, 0x0, 0x1) close_range$auto(0x2, 0x8, 0xfdff) openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$auto(0x3, 0x5420, 0x38) sendfile$auto(0x1, 0x3, 0x0, 0xd551) socket(0x8, 0x3, 0xfffffffd) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) timer_create$auto(0x2, 0x0, &(0x7f0000000140)=0x6) clock_nanosleep$auto(0x2, 0x200, &(0x7f0000000480)={0x8, 0x7}, 0x0) timer_settime$auto(0x0, 0x6, &(0x7f0000000000)={{0x100000001, 0x3ff}, {0x5a, 0x2}}, 0x0) timer_delete$auto(0x0) 367.955856ms ago: executing program 4 (id=4472): openat$auto_clk_summary_fops_(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/clk/clk_summary\x00', 0x80, 0x0) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x3, 0x73) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socket(0x18, 0x1, 0x0) io_uring_setup$auto(0x6, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) r0 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r0, @new_prog_fd=0x4, 0x4, @old_prog_fd=r0}, 0xa3) bpf$auto(0x1, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x80000000, 0xc, 0xb, 0x5}, 0x7) (fail_nth: 3) 191.869386ms ago: executing program 3 (id=4473): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) r0 = openat$auto_drm_edid_fops_drm_debugfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x40901, 0x0) write$auto(r0, &(0x7f0000000040)='/sys/kernel/debug/dri/vkms/Writeback-1/edid_override\x00', 0x5) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x103002, 0x0) write$auto_sg_fops_sg(r1, 0x0, 0x0) r2 = open(0x0, 0x261c2, 0xb2) fallocate$auto(0x8000000000000003, 0x0, 0xd, 0xcbd5d) io_uring_setup$auto(0x6, 0x0) r3 = socket(0x11, 0x6, 0xaee4) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) close_range$auto(0x2, r3, 0x0) r4 = socket(0x11, 0x80003, 0x300) sendmmsg$auto(r3, 0x0, 0x2, 0x100) r5 = socket(0x2b, 0x1, 0x8) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @remote}, 0x6a) sendmmsg$auto(r5, &(0x7f0000000140)={{&(0x7f0000000200), 0x8, 0x0, 0xc, 0x0, 0xa216, 0x9}, 0x800009}, 0x5, 0x20000000) getsockopt$auto_SO_RCVLOWAT(r4, 0x5, 0x12, &(0x7f00000000c0)='\x00', &(0x7f0000000180)=0x4) setsockopt$auto(r3, 0x1, 0x4, 0x0, 0x9) recvfrom$auto(r2, 0x0, 0x8000000015, 0x10001, 0x0, 0xfffffffffffffffd) write$auto(0x3, 0x0, 0xfffffdef) shutdown$auto(r2, 0xa) fallocate$auto(0x8000000000000003, 0x3, 0xf, 0x9) close_range$auto(r4, 0xa, 0x1) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000080)='/dev/binderfs/binder1\x00', 0x80001, 0x0) r6 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video57\x00', 0xe0442, 0x0) ioctl$auto(r6, 0xc0e85667, r4) r7 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r7, 0x0, 0x3) 100.287788ms ago: executing program 4 (id=4474): r0 = openat$auto_ftrace_event_format_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/tracing/events/vmalloc/free_vmap_area_noflush/format\x00', 0x40, 0x0) pread64$auto(r0, 0x0, 0x3, 0xfdd) mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = socket(0x29, 0x2, 0x0) ioctl$auto(r1, 0x89e2, 0x38) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffffffffff6a, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4000009}, 0x24004880) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000003000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYBLOB="010600bd7000fbdbdf250a"], 0x1c}}, 0x20008810) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:03.0/resource0\x00', 0x103000, 0x0) readv$auto(0x3, &(0x7f00000002c0)={0x0, 0x8}, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=':'], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0\x00'}) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket(0x18, 0x5, 0x1) connect$auto(r3, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) close_range$auto(0x2, 0x8, 0x0) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(r2, &(0x7f0000000080)={{0x0, 0x8002, &(0x7f00000002c0)={0x0, 0xc4}, 0x2, 0x0, 0x0, 0x1}, 0x5}, 0x3, 0x0) read$auto(0x3, 0x0, 0xf34) close_range$auto(0x0, 0xfffffffffffff000, 0x0) 94.416452ms ago: executing program 2 (id=4475): openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/binderfs/binder1\x00', 0x214000, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x2b, 0x1, 0x0) r0 = socket(0x25, 0x1, 0x0) sendto$auto(r0, 0x0, 0x0, 0x0, 0x0, 0x3) ioctl$auto_SNAPSHOT_ALLOC_SWAP_PAGE(0xffffffffffffffff, 0x80083314, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) fallocate$auto(0xffffffffffffffff, 0x1, 0x2, 0x6653) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0x1, 0x0, 0x0, 0x0, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x3) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) ioctl$auto(0x3, 0x2287, 0xffffffffffffffff) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, 0x0, 0x401, 0x0) write$auto_proc_mem_operations_base(r2, &(0x7f0000001680)="a7", 0x80000) madvise$auto(0x0, 0x20200, 0x15) prctl$auto(0x43, 0x17, 0x0, 0x0, 0x0) prctl$auto(0x43, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) r3 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) io_uring_setup$auto(0x85, 0x0) r4 = socket(0xa, 0x1, 0x84) getsockopt$auto(r4, 0x0, 0x487, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x3b72, 0x0) 0s ago: executing program 4 (id=4476): socket(0x23, 0x80805, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/fs/lockd/nlm_end_grace\x00', 0x2800, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r0, 0x0, 0x20) ioctl$auto_BLKSECDISCARD(0xffffffffffffffff, 0x127d, 0x0) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r2 = open(0x0, 0x22240, 0x154) execveat$auto(r2, 0x0, 0x0, 0x0, 0x1000) rename$auto(&(0x7f0000000000)='./file0\x00', 0x0) unshare$auto(0x40000080) kernel console output (not intermixed with test programs): 27620] ? __pfx_find_vma_prev+0x10/0x10 [ 1534.102588][T27620] madvise_walk_vmas+0x31f/0x9c0 [ 1534.102616][T27620] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1534.102644][T27620] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1534.102683][T27620] set_anon_vma_name+0x32b/0x4b0 [ 1534.102711][T27620] ? __pfx_set_anon_vma_name+0x10/0x10 [ 1534.102747][T27620] ? static_key_count+0x5a/0x70 [ 1534.102769][T27620] ? security_task_prctl+0x11c/0x160 [ 1534.102807][T27620] __do_sys_prctl+0xab0/0x2250 [ 1534.102838][T27620] ? __pfx___do_sys_prctl+0x10/0x10 [ 1534.102875][T27620] do_syscall_64+0xcd/0xfa0 [ 1534.102910][T27620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1534.102933][T27620] RIP: 0033:0x7f036318efc9 [ 1534.102952][T27620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1534.102975][T27620] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d [ 1534.102999][T27620] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1534.103015][T27620] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000053564d41 [ 1534.103029][T27620] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1534.103043][T27620] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 1534.103058][T27620] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1534.103091][T27620] [ 1535.772935][T27643] FAULT_INJECTION: forcing a failure. [ 1535.772935][T27643] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1535.808665][T27643] CPU: 0 UID: 0 PID: 27643 Comm: syz.0.4172 Not tainted syzkaller #0 PREEMPT(full) [ 1535.808699][T27643] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1535.808714][T27643] Call Trace: [ 1535.808723][T27643] [ 1535.808734][T27643] dump_stack_lvl+0x16c/0x1f0 [ 1535.808781][T27643] should_fail_ex+0x512/0x640 [ 1535.808811][T27643] _copy_from_user+0x2e/0xd0 [ 1535.808838][T27643] copy_msghdr_from_user+0x98/0x160 [ 1535.808875][T27643] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1535.808929][T27643] ___sys_sendmsg+0xfe/0x1d0 [ 1535.808967][T27643] ? __pfx____sys_sendmsg+0x10/0x10 [ 1535.809001][T27643] ? __lock_acquire+0x622/0x1c90 [ 1535.809071][T27643] __sys_sendmsg+0x16d/0x220 [ 1535.809108][T27643] ? __pfx___sys_sendmsg+0x10/0x10 [ 1535.809167][T27643] do_syscall_64+0xcd/0xfa0 [ 1535.809205][T27643] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1535.809229][T27643] RIP: 0033:0x7f52dfb8efc9 [ 1535.809248][T27643] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1535.809272][T27643] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1535.809297][T27643] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1535.809314][T27643] RDX: 0000000000000800 RSI: 0000200000000340 RDI: 0000000000000003 [ 1535.809330][T27643] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1535.809346][T27643] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1535.809361][T27643] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1535.809398][T27643] [ 1536.038006][T27645] FAULT_INJECTION: forcing a failure. [ 1536.038006][T27645] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.078233][T27650] FAULT_INJECTION: forcing a failure. [ 1536.078233][T27650] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.098079][T27647] FAULT_INJECTION: forcing a failure. [ 1536.098079][T27647] name failslab, interval 1, probability 0, space 0, times 0 [ 1536.110892][T27645] CPU: 0 UID: 0 PID: 27645 Comm: syz.1.4173 Not tainted syzkaller #0 PREEMPT(full) [ 1536.110926][T27645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1536.110942][T27645] Call Trace: [ 1536.110952][T27645] [ 1536.110963][T27645] dump_stack_lvl+0x16c/0x1f0 [ 1536.111005][T27645] should_fail_ex+0x512/0x640 [ 1536.111030][T27645] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1536.111069][T27645] should_failslab+0xc2/0x120 [ 1536.111096][T27645] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1536.111129][T27645] ? __proc_create+0x2ce/0x8e0 [ 1536.111165][T27645] ? __proc_create+0x2ce/0x8e0 [ 1536.111192][T27645] __proc_create+0x2ce/0x8e0 [ 1536.111221][T27645] ? __pfx___proc_create+0x10/0x10 [ 1536.111255][T27645] ? _raw_write_unlock+0x28/0x50 [ 1536.111291][T27645] ? proc_register+0x559/0x8b0 [ 1536.111322][T27645] proc_create_reg+0x7d/0x180 [ 1536.111354][T27645] proc_create_data+0x86/0x110 [ 1536.111383][T27645] ? __pfx_proc_create_data+0x10/0x10 [ 1536.111416][T27645] ? cache_register_net+0x137/0x5e0 [ 1536.111447][T27645] cache_register_net+0x25a/0x5e0 [ 1536.111475][T27645] gss_svc_init_net+0x98/0x660 [ 1536.111506][T27645] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 1536.111534][T27645] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 1536.111571][T27645] ops_init+0x1e2/0x5f0 [ 1536.111600][T27645] setup_net+0x100/0x390 [ 1536.111625][T27645] ? __pfx_setup_net+0x10/0x10 [ 1536.111652][T27645] ? debug_mutex_init+0x37/0x70 [ 1536.111706][T27645] copy_net_ns+0x2f8/0x690 [ 1536.111738][T27645] create_new_namespaces+0x3ea/0xa90 [ 1536.111786][T27645] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1536.111828][T27645] ksys_unshare+0x45b/0xa40 [ 1536.111853][T27645] ? __pfx_ksys_unshare+0x10/0x10 [ 1536.111876][T27645] ? xfd_validate_state+0x61/0x180 [ 1536.111913][T27645] __x64_sys_unshare+0x31/0x40 [ 1536.111940][T27645] do_syscall_64+0xcd/0xfa0 [ 1536.111981][T27645] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1536.112006][T27645] RIP: 0033:0x7f6bb638efc9 [ 1536.112028][T27645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1536.112052][T27645] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1536.112091][T27645] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1536.112110][T27645] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1536.112126][T27645] RBP: 00007f6bb6411f91 R08: 0000000000000000 R09: 0000000000000000 [ 1536.112142][T27645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1536.112158][T27645] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1536.112195][T27645] [ 1536.123162][T27650] CPU: 0 UID: 0 PID: 27650 Comm: syz.0.4175 Not tainted syzkaller #0 PREEMPT(full) [ 1536.123193][T27650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1536.123209][T27650] Call Trace: [ 1536.123217][T27650] [ 1536.123227][T27650] dump_stack_lvl+0x16c/0x1f0 [ 1536.123265][T27650] should_fail_ex+0x512/0x640 [ 1536.123287][T27650] ? fs_reclaim_acquire+0xae/0x150 [ 1536.123314][T27650] should_failslab+0xc2/0x120 [ 1536.123342][T27650] __kmalloc_noprof+0xdd/0x880 [ 1536.123370][T27650] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1536.123411][T27650] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1536.123442][T27650] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1536.123477][T27650] ? tomoyo_profile+0x47/0x60 [ 1536.123516][T27650] tomoyo_path_number_perm+0x245/0x580 [ 1536.123543][T27650] ? tomoyo_path_number_perm+0x237/0x580 [ 1536.123574][T27650] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1536.123605][T27650] ? find_held_lock+0x2b/0x80 [ 1536.123666][T27650] ? find_held_lock+0x2b/0x80 [ 1536.123701][T27650] ? hook_file_ioctl_common+0x145/0x410 [ 1536.123739][T27650] ? __fget_files+0x20e/0x3c0 [ 1536.123776][T27650] security_file_ioctl+0x9b/0x240 [ 1536.123807][T27650] __x64_sys_ioctl+0xb7/0x210 [ 1536.123837][T27650] do_syscall_64+0xcd/0xfa0 [ 1536.123873][T27650] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1536.123897][T27650] RIP: 0033:0x7f52dfb8efc9 [ 1536.123917][T27650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1536.123940][T27650] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1536.123964][T27650] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1536.123980][T27650] RDX: 00002000000001c0 RSI: fffffffffffffd0a RDI: 0000000000000003 [ 1536.123996][T27650] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1536.124011][T27650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1536.124026][T27650] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1536.124061][T27650] [ 1536.124070][T27650] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1536.176458][T27647] CPU: 1 UID: 0 PID: 27647 Comm: syz.3.4174 Not tainted syzkaller #0 PREEMPT(full) [ 1536.176494][T27647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1536.176511][T27647] Call Trace: [ 1536.176520][T27647] [ 1536.176531][T27647] dump_stack_lvl+0x16c/0x1f0 [ 1536.176574][T27647] should_fail_ex+0x512/0x640 [ 1536.176600][T27647] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1536.176635][T27647] should_failslab+0xc2/0x120 [ 1536.176660][T27647] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1536.176694][T27647] ? __proc_create+0x2ce/0x8e0 [ 1536.176728][T27647] ? __proc_create+0x2ce/0x8e0 [ 1536.176753][T27647] __proc_create+0x2ce/0x8e0 [ 1536.176782][T27647] ? __pfx___proc_create+0x10/0x10 [ 1536.176822][T27647] proc_mkdir+0x81/0x170 [ 1536.176849][T27647] ? __pfx_proc_mkdir+0x10/0x10 [ 1536.176878][T27647] ? cache_register_net+0x137/0x5e0 [ 1536.176910][T27647] cache_register_net+0x18f/0x5e0 [ 1536.176938][T27647] gss_svc_init_net+0x151/0x660 [ 1536.176971][T27647] ? __pfx_canbcm_pernet_init+0x10/0x10 [ 1536.177000][T27647] ? __pfx_rpcsec_gss_init_net+0x10/0x10 [ 1536.177035][T27647] ops_init+0x1e2/0x5f0 [ 1536.177062][T27647] setup_net+0x100/0x390 [ 1536.177086][T27647] ? __pfx_setup_net+0x10/0x10 [ 1536.177112][T27647] ? debug_mutex_init+0x37/0x70 [ 1536.177150][T27647] copy_net_ns+0x2f8/0x690 [ 1536.177179][T27647] create_new_namespaces+0x3ea/0xa90 [ 1536.177224][T27647] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1536.177263][T27647] ksys_unshare+0x45b/0xa40 [ 1536.177290][T27647] ? __pfx_ksys_unshare+0x10/0x10 [ 1536.177316][T27647] ? xfd_validate_state+0x61/0x180 [ 1536.177353][T27647] __x64_sys_unshare+0x31/0x40 [ 1536.177386][T27647] do_syscall_64+0xcd/0xfa0 [ 1536.177430][T27647] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1536.177463][T27647] RIP: 0033:0x7f025c98efc9 [ 1536.177485][T27647] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1536.177510][T27647] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1536.177540][T27647] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1536.177558][T27647] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1536.177574][T27647] RBP: 00007f025ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1536.177590][T27647] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1536.177604][T27647] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1536.177641][T27647] [ 1538.575209][T20724] Bluetooth: hci4: Malformed HCI Event [ 1538.597767][T27681] netlink: 'syz.3.4182': attribute type 2 has an invalid length. [ 1538.754781][T27684] FAULT_INJECTION: forcing a failure. [ 1538.754781][T27684] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1538.807037][T27684] CPU: 0 UID: 0 PID: 27684 Comm: syz.3.4183 Not tainted syzkaller #0 PREEMPT(full) [ 1538.807072][T27684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1538.807087][T27684] Call Trace: [ 1538.807096][T27684] [ 1538.807106][T27684] dump_stack_lvl+0x16c/0x1f0 [ 1538.807147][T27684] should_fail_ex+0x512/0x640 [ 1538.807176][T27684] _copy_to_user+0x32/0xd0 [ 1538.807204][T27684] simple_read_from_buffer+0xcb/0x170 [ 1538.807237][T27684] proc_fail_nth_read+0x197/0x240 [ 1538.807272][T27684] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1538.807308][T27684] ? rw_verify_area+0xcf/0x6c0 [ 1538.807338][T27684] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1538.807372][T27684] vfs_read+0x1e4/0xcf0 [ 1538.807409][T27684] ? __pfx___mutex_lock+0x10/0x10 [ 1538.807433][T27684] ? __pfx_vfs_read+0x10/0x10 [ 1538.807475][T27684] ? __fget_files+0x20e/0x3c0 [ 1538.807525][T27684] ksys_read+0x12a/0x250 [ 1538.807557][T27684] ? __pfx_ksys_read+0x10/0x10 [ 1538.807600][T27684] do_syscall_64+0xcd/0xfa0 [ 1538.807638][T27684] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1538.807664][T27684] RIP: 0033:0x7f025c98d9dc [ 1538.807684][T27684] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1538.807707][T27684] RSP: 002b:00007f025d7de030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1538.807731][T27684] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98d9dc [ 1538.807748][T27684] RDX: 000000000000000f RSI: 00007f025d7de0a0 RDI: 0000000000000004 [ 1538.807764][T27684] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1538.807779][T27684] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1538.807795][T27684] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1538.807831][T27684] [ 1539.306885][T27692] FAULT_INJECTION: forcing a failure. [ 1539.306885][T27692] name failslab, interval 1, probability 0, space 0, times 0 [ 1539.348936][T27692] CPU: 1 UID: 0 PID: 27692 Comm: syz.0.4186 Not tainted syzkaller #0 PREEMPT(full) [ 1539.348970][T27692] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1539.348985][T27692] Call Trace: [ 1539.348994][T27692] [ 1539.349003][T27692] dump_stack_lvl+0x16c/0x1f0 [ 1539.349043][T27692] should_fail_ex+0x512/0x640 [ 1539.349065][T27692] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1539.349102][T27692] should_failslab+0xc2/0x120 [ 1539.349127][T27692] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1539.349157][T27692] ? __lock_acquire+0x622/0x1c90 [ 1539.349181][T27692] ? fcntl_dirnotify+0x23b/0xb60 [ 1539.349209][T27692] ? fcntl_dirnotify+0x23b/0xb60 [ 1539.349231][T27692] fcntl_dirnotify+0x23b/0xb60 [ 1539.349262][T27692] do_fcntl+0xe62/0x15a0 [ 1539.349289][T27692] ? __pfx_do_fcntl+0x10/0x10 [ 1539.349322][T27692] ? tomoyo_file_fcntl+0x6c/0xc0 [ 1539.349350][T27692] __x64_sys_fcntl+0x163/0x200 [ 1539.349380][T27692] do_syscall_64+0xcd/0xfa0 [ 1539.349418][T27692] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1539.349443][T27692] RIP: 0033:0x7f52dfb8efc9 [ 1539.349472][T27692] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1539.349495][T27692] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 1539.349527][T27692] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1539.349545][T27692] RDX: 0000000000000002 RSI: 0000000000000402 RDI: 0000000000000004 [ 1539.349560][T27692] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1539.349576][T27692] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1539.349591][T27692] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1539.349627][T27692] [ 1540.461704][T27722] FAULT_INJECTION: forcing a failure. [ 1540.461704][T27722] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1540.478238][T27722] CPU: 1 UID: 0 PID: 27722 Comm: syz.1.4195 Not tainted syzkaller #0 PREEMPT(full) [ 1540.478271][T27722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1540.478280][T27722] Call Trace: [ 1540.478285][T27722] [ 1540.478291][T27722] dump_stack_lvl+0x16c/0x1f0 [ 1540.478318][T27722] should_fail_ex+0x512/0x640 [ 1540.478345][T27722] should_fail_alloc_page+0xe7/0x130 [ 1540.478370][T27722] prepare_alloc_pages+0x3c2/0x610 [ 1540.478400][T27722] __alloc_frozen_pages_noprof+0x18b/0x2470 [ 1540.478441][T27722] ? find_held_lock+0x2b/0x80 [ 1540.478472][T27722] ? is_bpf_text_address+0x8a/0x1a0 [ 1540.478498][T27722] ? bpf_ksym_find+0x124/0x1c0 [ 1540.478531][T27722] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 1540.478562][T27722] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1540.478598][T27722] ? kernel_text_address+0x8d/0x100 [ 1540.478627][T27722] ? __kernel_text_address+0xd/0x40 [ 1540.478666][T27722] ? __lock_acquire+0x622/0x1c90 [ 1540.478692][T27722] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 1540.478730][T27722] ? policy_nodemask+0xea/0x4e0 [ 1540.478758][T27722] alloc_pages_mpol+0x1fb/0x550 [ 1540.478784][T27722] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 1540.478820][T27722] folio_alloc_mpol_noprof+0x36/0x2f0 [ 1540.478851][T27722] vma_alloc_folio_noprof+0xed/0x1e0 [ 1540.478880][T27722] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 1540.478919][T27722] do_pte_missing+0x2202/0x3ba0 [ 1540.478950][T27722] ? find_held_lock+0x2b/0x80 [ 1540.478991][T27722] __handle_mm_fault+0x1556/0x2aa0 [ 1540.479031][T27722] ? __pfx___handle_mm_fault+0x10/0x10 [ 1540.479065][T27722] ? lock_vma_under_rcu+0x176/0x530 [ 1540.479105][T27722] ? __pfx_lock_vma_under_rcu+0x10/0x10 [ 1540.479145][T27722] handle_mm_fault+0x589/0xd10 [ 1540.479182][T27722] ? __pkru_allows_pkey+0x11/0xb0 [ 1540.479215][T27722] do_user_addr_fault+0x60c/0x1370 [ 1540.479249][T27722] ? rcu_is_watching+0x12/0xc0 [ 1540.479286][T27722] exc_page_fault+0x64/0xc0 [ 1540.479322][T27722] asm_exc_page_fault+0x26/0x30 [ 1540.479346][T27722] RIP: 0033:0x7f6bb625a87b [ 1540.479366][T27722] Code: 00 00 00 48 8d 3d bd 38 19 00 48 89 c1 31 c0 e8 db 39 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d f1 38 19 00 48 89 34 24 48 8b 14 24 48 8b [ 1540.479390][T27722] RSP: 002b:00007f6bb7220fb0 EFLAGS: 00010202 [ 1540.479410][T27722] RAX: 0000000000000000 RBX: 00007f6bb65e5fa0 RCX: 0000000000000000 [ 1540.479425][T27722] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000200000000040 [ 1540.479442][T27722] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1540.479457][T27722] R10: 0000200000000040 R11: 0000000000000000 R12: 0000000000000001 [ 1540.479473][T27722] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1540.479508][T27722] [ 1540.480993][T27722] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1541.232844][T27734] netlink: 342 bytes leftover after parsing attributes in process `syz.2.4197'. [ 1541.371094][T27736] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 1541.479386][T27733] FAULT_INJECTION: forcing a failure. [ 1541.479386][T27733] name failslab, interval 1, probability 0, space 0, times 0 [ 1541.503369][T27733] CPU: 1 UID: 0 PID: 27733 Comm: syz.0.4198 Not tainted syzkaller #0 PREEMPT(full) [ 1541.503402][T27733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1541.503415][T27733] Call Trace: [ 1541.503430][T27733] [ 1541.503440][T27733] dump_stack_lvl+0x16c/0x1f0 [ 1541.503477][T27733] should_fail_ex+0x512/0x640 [ 1541.503497][T27733] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 1541.503534][T27733] should_failslab+0xc2/0x120 [ 1541.503559][T27733] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1541.503592][T27733] ? __alloc_skb+0x2b2/0x380 [ 1541.503690][T27733] ? __pfx_tcp_current_mss+0x10/0x10 [ 1541.503783][T27733] ? __alloc_skb+0x2b2/0x380 [ 1541.503815][T27733] __alloc_skb+0x2b2/0x380 [ 1541.503848][T27733] ? __pfx___alloc_skb+0x10/0x10 [ 1541.503886][T27733] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 1541.503944][T27733] tcp_stream_alloc_skb+0x34/0x560 [ 1541.504001][T27733] tcp_sendmsg_locked+0x12d9/0x42e0 [ 1541.504065][T27733] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 1541.504099][T27733] ? do_raw_spin_lock+0x12c/0x2b0 [ 1541.504130][T27733] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1541.504168][T27733] ? __local_bh_enable_ip+0xa4/0x120 [ 1541.504209][T27733] tcp_sendmsg+0x2e/0x50 [ 1541.504237][T27733] ? __pfx_tcp_sendmsg+0x10/0x10 [ 1541.504266][T27733] inet_sendmsg+0xb9/0x140 [ 1541.504301][T27733] sock_write_iter+0x509/0x610 [ 1541.504332][T27733] ? __pfx_sock_write_iter+0x10/0x10 [ 1541.504373][T27733] ? bpf_lsm_file_permission+0x9/0x10 [ 1541.504408][T27733] ? security_file_permission+0x71/0x210 [ 1541.504441][T27733] ? rw_verify_area+0xcf/0x6c0 [ 1541.504477][T27733] vfs_write+0x7d3/0x11d0 [ 1541.504512][T27733] ? __pfx_sock_write_iter+0x10/0x10 [ 1541.504544][T27733] ? __pfx_vfs_write+0x10/0x10 [ 1541.504575][T27733] ? find_held_lock+0x2b/0x80 [ 1541.504630][T27733] ksys_write+0x1f8/0x250 [ 1541.504664][T27733] ? __pfx_ksys_write+0x10/0x10 [ 1541.504708][T27733] do_syscall_64+0xcd/0xfa0 [ 1541.504745][T27733] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1541.504771][T27733] RIP: 0033:0x7f52dfb8efc9 [ 1541.504792][T27733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1541.504815][T27733] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1541.504839][T27733] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1541.504856][T27733] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1541.504871][T27733] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1541.504886][T27733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1541.504901][T27733] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1541.504937][T27733] [ 1541.770539][ C1] vkms_vblank_simulate: vblank timer overrun [ 1544.769428][T27804] FAULT_INJECTION: forcing a failure. [ 1544.769428][T27804] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1544.809496][T27804] CPU: 0 UID: 0 PID: 27804 Comm: syz.0.4216 Not tainted syzkaller #0 PREEMPT(full) [ 1544.809531][T27804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1544.809546][T27804] Call Trace: [ 1544.809555][T27804] [ 1544.809564][T27804] dump_stack_lvl+0x16c/0x1f0 [ 1544.809606][T27804] should_fail_ex+0x512/0x640 [ 1544.809634][T27804] _copy_to_user+0x32/0xd0 [ 1544.809661][T27804] simple_read_from_buffer+0xcb/0x170 [ 1544.809694][T27804] proc_fail_nth_read+0x197/0x240 [ 1544.809730][T27804] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1544.809765][T27804] ? rw_verify_area+0xcf/0x6c0 [ 1544.809796][T27804] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1544.809828][T27804] vfs_read+0x1e4/0xcf0 [ 1544.809865][T27804] ? __pfx___mutex_lock+0x10/0x10 [ 1544.809889][T27804] ? __pfx_vfs_read+0x10/0x10 [ 1544.809930][T27804] ? __fget_files+0x20e/0x3c0 [ 1544.809972][T27804] ksys_read+0x12a/0x250 [ 1544.810005][T27804] ? __pfx_ksys_read+0x10/0x10 [ 1544.810048][T27804] do_syscall_64+0xcd/0xfa0 [ 1544.810091][T27804] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1544.810114][T27804] RIP: 0033:0x7f52dfb8d9dc [ 1544.810135][T27804] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1544.810158][T27804] RSP: 002b:00007f52dddf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1544.810182][T27804] RAX: ffffffffffffffda RBX: 00007f52dfde6090 RCX: 00007f52dfb8d9dc [ 1544.810200][T27804] RDX: 000000000000000f RSI: 00007f52dddf60a0 RDI: 0000000000000003 [ 1544.810215][T27804] RBP: 00007f52dddf6090 R08: 0000000000000000 R09: 0000000000000000 [ 1544.810230][T27804] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001 [ 1544.810246][T27804] R13: 00007f52dfde6128 R14: 00007f52dfde6090 R15: 00007ffd10747308 [ 1544.810281][T27804] [ 1544.880355][T27802] netlink: 56 bytes leftover after parsing attributes in process `syz.1.4217'. [ 1545.928855][ T1300] ieee802154 phy0 wpan0: encryption failed: -22 [ 1545.936358][ T1300] ieee802154 phy1 wpan1: encryption failed: -22 [ 1546.257996][T27837] FAULT_INJECTION: forcing a failure. [ 1546.257996][T27837] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1546.275269][T27837] CPU: 0 UID: 0 PID: 27837 Comm: syz.1.4225 Not tainted syzkaller #0 PREEMPT(full) [ 1546.275300][T27837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1546.275315][T27837] Call Trace: [ 1546.275324][T27837] [ 1546.275333][T27837] dump_stack_lvl+0x16c/0x1f0 [ 1546.275372][T27837] should_fail_ex+0x512/0x640 [ 1546.275400][T27837] _copy_from_user+0x2e/0xd0 [ 1546.275426][T27837] __sys_bpf+0x248/0x4980 [ 1546.275465][T27837] ? __pfx___sys_bpf+0x10/0x10 [ 1546.275496][T27837] ? find_held_lock+0x2b/0x80 [ 1546.275533][T27837] ? find_held_lock+0x2b/0x80 [ 1546.275572][T27837] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1546.275625][T27837] ? fput+0x9b/0xd0 [ 1546.275650][T27837] ? ksys_write+0x1ac/0x250 [ 1546.275683][T27837] ? __pfx_ksys_write+0x10/0x10 [ 1546.275718][T27837] __x64_sys_bpf+0x78/0xc0 [ 1546.275750][T27837] ? lockdep_hardirqs_on+0x7c/0x110 [ 1546.275785][T27837] do_syscall_64+0xcd/0xfa0 [ 1546.275822][T27837] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1546.275848][T27837] RIP: 0033:0x7f6bb638efc9 [ 1546.275868][T27837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1546.275890][T27837] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1546.275912][T27837] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1546.275928][T27837] RDX: 00000000000006f4 RSI: 0000200000000380 RDI: 0000000000000000 [ 1546.275952][T27837] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1546.275968][T27837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1546.275983][T27837] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1546.276019][T27837] [ 1547.438869][T27862] FAULT_INJECTION: forcing a failure. [ 1547.438869][T27862] name failslab, interval 1, probability 0, space 0, times 0 [ 1547.488511][T27862] CPU: 1 UID: 0 PID: 27862 Comm: syz.0.4230 Not tainted syzkaller #0 PREEMPT(full) [ 1547.488533][T27862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1547.488542][T27862] Call Trace: [ 1547.488548][T27862] [ 1547.488553][T27862] dump_stack_lvl+0x16c/0x1f0 [ 1547.488578][T27862] should_fail_ex+0x512/0x640 [ 1547.488591][T27862] ? fs_reclaim_acquire+0xae/0x150 [ 1547.488607][T27862] should_failslab+0xc2/0x120 [ 1547.488621][T27862] __kmalloc_noprof+0xdd/0x880 [ 1547.488646][T27862] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1547.488670][T27862] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1547.488689][T27862] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1547.488710][T27862] ? tomoyo_profile+0x47/0x60 [ 1547.488733][T27862] tomoyo_path_number_perm+0x245/0x580 [ 1547.488748][T27862] ? tomoyo_path_number_perm+0x237/0x580 [ 1547.488766][T27862] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1547.488784][T27862] ? find_held_lock+0x2b/0x80 [ 1547.488819][T27862] ? find_held_lock+0x2b/0x80 [ 1547.488837][T27862] ? hook_file_ioctl_common+0x145/0x410 [ 1547.488859][T27862] ? __fget_files+0x20e/0x3c0 [ 1547.488881][T27862] security_file_ioctl+0x9b/0x240 [ 1547.488899][T27862] __x64_sys_ioctl+0xb7/0x210 [ 1547.488917][T27862] do_syscall_64+0xcd/0xfa0 [ 1547.488938][T27862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1547.488952][T27862] RIP: 0033:0x7f52dfb8efc9 [ 1547.488965][T27862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1547.488978][T27862] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1547.488993][T27862] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1547.489002][T27862] RDX: 0000200000000000 RSI: 0000000080044940 RDI: 0000000000000004 [ 1547.489011][T27862] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1547.489019][T27862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1547.489027][T27862] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1547.489047][T27862] [ 1547.489053][T27862] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1548.400080][T27882] FAULT_INJECTION: forcing a failure. [ 1548.400080][T27882] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1548.413468][T27882] CPU: 1 UID: 0 PID: 27882 Comm: syz.3.4233 Not tainted syzkaller #0 PREEMPT(full) [ 1548.413501][T27882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1548.413516][T27882] Call Trace: [ 1548.413524][T27882] [ 1548.413535][T27882] dump_stack_lvl+0x16c/0x1f0 [ 1548.413582][T27882] should_fail_ex+0x512/0x640 [ 1548.413611][T27882] _copy_from_user+0x2e/0xd0 [ 1548.413637][T27882] copy_msghdr_from_user+0x98/0x160 [ 1548.413675][T27882] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1548.413728][T27882] ___sys_sendmsg+0xfe/0x1d0 [ 1548.413765][T27882] ? __pfx____sys_sendmsg+0x10/0x10 [ 1548.413796][T27882] ? __lock_acquire+0x622/0x1c90 [ 1548.413866][T27882] __sys_sendmsg+0x16d/0x220 [ 1548.413900][T27882] ? __pfx___sys_sendmsg+0x10/0x10 [ 1548.413954][T27882] do_syscall_64+0xcd/0xfa0 [ 1548.413990][T27882] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1548.414013][T27882] RIP: 0033:0x7f025c98efc9 [ 1548.414034][T27882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1548.414057][T27882] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1548.414081][T27882] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1548.414098][T27882] RDX: 0000000004000000 RSI: 00002000000002c0 RDI: 0000000000000002 [ 1548.414114][T27882] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1548.414129][T27882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1548.414144][T27882] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1548.414179][T27882] [ 1549.929694][T27906] FAULT_INJECTION: forcing a failure. [ 1549.929694][T27906] name failslab, interval 1, probability 0, space 0, times 0 [ 1549.962216][T27906] CPU: 1 UID: 0 PID: 27906 Comm: syz.0.4237 Not tainted syzkaller #0 PREEMPT(full) [ 1549.962255][T27906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1549.962271][T27906] Call Trace: [ 1549.962279][T27906] [ 1549.962291][T27906] dump_stack_lvl+0x16c/0x1f0 [ 1549.962331][T27906] should_fail_ex+0x512/0x640 [ 1549.962356][T27906] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1549.962392][T27906] ? __pfx_ip6mr_new_table_set+0x10/0x10 [ 1549.962524][T27906] should_failslab+0xc2/0x120 [ 1549.962550][T27906] ? __pfx_ip6mr_new_table_set+0x10/0x10 [ 1549.962581][T27906] __kmalloc_cache_noprof+0x72/0x780 [ 1549.962614][T27906] ? mr_table_alloc+0x5f/0x2e0 [ 1549.962679][T27906] ? __pfx_ip6mr_new_table_set+0x10/0x10 [ 1549.962713][T27906] ? mr_table_alloc+0x5f/0x2e0 [ 1549.962738][T27906] mr_table_alloc+0x5f/0x2e0 [ 1549.962764][T27906] ? __pfx_ipmr_expire_process+0x10/0x10 [ 1549.962797][T27906] ? __pfx_ip6mr_net_init+0x10/0x10 [ 1549.962831][T27906] ip6mr_net_init+0x3c4/0x4e0 [ 1549.962867][T27906] ? __pfx_ip6mr_net_init+0x10/0x10 [ 1549.962902][T27906] ops_init+0x1e2/0x5f0 [ 1549.962932][T27906] setup_net+0x100/0x390 [ 1549.962957][T27906] ? __pfx_setup_net+0x10/0x10 [ 1549.962982][T27906] ? debug_mutex_init+0x37/0x70 [ 1549.963021][T27906] copy_net_ns+0x2f8/0x690 [ 1549.963052][T27906] create_new_namespaces+0x3ea/0xa90 [ 1549.963097][T27906] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1549.963133][T27906] ksys_unshare+0x45b/0xa40 [ 1549.963158][T27906] ? __pfx_ksys_unshare+0x10/0x10 [ 1549.963182][T27906] ? xfd_validate_state+0x61/0x180 [ 1549.963219][T27906] __x64_sys_unshare+0x31/0x40 [ 1549.963244][T27906] do_syscall_64+0xcd/0xfa0 [ 1549.963300][T27906] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1549.963325][T27906] RIP: 0033:0x7f52dfb8efc9 [ 1549.963347][T27906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1549.963371][T27906] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1549.963396][T27906] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1549.963412][T27906] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1549.963428][T27906] RBP: 00007f52dfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1549.963453][T27906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1549.963470][T27906] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1549.963504][T27906] [ 1551.109300][T27918] FAULT_INJECTION: forcing a failure. [ 1551.109300][T27918] name failslab, interval 1, probability 0, space 0, times 0 [ 1551.127367][T27918] CPU: 1 UID: 0 PID: 27918 Comm: syz.0.4248 Not tainted syzkaller #0 PREEMPT(full) [ 1551.127400][T27918] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1551.127415][T27918] Call Trace: [ 1551.127424][T27918] [ 1551.127434][T27918] dump_stack_lvl+0x16c/0x1f0 [ 1551.127474][T27918] should_fail_ex+0x512/0x640 [ 1551.127496][T27918] ? fs_reclaim_acquire+0xae/0x150 [ 1551.127524][T27918] should_failslab+0xc2/0x120 [ 1551.127554][T27918] __kmalloc_noprof+0xdd/0x880 [ 1551.127582][T27918] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1551.127620][T27918] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1551.127651][T27918] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1551.127687][T27918] ? tomoyo_profile+0x47/0x60 [ 1551.127726][T27918] tomoyo_path_number_perm+0x245/0x580 [ 1551.127751][T27918] ? tomoyo_path_number_perm+0x237/0x580 [ 1551.127783][T27918] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1551.127813][T27918] ? find_held_lock+0x2b/0x80 [ 1551.127877][T27918] ? find_held_lock+0x2b/0x80 [ 1551.127907][T27918] ? hook_file_ioctl_common+0x145/0x410 [ 1551.127943][T27918] ? __fget_files+0x20e/0x3c0 [ 1551.127980][T27918] security_file_ioctl+0x9b/0x240 [ 1551.128013][T27918] __x64_sys_ioctl+0xb7/0x210 [ 1551.128044][T27918] do_syscall_64+0xcd/0xfa0 [ 1551.128082][T27918] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1551.128106][T27918] RIP: 0033:0x7f52dfb8efc9 [ 1551.128125][T27918] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1551.128149][T27918] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1551.128173][T27918] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1551.128189][T27918] RDX: 0000000000000000 RSI: 0000000000004601 RDI: 0000000000000014 [ 1551.128203][T27918] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1551.128217][T27918] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1551.128232][T27918] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1551.128267][T27918] [ 1551.128278][T27918] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1551.388183][T27924] random: crng reseeded on system resumption [ 1552.326300][T27929] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4242'. [ 1553.391615][T27947] FAULT_INJECTION: forcing a failure. [ 1553.391615][T27947] name failslab, interval 1, probability 0, space 0, times 0 [ 1553.404397][T27947] CPU: 1 UID: 0 PID: 27947 Comm: syz.2.4247 Not tainted syzkaller #0 PREEMPT(full) [ 1553.404417][T27947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1553.404426][T27947] Call Trace: [ 1553.404432][T27947] [ 1553.404438][T27947] dump_stack_lvl+0x16c/0x1f0 [ 1553.404483][T27947] should_fail_ex+0x512/0x640 [ 1553.404504][T27947] ? fs_reclaim_acquire+0xae/0x150 [ 1553.404531][T27947] should_failslab+0xc2/0x120 [ 1553.404554][T27947] __kmalloc_noprof+0xdd/0x880 [ 1553.404583][T27947] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1553.404624][T27947] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1553.404654][T27947] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1553.404691][T27947] ? tomoyo_profile+0x47/0x60 [ 1553.404729][T27947] tomoyo_path_number_perm+0x245/0x580 [ 1553.404757][T27947] ? tomoyo_path_number_perm+0x237/0x580 [ 1553.404790][T27947] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1553.404821][T27947] ? find_held_lock+0x2b/0x80 [ 1553.404885][T27947] ? find_held_lock+0x2b/0x80 [ 1553.404917][T27947] ? hook_file_ioctl_common+0x145/0x410 [ 1553.404957][T27947] ? __fget_files+0x20e/0x3c0 [ 1553.404995][T27947] security_file_ioctl+0x9b/0x240 [ 1553.405026][T27947] __x64_sys_ioctl+0xb7/0x210 [ 1553.405058][T27947] do_syscall_64+0xcd/0xfa0 [ 1553.405095][T27947] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1553.405120][T27947] RIP: 0033:0x7f036318efc9 [ 1553.405141][T27947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1553.405162][T27947] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1553.405186][T27947] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1553.405203][T27947] RDX: 0000000000000000 RSI: 000000000000541c RDI: 0000000000000010 [ 1553.405218][T27947] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1553.405231][T27947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1553.405245][T27947] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1553.405278][T27947] [ 1553.607638][ C1] vkms_vblank_simulate: vblank timer overrun [ 1553.719884][T27947] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1553.936027][T27952] FAULT_INJECTION: forcing a failure. [ 1553.936027][T27952] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.002146][T27952] CPU: 1 UID: 0 PID: 27952 Comm: syz.1.4250 Not tainted syzkaller #0 PREEMPT(full) [ 1554.002181][T27952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1554.002196][T27952] Call Trace: [ 1554.002205][T27952] [ 1554.002215][T27952] dump_stack_lvl+0x16c/0x1f0 [ 1554.002254][T27952] should_fail_ex+0x512/0x640 [ 1554.002277][T27952] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1554.002318][T27952] should_failslab+0xc2/0x120 [ 1554.002341][T27952] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1554.002371][T27952] ? rcu_is_watching+0x12/0xc0 [ 1554.002403][T27952] ? create_new_namespaces+0x30/0xa90 [ 1554.002443][T27952] ? create_new_namespaces+0x30/0xa90 [ 1554.002479][T27952] create_new_namespaces+0x30/0xa90 [ 1554.002511][T27952] ? bpf_lsm_capable+0x9/0x10 [ 1554.002535][T27952] ? security_capable+0x7e/0x260 [ 1554.002564][T27952] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1554.002601][T27952] ksys_unshare+0x45b/0xa40 [ 1554.002627][T27952] ? __pfx_ksys_unshare+0x10/0x10 [ 1554.002650][T27952] ? ksys_write+0x1ac/0x250 [ 1554.002694][T27952] __x64_sys_unshare+0x31/0x40 [ 1554.002717][T27952] do_syscall_64+0xcd/0xfa0 [ 1554.002753][T27952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1554.002778][T27952] RIP: 0033:0x7f6bb638efc9 [ 1554.002798][T27952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1554.002821][T27952] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1554.002845][T27952] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1554.002862][T27952] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1554.002877][T27952] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1554.002892][T27952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1554.002907][T27952] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1554.002951][T27952] [ 1554.195554][ C1] vkms_vblank_simulate: vblank timer overrun [ 1554.826037][T27968] FAULT_INJECTION: forcing a failure. [ 1554.826037][T27968] name failslab, interval 1, probability 0, space 0, times 0 [ 1554.847837][T27968] CPU: 0 UID: 0 PID: 27968 Comm: syz.1.4254 Not tainted syzkaller #0 PREEMPT(full) [ 1554.847871][T27968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1554.847886][T27968] Call Trace: [ 1554.847895][T27968] [ 1554.847905][T27968] dump_stack_lvl+0x16c/0x1f0 [ 1554.847946][T27968] should_fail_ex+0x512/0x640 [ 1554.847969][T27968] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1554.848004][T27968] should_failslab+0xc2/0x120 [ 1554.848030][T27968] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1554.848060][T27968] ? rcu_is_watching+0x12/0xc0 [ 1554.848092][T27968] ? create_new_namespaces+0x30/0xa90 [ 1554.848134][T27968] ? create_new_namespaces+0x30/0xa90 [ 1554.848166][T27968] create_new_namespaces+0x30/0xa90 [ 1554.848198][T27968] ? bpf_lsm_capable+0x9/0x10 [ 1554.848221][T27968] ? security_capable+0x7e/0x260 [ 1554.848256][T27968] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1554.848295][T27968] ksys_unshare+0x45b/0xa40 [ 1554.848321][T27968] ? __pfx_ksys_unshare+0x10/0x10 [ 1554.848346][T27968] ? ksys_write+0x1ac/0x250 [ 1554.848391][T27968] __x64_sys_unshare+0x31/0x40 [ 1554.848415][T27968] do_syscall_64+0xcd/0xfa0 [ 1554.848453][T27968] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1554.848478][T27968] RIP: 0033:0x7f6bb638efc9 [ 1554.848498][T27968] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1554.848522][T27968] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1554.848546][T27968] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1554.848563][T27968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1554.848577][T27968] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1554.848591][T27968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1554.848605][T27968] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1554.848639][T27968] [ 1555.197459][T27981] FAULT_INJECTION: forcing a failure. [ 1555.197459][T27981] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1555.212906][T27981] CPU: 1 UID: 0 PID: 27981 Comm: syz.2.4258 Not tainted syzkaller #0 PREEMPT(full) [ 1555.212935][T27981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1555.212943][T27981] Call Trace: [ 1555.212949][T27981] [ 1555.212955][T27981] dump_stack_lvl+0x16c/0x1f0 [ 1555.212980][T27981] should_fail_ex+0x512/0x640 [ 1555.212997][T27981] _copy_from_user+0x2e/0xd0 [ 1555.213012][T27981] copy_msghdr_from_user+0x98/0x160 [ 1555.213036][T27981] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1555.213061][T27981] ? __lock_acquire+0x622/0x1c90 [ 1555.213079][T27981] ___sys_recvmsg+0xdb/0x1a0 [ 1555.213100][T27981] ? __pfx____sys_recvmsg+0x10/0x10 [ 1555.213122][T27981] ? find_held_lock+0x2b/0x80 [ 1555.213152][T27981] do_recvmmsg+0x2fe/0x750 [ 1555.213176][T27981] ? __pfx_do_recvmmsg+0x10/0x10 [ 1555.213200][T27981] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1555.213227][T27981] ? __fget_files+0x20e/0x3c0 [ 1555.213250][T27981] __x64_sys_recvmmsg+0x22a/0x280 [ 1555.213269][T27981] ? __pfx___x64_sys_recvmmsg+0x10/0x10 [ 1555.213288][T27981] do_syscall_64+0xcd/0xfa0 [ 1555.213309][T27981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1555.213323][T27981] RIP: 0033:0x7f036318efc9 [ 1555.213335][T27981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1555.213349][T27981] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1555.213368][T27981] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1555.213377][T27981] RDX: 0000000000010000 RSI: 0000000000000000 RDI: 0000000000000003 [ 1555.213386][T27981] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1555.213394][T27981] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000001 [ 1555.213402][T27981] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1555.213421][T27981] [ 1555.400341][ C1] vkms_vblank_simulate: vblank timer overrun [ 1556.167237][T28000] FAULT_INJECTION: forcing a failure. [ 1556.167237][T28000] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.181860][T28000] CPU: 1 UID: 0 PID: 28000 Comm: syz.1.4264 Not tainted syzkaller #0 PREEMPT(full) [ 1556.181894][T28000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1556.181909][T28000] Call Trace: [ 1556.181917][T28000] [ 1556.181927][T28000] dump_stack_lvl+0x16c/0x1f0 [ 1556.181967][T28000] should_fail_ex+0x512/0x640 [ 1556.181990][T28000] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1556.182024][T28000] should_failslab+0xc2/0x120 [ 1556.182049][T28000] __kmalloc_cache_noprof+0x72/0x780 [ 1556.182080][T28000] ? alloc_pipe_info+0x10e/0x590 [ 1556.182115][T28000] ? find_held_lock+0x2b/0x80 [ 1556.182150][T28000] ? alloc_pipe_info+0x10e/0x590 [ 1556.182191][T28000] alloc_pipe_info+0x10e/0x590 [ 1556.182230][T28000] splice_direct_to_actor+0x77d/0xa30 [ 1556.182264][T28000] ? __pfx_direct_splice_actor+0x10/0x10 [ 1556.182297][T28000] ? __pfx_aa_file_perm+0x10/0x10 [ 1556.182331][T28000] ? find_held_lock+0x2b/0x80 [ 1556.182362][T28000] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1556.182391][T28000] ? get_pid_task+0xfc/0x250 [ 1556.182426][T28000] do_splice_direct+0x174/0x240 [ 1556.182457][T28000] ? __pfx_do_splice_direct+0x10/0x10 [ 1556.182489][T28000] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1556.182524][T28000] ? rw_verify_area+0xcf/0x6c0 [ 1556.182558][T28000] do_sendfile+0xb06/0xe50 [ 1556.182596][T28000] ? __pfx_do_sendfile+0x10/0x10 [ 1556.182628][T28000] ? __fget_files+0x20e/0x3c0 [ 1556.182666][T28000] __x64_sys_sendfile64+0x1d8/0x220 [ 1556.182688][T28000] ? ksys_write+0x1ac/0x250 [ 1556.182719][T28000] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1556.182751][T28000] do_syscall_64+0xcd/0xfa0 [ 1556.182803][T28000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1556.182828][T28000] RIP: 0033:0x7f6bb638efc9 [ 1556.182849][T28000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1556.182872][T28000] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1556.182895][T28000] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1556.182912][T28000] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 1556.182925][T28000] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1556.182941][T28000] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 1556.182955][T28000] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1556.182990][T28000] [ 1556.421370][ C1] vkms_vblank_simulate: vblank timer overrun [ 1556.453477][T28004] FAULT_INJECTION: forcing a failure. [ 1556.453477][T28004] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1556.466796][T28004] CPU: 0 UID: 0 PID: 28004 Comm: syz.0.4266 Not tainted syzkaller #0 PREEMPT(full) [ 1556.466830][T28004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1556.466846][T28004] Call Trace: [ 1556.466855][T28004] [ 1556.466865][T28004] dump_stack_lvl+0x16c/0x1f0 [ 1556.466905][T28004] should_fail_ex+0x512/0x640 [ 1556.466934][T28004] _copy_to_user+0x32/0xd0 [ 1556.466962][T28004] simple_read_from_buffer+0xcb/0x170 [ 1556.466995][T28004] proc_fail_nth_read+0x197/0x240 [ 1556.467031][T28004] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1556.467067][T28004] ? rw_verify_area+0xcf/0x6c0 [ 1556.467097][T28004] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1556.467130][T28004] vfs_read+0x1e4/0xcf0 [ 1556.467167][T28004] ? __pfx___mutex_lock+0x10/0x10 [ 1556.467197][T28004] ? __pfx_vfs_read+0x10/0x10 [ 1556.467240][T28004] ? __fget_files+0x20e/0x3c0 [ 1556.467282][T28004] ksys_read+0x12a/0x250 [ 1556.467314][T28004] ? __pfx_ksys_read+0x10/0x10 [ 1556.467357][T28004] do_syscall_64+0xcd/0xfa0 [ 1556.467395][T28004] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1556.467420][T28004] RIP: 0033:0x7f52dfb8d9dc [ 1556.467440][T28004] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1556.467464][T28004] RSP: 002b:00007f52e095c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1556.467488][T28004] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8d9dc [ 1556.467505][T28004] RDX: 000000000000000f RSI: 00007f52e095c0a0 RDI: 0000000000000003 [ 1556.467521][T28004] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1556.467537][T28004] R10: 0000000000000204 R11: 0000000000000246 R12: 0000000000000001 [ 1556.467552][T28004] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1556.467589][T28004] [ 1556.706350][T28014] FAULT_INJECTION: forcing a failure. [ 1556.706350][T28014] name failslab, interval 1, probability 0, space 0, times 0 [ 1556.725446][T28014] CPU: 1 UID: 0 PID: 28014 Comm: syz.2.4270 Not tainted syzkaller #0 PREEMPT(full) [ 1556.725480][T28014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1556.725496][T28014] Call Trace: [ 1556.725505][T28014] [ 1556.725516][T28014] dump_stack_lvl+0x16c/0x1f0 [ 1556.725557][T28014] should_fail_ex+0x512/0x640 [ 1556.725580][T28014] ? fs_reclaim_acquire+0xae/0x150 [ 1556.725608][T28014] should_failslab+0xc2/0x120 [ 1556.725634][T28014] __kmalloc_noprof+0xdd/0x880 [ 1556.725664][T28014] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1556.725705][T28014] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 1556.725738][T28014] tomoyo_realpath_from_path+0xc2/0x6e0 [ 1556.725776][T28014] ? tomoyo_profile+0x47/0x60 [ 1556.725816][T28014] tomoyo_path_number_perm+0x245/0x580 [ 1556.725844][T28014] ? tomoyo_path_number_perm+0x237/0x580 [ 1556.725874][T28014] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 1556.725904][T28014] ? find_held_lock+0x2b/0x80 [ 1556.725968][T28014] ? find_held_lock+0x2b/0x80 [ 1556.725999][T28014] ? hook_file_ioctl_common+0x145/0x410 [ 1556.726040][T28014] ? __fget_files+0x20e/0x3c0 [ 1556.726078][T28014] security_file_ioctl+0x9b/0x240 [ 1556.726111][T28014] __x64_sys_ioctl+0xb7/0x210 [ 1556.726149][T28014] do_syscall_64+0xcd/0xfa0 [ 1556.726189][T28014] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1556.726214][T28014] RIP: 0033:0x7f036318efc9 [ 1556.726234][T28014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1556.726258][T28014] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1556.726283][T28014] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1556.726301][T28014] RDX: 0000000000000000 RSI: 0000000080108907 RDI: 0000000000000003 [ 1556.726316][T28014] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1556.726331][T28014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1556.726346][T28014] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1556.726382][T28014] [ 1556.727982][T28014] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1557.830941][T28040] FAULT_INJECTION: forcing a failure. [ 1557.830941][T28040] name failslab, interval 1, probability 0, space 0, times 0 [ 1557.849170][T28040] CPU: 1 UID: 0 PID: 28040 Comm: syz.3.4275 Not tainted syzkaller #0 PREEMPT(full) [ 1557.849204][T28040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1557.849219][T28040] Call Trace: [ 1557.849228][T28040] [ 1557.849238][T28040] dump_stack_lvl+0x16c/0x1f0 [ 1557.849281][T28040] should_fail_ex+0x512/0x640 [ 1557.849310][T28040] should_failslab+0xc2/0x120 [ 1557.849336][T28040] kmem_cache_alloc_node_noprof+0x78/0x770 [ 1557.849369][T28040] ? zswap_store+0x850/0x2830 [ 1557.849405][T28040] ? zswap_store+0x850/0x2830 [ 1557.849433][T28040] zswap_store+0x850/0x2830 [ 1557.849478][T28040] ? __pfx_zswap_store+0x10/0x10 [ 1557.849509][T28040] ? folio_free_swap+0x141/0x4b0 [ 1557.849534][T28040] ? do_raw_spin_unlock+0x172/0x230 [ 1557.849566][T28040] ? _raw_spin_unlock+0x28/0x50 [ 1557.849597][T28040] ? folio_free_swap+0x19d/0x4b0 [ 1557.849619][T28040] ? rcu_is_watching+0x12/0xc0 [ 1557.849657][T28040] swap_writeout+0x3f4/0x1090 [ 1557.849689][T28040] ? _raw_spin_unlock_irq+0x23/0x50 [ 1557.849725][T28040] shmem_writeout+0xc29/0x1140 [ 1557.849761][T28040] ? __pfx_shmem_writeout+0x10/0x10 [ 1557.849794][T28040] ? inode_to_bdi+0x9e/0x160 [ 1557.849829][T28040] ? folio_clear_dirty_for_io+0x112/0x790 [ 1557.849872][T28040] shrink_folio_list+0x2f45/0x4800 [ 1557.849914][T28040] ? __pfx_shrink_folio_list+0x10/0x10 [ 1557.849947][T28040] ? find_held_lock+0x2b/0x80 [ 1557.849981][T28040] ? __page_table_check_zero+0x33c/0x5d0 [ 1557.850031][T28040] ? __lock_acquire+0x622/0x1c90 [ 1557.850084][T28040] ? find_held_lock+0x2b/0x80 [ 1557.850135][T28040] reclaim_folio_list+0xda/0x5d0 [ 1557.850163][T28040] ? __pfx_css_rstat_updated+0x10/0x10 [ 1557.850201][T28040] ? __pfx_reclaim_folio_list+0x10/0x10 [ 1557.850245][T28040] ? lru_gen_update_size+0x543/0xe10 [ 1557.850282][T28040] ? lru_gen_del_folio+0x32b/0x540 [ 1557.850313][T28040] reclaim_pages+0x3ec/0x570 [ 1557.850347][T28040] ? __pfx_reclaim_pages+0x10/0x10 [ 1557.850375][T28040] ? find_held_lock+0x2b/0x80 [ 1557.850408][T28040] ? madvise_cold_or_pageout_pte_range+0x73e/0x20d0 [ 1557.850444][T28040] madvise_cold_or_pageout_pte_range+0x14e5/0x20d0 [ 1557.850487][T28040] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1557.850518][T28040] ? __lock_acquire+0x622/0x1c90 [ 1557.850547][T28040] ? __pfx_stack_trace_save+0x10/0x10 [ 1557.850582][T28040] ? css_rstat_updated+0x1c2/0x510 [ 1557.850617][T28040] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 1557.850648][T28040] walk_pgd_range+0xc05/0x1f50 [ 1557.850708][T28040] ? __pfx_walk_pgd_range+0x10/0x10 [ 1557.850751][T28040] __walk_page_range+0x163/0x820 [ 1557.850791][T28040] ? __lock_acquire+0xb8a/0x1c90 [ 1557.850825][T28040] walk_page_range_vma+0x2c7/0xa20 [ 1557.850863][T28040] ? __pfx_walk_page_range_vma+0x10/0x10 [ 1557.850896][T28040] ? find_held_lock+0x2b/0x80 [ 1557.850941][T28040] madvise_pageout+0x257/0x540 [ 1557.850968][T28040] ? __pfx_madvise_pageout+0x10/0x10 [ 1557.851021][T28040] madvise_vma_behavior+0xb14/0x2d50 [ 1557.851053][T28040] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 1557.851090][T28040] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 1557.851126][T28040] ? mas_prev+0x9b/0xf0 [ 1557.851148][T28040] ? __pfx_mas_prev+0x10/0x10 [ 1557.851181][T28040] ? find_vma_prev+0xd3/0x150 [ 1557.851206][T28040] ? __pfx_find_vma_prev+0x10/0x10 [ 1557.851244][T28040] ? __lock_acquire+0x622/0x1c90 [ 1557.851273][T28040] madvise_walk_vmas+0x31f/0x9c0 [ 1557.851307][T28040] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 1557.851345][T28040] madvise_do_behavior+0x1e2/0x530 [ 1557.851375][T28040] ? __pfx_madvise_do_behavior+0x10/0x10 [ 1557.851405][T28040] ? down_read+0x13d/0x480 [ 1557.851447][T28040] do_madvise+0x176/0x240 [ 1557.851473][T28040] ? __pfx_do_madvise+0x10/0x10 [ 1557.851497][T28040] ? __mutex_unlock_slowpath+0x161/0x7b0 [ 1557.851545][T28040] ? __fget_files+0x20e/0x3c0 [ 1557.851590][T28040] ? __pfx_ksys_write+0x10/0x10 [ 1557.851630][T28040] __x64_sys_madvise+0xa9/0x110 [ 1557.851656][T28040] ? lockdep_hardirqs_on+0x7c/0x110 [ 1557.851692][T28040] do_syscall_64+0xcd/0xfa0 [ 1557.851730][T28040] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1557.851755][T28040] RIP: 0033:0x7f025c98efc9 [ 1557.851777][T28040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1557.851800][T28040] RSP: 002b:00007f025d79c038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 1557.851825][T28040] RAX: ffffffffffffffda RBX: 00007f025cbe6180 RCX: 00007f025c98efc9 [ 1557.851842][T28040] RDX: 0000000000000015 RSI: ffffffffffff0001 RDI: 0000000000000000 [ 1557.851858][T28040] RBP: 00007f025d79c090 R08: 0000000000000000 R09: 0000000000000000 [ 1557.851872][T28040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1557.851888][T28040] R13: 00007f025cbe6218 R14: 00007f025cbe6180 R15: 00007ffc622eca28 [ 1557.851924][T28040] [ 1558.670334][T28038] Process accounting paused [ 1559.702120][T28065] syz.2.4280 (28065) used greatest stack depth: 19224 bytes left [ 1559.899090][T28080] FAULT_INJECTION: forcing a failure. [ 1559.899090][T28080] name fail_futex, interval 1, probability 0, space 0, times 0 [ 1559.960347][T28080] CPU: 0 UID: 0 PID: 28080 Comm: syz.2.4285 Not tainted syzkaller #0 PREEMPT(full) [ 1559.960386][T28080] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1559.960402][T28080] Call Trace: [ 1559.960413][T28080] [ 1559.960424][T28080] dump_stack_lvl+0x16c/0x1f0 [ 1559.960468][T28080] should_fail_ex+0x512/0x640 [ 1559.960499][T28080] get_futex_key+0x1d0/0x1560 [ 1559.960543][T28080] ? __pfx_pollwake+0x10/0x10 [ 1559.960575][T28080] ? __pfx_get_futex_key+0x10/0x10 [ 1559.960616][T28080] ? __pfx_pollwake+0x10/0x10 [ 1559.960656][T28080] futex_wake+0xea/0x530 [ 1559.960684][T28080] ? __pfx_pollwake+0x10/0x10 [ 1559.960718][T28080] ? __pfx_futex_wake+0x10/0x10 [ 1559.960765][T28080] do_futex+0x1e3/0x350 [ 1559.960793][T28080] ? __pfx_do_futex+0x10/0x10 [ 1559.960820][T28080] ? ktime_get_ts64+0x2d2/0x400 [ 1559.960852][T28080] __x64_sys_futex+0x1e0/0x4c0 [ 1559.960885][T28080] ? __pfx___x64_sys_futex+0x10/0x10 [ 1559.960913][T28080] ? xfd_validate_state+0x61/0x180 [ 1559.960940][T28080] ? __pfx___x64_sys_poll+0x10/0x10 [ 1559.960992][T28080] do_syscall_64+0xcd/0xfa0 [ 1559.961035][T28080] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1559.961062][T28080] RIP: 0033:0x7f036318efc9 [ 1559.961084][T28080] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1559.961109][T28080] RSP: 002b:00007f0363f8c0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1559.961136][T28080] RAX: ffffffffffffffda RBX: 00007f03633e5fa8 RCX: 00007f036318efc9 [ 1559.961154][T28080] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f03633e5fac [ 1559.961171][T28080] RBP: 00007f03633e5fa0 R08: 00007f0363f8d000 R09: 0000000000000000 [ 1559.961188][T28080] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1559.961204][T28080] R13: 00007f03633e6038 R14: 00007ffd6853a420 R15: 00007ffd6853a508 [ 1559.961241][T28080] [ 1560.981916][T28096] netlink: 'syz.2.4289': attribute type 15 has an invalid length. [ 1561.011643][T28096] netlink: 186 bytes leftover after parsing attributes in process `syz.2.4289'. [ 1561.068552][T28096] netlink: 13 bytes leftover after parsing attributes in process `syz.2.4289'. [ 1561.724427][T28098] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4290'. [ 1562.637063][ T30] audit: type=1800 audit(1760698561.443:37): pid=28120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4297" name="version" dev="configfs" ino=171321 res=0 errno=0 [ 1562.867430][T28128] FAULT_INJECTION: forcing a failure. [ 1562.867430][T28128] name failslab, interval 1, probability 0, space 0, times 0 [ 1562.880225][T28128] CPU: 0 UID: 0 PID: 28128 Comm: syz.3.4301 Not tainted syzkaller #0 PREEMPT(full) [ 1562.880247][T28128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1562.880256][T28128] Call Trace: [ 1562.880262][T28128] [ 1562.880268][T28128] dump_stack_lvl+0x16c/0x1f0 [ 1562.880293][T28128] should_fail_ex+0x512/0x640 [ 1562.880308][T28128] ? __kmalloc_noprof+0xca/0x880 [ 1562.880327][T28128] should_failslab+0xc2/0x120 [ 1562.880341][T28128] __kmalloc_noprof+0xdd/0x880 [ 1562.880359][T28128] ? ops_init+0x77/0x5f0 [ 1562.880375][T28128] ? ops_init+0x77/0x5f0 [ 1562.880386][T28128] ops_init+0x77/0x5f0 [ 1562.880401][T28128] setup_net+0x100/0x390 [ 1562.880414][T28128] ? __pfx_setup_net+0x10/0x10 [ 1562.880428][T28128] ? debug_mutex_init+0x37/0x70 [ 1562.880453][T28128] copy_net_ns+0x2f8/0x690 [ 1562.880470][T28128] create_new_namespaces+0x3ea/0xa90 [ 1562.880495][T28128] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1562.880517][T28128] ksys_unshare+0x45b/0xa40 [ 1562.880532][T28128] ? __pfx_ksys_unshare+0x10/0x10 [ 1562.880546][T28128] ? xfd_validate_state+0x61/0x180 [ 1562.880567][T28128] __x64_sys_unshare+0x31/0x40 [ 1562.880581][T28128] do_syscall_64+0xcd/0xfa0 [ 1562.880603][T28128] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1562.880617][T28128] RIP: 0033:0x7f025c98efc9 [ 1562.880629][T28128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1562.880643][T28128] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1562.880657][T28128] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1562.880667][T28128] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1562.880675][T28128] RBP: 00007f025ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1562.880685][T28128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1562.880693][T28128] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1562.880721][T28128] [ 1562.912572][T28115] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1563.091096][T28115] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 1563.102997][T28115] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1563.109111][T28115] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 1563.121445][T28115] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1563.128418][T28115] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 1563.140997][T28115] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1563.147511][T28115] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 1563.462063][T28141] random: crng reseeded on system resumption [ 1563.519239][T28143] FAULT_INJECTION: forcing a failure. [ 1563.519239][T28143] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1563.548986][T28143] CPU: 1 UID: 0 PID: 28143 Comm: syz.2.4308 Not tainted syzkaller #0 PREEMPT(full) [ 1563.549007][T28143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1563.549016][T28143] Call Trace: [ 1563.549022][T28143] [ 1563.549028][T28143] dump_stack_lvl+0x16c/0x1f0 [ 1563.549054][T28143] should_fail_ex+0x512/0x640 [ 1563.549071][T28143] _copy_from_iter+0x29f/0x1720 [ 1563.549089][T28143] ? __pfx__copy_from_iter+0x10/0x10 [ 1563.549102][T28143] ? trace_kmalloc+0x2b/0xd0 [ 1563.549116][T28143] ? rcu_is_watching+0x12/0xc0 [ 1563.549136][T28143] ? kfree+0x252/0x6d0 [ 1563.549156][T28143] file_tty_write.constprop.0+0x487/0x9b0 [ 1563.549180][T28143] redirected_tty_write+0xd4/0x150 [ 1563.549196][T28143] vfs_write+0x7d3/0x11d0 [ 1563.549217][T28143] ? __pfx_redirected_tty_write+0x10/0x10 [ 1563.549236][T28143] ? __pfx_vfs_write+0x10/0x10 [ 1563.549253][T28143] ? find_held_lock+0x2b/0x80 [ 1563.549284][T28143] ksys_write+0x12a/0x250 [ 1563.549303][T28143] ? __pfx_ksys_write+0x10/0x10 [ 1563.549328][T28143] do_syscall_64+0xcd/0xfa0 [ 1563.549350][T28143] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1563.549364][T28143] RIP: 0033:0x7f036318efc9 [ 1563.549379][T28143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1563.549392][T28143] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1563.549406][T28143] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1563.549415][T28143] RDX: 0000000000000026 RSI: 0000200000000440 RDI: 0000000000000003 [ 1563.549424][T28143] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1563.549432][T28143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1563.549441][T28143] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1563.549460][T28143] [ 1564.183262][T20724] Bluetooth: hci4: command 0x0406 tx timeout [ 1564.196481][T28165] FAULT_INJECTION: forcing a failure. [ 1564.196481][T28165] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1564.255354][T28165] CPU: 0 UID: 0 PID: 28165 Comm: syz.1.4314 Not tainted syzkaller #0 PREEMPT(full) [ 1564.255375][T28165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1564.255384][T28165] Call Trace: [ 1564.255389][T28165] [ 1564.255395][T28165] dump_stack_lvl+0x16c/0x1f0 [ 1564.255421][T28165] should_fail_ex+0x512/0x640 [ 1564.255438][T28165] strncpy_from_user+0x3b/0x2e0 [ 1564.255461][T28165] getname_flags.part.0+0x8f/0x550 [ 1564.255479][T28165] getname_flags+0x93/0xf0 [ 1564.255497][T28165] do_sys_openat2+0xb8/0x1d0 [ 1564.255513][T28165] ? __pfx_do_sys_openat2+0x10/0x10 [ 1564.255530][T28165] ? __fget_files+0x20e/0x3c0 [ 1564.255552][T28165] __x64_sys_openat+0x174/0x210 [ 1564.255575][T28165] ? __pfx___x64_sys_openat+0x10/0x10 [ 1564.255590][T28165] ? ksys_write+0x1ac/0x250 [ 1564.255615][T28165] do_syscall_64+0xcd/0xfa0 [ 1564.255638][T28165] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1564.255652][T28165] RIP: 0033:0x7f6bb638efc9 [ 1564.255664][T28165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1564.255677][T28165] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1564.255692][T28165] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1564.255701][T28165] RDX: 0000000000080001 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 1564.255710][T28165] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1564.255719][T28165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1564.255727][T28165] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1564.255746][T28165] [ 1564.260556][T28169] FAULT_INJECTION: forcing a failure. [ 1564.260556][T28169] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1564.456193][T28169] CPU: 0 UID: 0 PID: 28169 Comm: syz.3.4315 Not tainted syzkaller #0 PREEMPT(full) [ 1564.456228][T28169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1564.456243][T28169] Call Trace: [ 1564.456252][T28169] [ 1564.456263][T28169] dump_stack_lvl+0x16c/0x1f0 [ 1564.456302][T28169] should_fail_ex+0x512/0x640 [ 1564.456331][T28169] _copy_from_iter+0x29f/0x1720 [ 1564.456366][T28169] ? __pfx__copy_from_iter+0x10/0x10 [ 1564.456391][T28169] ? rcu_is_watching+0x12/0xc0 [ 1564.456425][T28169] ? trace_kmalloc+0x2b/0xd0 [ 1564.456446][T28169] ? __kmalloc_noprof+0x34f/0x880 [ 1564.456477][T28169] ? kernfs_fop_write_iter+0x237/0x570 [ 1564.456516][T28169] kernfs_fop_write_iter+0x19a/0x570 [ 1564.456558][T28169] vfs_write+0x7d3/0x11d0 [ 1564.456593][T28169] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 1564.456626][T28169] ? __pfx___mutex_lock+0x10/0x10 [ 1564.456650][T28169] ? __pfx_vfs_write+0x10/0x10 [ 1564.456708][T28169] ksys_write+0x12a/0x250 [ 1564.456741][T28169] ? __pfx_ksys_write+0x10/0x10 [ 1564.456786][T28169] do_syscall_64+0xcd/0xfa0 [ 1564.456824][T28169] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1564.456851][T28169] RIP: 0033:0x7f025c98efc9 [ 1564.456871][T28169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1564.456895][T28169] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1564.456920][T28169] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1564.456938][T28169] RDX: 0000000000000081 RSI: 0000200000000080 RDI: 0000000000000003 [ 1564.456954][T28169] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1564.456970][T28169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1564.456986][T28169] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1564.457023][T28169] [ 1564.475305][ T30] audit: type=1800 audit(1760698563.253:38): pid=28170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4312" name="discovery_nqn" dev="configfs" ino=170966 res=0 errno=0 [ 1564.484625][ C0] vkms_vblank_simulate: vblank timer overrun [ 1564.676750][ C0] vkms_vblank_simulate: vblank timer overrun [ 1564.864100][T28177] FAULT_INJECTION: forcing a failure. [ 1564.864100][T28177] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1564.880886][T28177] CPU: 0 UID: 0 PID: 28177 Comm: syz.1.4318 Not tainted syzkaller #0 PREEMPT(full) [ 1564.880918][T28177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1564.880933][T28177] Call Trace: [ 1564.880942][T28177] [ 1564.880953][T28177] dump_stack_lvl+0x16c/0x1f0 [ 1564.880993][T28177] should_fail_ex+0x512/0x640 [ 1564.881022][T28177] _copy_from_user+0x2e/0xd0 [ 1564.881049][T28177] move_addr_to_kernel+0x65/0x170 [ 1564.881081][T28177] __copy_msghdr+0x386/0x470 [ 1564.881118][T28177] copy_msghdr_from_user+0xc1/0x160 [ 1564.881154][T28177] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 1564.881197][T28177] ? __pfx__kstrtoull+0x10/0x10 [ 1564.881235][T28177] ___sys_sendmsg+0xfe/0x1d0 [ 1564.881273][T28177] ? __pfx____sys_sendmsg+0x10/0x10 [ 1564.881326][T28177] ? find_held_lock+0x2b/0x80 [ 1564.881381][T28177] __sys_sendmmsg+0x200/0x420 [ 1564.881422][T28177] ? __pfx___sys_sendmmsg+0x10/0x10 [ 1564.881470][T28177] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 1564.881525][T28177] ? fput+0x9b/0xd0 [ 1564.881547][T28177] ? ksys_write+0x1ac/0x250 [ 1564.881580][T28177] ? __pfx_ksys_write+0x10/0x10 [ 1564.881613][T28177] __x64_sys_sendmmsg+0x9c/0x100 [ 1564.881645][T28177] ? lockdep_hardirqs_on+0x7c/0x110 [ 1564.881677][T28177] do_syscall_64+0xcd/0xfa0 [ 1564.881714][T28177] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1564.881738][T28177] RIP: 0033:0x7f6bb638efc9 [ 1564.881759][T28177] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1564.881782][T28177] RSP: 002b:00007f6bb7222038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1564.881805][T28177] RAX: ffffffffffffffda RBX: 00007f6bb65e5fa0 RCX: 00007f6bb638efc9 [ 1564.881820][T28177] RDX: 0000000000000002 RSI: 00002000000001c0 RDI: 0000000000000003 [ 1564.881833][T28177] RBP: 00007f6bb7222090 R08: 0000000000000000 R09: 0000000000000000 [ 1564.881852][T28177] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001 [ 1564.881866][T28177] R13: 00007f6bb65e6038 R14: 00007f6bb65e5fa0 R15: 00007ffdec0858f8 [ 1564.881902][T28177] [ 1565.088692][ C0] vkms_vblank_simulate: vblank timer overrun [ 1565.125922][T20724] Bluetooth: hci0: command 0x0406 tx timeout [ 1565.126310][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 1565.205348][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 1565.516157][T28190] FAULT_INJECTION: forcing a failure. [ 1565.516157][T28190] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1565.551087][T28190] CPU: 1 UID: 0 PID: 28190 Comm: syz.3.4323 Not tainted syzkaller #0 PREEMPT(full) [ 1565.551120][T28190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1565.551135][T28190] Call Trace: [ 1565.551144][T28190] [ 1565.551154][T28190] dump_stack_lvl+0x16c/0x1f0 [ 1565.551195][T28190] should_fail_ex+0x512/0x640 [ 1565.551230][T28190] strncpy_from_user+0x3b/0x2e0 [ 1565.551269][T28190] getname_flags.part.0+0x8f/0x550 [ 1565.551301][T28190] getname_flags+0x93/0xf0 [ 1565.551333][T28190] do_sys_openat2+0xb8/0x1d0 [ 1565.551360][T28190] ? __pfx_do_sys_openat2+0x10/0x10 [ 1565.551390][T28190] ? __fget_files+0x20e/0x3c0 [ 1565.551428][T28190] __x64_sys_openat+0x174/0x210 [ 1565.551452][T28190] ? __pfx___x64_sys_openat+0x10/0x10 [ 1565.551476][T28190] ? ksys_write+0x1ac/0x250 [ 1565.551520][T28190] do_syscall_64+0xcd/0xfa0 [ 1565.551557][T28190] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1565.551582][T28190] RIP: 0033:0x7f025c98efc9 [ 1565.551602][T28190] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1565.551626][T28190] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1565.551649][T28190] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1565.551666][T28190] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 1565.551682][T28190] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1565.551698][T28190] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1565.551713][T28190] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1565.551747][T28190] [ 1565.600609][T28192] FAULT_INJECTION: forcing a failure. [ 1565.600609][T28192] name failslab, interval 1, probability 0, space 0, times 0 [ 1565.788792][T28192] CPU: 1 UID: 0 PID: 28192 Comm: syz.0.4324 Not tainted syzkaller #0 PREEMPT(full) [ 1565.788829][T28192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1565.788846][T28192] Call Trace: [ 1565.788855][T28192] [ 1565.788866][T28192] dump_stack_lvl+0x16c/0x1f0 [ 1565.788909][T28192] should_fail_ex+0x512/0x640 [ 1565.788933][T28192] ? fs_reclaim_acquire+0xae/0x150 [ 1565.788959][T28192] should_failslab+0xc2/0x120 [ 1565.788985][T28192] __kmalloc_noprof+0xdd/0x880 [ 1565.789016][T28192] ? tomoyo_encode2+0x100/0x3e0 [ 1565.789057][T28192] ? tomoyo_encode2+0x100/0x3e0 [ 1565.789087][T28192] tomoyo_encode2+0x100/0x3e0 [ 1565.789127][T28192] tomoyo_encode+0x29/0x50 [ 1565.789159][T28192] tomoyo_realpath_from_path+0x18f/0x6e0 [ 1565.789217][T28192] tomoyo_check_open_permission+0x2ab/0x3c0 [ 1565.789249][T28192] ? __pfx_tomoyo_check_open_permission+0x10/0x10 [ 1565.789319][T28192] ? do_raw_spin_lock+0x12c/0x2b0 [ 1565.789361][T28192] tomoyo_file_open+0x6b/0x90 [ 1565.789387][T28192] security_file_open+0x84/0x1e0 [ 1565.789422][T28192] do_dentry_open+0x596/0x1530 [ 1565.789469][T28192] vfs_open+0x82/0x3f0 [ 1565.789501][T28192] path_openat+0x1de4/0x2cb0 [ 1565.789549][T28192] ? __pfx_path_openat+0x10/0x10 [ 1565.789587][T28192] ? __lock_acquire+0xb8a/0x1c90 [ 1565.789618][T28192] do_filp_open+0x20b/0x470 [ 1565.789655][T28192] ? __pfx_do_filp_open+0x10/0x10 [ 1565.789719][T28192] ? alloc_fd+0x471/0x7d0 [ 1565.789762][T28192] do_sys_openat2+0x11b/0x1d0 [ 1565.789790][T28192] ? __pfx_do_sys_openat2+0x10/0x10 [ 1565.789833][T28192] __x64_sys_openat+0x174/0x210 [ 1565.789863][T28192] ? __pfx___x64_sys_openat+0x10/0x10 [ 1565.789907][T28192] do_syscall_64+0xcd/0xfa0 [ 1565.789948][T28192] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1565.789974][T28192] RIP: 0033:0x7f52dfb8efc9 [ 1565.789997][T28192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1565.790022][T28192] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1565.790047][T28192] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1565.790064][T28192] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: ffffffffffffff9c [ 1565.790081][T28192] RBP: 00007f52dfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1565.790097][T28192] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1565.790112][T28192] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1565.790150][T28192] [ 1565.790175][T28192] ERROR: Out of memory at tomoyo_realpath_from_path. [ 1566.245240][ T53] Bluetooth: hci4: command 0x0406 tx timeout [ 1566.942801][T28228] FAULT_INJECTION: forcing a failure. [ 1566.942801][T28228] name failslab, interval 1, probability 0, space 0, times 0 [ 1566.955854][T28228] CPU: 0 UID: 0 PID: 28228 Comm: syz.0.4335 Not tainted syzkaller #0 PREEMPT(full) [ 1566.955888][T28228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1566.955902][T28228] Call Trace: [ 1566.955911][T28228] [ 1566.955920][T28228] dump_stack_lvl+0x16c/0x1f0 [ 1566.955960][T28228] should_fail_ex+0x512/0x640 [ 1566.955981][T28228] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1566.956013][T28228] should_failslab+0xc2/0x120 [ 1566.956036][T28228] __kmalloc_cache_noprof+0x72/0x780 [ 1566.956066][T28228] ? rcu_is_watching+0x12/0xc0 [ 1566.956109][T28228] ? file_f_owner_allocate+0x84/0x130 [ 1566.956134][T28228] ? __lock_acquire+0x622/0x1c90 [ 1566.956162][T28228] ? file_f_owner_allocate+0x84/0x130 [ 1566.956186][T28228] file_f_owner_allocate+0x84/0x130 [ 1566.956210][T28228] fcntl_dirnotify+0x254/0xb60 [ 1566.956242][T28228] do_fcntl+0xe62/0x15a0 [ 1566.956267][T28228] ? __pfx_do_fcntl+0x10/0x10 [ 1566.956300][T28228] ? tomoyo_file_fcntl+0x6c/0xc0 [ 1566.956327][T28228] __x64_sys_fcntl+0x163/0x200 [ 1566.956356][T28228] do_syscall_64+0xcd/0xfa0 [ 1566.956393][T28228] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1566.956419][T28228] RIP: 0033:0x7f52dfb8efc9 [ 1566.956438][T28228] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1566.956461][T28228] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048 [ 1566.956486][T28228] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1566.956503][T28228] RDX: 0000000000000002 RSI: 0000000000000402 RDI: 0000000000000004 [ 1566.956518][T28228] RBP: 00007f52e095c090 R08: 0000000000000000 R09: 0000000000000000 [ 1566.956533][T28228] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1566.956548][T28228] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1566.956584][T28228] [ 1566.960533][T28230] bridge0: port 2(gretap0) entered blocking state [ 1567.156297][T28230] bridge0: port 2(gretap0) entered disabled state [ 1567.173246][T28230] gretap0: entered allmulticast mode [ 1567.208708][ T53] Bluetooth: hci0: command 0x0406 tx timeout [ 1567.215131][T28230] gretap0: entered promiscuous mode [ 1567.215377][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 1567.285309][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 1568.356412][T28258] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 1568.363391][T28258] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 1568.373183][T28258] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 1568.390178][T28258] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 1569.060477][T28274] netlink: 'syz.3.4348': attribute type 15 has an invalid length. [ 1569.068991][T28274] netlink: 186 bytes leftover after parsing attributes in process `syz.3.4348'. [ 1569.192993][T28278] ima: policy update failed [ 1569.203710][ T30] audit: type=1802 audit(1760698568.003:39): pid=28278 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.4350" res=0 errno=0 [ 1569.270272][T28276] netlink: 'syz.3.4349': attribute type 11 has an invalid length. [ 1570.415403][ T53] Bluetooth: hci3: command 0x0406 tx timeout [ 1570.415769][T28182] Bluetooth: hci0: command 0x0406 tx timeout [ 1570.421450][ T53] Bluetooth: hci1: command 0x0406 tx timeout [ 1570.427553][T20724] Bluetooth: hci4: command 0x0406 tx timeout [ 1572.391064][T28332] random: crng reseeded on system resumption [ 1573.201188][T28342] FAULT_INJECTION: forcing a failure. [ 1573.201188][T28342] name failslab, interval 1, probability 0, space 0, times 0 [ 1573.214047][T28342] CPU: 0 UID: 0 PID: 28342 Comm: syz.2.4367 Not tainted syzkaller #0 PREEMPT(full) [ 1573.214081][T28342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1573.214096][T28342] Call Trace: [ 1573.214105][T28342] [ 1573.214116][T28342] dump_stack_lvl+0x16c/0x1f0 [ 1573.214157][T28342] should_fail_ex+0x512/0x640 [ 1573.214179][T28342] ? __kvmalloc_node_noprof+0x12e/0x9c0 [ 1573.214218][T28342] should_failslab+0xc2/0x120 [ 1573.214242][T28342] __kvmalloc_node_noprof+0x141/0x9c0 [ 1573.214279][T28342] ? vmemdup_user+0x2a/0xe0 [ 1573.214318][T28342] ? vmemdup_user+0x2a/0xe0 [ 1573.214348][T28342] vmemdup_user+0x2a/0xe0 [ 1573.214381][T28342] map_lookup_elem+0x3c2/0x700 [ 1573.214418][T28342] __sys_bpf+0x3d7a/0x4980 [ 1573.214456][T28342] ? __pfx___sys_bpf+0x10/0x10 [ 1573.214487][T28342] ? find_held_lock+0x2b/0x80 [ 1573.214528][T28342] ? vfs_write+0x15d/0x11d0 [ 1573.214569][T28342] ? __pfx_vfs_write+0x10/0x10 [ 1573.214627][T28342] ? ksys_write+0x1ac/0x250 [ 1573.214660][T28342] ? __pfx_ksys_write+0x10/0x10 [ 1573.214699][T28342] __x64_sys_bpf+0x78/0xc0 [ 1573.214730][T28342] ? lockdep_hardirqs_on+0x7c/0x110 [ 1573.214764][T28342] do_syscall_64+0xcd/0xfa0 [ 1573.214802][T28342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1573.214827][T28342] RIP: 0033:0x7f036318efc9 [ 1573.214847][T28342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1573.214869][T28342] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 1573.214890][T28342] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1573.214905][T28342] RDX: 0000000000000007 RSI: 0000200000000040 RDI: 0000000000000001 [ 1573.214919][T28342] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1573.214935][T28342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1573.214950][T28342] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1573.214986][T28342] [ 1573.671939][T28350] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4370'. [ 1573.916108][T28350] team0: Port device team_slave_1 removed [ 1576.452735][T28383] netlink: 5 bytes leftover after parsing attributes in process `syz.3.4378'. [ 1577.365554][T28386] syz.0.4380 uses obsolete (PF_INET,SOCK_PACKET) [ 1577.428117][ T30] audit: type=1326 audit(1760698576.203:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28384 comm="syz.0.4380" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f52dfb8efc9 code=0x0 [ 1578.870392][T28415] FAULT_INJECTION: forcing a failure. [ 1578.870392][T28415] name failslab, interval 1, probability 0, space 0, times 0 [ 1578.883126][T28415] CPU: 0 UID: 0 PID: 28415 Comm: syz.2.4386 Not tainted syzkaller #0 PREEMPT(full) [ 1578.883146][T28415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1578.883154][T28415] Call Trace: [ 1578.883160][T28415] [ 1578.883166][T28415] dump_stack_lvl+0x16c/0x1f0 [ 1578.883192][T28415] should_fail_ex+0x512/0x640 [ 1578.883205][T28415] ? __kmalloc_noprof+0xca/0x880 [ 1578.883223][T28415] should_failslab+0xc2/0x120 [ 1578.883237][T28415] __kmalloc_noprof+0xdd/0x880 [ 1578.883253][T28415] ? __pfx_inc_ucount+0x10/0x10 [ 1578.883266][T28415] ? net_alloc_generic+0x1e/0x70 [ 1578.883283][T28415] ? net_alloc_generic+0x1e/0x70 [ 1578.883293][T28415] net_alloc_generic+0x1e/0x70 [ 1578.883306][T28415] copy_net_ns+0xc7/0x690 [ 1578.883318][T28415] ? copy_cgroup_ns+0x71/0x6b0 [ 1578.883341][T28415] create_new_namespaces+0x3ea/0xa90 [ 1578.883365][T28415] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1578.883387][T28415] ksys_unshare+0x45b/0xa40 [ 1578.883407][T28415] ? __pfx_ksys_unshare+0x10/0x10 [ 1578.883421][T28415] ? ksys_write+0x1ac/0x250 [ 1578.883446][T28415] __x64_sys_unshare+0x31/0x40 [ 1578.883459][T28415] do_syscall_64+0xcd/0xfa0 [ 1578.883481][T28415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1578.883496][T28415] RIP: 0033:0x7f036318efc9 [ 1578.883508][T28415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1578.883521][T28415] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1578.883536][T28415] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1578.883545][T28415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1578.883554][T28415] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1578.883562][T28415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1578.883571][T28415] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1578.883589][T28415] [ 1580.253028][T28425] FAULT_INJECTION: forcing a failure. [ 1580.253028][T28425] name failslab, interval 1, probability 0, space 0, times 0 [ 1580.265967][T28425] CPU: 0 UID: 0 PID: 28425 Comm: syz.2.4391 Not tainted syzkaller #0 PREEMPT(full) [ 1580.265990][T28425] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1580.266000][T28425] Call Trace: [ 1580.266006][T28425] [ 1580.266012][T28425] dump_stack_lvl+0x16c/0x1f0 [ 1580.266041][T28425] should_fail_ex+0x512/0x640 [ 1580.266055][T28425] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1580.266081][T28425] should_failslab+0xc2/0x120 [ 1580.266096][T28425] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1580.266120][T28425] ? nlmsg_notify+0xac/0x220 [ 1580.266133][T28425] ? __addrconf_sysctl_register+0xbb/0x360 [ 1580.266162][T28425] ? kmemdup_noprof+0x29/0x60 [ 1580.266182][T28425] kmemdup_noprof+0x29/0x60 [ 1580.266203][T28425] __addrconf_sysctl_register+0xbb/0x360 [ 1580.266228][T28425] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 1580.266256][T28425] ? __asan_memcpy+0x3c/0x60 [ 1580.266277][T28425] addrconf_init_net+0x53a/0x8e0 [ 1580.266303][T28425] ? __pfx_addrconf_init_net+0x10/0x10 [ 1580.266326][T28425] ops_init+0x1e2/0x5f0 [ 1580.266351][T28425] setup_net+0x100/0x390 [ 1580.266367][T28425] ? __pfx_setup_net+0x10/0x10 [ 1580.266383][T28425] ? debug_mutex_init+0x37/0x70 [ 1580.266407][T28425] copy_net_ns+0x2f8/0x690 [ 1580.266425][T28425] create_new_namespaces+0x3ea/0xa90 [ 1580.266451][T28425] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1580.266475][T28425] ksys_unshare+0x45b/0xa40 [ 1580.266491][T28425] ? __pfx_ksys_unshare+0x10/0x10 [ 1580.266507][T28425] ? xfd_validate_state+0x61/0x180 [ 1580.266529][T28425] __x64_sys_unshare+0x31/0x40 [ 1580.266543][T28425] do_syscall_64+0xcd/0xfa0 [ 1580.266567][T28425] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1580.266582][T28425] RIP: 0033:0x7f036318efc9 [ 1580.266597][T28425] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1580.266611][T28425] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1580.266626][T28425] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1580.266637][T28425] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1580.266647][T28425] RBP: 00007f0363211f91 R08: 0000000000000000 R09: 0000000000000000 [ 1580.266656][T28425] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1580.266665][T28425] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1580.266685][T28425] [ 1581.900939][T28451] FAULT_INJECTION: forcing a failure. [ 1581.900939][T28451] name failslab, interval 1, probability 0, space 0, times 0 [ 1581.940112][T28451] CPU: 0 UID: 0 PID: 28451 Comm: syz.3.4396 Not tainted syzkaller #0 PREEMPT(full) [ 1581.940147][T28451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1581.940163][T28451] Call Trace: [ 1581.940172][T28451] [ 1581.940182][T28451] dump_stack_lvl+0x16c/0x1f0 [ 1581.940229][T28451] should_fail_ex+0x512/0x640 [ 1581.940252][T28451] ? __kmalloc_noprof+0xca/0x880 [ 1581.940285][T28451] should_failslab+0xc2/0x120 [ 1581.940311][T28451] __kmalloc_noprof+0xdd/0x880 [ 1581.940341][T28451] ? alloc_pipe_info+0x1ec/0x590 [ 1581.940383][T28451] ? alloc_pipe_info+0x1ec/0x590 [ 1581.940416][T28451] alloc_pipe_info+0x1ec/0x590 [ 1581.940454][T28451] splice_direct_to_actor+0x77d/0xa30 [ 1581.940490][T28451] ? __pfx_direct_splice_actor+0x10/0x10 [ 1581.940523][T28451] ? __pfx_aa_file_perm+0x10/0x10 [ 1581.940558][T28451] ? find_held_lock+0x2b/0x80 [ 1581.940592][T28451] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 1581.940621][T28451] ? get_pid_task+0xfc/0x250 [ 1581.940656][T28451] do_splice_direct+0x174/0x240 [ 1581.940688][T28451] ? __pfx_do_splice_direct+0x10/0x10 [ 1581.940720][T28451] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 1581.940756][T28451] ? rw_verify_area+0xcf/0x6c0 [ 1581.940814][T28451] do_sendfile+0xb06/0xe50 [ 1581.940853][T28451] ? __pfx_do_sendfile+0x10/0x10 [ 1581.940885][T28451] ? __fget_files+0x20e/0x3c0 [ 1581.940926][T28451] __x64_sys_sendfile64+0x1d8/0x220 [ 1581.940950][T28451] ? ksys_write+0x1ac/0x250 [ 1581.940982][T28451] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 1581.941017][T28451] do_syscall_64+0xcd/0xfa0 [ 1581.941055][T28451] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1581.941080][T28451] RIP: 0033:0x7f025c98efc9 [ 1581.941101][T28451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1581.941125][T28451] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 1581.941149][T28451] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1581.941166][T28451] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000002 [ 1581.941181][T28451] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1581.941197][T28451] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000001 [ 1581.941219][T28451] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1581.941255][T28451] [ 1582.676478][T28182] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1582.686681][T28182] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1582.704641][T28182] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1582.721263][T28182] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1582.732295][T28182] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1582.830260][T28464] FAULT_INJECTION: forcing a failure. [ 1582.830260][T28464] name failslab, interval 1, probability 0, space 0, times 0 [ 1582.913588][T28464] CPU: 1 UID: 0 PID: 28464 Comm: syz.0.4400 Not tainted syzkaller #0 PREEMPT(full) [ 1582.913625][T28464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1582.913640][T28464] Call Trace: [ 1582.913646][T28464] [ 1582.913653][T28464] dump_stack_lvl+0x16c/0x1f0 [ 1582.913679][T28464] should_fail_ex+0x512/0x640 [ 1582.913693][T28464] ? __kmalloc_noprof+0xca/0x880 [ 1582.913712][T28464] should_failslab+0xc2/0x120 [ 1582.913726][T28464] __kmalloc_noprof+0xdd/0x880 [ 1582.913744][T28464] ? ops_init+0x77/0x5f0 [ 1582.913760][T28464] ? ops_init+0x77/0x5f0 [ 1582.913771][T28464] ops_init+0x77/0x5f0 [ 1582.913785][T28464] setup_net+0x100/0x390 [ 1582.913799][T28464] ? __pfx_setup_net+0x10/0x10 [ 1582.913813][T28464] ? debug_mutex_init+0x37/0x70 [ 1582.913835][T28464] copy_net_ns+0x2f8/0x690 [ 1582.913855][T28464] create_new_namespaces+0x3ea/0xa90 [ 1582.913881][T28464] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1582.913903][T28464] ksys_unshare+0x45b/0xa40 [ 1582.913921][T28464] ? __pfx_ksys_unshare+0x10/0x10 [ 1582.913936][T28464] ? xfd_validate_state+0x61/0x180 [ 1582.913956][T28464] __x64_sys_unshare+0x31/0x40 [ 1582.913970][T28464] do_syscall_64+0xcd/0xfa0 [ 1582.913992][T28464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1582.914006][T28464] RIP: 0033:0x7f52dfb8efc9 [ 1582.914019][T28464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1582.914033][T28464] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1582.914047][T28464] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1582.914057][T28464] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1582.914066][T28464] RBP: 00007f52dfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1582.914075][T28464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1582.914083][T28464] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1582.914111][T28464] [ 1583.295736][ T66] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1583.486248][ T66] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1583.626771][ T66] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1583.764587][ T66] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1584.186349][T28461] chnl_net:caif_netlink_parms(): no params data found [ 1584.616452][T28461] bridge0: port 1(bridge_slave_0) entered blocking state [ 1584.625343][T28461] bridge0: port 1(bridge_slave_0) entered disabled state [ 1584.632547][T28461] bridge_slave_0: entered allmulticast mode [ 1584.664234][T28461] bridge_slave_0: entered promiscuous mode [ 1584.665288][ T30] audit: type=1800 audit(1760698583.453:41): pid=28492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4405" name="discovery_nqn" dev="configfs" ino=174088 res=0 errno=0 [ 1584.815899][T28182] Bluetooth: hci2: command tx timeout [ 1585.082763][ T66] bridge_slave_0: left allmulticast mode [ 1585.105297][ T66] bridge_slave_0: left promiscuous mode [ 1585.117649][ T66] bridge0: port 1(bridge_slave_0) entered disabled state [ 1586.672090][ T66] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1586.696666][ T66] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1586.718001][ T66] bond0 (unregistering): Released all slaves [ 1586.755116][T28461] bridge0: port 2(bridge_slave_1) entered blocking state [ 1586.764536][T28461] bridge0: port 2(bridge_slave_1) entered disabled state [ 1586.784194][T28461] bridge_slave_1: entered allmulticast mode [ 1586.817908][T28461] bridge_slave_1: entered promiscuous mode [ 1586.903436][T28182] Bluetooth: hci2: command tx timeout [ 1587.023944][T28461] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1587.065648][T28461] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1587.183432][T28461] team0: Port device team_slave_0 added [ 1587.201983][T28461] team0: Port device team_slave_1 added [ 1587.279382][ T66] hsr_slave_0: left promiscuous mode [ 1587.287139][ T66] hsr_slave_1: left promiscuous mode [ 1587.293227][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1587.302882][ T66] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1587.314064][ T66] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1587.322775][ T66] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1587.341141][ T66] veth1_macvtap: left promiscuous mode [ 1587.347129][ T66] veth0_macvtap: left promiscuous mode [ 1587.352742][ T66] veth1_vlan: left promiscuous mode [ 1587.358271][ T66] veth0_vlan: left promiscuous mode [ 1587.749518][ T66] team0 (unregistering): Port device team_slave_1 removed [ 1587.786887][ T66] team0 (unregistering): Port device team_slave_0 removed [ 1588.091742][T28461] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1588.098941][T28461] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1588.129107][T28461] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1588.176247][T28461] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1588.183217][T28461] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 1588.240354][T28461] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1588.638405][T28551] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4413'. [ 1588.647900][T28551] openvswitch: netlink: Flow set message rejected, Key attribute missing. [ 1588.674086][T28461] hsr_slave_0: entered promiscuous mode [ 1588.733978][T28461] hsr_slave_1: entered promiscuous mode [ 1588.965823][T28182] Bluetooth: hci2: command tx timeout [ 1589.128395][T28461] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 1589.185475][T28461] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 1589.204958][T28461] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 1589.239041][T28461] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 1589.519572][T28553] Process accounting resumed [ 1589.576697][T28573] FAULT_INJECTION: forcing a failure. [ 1589.576697][T28573] name failslab, interval 1, probability 0, space 0, times 0 [ 1589.591848][T28573] CPU: 0 UID: 0 PID: 28573 Comm: syz.0.4421 Not tainted syzkaller #0 PREEMPT(full) [ 1589.591885][T28573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1589.591901][T28573] Call Trace: [ 1589.591911][T28573] [ 1589.591921][T28573] dump_stack_lvl+0x16c/0x1f0 [ 1589.591962][T28573] should_fail_ex+0x512/0x640 [ 1589.591984][T28573] ? __kmalloc_node_track_caller_noprof+0xcb/0x8a0 [ 1589.592028][T28573] should_failslab+0xc2/0x120 [ 1589.592055][T28573] __kmalloc_node_track_caller_noprof+0xde/0x8a0 [ 1589.592093][T28573] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 1589.592128][T28573] ? xfrm6_net_init+0x9e/0x1c0 [ 1589.592164][T28573] ? __pfx_xfrm6_net_init+0x10/0x10 [ 1589.592201][T28573] ? kmemdup_noprof+0x29/0x60 [ 1589.592234][T28573] kmemdup_noprof+0x29/0x60 [ 1589.592269][T28573] xfrm6_net_init+0x9e/0x1c0 [ 1589.592305][T28573] ? __pfx_xfrm6_net_init+0x10/0x10 [ 1589.592338][T28573] ops_init+0x1e2/0x5f0 [ 1589.592367][T28573] setup_net+0x100/0x390 [ 1589.592404][T28573] ? __pfx_setup_net+0x10/0x10 [ 1589.592432][T28573] ? debug_mutex_init+0x37/0x70 [ 1589.592471][T28573] copy_net_ns+0x2f8/0x690 [ 1589.592502][T28573] create_new_namespaces+0x3ea/0xa90 [ 1589.592548][T28573] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1589.592586][T28573] ksys_unshare+0x45b/0xa40 [ 1589.592612][T28573] ? __pfx_ksys_unshare+0x10/0x10 [ 1589.592639][T28573] ? xfd_validate_state+0x61/0x180 [ 1589.592676][T28573] __x64_sys_unshare+0x31/0x40 [ 1589.592702][T28573] do_syscall_64+0xcd/0xfa0 [ 1589.592740][T28573] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1589.592765][T28573] RIP: 0033:0x7f52dfb8efc9 [ 1589.592787][T28573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1589.592812][T28573] RSP: 002b:00007f52e095c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1589.592838][T28573] RAX: ffffffffffffffda RBX: 00007f52dfde5fa0 RCX: 00007f52dfb8efc9 [ 1589.592854][T28573] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1589.592869][T28573] RBP: 00007f52dfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1589.592883][T28573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1589.592896][T28573] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1589.592928][T28573] [ 1589.939102][T28461] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1590.028550][T28461] 8021q: adding VLAN 0 to HW filter on device team0 [ 1590.081934][ T154] bridge0: port 1(bridge_slave_0) entered blocking state [ 1590.089148][ T154] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1590.148087][ T154] bridge0: port 2(bridge_slave_1) entered blocking state [ 1590.155300][ T154] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1590.255371][ T30] audit: type=1326 audit(1760698589.053:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=28569 comm="syz.3.4414" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f025c98efc9 code=0x0 [ 1590.287121][T28461] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 1590.564461][T28594] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4416'. [ 1590.574175][T28594] FAULT_INJECTION: forcing a failure. [ 1590.574175][T28594] name failslab, interval 1, probability 0, space 0, times 0 [ 1590.709646][T28594] CPU: 1 UID: 0 PID: 28594 Comm: syz.0.4416 Not tainted syzkaller #0 PREEMPT(full) [ 1590.709682][T28594] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1590.709696][T28594] Call Trace: [ 1590.709705][T28594] [ 1590.709715][T28594] dump_stack_lvl+0x16c/0x1f0 [ 1590.709757][T28594] should_fail_ex+0x512/0x640 [ 1590.709780][T28594] ? __kmalloc_cache_noprof+0x5f/0x780 [ 1590.709815][T28594] should_failslab+0xc2/0x120 [ 1590.709838][T28594] __kmalloc_cache_noprof+0x72/0x780 [ 1590.709872][T28594] ? tbl_mask_cache_alloc+0xa1/0x200 [ 1590.709910][T28594] ? tbl_mask_cache_alloc+0xa1/0x200 [ 1590.709941][T28594] tbl_mask_cache_alloc+0xa1/0x200 [ 1590.709973][T28594] ovs_flow_tbl_init+0x24/0x600 [ 1590.710004][T28594] ? kasan_save_track+0x14/0x30 [ 1590.710040][T28594] ovs_dp_cmd_new+0x251/0xe60 [ 1590.710082][T28594] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1590.710118][T28594] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 1590.710150][T28594] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 1590.710188][T28594] genl_family_rcv_msg_doit+0x209/0x2f0 [ 1590.710218][T28594] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 1590.710270][T28594] ? bpf_lsm_capable+0x9/0x10 [ 1590.710294][T28594] ? security_capable+0x7e/0x260 [ 1590.710318][T28594] ? ns_capable+0xd7/0x110 [ 1590.710354][T28594] genl_rcv_msg+0x55c/0x800 [ 1590.710385][T28594] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1590.710412][T28594] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 1590.710458][T28594] netlink_rcv_skb+0x158/0x420 [ 1590.710481][T28594] ? __pfx_genl_rcv_msg+0x10/0x10 [ 1590.710507][T28594] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 1590.710544][T28594] ? netlink_deliver_tap+0x1ae/0xd30 [ 1590.710667][T28594] genl_rcv+0x28/0x40 [ 1590.710683][T28594] netlink_unicast+0x5aa/0x870 [ 1590.710700][T28594] ? __pfx_netlink_unicast+0x10/0x10 [ 1590.710721][T28594] netlink_sendmsg+0x8c8/0xdd0 [ 1590.710739][T28594] ? __pfx_netlink_sendmsg+0x10/0x10 [ 1590.710755][T28594] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 1590.710775][T28594] ____sys_sendmsg+0xa98/0xc70 [ 1590.710793][T28594] ? copy_msghdr_from_user+0x10a/0x160 [ 1590.710813][T28594] ? __pfx_____sys_sendmsg+0x10/0x10 [ 1590.710834][T28594] ? __pfx_futex_wake_mark+0x10/0x10 [ 1590.710855][T28594] ___sys_sendmsg+0x134/0x1d0 [ 1590.710874][T28594] ? futex_private_hash_put+0x176/0x300 [ 1590.710897][T28594] ? __pfx____sys_sendmsg+0x10/0x10 [ 1590.710916][T28594] ? __lock_acquire+0x622/0x1c90 [ 1590.710954][T28594] __sys_sendmsg+0x16d/0x220 [ 1590.710975][T28594] ? __pfx___sys_sendmsg+0x10/0x10 [ 1590.710995][T28594] ? __x64_sys_futex+0x1e0/0x4c0 [ 1590.711021][T28594] do_syscall_64+0xcd/0xfa0 [ 1590.711044][T28594] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1590.711058][T28594] RIP: 0033:0x7f52dfb8efc9 [ 1590.711071][T28594] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1590.711086][T28594] RSP: 002b:00007f52dddf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 1590.711100][T28594] RAX: ffffffffffffffda RBX: 00007f52dfde6090 RCX: 00007f52dfb8efc9 [ 1590.711109][T28594] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 000000000000000a [ 1590.711118][T28594] RBP: 00007f52dfc11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1590.711127][T28594] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1590.711135][T28594] R13: 00007f52dfde6128 R14: 00007f52dfde6090 R15: 00007ffd10747308 [ 1590.711155][T28594] [ 1591.078002][T28182] Bluetooth: hci2: command tx timeout [ 1591.459810][T28461] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1591.981212][T28619] FAULT_INJECTION: forcing a failure. [ 1591.981212][T28619] name failslab, interval 1, probability 0, space 0, times 0 [ 1592.051274][T28619] CPU: 0 UID: 0 PID: 28619 Comm: syz.3.4419 Not tainted syzkaller #0 PREEMPT(full) [ 1592.051298][T28619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1592.051307][T28619] Call Trace: [ 1592.051313][T28619] [ 1592.051319][T28619] dump_stack_lvl+0x16c/0x1f0 [ 1592.051344][T28619] should_fail_ex+0x512/0x640 [ 1592.051357][T28619] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1592.051378][T28619] should_failslab+0xc2/0x120 [ 1592.051392][T28619] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1592.051411][T28619] ? vm_area_dup+0x27/0x8d0 [ 1592.051431][T28619] ? vm_area_dup+0x27/0x8d0 [ 1592.051446][T28619] vm_area_dup+0x27/0x8d0 [ 1592.051464][T28619] __split_vma+0x18e/0x1070 [ 1592.051487][T28619] ? __pfx_walk_pgd_range+0x10/0x10 [ 1592.051507][T28619] ? __pfx___split_vma+0x10/0x10 [ 1592.051524][T28619] ? find_vma+0xbf/0x140 [ 1592.051554][T28619] vma_modify+0xee1/0x2030 [ 1592.051575][T28619] ? __pfx_vma_modify+0x10/0x10 [ 1592.051597][T28619] vma_modify_policy+0x219/0x2d0 [ 1592.051615][T28619] ? __pfx_vma_modify_policy+0x10/0x10 [ 1592.051641][T28619] ? mas_walk+0x6f5/0x980 [ 1592.051662][T28619] mbind_range+0x175/0x570 [ 1592.051682][T28619] do_mbind+0x83a/0xf20 [ 1592.051703][T28619] ? __pfx_do_mbind+0x10/0x10 [ 1592.051718][T28619] ? find_held_lock+0x2b/0x80 [ 1592.051747][T28619] ? __pfx_get_nodes+0x10/0x10 [ 1592.051768][T28619] ? __fget_files+0x20e/0x3c0 [ 1592.051790][T28619] kernel_mbind+0x1e3/0x1f0 [ 1592.051808][T28619] ? __pfx_kernel_mbind+0x10/0x10 [ 1592.051829][T28619] do_syscall_64+0xcd/0xfa0 [ 1592.051851][T28619] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1592.051866][T28619] RIP: 0033:0x7f025c98efc9 [ 1592.051877][T28619] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1592.051891][T28619] RSP: 002b:00007f025d7bd038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 1592.051906][T28619] RAX: ffffffffffffffda RBX: 00007f025cbe6090 RCX: 00007f025c98efc9 [ 1592.051915][T28619] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 1592.051924][T28619] RBP: 00007f025d7bd090 R08: 0000000000000006 R09: 0000000000000002 [ 1592.051932][T28619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1592.051940][T28619] R13: 00007f025cbe6128 R14: 00007f025cbe6090 R15: 00007ffc622eca28 [ 1592.051960][T28619] [ 1592.904028][T28618] random: crng reseeded on system resumption [ 1592.911811][T28461] veth0_vlan: entered promiscuous mode [ 1592.974900][T28461] veth1_vlan: entered promiscuous mode [ 1593.058022][T28461] veth0_macvtap: entered promiscuous mode [ 1593.069217][T28461] veth1_macvtap: entered promiscuous mode [ 1593.153381][T28461] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1593.251168][T28461] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1593.343645][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1593.370757][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1593.399230][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1593.416050][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1593.685760][ T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1593.713888][ T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1593.967988][ T3502] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1594.067134][ T3502] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1594.805024][T28676] FAULT_INJECTION: forcing a failure. [ 1594.805024][T28676] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1594.865134][T28676] CPU: 0 UID: 0 PID: 28676 Comm: syz.4.4429 Not tainted syzkaller #0 PREEMPT(full) [ 1594.865169][T28676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1594.865182][T28676] Call Trace: [ 1594.865196][T28676] [ 1594.865206][T28676] dump_stack_lvl+0x16c/0x1f0 [ 1594.865245][T28676] should_fail_ex+0x512/0x640 [ 1594.865272][T28676] _copy_to_user+0x32/0xd0 [ 1594.865299][T28676] simple_read_from_buffer+0xcb/0x170 [ 1594.865332][T28676] proc_fail_nth_read+0x197/0x240 [ 1594.865364][T28676] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1594.865399][T28676] ? rw_verify_area+0xcf/0x6c0 [ 1594.865426][T28676] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1594.865455][T28676] vfs_read+0x1e4/0xcf0 [ 1594.865492][T28676] ? __pfx___mutex_lock+0x10/0x10 [ 1594.865516][T28676] ? __pfx_vfs_read+0x10/0x10 [ 1594.865557][T28676] ? __fget_files+0x20e/0x3c0 [ 1594.865597][T28676] ksys_read+0x12a/0x250 [ 1594.865628][T28676] ? __pfx_ksys_read+0x10/0x10 [ 1594.865667][T28676] do_syscall_64+0xcd/0xfa0 [ 1594.865705][T28676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1594.865729][T28676] RIP: 0033:0x7f3f5c98d9dc [ 1594.865748][T28676] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1594.865769][T28676] RSP: 002b:00007f3f5d75a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1594.865794][T28676] RAX: ffffffffffffffda RBX: 00007f3f5cbe5fa0 RCX: 00007f3f5c98d9dc [ 1594.865810][T28676] RDX: 000000000000000f RSI: 00007f3f5d75a0a0 RDI: 0000000000000004 [ 1594.865826][T28676] RBP: 00007f3f5d75a090 R08: 0000000000000000 R09: 0000000000000000 [ 1594.865841][T28676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1594.865856][T28676] R13: 00007f3f5cbe6038 R14: 00007f3f5cbe5fa0 R15: 00007ffcc173ccb8 [ 1594.865892][T28676] [ 1595.044211][ C0] vkms_vblank_simulate: vblank timer overrun [ 1595.209376][T28679] netlink: 'syz.2.4430': attribute type 15 has an invalid length. [ 1595.217375][T28679] netlink: 186 bytes leftover after parsing attributes in process `syz.2.4430'. [ 1595.435553][T28687] netlink: 'syz.4.4432': attribute type 15 has an invalid length. [ 1595.455317][T28687] netlink: 186 bytes leftover after parsing attributes in process `syz.4.4432'. [ 1596.197480][T28698] FAULT_INJECTION: forcing a failure. [ 1596.197480][T28698] name failslab, interval 1, probability 0, space 0, times 0 [ 1596.274246][T28698] CPU: 1 UID: 0 PID: 28698 Comm: syz.3.4437 Not tainted syzkaller #0 PREEMPT(full) [ 1596.274281][T28698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1596.274296][T28698] Call Trace: [ 1596.274306][T28698] [ 1596.274316][T28698] dump_stack_lvl+0x16c/0x1f0 [ 1596.274357][T28698] should_fail_ex+0x512/0x640 [ 1596.274380][T28698] ? __kmalloc_noprof+0xca/0x880 [ 1596.274414][T28698] should_failslab+0xc2/0x120 [ 1596.274439][T28698] __kmalloc_noprof+0xdd/0x880 [ 1596.274467][T28698] ? __pfx___mutex_lock+0x10/0x10 [ 1596.274491][T28698] ? tracepoint_add_func+0x2a6/0xea0 [ 1596.274526][T28698] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1596.274559][T28698] ? tracepoint_add_func+0x2a6/0xea0 [ 1596.274588][T28698] tracepoint_add_func+0x2a6/0xea0 [ 1596.274618][T28698] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1596.274658][T28698] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1596.274689][T28698] tracepoint_probe_register+0xbf/0x100 [ 1596.274723][T28698] ? __pfx_tracepoint_probe_register+0x10/0x10 [ 1596.274756][T28698] ? __pfx_probe_sched_wakeup+0x10/0x10 [ 1596.274799][T28698] tracing_start_sched_switch+0xdc/0x1e0 [ 1596.274829][T28698] __ftrace_event_enable_disable+0x694/0x810 [ 1596.274870][T28698] __ftrace_set_clr_event_nolock+0x390/0xb70 [ 1596.274917][T28698] ftrace_set_clr_event+0x16e/0x330 [ 1596.274955][T28698] ? __pfx_ftrace_set_clr_event+0x10/0x10 [ 1596.275003][T28698] ftrace_event_write+0x259/0x2c0 [ 1596.275040][T28698] ? __pfx_ftrace_event_write+0x10/0x10 [ 1596.275096][T28698] ? __pfx_ftrace_event_write+0x10/0x10 [ 1596.275130][T28698] vfs_write+0x2a0/0x11d0 [ 1596.275171][T28698] ? __pfx___mutex_lock+0x10/0x10 [ 1596.275194][T28698] ? __pfx_vfs_write+0x10/0x10 [ 1596.275239][T28698] ? __fget_files+0x20e/0x3c0 [ 1596.275283][T28698] ksys_write+0x12a/0x250 [ 1596.275316][T28698] ? __pfx_ksys_write+0x10/0x10 [ 1596.275362][T28698] do_syscall_64+0xcd/0xfa0 [ 1596.275401][T28698] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1596.275426][T28698] RIP: 0033:0x7f025c98efc9 [ 1596.275447][T28698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1596.275471][T28698] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1596.275496][T28698] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1596.275513][T28698] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 1596.275527][T28698] RBP: 00007f025d7de090 R08: 0000000000000000 R09: 0000000000000000 [ 1596.275543][T28698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1596.275558][T28698] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1596.275597][T28698] [ 1596.613243][T28700] FAULT_INJECTION: forcing a failure. [ 1596.613243][T28700] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1596.628206][T28698] wakeup trace: Couldn't activate tracepoint probe to kernel_sched_wakeup_new [ 1596.648581][T28700] CPU: 1 UID: 0 PID: 28700 Comm: syz.4.4438 Not tainted syzkaller #0 PREEMPT(full) [ 1596.648612][T28700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1596.648627][T28700] Call Trace: [ 1596.648636][T28700] [ 1596.648645][T28700] dump_stack_lvl+0x16c/0x1f0 [ 1596.648686][T28700] should_fail_ex+0x512/0x640 [ 1596.648715][T28700] _copy_to_user+0x32/0xd0 [ 1596.648743][T28700] simple_read_from_buffer+0xcb/0x170 [ 1596.648776][T28700] proc_fail_nth_read+0x197/0x240 [ 1596.648812][T28700] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1596.648855][T28700] ? rw_verify_area+0xcf/0x6c0 [ 1596.648885][T28700] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1596.648919][T28700] vfs_read+0x1e4/0xcf0 [ 1596.648956][T28700] ? __pfx___mutex_lock+0x10/0x10 [ 1596.648979][T28700] ? __pfx_vfs_read+0x10/0x10 [ 1596.649021][T28700] ? __fget_files+0x20e/0x3c0 [ 1596.649048][T28700] ? jump_label_swap+0x160/0x180 [ 1596.649080][T28700] ksys_read+0x12a/0x250 [ 1596.649116][T28700] ? __pfx_ksys_read+0x10/0x10 [ 1596.649158][T28700] do_syscall_64+0xcd/0xfa0 [ 1596.649192][T28700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1596.649216][T28700] RIP: 0033:0x7f3f5c98d9dc [ 1596.649234][T28700] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1596.649255][T28700] RSP: 002b:00007f3f5d75a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1596.649277][T28700] RAX: ffffffffffffffda RBX: 00007f3f5cbe5fa0 RCX: 00007f3f5c98d9dc [ 1596.649292][T28700] RDX: 000000000000000f RSI: 00007f3f5d75a0a0 RDI: 0000000000000003 [ 1596.649305][T28700] RBP: 00007f3f5d75a090 R08: 0000000000000000 R09: 0000000000000000 [ 1596.649320][T28700] R10: 0000000000008002 R11: 0000000000000246 R12: 0000000000000001 [ 1596.649334][T28700] R13: 00007f3f5cbe6038 R14: 00007f3f5cbe5fa0 R15: 00007ffcc173ccb8 [ 1596.649370][T28700] [ 1597.074507][T28708] FAULT_INJECTION: forcing a failure. [ 1597.074507][T28708] name failslab, interval 1, probability 0, space 0, times 0 [ 1597.094241][T28707] netlink: 'syz.2.4441': attribute type 15 has an invalid length. [ 1597.105278][T28707] netlink: 186 bytes leftover after parsing attributes in process `syz.2.4441'. [ 1597.123638][T28708] CPU: 1 UID: 0 PID: 28708 Comm: syz.0.4440 Not tainted syzkaller #0 PREEMPT(full) [ 1597.123672][T28708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1597.123686][T28708] Call Trace: [ 1597.123695][T28708] [ 1597.123706][T28708] dump_stack_lvl+0x16c/0x1f0 [ 1597.123744][T28708] should_fail_ex+0x512/0x640 [ 1597.123775][T28708] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1597.123811][T28708] should_failslab+0xc2/0x120 [ 1597.123835][T28708] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1597.123866][T28708] ? alloc_empty_file+0x55/0x1e0 [ 1597.123898][T28708] ? alloc_empty_file+0x55/0x1e0 [ 1597.123922][T28708] alloc_empty_file+0x55/0x1e0 [ 1597.123949][T28708] path_openat+0xda/0x2cb0 [ 1597.123993][T28708] ? __pfx_path_openat+0x10/0x10 [ 1597.124026][T28708] ? __lock_acquire+0xb8a/0x1c90 [ 1597.124064][T28708] do_filp_open+0x20b/0x470 [ 1597.124097][T28708] ? __pfx_do_filp_open+0x10/0x10 [ 1597.124150][T28708] ? alloc_fd+0x471/0x7d0 [ 1597.124190][T28708] do_sys_openat2+0x11b/0x1d0 [ 1597.124216][T28708] ? __pfx_do_sys_openat2+0x10/0x10 [ 1597.124244][T28708] ? __fget_files+0x20e/0x3c0 [ 1597.124280][T28708] __x64_sys_openat+0x174/0x210 [ 1597.124306][T28708] ? __pfx___x64_sys_openat+0x10/0x10 [ 1597.124331][T28708] ? ksys_write+0x1ac/0x250 [ 1597.124374][T28708] do_syscall_64+0xcd/0xfa0 [ 1597.124410][T28708] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1597.124435][T28708] RIP: 0033:0x7f52dfb8d810 [ 1597.124455][T28708] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 1597.124476][T28708] RSP: 002b:00007f52e095bf10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 1597.124499][T28708] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f52dfb8d810 [ 1597.124516][T28708] RDX: 0000000000000002 RSI: 00007f52e095bfa0 RDI: 00000000ffffff9c [ 1597.124531][T28708] RBP: 00007f52e095bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 1597.124546][T28708] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 1597.124560][T28708] R13: 00007f52dfde6038 R14: 00007f52dfde5fa0 R15: 00007ffd10747308 [ 1597.124594][T28708] [ 1597.443877][T28712] coredump: 2120(syz.2.4443): Core dump to core aborted: cannot preserve file permissions [ 1597.623430][T28717] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 1597.891098][T28733] sg_write: data in/out 16121600/48 bytes for SCSI command 0x7b-- guessing data in; [ 1597.891098][T28733] program syz.2.4450 not setting count and/or reply_len properly [ 1598.380226][T28739] FAULT_INJECTION: forcing a failure. [ 1598.380226][T28739] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1598.439607][T28739] CPU: 0 UID: 0 PID: 28739 Comm: syz.2.4451 Not tainted syzkaller #0 PREEMPT(full) [ 1598.439628][T28739] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1598.439637][T28739] Call Trace: [ 1598.439643][T28739] [ 1598.439649][T28739] dump_stack_lvl+0x16c/0x1f0 [ 1598.439681][T28739] should_fail_ex+0x512/0x640 [ 1598.439698][T28739] _copy_from_iter+0x29f/0x1720 [ 1598.439713][T28739] ? tcp_leave_memory_pressure+0x1f/0x100 [ 1598.439732][T28739] ? sk_leave_memory_pressure+0x7c/0x130 [ 1598.439750][T28739] ? __pfx__copy_from_iter+0x10/0x10 [ 1598.439767][T28739] ? __sk_mem_schedule+0xd0/0x100 [ 1598.439792][T28739] tcp_sendmsg_locked+0x2900/0x42e0 [ 1598.439823][T28739] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 1598.439842][T28739] ? do_raw_spin_lock+0x12c/0x2b0 [ 1598.439860][T28739] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 1598.439882][T28739] ? __local_bh_enable_ip+0xa4/0x120 [ 1598.439929][T28739] tcp_sendmsg+0x2e/0x50 [ 1598.439945][T28739] ? __pfx_tcp_sendmsg+0x10/0x10 [ 1598.439961][T28739] inet_sendmsg+0xb9/0x140 [ 1598.439981][T28739] sock_write_iter+0x509/0x610 [ 1598.439998][T28739] ? __pfx_sock_write_iter+0x10/0x10 [ 1598.440020][T28739] ? bpf_lsm_file_permission+0x9/0x10 [ 1598.440041][T28739] ? security_file_permission+0x71/0x210 [ 1598.440060][T28739] ? rw_verify_area+0xcf/0x6c0 [ 1598.440080][T28739] vfs_write+0x7d3/0x11d0 [ 1598.440100][T28739] ? __pfx_sock_write_iter+0x10/0x10 [ 1598.440118][T28739] ? __pfx_vfs_write+0x10/0x10 [ 1598.440135][T28739] ? find_held_lock+0x2b/0x80 [ 1598.440166][T28739] ksys_write+0x1f8/0x250 [ 1598.440185][T28739] ? __pfx_ksys_write+0x10/0x10 [ 1598.440210][T28739] do_syscall_64+0xcd/0xfa0 [ 1598.440232][T28739] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1598.440247][T28739] RIP: 0033:0x7f036318efc9 [ 1598.440259][T28739] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1598.440272][T28739] RSP: 002b:00007f0363f8c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1598.440287][T28739] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318efc9 [ 1598.440296][T28739] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 1598.440305][T28739] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1598.440314][T28739] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1598.440322][T28739] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1598.440341][T28739] [ 1600.495525][T28785] FAULT_INJECTION: forcing a failure. [ 1600.495525][T28785] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1600.495579][T28785] CPU: 0 UID: 0 PID: 28785 Comm: syz.2.4464 Not tainted syzkaller #0 PREEMPT(full) [ 1600.495608][T28785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1600.495624][T28785] Call Trace: [ 1600.495632][T28785] [ 1600.495642][T28785] dump_stack_lvl+0x16c/0x1f0 [ 1600.495680][T28785] should_fail_ex+0x512/0x640 [ 1600.495709][T28785] _copy_to_user+0x32/0xd0 [ 1600.495736][T28785] simple_read_from_buffer+0xcb/0x170 [ 1600.495768][T28785] proc_fail_nth_read+0x197/0x240 [ 1600.495802][T28785] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1600.495837][T28785] ? rw_verify_area+0xcf/0x6c0 [ 1600.495866][T28785] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 1600.495898][T28785] vfs_read+0x1e4/0xcf0 [ 1600.495936][T28785] ? __pfx___mutex_lock+0x10/0x10 [ 1600.495958][T28785] ? __pfx_vfs_read+0x10/0x10 [ 1600.495999][T28785] ? __fget_files+0x20e/0x3c0 [ 1600.496040][T28785] ksys_read+0x12a/0x250 [ 1600.496071][T28785] ? __pfx_ksys_read+0x10/0x10 [ 1600.496112][T28785] do_syscall_64+0xcd/0xfa0 [ 1600.496151][T28785] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1600.496176][T28785] RIP: 0033:0x7f036318d9dc [ 1600.496195][T28785] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 1600.496216][T28785] RSP: 002b:00007f0363f8c030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1600.496239][T28785] RAX: ffffffffffffffda RBX: 00007f03633e5fa0 RCX: 00007f036318d9dc [ 1600.496256][T28785] RDX: 000000000000000f RSI: 00007f0363f8c0a0 RDI: 0000000000000003 [ 1600.496271][T28785] RBP: 00007f0363f8c090 R08: 0000000000000000 R09: 0000000000000000 [ 1600.496286][T28785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1600.496300][T28785] R13: 00007f03633e6038 R14: 00007f03633e5fa0 R15: 00007ffd6853a508 [ 1600.496337][T28785] [ 1600.596174][T28786] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 1601.131451][T28783] tty tty17: ldisc open failed (-12), clearing slot 16 [ 1602.313853][T28825] FAULT_INJECTION: forcing a failure. [ 1602.313853][T28825] name failslab, interval 1, probability 0, space 0, times 0 [ 1602.328465][T28825] CPU: 0 UID: 0 PID: 28825 Comm: syz.4.4476 Not tainted syzkaller #0 PREEMPT(full) [ 1602.328501][T28825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1602.328516][T28825] Call Trace: [ 1602.328526][T28825] [ 1602.328536][T28825] dump_stack_lvl+0x16c/0x1f0 [ 1602.328578][T28825] should_fail_ex+0x512/0x640 [ 1602.328608][T28825] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 1602.328645][T28825] should_failslab+0xc2/0x120 [ 1602.328671][T28825] kmem_cache_alloc_noprof+0x75/0x6e0 [ 1602.328703][T28825] ? __proc_create+0x2ce/0x8e0 [ 1602.328736][T28825] ? __proc_create+0x2ce/0x8e0 [ 1602.328762][T28825] __proc_create+0x2ce/0x8e0 [ 1602.328789][T28825] ? __pfx___proc_create+0x10/0x10 [ 1602.328816][T28825] ? __lock_acquire+0x622/0x1c90 [ 1602.328852][T28825] proc_create_reg+0x7d/0x180 [ 1602.328883][T28825] proc_create_net_data+0x8e/0x1c0 [ 1602.328912][T28825] ? __pfx_proc_create_net_data+0x10/0x10 [ 1602.328949][T28825] ? __pfx_pfkey_net_init+0x10/0x10 [ 1602.329079][T28825] pfkey_net_init+0xc4/0x100 [ 1602.329116][T28825] ops_init+0x1e2/0x5f0 [ 1602.329144][T28825] setup_net+0x100/0x390 [ 1602.329168][T28825] ? __pfx_setup_net+0x10/0x10 [ 1602.329193][T28825] ? debug_mutex_init+0x37/0x70 [ 1602.329230][T28825] copy_net_ns+0x2f8/0x690 [ 1602.329259][T28825] create_new_namespaces+0x3ea/0xa90 [ 1602.329302][T28825] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 1602.329340][T28825] ksys_unshare+0x45b/0xa40 [ 1602.329365][T28825] ? __pfx_ksys_unshare+0x10/0x10 [ 1602.329391][T28825] ? xfd_validate_state+0x61/0x180 [ 1602.329428][T28825] __x64_sys_unshare+0x31/0x40 [ 1602.329452][T28825] do_syscall_64+0xcd/0xfa0 [ 1602.329490][T28825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1602.329516][T28825] RIP: 0033:0x7f3f5c98efc9 [ 1602.329536][T28825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1602.329560][T28825] RSP: 002b:00007f3f5d75a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 1602.329585][T28825] RAX: ffffffffffffffda RBX: 00007f3f5cbe5fa0 RCX: 00007f3f5c98efc9 [ 1602.329610][T28825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 1602.329625][T28825] RBP: 00007f3f5ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1602.329642][T28825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1602.329657][T28825] R13: 00007f3f5cbe6038 R14: 00007f3f5cbe5fa0 R15: 00007ffcc173ccb8 [ 1602.329693][T28825] [ 1602.681010][T28817] ------------[ cut here ]------------ [ 1602.687081][T28817] WARNING: CPU: 1 PID: 28817 at kernel/tracepoint.c:358 tracepoint_probe_unregister+0x894/0xd70 [ 1602.697602][T28817] Modules linked in: [ 1602.701882][T28817] CPU: 1 UID: 0 PID: 28817 Comm: syz.3.4473 Not tainted syzkaller #0 PREEMPT(full) [ 1602.711468][T28817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1602.721770][T28817] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 1602.728541][T28817] Code: 41 5e 41 5f e9 7d df a7 09 e8 38 20 fe ff 48 c7 c6 00 87 be 81 48 89 df e8 89 4d e4 ff eb 9f bb fe ff ff ff e8 1d 20 fe ff 90 <0f> 0b 90 eb 91 e8 12 20 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 1602.748371][T28817] RSP: 0018:ffffc9000417f890 EFLAGS: 00010283 [ 1602.754473][T28817] RAX: 0000000000041d2c RBX: 00000000fffffffe RCX: ffffc90019197000 [ 1602.763280][T28817] RDX: 0000000000080000 RSI: ffffffff81be9843 RDI: 0000000000000005 [ 1602.771922][T28817] RBP: ffff88801b6be048 R08: 0000000000000005 R09: 0000000000000000 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 1602.780131][T28817] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff81c4a760 [ 1602.788243][T28817] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e741f00 [ 1602.796303][T28817] FS: 00007f025d7de6c0(0000) GS:ffff888124adf000(0000) knlGS:0000000000000000 [ 1602.805648][T28817] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1602.812233][T28817] CR2: 0000001b30ceeff8 CR3: 0000000025ac2000 CR4: 00000000003526f0 [ 1602.820399][T28817] Call Trace: [ 1602.823690][T28817] [ 1602.826691][T28817] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 1602.833058][T28817] tracing_stop_cmdline_record+0x66/0xa0 [ 1602.838917][T28817] __ftrace_event_enable_disable+0x708/0x810 [ 1602.844939][T28817] ftrace_event_set_open+0x232/0x380 [ 1602.850329][T28817] do_dentry_open+0x982/0x1530 [ 1602.855127][T28817] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 1602.860993][T28817] vfs_open+0x82/0x3f0 [ 1602.865915][T28817] path_openat+0x1de4/0x2cb0 [ 1602.870551][T28817] ? __pfx_path_openat+0x10/0x10 [ 1602.876305][T28817] ? __lock_acquire+0xb8a/0x1c90 [ 1602.881286][T28817] do_filp_open+0x20b/0x470 [ 1602.886967][T28817] ? __pfx_do_filp_open+0x10/0x10 [ 1602.892062][T28817] ? alloc_fd+0x471/0x7d0 [ 1602.896490][T28817] do_sys_openat2+0x11b/0x1d0 [ 1602.901186][T28817] ? __pfx_do_sys_openat2+0x10/0x10 [ 1602.906531][T28817] __x64_sys_openat+0x174/0x210 [ 1602.911411][T28817] ? __pfx___x64_sys_openat+0x10/0x10 [ 1602.916859][T28817] do_syscall_64+0xcd/0xfa0 [ 1602.921401][T28817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1602.927361][T28817] RIP: 0033:0x7f025c98efc9 [ 1602.931794][T28817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1602.951491][T28817] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1602.959965][T28817] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1602.968795][T28817] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1602.977505][T28817] RBP: 00007f025ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1602.985567][T28817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1602.993538][T28817] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1603.001555][T28817] [ 1603.004567][T28817] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 1603.011840][T28817] CPU: 1 UID: 0 PID: 28817 Comm: syz.3.4473 Not tainted syzkaller #0 PREEMPT(full) [ 1603.021230][T28817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 1603.031275][T28817] Call Trace: [ 1603.034542][T28817] [ 1603.037462][T28817] dump_stack_lvl+0x3d/0x1f0 [ 1603.042051][T28817] vpanic+0x640/0x6f0 [ 1603.046030][T28817] ? tracepoint_probe_unregister+0x894/0xd70 [ 1603.052010][T28817] panic+0xca/0xd0 [ 1603.055731][T28817] ? __pfx_panic+0x10/0x10 [ 1603.060184][T28817] check_panic_on_warn+0xab/0xb0 [ 1603.065134][T28817] __warn+0xf6/0x3c0 [ 1603.069044][T28817] ? tracepoint_probe_unregister+0x894/0xd70 [ 1603.075044][T28817] report_bug+0x3c3/0x580 [ 1603.079382][T28817] ? tracepoint_probe_unregister+0x894/0xd70 [ 1603.085358][T28817] handle_bug+0x184/0x210 [ 1603.089689][T28817] exc_invalid_op+0x17/0x50 [ 1603.094177][T28817] asm_exc_invalid_op+0x1a/0x20 [ 1603.099014][T28817] RIP: 0010:tracepoint_probe_unregister+0x894/0xd70 [ 1603.105599][T28817] Code: 41 5e 41 5f e9 7d df a7 09 e8 38 20 fe ff 48 c7 c6 00 87 be 81 48 89 df e8 89 4d e4 ff eb 9f bb fe ff ff ff e8 1d 20 fe ff 90 <0f> 0b 90 eb 91 e8 12 20 fe ff 48 89 da 48 b8 00 00 00 00 00 fc ff [ 1603.125224][T28817] RSP: 0018:ffffc9000417f890 EFLAGS: 00010283 [ 1603.131305][T28817] RAX: 0000000000041d2c RBX: 00000000fffffffe RCX: ffffc90019197000 [ 1603.139261][T28817] RDX: 0000000000080000 RSI: ffffffff81be9843 RDI: 0000000000000005 [ 1603.147214][T28817] RBP: ffff88801b6be048 R08: 0000000000000005 R09: 0000000000000000 [ 1603.155170][T28817] R10: 0000000000000001 R11: 0000000000000001 R12: ffffffff81c4a760 [ 1603.163139][T28817] R13: 0000000000000002 R14: 0000000000000000 R15: ffffffff8e741f00 [ 1603.171106][T28817] ? __pfx_probe_sched_switch+0x10/0x10 [ 1603.176670][T28817] ? tracepoint_probe_unregister+0x893/0xd70 [ 1603.182648][T28817] ? __pfx_tracepoint_probe_unregister+0x10/0x10 [ 1603.188968][T28817] tracing_stop_cmdline_record+0x66/0xa0 [ 1603.194583][T28817] __ftrace_event_enable_disable+0x708/0x810 [ 1603.200554][T28817] ftrace_event_set_open+0x232/0x380 [ 1603.205841][T28817] do_dentry_open+0x982/0x1530 [ 1603.210620][T28817] ? __pfx_ftrace_event_set_open+0x10/0x10 [ 1603.216421][T28817] vfs_open+0x82/0x3f0 [ 1603.220476][T28817] path_openat+0x1de4/0x2cb0 [ 1603.225057][T28817] ? __pfx_path_openat+0x10/0x10 [ 1603.229981][T28817] ? __lock_acquire+0xb8a/0x1c90 [ 1603.234901][T28817] do_filp_open+0x20b/0x470 [ 1603.239397][T28817] ? __pfx_do_filp_open+0x10/0x10 [ 1603.244423][T28817] ? alloc_fd+0x471/0x7d0 [ 1603.248743][T28817] do_sys_openat2+0x11b/0x1d0 [ 1603.253405][T28817] ? __pfx_do_sys_openat2+0x10/0x10 [ 1603.258607][T28817] __x64_sys_openat+0x174/0x210 [ 1603.263470][T28817] ? __pfx___x64_sys_openat+0x10/0x10 [ 1603.268836][T28817] do_syscall_64+0xcd/0xfa0 [ 1603.273337][T28817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1603.279237][T28817] RIP: 0033:0x7f025c98efc9 [ 1603.283641][T28817] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1603.303232][T28817] RSP: 002b:00007f025d7de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1603.311632][T28817] RAX: ffffffffffffffda RBX: 00007f025cbe5fa0 RCX: 00007f025c98efc9 [ 1603.319586][T28817] RDX: 0000000000020201 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 1603.327537][T28817] RBP: 00007f025ca11f91 R08: 0000000000000000 R09: 0000000000000000 [ 1603.335486][T28817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1603.343436][T28817] R13: 00007f025cbe6038 R14: 00007f025cbe5fa0 R15: 00007ffc622eca28 [ 1603.351401][T28817] [ 1603.354673][T28817] Kernel Offset: disabled [ 1603.358986][T28817] Rebooting in 86400 seconds..