last executing test programs: 12m24.268659938s ago: executing program 3 (id=194): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/tainted\x00', 0x28002, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 12m23.579738161s ago: executing program 3 (id=201): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) ioctl$auto_PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f0000000040)={0x6, 0x0}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x20, 0xf1, 0xb0, @raw=0xfffff000}}) 12m23.212290034s ago: executing program 3 (id=205): close_range$auto(0x2, 0xa, 0x0) socket(0x18, 0xa, 0x1) r0 = socket(0xa, 0x3, 0x3a) setsockopt$auto(r0, 0x29, 0x4b, &(0x7f00000000c0)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x98\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5', 0x10000110) bind$auto(0x3, &(0x7f0000000040)=@generic={0xa, "02d0ac0c00e435826339c7328903"}, 0x6a) 12m22.905548349s ago: executing program 3 (id=207): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ram9\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0xffffffffffff0001, 0x15) mmap$auto(0x0, 0xa00006, 0x2, 0x40eb1, 0x602, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) 12m22.043260085s ago: executing program 3 (id=212): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) futex$auto(0x0, 0x6, 0x8, 0x0, 0x0, 0xffffffd6) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) tkill$auto(0x1, 0x7) 12m21.333559657s ago: executing program 3 (id=215): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b47, 0x1) unshare$auto(0x40000080) 12m20.929719662s ago: executing program 32 (id=215): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) semctl$auto(0x201, 0xfffffffffffffffa, 0x3, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) ioctl$auto(r0, 0x4b47, 0x1) unshare$auto(0x40000080) 4m1.105588s ago: executing program 2 (id=3995): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) r0 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) ppoll$auto(&(0x7f0000000040)={r0, 0x7ff}, 0x7, 0x0, 0x0, 0x8) kill$auto(0x0, 0x21) 4m0.755284114s ago: executing program 2 (id=3997): openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000400)='/proc/tty/driver/serial\x00', 0x43102, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ptrace$auto(0x10, 0x0, 0x4, 0x8000040006) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, 0x0, 0x20803, 0x0) read$auto(0x3, 0x0, 0x7) 4m0.279471286s ago: executing program 2 (id=4000): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) keyctl$auto(0x2000000000000017, 0x0, 0x2d, 0x0, 0x20804) mmap$auto(0x40000000000, 0x4000020009, 0x400007, 0x19, 0x401, 0x2) unshare$auto(0x40000080) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r0, &(0x7f0000000040)='7\x00\\\xa0\x04|\x03\xcb\x12\xfa\b\x1c\xc7k', 0x81) setrlimit$auto(0x7, 0x0) io_uring_setup$auto(0x8, 0x0) 3m59.658534685s ago: executing program 2 (id=4004): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) mkdir$auto(0x0, 0x353) 3m58.971374358s ago: executing program 2 (id=4008): mmap$auto(0x0, 0x401, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) openat$auto_userio_fops_userio(0xffffffffffffff9c, &(0x7f0000000980), 0x102001, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv6/conf/veth0_macvtap/ra_defrtr_metric\x00', 0x40202, 0x0) sysfs$auto(0x2, 0x0, 0x0) fsopen$auto(0x0, 0x1) select$auto(0x8, 0x0, &(0x7f0000000100)={[0x20000000000d, 0x0, 0xfffffffffffffffc, 0x0, 0x9, 0xa, 0x2, 0x3ff, 0xfffffffffffffffd, 0x2a99, 0xff, 0xffffffff, 0x4, 0x3, 0x77, 0xb0]}, 0x0, 0x0) 3m58.02824244s ago: executing program 2 (id=4013): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/module/ib_iser/parameters/max_sectors\x00', 0x20a42, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_interval\x00', 0x80000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x82001, 0x0) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f00000001c0)=@link_update={r0, @new_prog_fd=0x4, 0x8, @old_map_fd}, 0xa3) 3m57.347089431s ago: executing program 33 (id=4013): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000001140)='/sys/module/ib_iser/parameters/max_sectors\x00', 0x20a42, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_interval\x00', 0x80000, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f000000c340)='/proc/thread-self/pagemap\x00', 0x8000, 0x0) openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000180), 0x82001, 0x0) r0 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f00000001c0)=@link_update={r0, @new_prog_fd=0x4, 0x8, @old_map_fd}, 0xa3) 2m44.1888239s ago: executing program 5 (id=4387): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) socket(0x2, 0x2, 0x0) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) r0 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) newfstatat$auto(r0, 0x0, 0x0, 0xfffffffe) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x8) connect$auto(0x3, &(0x7f00000018c0)=@l2tp={0x2, 0x0, @multicast1}, 0x55) 2m43.19540614s ago: executing program 5 (id=4394): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x4b564d02, 0x400, 0x2}]}) 2m42.598883648s ago: executing program 5 (id=4397): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x8, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x40200, 0x0) bpf$auto_BPF_OBJ_GET(0x7, &(0x7f0000000100)=@bpf_attr_4={0x3, r0, 0x3, r0}, 0x2) listen$auto(r1, 0x7f) read$auto(r0, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f00000001c0)={0x0, 0x7}, 0x3) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) openat$nci(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0) 2m41.088755646s ago: executing program 5 (id=4404): mmap$auto(0x0, 0x202000b, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x55) socket(0x2, 0x3, 0xa) connect$auto(0x3, &(0x7f00000000c0), 0x55) sendmmsg$auto(0xffffffffffffffff, &(0x7f00000000c0)={{0x0, 0x6, 0x0, 0xa7, 0x0, 0x8000, 0x1}, 0x8}, 0x1, 0x9) fsconfig$auto_HIDEPID_NO_ACCESS(0xffffffffffffffff, 0x9, 0x0, 0x0, 0x1) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, 0x0, 0xff, 0x0, 0x1, 0x3}, 0xed7138c}, 0xb, 0x0) 2m40.872153849s ago: executing program 5 (id=4406): mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0x2, 0x3, 0x6) lsm_list_modules$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x8643, 0x15e) ioctl$sock_SIOCGIFINDEX(r0, 0x401c5820, 0x0) rename$auto(&(0x7f0000000480)='./file0\x00', 0x0) 2m40.689931988s ago: executing program 5 (id=4407): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) readlink$auto(0x0, 0x0, 0x7) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r0 = set_tid_address$auto(0x0) r1 = syz_open_procfs$namespace(r0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0x3f1) getdents$auto(r1, 0x0, 0xa2b0) sched_rr_get_interval$auto(r0, 0x0) lseek$auto(0x3, 0x8, 0x3) 2m24.967194374s ago: executing program 34 (id=4407): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) readlink$auto(0x0, 0x0, 0x7) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\x00\x80\x00\x00\x00\x00\x00\x00j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r0 = set_tid_address$auto(0x0) r1 = syz_open_procfs$namespace(r0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0x3f1) getdents$auto(r1, 0x0, 0xa2b0) sched_rr_get_interval$auto(r0, 0x0) lseek$auto(0x3, 0x8, 0x3) 10.991062589s ago: executing program 6 (id=5019): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0xa, 0x802, 0x3a) setsockopt$auto(r1, 0x29, 0x21, &(0x7f0000000880)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\xff\x1b\x01\x1e\xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\xf2Vw\xbe\x1c$\xddm\x8a\x9d\x91_\vBj\x0eQ\xce\x16\'C\x8c\x01\x80\x92u\xd5\xb8\\\x82,\xe2=y\x9bR\xbcn\xa0c\x16~\x86\"t\x00\x00\x00\x00\xe4\xa5\xfe\xb5h\xae\xec%\xf9\x94>\xd6,\xf3\x98\'\xb0\t~~\xb4\x98\xbb3=A\x9c\x17\xaa\xce\fh-M\xdb-\x15VX\xfe\xca+\xb5\x95\xb3JL\x0fl\xe84\xbd\xa3nO\x9f\xfa\xb1\x06$\b$i3\x83\xd7\x06\xd6\x1e\xdbB\x9bb\x1cXC\x8c\x8b\xd9\xff\xf2Bf\x99!Z\x13\xff\xca\xf3e\x015\x9b\x86\xd6$\x1a\r3\x91\xb7\x942\xeb\xadVA\xfc\x1f\xbf1\xb7T\xc1\xbf\xc0\xc2\xfc\xe8w\xd33\xb2,\xb0\x9fA3\xc2\xa2\x1cM\x825\x94U\xbbNeb\xd2\xa9\x0f\xed\x8b\xea\xfa\x8a\x04.\xffMIw\x0f\xd6\xae^\xd2\xf1j\xcb\r\xa4\x1d0d\xca\x81\x9c\x80GL\x0e\xe6\x19\x8au\x1a7\xc5|\xf6\x1e\xe00\xc6\"\x83\x1c\xa2\x9e\a\x1c\xea\xa3\x9c\xe1BF\x05b\xf6\xdcf\x04\xd9B\xb9\x98\x9cq\xbd\xfb\xb5~\xf2\x8d\x9f`\xec\xd0\xafY\xcf\x84', 0x18000113) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000001080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_WIPHY(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="810b25bd7000ffdbdf251100000008000300", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x20000084}, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) 10.042893926s ago: executing program 6 (id=5023): mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'wlan0\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x6c, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@HSR_A_IF2_AGE={0x8, 0x4, 0xab7}, @HSR_A_IF2_SEQ={0x6, 0x7, 0x8000}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_NODE_ADDR_B={0xa, 0x5, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa, 0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @HSR_A_NODE_ADDR={0xa}, @HSR_A_IFINDEX={0x8, 0x2, r1}, @HSR_A_IF1_SEQ={0x6, 0x6, 0x5}, @HSR_A_NODE_ADDR={0xa, 0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xb}}]}, 0x6c}, 0x1, 0x0, 0x0, 0x40080}, 0x40) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x4d, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x2000c00c) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 9.973340815s ago: executing program 0 (id=5025): mmap$auto(0x0, 0x400008, 0x200, 0x9b72, 0x2, 0x8000) r0 = openat$auto_proc_mem_operations_base(0xffffffffffffff9c, &(0x7f0000001640)='/proc/self/mem\x00', 0x401, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0x9b72, 0x2, 0x8000) write$auto_proc_mem_operations_base(r0, &(0x7f0000001680)="a7", 0x80000) r1 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB=']'], 0x1ac}}, 0x40000) recvmmsg$auto(r2, &(0x7f0000000140)={{0x0, 0x1, &(0x7f0000000080)={0x0, 0x400}, 0x5, 0x0, 0x200002, 0x8}, 0x803}, 0xfffffff9, 0x10, 0x0) write$auto_proc_clear_refs_operations_internal(r1, 0x0, 0xffffff4b) write$auto(0x3, 0x0, 0x5c8) 8.936679522s ago: executing program 6 (id=5029): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) clone$auto(0x10, 0x3e, 0x0, 0x0, 0x9) sendmsg$auto_WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x20000000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x3, 0xa) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) ptrace$auto(0x8, 0x0, 0xfffffffffffffffa, 0x8) 7.734062529s ago: executing program 0 (id=5033): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) connect$auto(0x3, 0x0, 0x55) 5.878787898s ago: executing program 1 (id=5039): sendmsg$auto_ETHTOOL_MSG_EEE_SET(0xffffffffffffffff, 0x0, 0x20008000) sysfs$auto(0x2, 0x23, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x0) keyctl$auto(0x11, 0xfffffffd, 0x8, 0x4, 0x9) mlockall$auto(0x800000000000005) madvise$auto(0x0, 0x200007, 0x19) syz_genetlink_get_family_id$auto_gtp(0x0, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000400)='./cgroup.cpu/memory.limit_in_bytes\x00', 0x182b02, 0x0) sendfile$auto(r0, r0, 0x0, 0x3) 5.437501864s ago: executing program 6 (id=5042): openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000280), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f00000001c0)={0x2, 0x0, [{0x7, 0x7fd, 0x8}, {0x10002, 0x30, 0x5}, {0x0, 0x0, 0x80000001}]}) 5.372847669s ago: executing program 0 (id=5043): socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x12, 0x401, 0x8000) r0 = open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/pts/ptmx\x00', 0x40001, 0x0) ioctl$auto(r3, 0x40045431, r0) r4 = syz_genetlink_get_family_id$auto_ila(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_ILA_CMD_ADD(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010028bd7000fdbcdf2501"], 0x1c}}, 0x40000) sendmsg$auto_ILA_CMD_FLUSH(r1, &(0x7f0000001f80)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000540)={0x14, r4, 0x1, 0x2, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000004}, 0x40844) 4.456801971s ago: executing program 1 (id=5045): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) clone$auto(0x400d56e, 0x4000000005, 0x0, 0x0, 0x8c5) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22040, 0x75) socket(0x840000000002, 0x3, 0xff) connect$auto(0x3, &(0x7f0000000000), 0x55) connect$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x4, @multicast2}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) io_uring_setup$auto(0x9e6, 0x0) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) 4.369257556s ago: executing program 0 (id=5047): madvise$auto(0x0, 0x2000040080000004, 0xe) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) getpriority$auto_PRIO_USER(0x2, 0x0) 3.762231649s ago: executing program 6 (id=5048): close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/rpc/nfsd.fh/channel\x00', 0x8f3b7a51b80ebd01, 0x0) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x130) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) chmod$auto(0x0, 0x3ff) mlock$auto(0xfbe8, 0x4) munlock$auto(0x1, 0x2) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) madvise$auto(0x0, 0x400000002, 0x817) madvise$auto(0x0, 0x400053, 0x9) 3.520879048s ago: executing program 1 (id=5049): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) close_range$auto(0x2, 0xa, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/platform/vhci_hcd.0/usbip_debug\x00', 0x8002, 0x0) r0 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40602, 0x0) read$auto(r0, 0x0, 0x7ff) preadv$auto(0x40000000000003, &(0x7f0000000080)={0x0, 0xfffffffd}, 0x6, 0x8, 0x5) write$auto(0x3, 0x0, 0x5c8) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000080)) getdents$auto(r1, 0x0, 0xc08) write$auto(0x3, 0x0, 0x5c8) 3.073344892s ago: executing program 4 (id=5051): open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket(0xa, 0x801, 0x84) socket(0x2, 0x1, 0x0) socket(0x1, 0x2, 0x0) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x0) fcntl$auto(0x3, 0x400, 0x9ec0000000000000) open(&(0x7f0000000800)='./file0\x00', 0x22240, 0x154) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 2.425068744s ago: executing program 1 (id=5052): close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event0\x00', 0x3498c2, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x12, 0xe3, 0x7f}]}) close_range$auto(0x2, 0x8, 0x0) 2.424925853s ago: executing program 4 (id=5053): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0xc000) close_range$auto(0x2, 0x8, 0x0) open(&(0x7f0000000040)='./file0\x00', 0x149443, 0x0) socket(0x22, 0x2, 0x3) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xa083, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_CREATE_VM(r0, 0x4080aebf, 0x0) 1.69562662s ago: executing program 4 (id=5054): unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_BLKTRACESTART2(r1, 0x1274, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfff) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYBLOB='&\x00', @ANYBLOB="5de1"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40000) read$auto(r2, &(0x7f0000002300)='MAC802154_HWSIM\x00', 0xfdef) 1.685833318s ago: executing program 0 (id=5062): statmount$auto(0x0, &(0x7f0000000180)={0x81, 0x1, 0x44f, 0x807, 0x5, 0x8, 0x1ffde, 0x7, 0x3, 0xb, 0x9, 0x80003, 0x4, 0x80000001, 0x384, 0x9, 0x8, 0x6, 0x400007f, 0xfffffffffffffffc, 0x2, 0xe, 0x22000, 0x200, 0xffffffff, 0x84, 0x0, 0x0, 0x4, 0x0, 0x0, [0x7, 0x4, 0x0, 0xd, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x80000000, 0x0, 0x0, 0x8, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0xd37b, 0x0, 0x2, 0x0, 0x0, 0x2]}, 0x9, 0xd) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, r1) ioctl$auto_KVM_GET_MSRS(r0, 0x4008ae90, &(0x7f0000000080)={0xfc}) 1.515010729s ago: executing program 1 (id=5055): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) r0 = socket(0x2, 0x5, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x88) bind$auto(0x3, &(0x7f0000000000)=@generic={0xa, "dfffffffffffffff00"}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000080)={{&(0x7f0000000040), 0x1c, &(0x7f00000000c0)={0x0, 0x1a004}, 0x7, 0x0, 0x0, 0xb}, 0xfff}, 0x5, 0x8) 943.726415ms ago: executing program 1 (id=5056): mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/bdi/43:96/stable_pages_required\x00', 0x0, 0x0) open(&(0x7f0000000100)='.\x00', 0x591083, 0x408) socketpair$auto(0x3, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) 867.949033ms ago: executing program 4 (id=5057): socket(0x10, 0x2, 0x0) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="d3da02fe1b59afa8df25030000000400080004000380120001008b097914854700000040000000000000100002800c001000"], 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0xc800) recvmmsg$auto(0xffffffffffffffff, &(0x7f0000000280)={{0x0, 0x8, 0x0, 0x2, 0x0, 0x9, 0xb52}, 0x6}, 0x40, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030004020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a0001000000000000000000060007000a00000008000200", @ANYRES32=0x0, @ANYBLOB="0801"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x40090) socket(0x2, 0x3, 0x100) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x5, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xbfe}, 0x7}, 0x3, 0x0) 777.36491ms ago: executing program 6 (id=5058): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x200004, 0x4000000000e3, 0x40eb2, 0xd, 0x300000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0xffff) close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) mmap$auto(0x0, 0x810004, 0x2000000efb, 0x8000000008011, r1, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000012c0)='/sys/devices/virtual/block/ram7/queue/iostats\x00', 0x8502, 0x0) write$auto(r2, &(0x7f0000000100)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C', 0x8) pread64$auto(r0, 0x0, 0x200000000000005, 0xfffffffffffffffd) 317.009915ms ago: executing program 4 (id=5059): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) setreuid$auto(0x0, 0xee00) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x2, 0x4, 0x3, 0x2, 0x8, 0x3, 0xe3, 0x400000000a, 0x200000003}, 0x6f1) recvmmsg$auto(r1, &(0x7f0000000040)={{0x0, 0x5, 0x0, 0x5, 0x0, 0x200002, 0x13}, 0x803}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x89f2, 0x24) 179.482166ms ago: executing program 0 (id=5060): set_mempolicy$auto(0x2005, &(0x7f0000000080)=0x87e, 0x5) mmap$auto(0x0, 0x2000d, 0x7, 0xeb1, 0x404, 0x10008000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x1, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/kernel/tainted\x00', 0x28002, 0x0) r0 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x20) writev$auto(r0, &(0x7f00000001c0)={0x0, 0x45}, 0x1) write$auto(0x3, 0x0, 0xfdf3) 0s ago: executing program 4 (id=5061): r0 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) mmap$auto(0x0, 0x4005, 0x2, 0x40eb2, 0x401, 0x300000000000) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000400)='/dev/snd/controlC2\x00', 0x880, 0x0) r1 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000780), 0x121007, 0x0) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) socketpair$auto(0x2, 0x2, 0x0, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) ioctl$auto_SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000280)={{0x3, 0x1000, 0x1, 0x1, 0x4}, "654c6dbc7a4d30983899a7e1325b6a29ba1e184410ba9f74e82a3fa6c3ccf1bf"}) kernel console output (not intermixed with test programs): 08: 0000000000000000 R09: 0000000000000000 [ 690.380150][T17514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 690.380164][T17514] R13: 00007f29c3db6038 R14: 00007f29c3db5fa0 R15: 00007ffffc224228 [ 690.380194][T17514] [ 693.262763][T17530] netlink: 146 bytes leftover after parsing attributes in process `syz.4.4313'. [ 693.539970][T17527] FAULT_INJECTION: forcing a failure. [ 693.539970][T17527] name failslab, interval 1, probability 0, space 0, times 0 [ 693.620115][T17527] CPU: 1 UID: 0 PID: 17527 Comm: syz.5.4312 Tainted: G I syzkaller #0 PREEMPT(full) [ 693.620155][T17527] Tainted: [I]=FIRMWARE_WORKAROUND [ 693.620164][T17527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 693.620178][T17527] Call Trace: [ 693.620186][T17527] [ 693.620195][T17527] dump_stack_lvl+0x16c/0x1f0 [ 693.620232][T17527] should_fail_ex+0x512/0x640 [ 693.620265][T17527] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 693.620298][T17527] should_failslab+0xc2/0x120 [ 693.620330][T17527] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 693.620360][T17527] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 693.620392][T17527] acpi_ut_create_generic_state+0x5c/0xb0 [ 693.620418][T17527] acpi_ps_push_scope+0x22/0x230 [ 693.620452][T17527] acpi_ps_parse_loop+0x9f3/0x1d00 [ 693.620490][T17527] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 693.620519][T17527] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 693.620548][T17527] ? acpi_ut_create_thread_state+0x63/0x170 [ 693.620582][T17527] acpi_ps_parse_aml+0x3c1/0xcb0 [ 693.620617][T17527] acpi_ps_execute_method+0x55a/0xb30 [ 693.620654][T17527] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 693.620694][T17527] acpi_ns_evaluate+0x76c/0xca0 [ 693.620731][T17527] ? kasan_save_track+0x14/0x30 [ 693.620762][T17527] acpi_evaluate_object+0x1fa/0xa90 [ 693.620790][T17527] ? avic_update_iommu_vcpu_affinity.constprop.0+0xee/0x140 [ 693.620818][T17527] ? do_syscall_64+0xcd/0x490 [ 693.620849][T17527] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.620874][T17527] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 693.620903][T17527] ? __mutex_trylock_common+0xe9/0x250 [ 693.620942][T17527] acpi_evaluate_integer+0xdd/0x200 [ 693.620967][T17527] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 693.621011][T17527] ? __pfx_status_show+0x10/0x10 [ 693.621040][T17527] status_show+0xa0/0x120 [ 693.621070][T17527] ? __pfx_status_show+0x10/0x10 [ 693.621111][T17527] dev_attr_show+0x53/0xe0 [ 693.621150][T17527] ? __pfx_dev_attr_show+0x10/0x10 [ 693.621185][T17527] sysfs_kf_seq_show+0x216/0x3e0 [ 693.621219][T17527] seq_read_iter+0x509/0x12c0 [ 693.621243][T17527] ? __mutex_trylock_common+0xe9/0x250 [ 693.621285][T17527] kernfs_fop_read_iter+0x40f/0x5a0 [ 693.621307][T17527] ? rw_verify_area+0xcf/0x6c0 [ 693.621334][T17527] vfs_read+0x8bc/0xcf0 [ 693.621365][T17527] ? __pfx___mutex_lock+0x10/0x10 [ 693.621398][T17527] ? __pfx_vfs_read+0x10/0x10 [ 693.621444][T17527] ksys_read+0x12a/0x250 [ 693.621471][T17527] ? __pfx_ksys_read+0x10/0x10 [ 693.621508][T17527] do_syscall_64+0xcd/0x490 [ 693.621542][T17527] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 693.621566][T17527] RIP: 0033:0x7f29c3b8ebe9 [ 693.621584][T17527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 693.621607][T17527] RSP: 002b:00007f29c49bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 693.621629][T17527] RAX: ffffffffffffffda RBX: 00007f29c3db5fa0 RCX: 00007f29c3b8ebe9 [ 693.621645][T17527] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000002 [ 693.621660][T17527] RBP: 00007f29c3c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 693.621675][T17527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 693.621689][T17527] R13: 00007f29c3db6038 R14: 00007f29c3db5fa0 R15: 00007ffffc224228 [ 693.621719][T17527] [ 693.627370][T17527] ACPI Error: [ 694.443532][T17541] kvm: kvm [17540]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0x11e) = 0x9 [ 694.706613][T17544] FAULT_INJECTION: forcing a failure. [ 694.706613][T17544] name failslab, interval 1, probability 0, space 0, times 0 [ 694.779316][T17544] CPU: 1 UID: 0 PID: 17544 Comm: syz.0.4318 Tainted: G I syzkaller #0 PREEMPT(full) [ 694.779362][T17544] Tainted: [I]=FIRMWARE_WORKAROUND [ 694.779371][T17544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 694.779387][T17544] Call Trace: [ 694.779395][T17544] [ 694.779405][T17544] dump_stack_lvl+0x16c/0x1f0 [ 694.779445][T17544] should_fail_ex+0x512/0x640 [ 694.779482][T17544] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 694.779512][T17544] should_failslab+0xc2/0x120 [ 694.779547][T17544] __kmalloc_cache_noprof+0x6a/0x3e0 [ 694.779575][T17544] ? nfc_llcp_register_device+0x4b/0xa60 [ 694.779616][T17544] nfc_llcp_register_device+0x4b/0xa60 [ 694.779655][T17544] nfc_register_device+0x6d/0x3c0 [ 694.779694][T17544] nci_register_device+0x7f1/0xb80 [ 694.779725][T17544] ? __pfx_nci_register_device+0x10/0x10 [ 694.779759][T17544] ? lockdep_init_map_type+0x5c/0x280 [ 694.779801][T17544] virtual_ncidev_open+0x141/0x220 [ 694.779832][T17544] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 694.779861][T17544] misc_open+0x35d/0x420 [ 694.779889][T17544] ? __pfx_misc_open+0x10/0x10 [ 694.779916][T17544] chrdev_open+0x234/0x6a0 [ 694.779957][T17544] ? __pfx_apparmor_file_open+0x10/0x10 [ 694.779986][T17544] ? __pfx_chrdev_open+0x10/0x10 [ 694.780022][T17544] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 694.780059][T17544] do_dentry_open+0x982/0x1530 [ 694.780096][T17544] ? __pfx_chrdev_open+0x10/0x10 [ 694.780137][T17544] vfs_open+0x82/0x3f0 [ 694.780180][T17544] path_openat+0x1de4/0x2cb0 [ 694.780221][T17544] ? __pfx_path_openat+0x10/0x10 [ 694.780260][T17544] do_filp_open+0x20b/0x470 [ 694.780291][T17544] ? __pfx_do_filp_open+0x10/0x10 [ 694.780351][T17544] ? alloc_fd+0x471/0x7d0 [ 694.780387][T17544] do_sys_openat2+0x11b/0x1d0 [ 694.780427][T17544] ? __pfx_do_sys_openat2+0x10/0x10 [ 694.780480][T17544] __x64_sys_openat+0x174/0x210 [ 694.780521][T17544] ? __pfx___x64_sys_openat+0x10/0x10 [ 694.780575][T17544] do_syscall_64+0xcd/0x490 [ 694.780613][T17544] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 694.780640][T17544] RIP: 0033:0x7f2c2878ebe9 [ 694.780660][T17544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 694.780686][T17544] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 694.780710][T17544] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 694.780727][T17544] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 694.780743][T17544] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 694.780759][T17544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 694.780774][T17544] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 694.780807][T17544] [ 695.115261][T17527] Aborting method \_SB.LNKA._STA due to previous error (AE_NO_MEMORY) (20250404/psparse-529) [ 695.627945][T17564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4326'. [ 695.659658][T17564] netlink: 354 bytes leftover after parsing attributes in process `syz.4.4326'. [ 695.886314][T17544] nfc: nfc_register_device: Could not register llcp device [ 696.053062][T17543] llcp: nfc_llcp_remove_local: Shutting down device not found [ 696.944535][T17591] random: crng reseeded on system resumption [ 697.449559][T17599] kvm: kvm [17597]: vcpu2, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010015) = 0x2 [ 697.690939][T17603] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4340'. [ 698.452264][T17621] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4348'. [ 698.580581][T17621] hsr_slave_0 (unregistering): left promiscuous mode [ 698.934182][T17628] random: crng reseeded on system resumption [ 698.999062][T17628] blktrace: Concurrent blktraces are not allowed on loop12 [ 699.298007][T17637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4354'. [ 699.359719][T17637] netlink: 25 bytes leftover after parsing attributes in process `syz.4.4354'. [ 700.624547][T17656] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4361'. [ 701.173071][T17656] hsr_slave_0 (unregistering): left promiscuous mode [ 702.704970][T17687] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4374'. [ 702.756640][T17687] netlink: 354 bytes leftover after parsing attributes in process `syz.1.4374'. [ 703.099077][T17693] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 703.167596][T17693] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 703.257228][T17693] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 703.311522][T17702] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4380'. [ 703.410625][T17693] CPU0 is offline. [ 703.568647][T17705] FAULT_INJECTION: forcing a failure. [ 703.568647][T17705] name failslab, interval 1, probability 0, space 0, times 0 [ 703.662391][T17705] CPU: 1 UID: 0 PID: 17705 Comm: syz.1.4381 Tainted: G I syzkaller #0 PREEMPT(full) [ 703.662432][T17705] Tainted: [I]=FIRMWARE_WORKAROUND [ 703.662441][T17705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 703.662456][T17705] Call Trace: [ 703.662465][T17705] [ 703.662474][T17705] dump_stack_lvl+0x16c/0x1f0 [ 703.662517][T17705] should_fail_ex+0x512/0x640 [ 703.662552][T17705] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 703.662585][T17705] should_failslab+0xc2/0x120 [ 703.662618][T17705] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 703.662646][T17705] ? mark_held_locks+0x49/0x80 [ 703.662677][T17705] ? key_alloc+0x3e0/0x1330 [ 703.662713][T17705] key_alloc+0x3e0/0x1330 [ 703.662755][T17705] ? __pfx_key_alloc+0x10/0x10 [ 703.662787][T17705] ? __pfx_key_default_cmp+0x10/0x10 [ 703.662824][T17705] ? __pfx_keyring_search_iterator+0x10/0x10 [ 703.662865][T17705] keyring_alloc+0x44/0xc0 [ 703.662904][T17705] look_up_user_keyrings+0x510/0x760 [ 703.662937][T17705] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 703.662978][T17705] lookup_user_key+0x1a3/0x1300 [ 703.663012][T17705] ? __pfx_lookup_user_key+0x10/0x10 [ 703.663047][T17705] ? do_futex+0x122/0x350 [ 703.663086][T17705] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 703.663121][T17705] ? fput+0x9b/0xd0 [ 703.663161][T17705] keyctl_keyring_clear+0x24/0x1a0 [ 703.663187][T17705] __do_sys_keyctl+0x355/0x590 [ 703.663215][T17705] do_syscall_64+0xcd/0x490 [ 703.663251][T17705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 703.663275][T17705] RIP: 0033:0x7f770758ebe9 [ 703.663294][T17705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 703.663318][T17705] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 703.663340][T17705] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 703.663356][T17705] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 703.663371][T17705] RBP: 00007f7707611e19 R08: 0000000000000008 R09: 0000000000000000 [ 703.663386][T17705] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 703.663401][T17705] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 703.663431][T17705] [ 704.104985][T17709] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 704.204111][T17715] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4385'. [ 705.105023][T12746] Bluetooth: hci3: command 0x0c1a tx timeout [ 705.393129][T17739] netlink: 'syz.0.4390': attribute type 2 has an invalid length. [ 705.463670][T17739] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4390'. [ 706.105260][T17752] FAULT_INJECTION: forcing a failure. [ 706.105260][T17752] name failslab, interval 1, probability 0, space 0, times 0 [ 706.208499][T17752] CPU: 1 UID: 0 PID: 17752 Comm: syz.5.4397 Tainted: G I syzkaller #0 PREEMPT(full) [ 706.208540][T17752] Tainted: [I]=FIRMWARE_WORKAROUND [ 706.208549][T17752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 706.208563][T17752] Call Trace: [ 706.208572][T17752] [ 706.208581][T17752] dump_stack_lvl+0x16c/0x1f0 [ 706.208617][T17752] should_fail_ex+0x512/0x640 [ 706.208652][T17752] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 706.208685][T17752] should_failslab+0xc2/0x120 [ 706.208717][T17752] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 706.208747][T17752] ? skb_clone+0x190/0x3f0 [ 706.208784][T17752] skb_clone+0x190/0x3f0 [ 706.208818][T17752] netlink_broadcast_filtered+0xb76/0xf90 [ 706.208864][T17752] ? __pfx_netlink_broadcast_filtered+0x10/0x10 [ 706.208896][T17752] ? sprintf+0xcc/0x100 [ 706.208934][T17752] ? netlink_has_listeners+0x20f/0x430 [ 706.208970][T17752] netlink_broadcast+0x39/0x50 [ 706.209003][T17752] kobject_uevent_env+0xc6a/0x1870 [ 706.209050][T17752] ? bus_to_subsys+0x131/0x160 [ 706.209080][T17752] device_add+0x10dd/0x1aa0 [ 706.209104][T17752] ? __pfx_device_add+0x10/0x10 [ 706.209146][T17752] nfc_register_device+0x41/0x3c0 [ 706.209183][T17752] nci_register_device+0x7f1/0xb80 [ 706.209212][T17752] ? __pfx_nci_register_device+0x10/0x10 [ 706.209246][T17752] ? lockdep_init_map_type+0x5c/0x280 [ 706.209286][T17752] virtual_ncidev_open+0x141/0x220 [ 706.209314][T17752] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 706.209341][T17752] misc_open+0x35d/0x420 [ 706.209366][T17752] ? __pfx_misc_open+0x10/0x10 [ 706.209391][T17752] chrdev_open+0x234/0x6a0 [ 706.209422][T17752] ? __pfx_apparmor_file_open+0x10/0x10 [ 706.209449][T17752] ? __pfx_chrdev_open+0x10/0x10 [ 706.209482][T17752] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 706.209515][T17752] do_dentry_open+0x982/0x1530 [ 706.209551][T17752] ? __pfx_chrdev_open+0x10/0x10 [ 706.209588][T17752] vfs_open+0x82/0x3f0 [ 706.209628][T17752] path_openat+0x1de4/0x2cb0 [ 706.209667][T17752] ? __pfx_path_openat+0x10/0x10 [ 706.209704][T17752] do_filp_open+0x20b/0x470 [ 706.209733][T17752] ? __pfx_do_filp_open+0x10/0x10 [ 706.209783][T17752] ? alloc_fd+0x471/0x7d0 [ 706.209817][T17752] do_sys_openat2+0x11b/0x1d0 [ 706.209853][T17752] ? __pfx_do_sys_openat2+0x10/0x10 [ 706.209903][T17752] __x64_sys_openat+0x174/0x210 [ 706.209941][T17752] ? __pfx___x64_sys_openat+0x10/0x10 [ 706.209991][T17752] do_syscall_64+0xcd/0x490 [ 706.210027][T17752] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 706.210051][T17752] RIP: 0033:0x7f29c3b8ebe9 [ 706.210070][T17752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 706.210093][T17752] RSP: 002b:00007f29c49bf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 706.210124][T17752] RAX: ffffffffffffffda RBX: 00007f29c3db5fa0 RCX: 00007f29c3b8ebe9 [ 706.210140][T17752] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 706.210155][T17752] RBP: 00007f29c3c11e19 R08: 0000000000000000 R09: 0000000000000000 [ 706.210169][T17752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 706.210184][T17752] R13: 00007f29c3db6038 R14: 00007f29c3db5fa0 R15: 00007ffffc224228 [ 706.210215][T17752] [ 707.265833][T12746] Bluetooth: hci3: command 0x0c1a tx timeout [ 708.447032][T17778] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 708.568337][T17778] CPU0 is offline. [ 708.856067][T17778] FAULT_INJECTION: forcing a failure. [ 708.856067][T17778] name fail_futex, interval 1, probability 0, space 0, times 0 [ 708.956549][T17778] CPU: 1 UID: 0 PID: 17778 Comm: syz.0.4408 Tainted: G I syzkaller #0 PREEMPT(full) [ 708.956589][T17778] Tainted: [I]=FIRMWARE_WORKAROUND [ 708.956597][T17778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 708.956611][T17778] Call Trace: [ 708.956619][T17778] [ 708.956627][T17778] dump_stack_lvl+0x16c/0x1f0 [ 708.956663][T17778] should_fail_ex+0x512/0x640 [ 708.956701][T17778] get_futex_key+0x293/0x1560 [ 708.956733][T17778] ? __pfx_get_futex_key+0x10/0x10 [ 708.956760][T17778] ? __mutex_trylock_common+0xe9/0x250 [ 708.956812][T17778] futex_wake+0xea/0x530 [ 708.956850][T17778] ? __pfx_futex_wake+0x10/0x10 [ 708.956897][T17778] do_futex+0x1e3/0x350 [ 708.956927][T17778] ? __pfx_do_futex+0x10/0x10 [ 708.956954][T17778] ? __might_fault+0xe3/0x190 [ 708.956989][T17778] mm_release+0x24e/0x300 [ 708.957017][T17778] do_exit+0x68e/0x2bf0 [ 708.957055][T17778] ? __pfx_do_exit+0x10/0x10 [ 708.957087][T17778] ? do_raw_spin_lock+0x12c/0x2b0 [ 708.957121][T17778] ? find_held_lock+0x2b/0x80 [ 708.957148][T17778] do_group_exit+0xd3/0x2a0 [ 708.957183][T17778] get_signal+0x2673/0x26d0 [ 708.957224][T17778] ? __pfx_get_signal+0x10/0x10 [ 708.957250][T17778] ? do_futex+0x122/0x350 [ 708.957285][T17778] ? __pfx_do_futex+0x10/0x10 [ 708.957320][T17778] arch_do_signal_or_restart+0x8f/0x790 [ 708.957353][T17778] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 708.957441][T17778] ? __pfx___do_sys_close_range+0x10/0x10 [ 708.957477][T17778] exit_to_user_mode_loop+0x84/0x110 [ 708.957519][T17778] do_syscall_64+0x3f6/0x490 [ 708.957553][T17778] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 708.957577][T17778] RIP: 0033:0x7f2c2878ebe9 [ 708.957595][T17778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 708.957619][T17778] RSP: 002b:00007f2c2953b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 708.957641][T17778] RAX: fffffffffffffe00 RBX: 00007f2c289b5fa8 RCX: 00007f2c2878ebe9 [ 708.957657][T17778] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f2c289b5fa8 [ 708.957672][T17778] RBP: 00007f2c289b5fa0 R08: 0000000000000000 R09: 0000000000000000 [ 708.957687][T17778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 708.957701][T17778] R13: 00007f2c289b6038 R14: 00007ffe09fd3760 R15: 00007ffe09fd3848 [ 708.957730][T17778] [ 709.800835][T17786] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4410'. [ 710.004089][T17788] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4411'. [ 710.473753][T12746] Bluetooth: hci3: command 0x0c1a tx timeout [ 712.125997][T17810] netlink: 'syz.4.4417': attribute type 32 has an invalid length. [ 712.193395][T17810] netlink: 'syz.4.4417': attribute type 33 has an invalid length. [ 712.270051][T17810] netlink: 'syz.4.4417': attribute type 35 has an invalid length. [ 712.321623][T17810] netlink: 'syz.4.4417': attribute type 37 has an invalid length. [ 712.375517][T17810] netlink: 'syz.4.4417': attribute type 39 has an invalid length. [ 712.443076][T17810] netlink: 'syz.4.4417': attribute type 40 has an invalid length. [ 712.499201][T17810] netlink: 'syz.4.4417': attribute type 41 has an invalid length. [ 712.544469][T17810] netlink: 'syz.4.4417': attribute type 44 has an invalid length. [ 712.598478][T17810] netlink: 'syz.4.4417': attribute type 46 has an invalid length. [ 712.640620][T17810] netlink: 'syz.4.4417': attribute type 47 has an invalid length. [ 712.691086][T17810] netlink: 2 bytes leftover after parsing attributes in process `syz.4.4417'. [ 713.896661][T17831] netlink: 252 bytes leftover after parsing attributes in process `syz.4.4425'. [ 713.979546][T17831] unsupported nla_type 65535 [ 714.328831][T17826] Process accounting paused [ 715.313224][ T30] audit: type=1800 audit(4294973828.936:11): pid=17853 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.4430" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 716.194536][T17864] netlink: 346 bytes leftover after parsing attributes in process `syz.1.4435'. [ 717.100766][T17881] netlink: 25 bytes leftover after parsing attributes in process `syz.0.4443'. [ 717.426165][T17885] kvm: kvm [17884]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000077) [ 717.508190][T17889] FAULT_INJECTION: forcing a failure. [ 717.508190][T17889] name fail_futex, interval 1, probability 0, space 0, times 0 [ 717.615590][T17889] CPU: 1 UID: 0 PID: 17889 Comm: syz.0.4447 Tainted: G I syzkaller #0 PREEMPT(full) [ 717.615630][T17889] Tainted: [I]=FIRMWARE_WORKAROUND [ 717.615639][T17889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 717.615654][T17889] Call Trace: [ 717.615662][T17889] [ 717.615670][T17889] dump_stack_lvl+0x16c/0x1f0 [ 717.615708][T17889] should_fail_ex+0x512/0x640 [ 717.615748][T17889] get_futex_key+0x1d0/0x1560 [ 717.615781][T17889] ? __pfx_get_futex_key+0x10/0x10 [ 717.615811][T17889] ? __lock_acquire+0xb97/0x1ce0 [ 717.615850][T17889] futex_wake+0xea/0x530 [ 717.615888][T17889] ? __pfx_futex_wake+0x10/0x10 [ 717.615937][T17889] do_futex+0x1e3/0x350 [ 717.615967][T17889] ? __pfx_do_futex+0x10/0x10 [ 717.615999][T17889] ? _raw_spin_unlock+0x28/0x50 [ 717.616026][T17889] ? do_fcntl+0x1eb/0x15a0 [ 717.616062][T17889] __x64_sys_futex+0x1e0/0x4c0 [ 717.616097][T17889] ? __pfx___x64_sys_futex+0x10/0x10 [ 717.616128][T17889] ? tomoyo_file_fcntl+0xa5/0xc0 [ 717.616161][T17889] do_syscall_64+0xcd/0x490 [ 717.616196][T17889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 717.616221][T17889] RIP: 0033:0x7f2c2878ebe9 [ 717.616249][T17889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 717.616272][T17889] RSP: 002b:00007f2c2953b0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 717.616294][T17889] RAX: ffffffffffffffda RBX: 00007f2c289b5fa8 RCX: 00007f2c2878ebe9 [ 717.616310][T17889] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f2c289b5fac [ 717.616324][T17889] RBP: 00007f2c289b5fa0 R08: 00007f2c2953c000 R09: 0000000000000000 [ 717.616339][T17889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 717.616353][T17889] R13: 00007f2c289b6038 R14: 00007ffe09fd3760 R15: 00007ffe09fd3848 [ 717.616383][T17889] [ 721.753311][T17930] FAULT_INJECTION: forcing a failure. [ 721.753311][T17930] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 722.004195][T17930] CPU: 1 UID: 0 PID: 17930 Comm: syz.0.4462 Tainted: G I syzkaller #0 PREEMPT(full) [ 722.004233][T17930] Tainted: [I]=FIRMWARE_WORKAROUND [ 722.004242][T17930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 722.004256][T17930] Call Trace: [ 722.004264][T17930] [ 722.004273][T17930] dump_stack_lvl+0x16c/0x1f0 [ 722.004309][T17930] should_fail_ex+0x512/0x640 [ 722.004349][T17930] should_fail_alloc_page+0xe7/0x130 [ 722.004388][T17930] prepare_alloc_pages+0x3c2/0x610 [ 722.004428][T17930] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 722.004469][T17930] ? __lock_acquire+0x62e/0x1ce0 [ 722.004503][T17930] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 722.004533][T17930] ? css_rstat_updated+0x1c2/0x510 [ 722.004569][T17930] ? filemap_get_entry+0x1a7/0x3b0 [ 722.004605][T17930] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 722.004644][T17930] ? policy_nodemask+0xea/0x4e0 [ 722.004678][T17930] alloc_pages_mpol+0x1fb/0x550 [ 722.004711][T17930] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 722.004743][T17930] ? _raw_spin_unlock+0x28/0x50 [ 722.004769][T17930] ? swap_entry_swapped+0x122/0x190 [ 722.004800][T17930] ? __pfx_swap_entry_swapped+0x10/0x10 [ 722.004835][T17930] folio_alloc_mpol_noprof+0x36/0x2f0 [ 722.004880][T17930] __read_swap_cache_async+0x3b6/0x5a0 [ 722.004910][T17930] ? __pfx___read_swap_cache_async+0x10/0x10 [ 722.004937][T17930] ? __pfx_get_swap_device+0x10/0x10 [ 722.004968][T17930] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 722.005011][T17930] read_swap_cache_async+0xdc/0x1e0 [ 722.005037][T17930] ? __pfx_read_swap_cache_async+0x10/0x10 [ 722.005062][T17930] ? find_held_lock+0x2b/0x80 [ 722.005083][T17930] ? find_held_lock+0x2b/0x80 [ 722.005106][T17930] ? swapin_walk_pmd_entry+0x25f/0x5c0 [ 722.005145][T17930] swapin_walk_pmd_entry+0x283/0x5c0 [ 722.005183][T17930] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 722.005221][T17930] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 722.005250][T17930] ? is_bpf_text_address+0x94/0x1a0 [ 722.005282][T17930] ? __pfx_swapin_walk_pmd_entry+0x10/0x10 [ 722.005318][T17930] walk_pgd_range+0xc02/0x1f50 [ 722.005368][T17930] ? __pfx_walk_pgd_range+0x10/0x10 [ 722.005400][T17930] ? __lock_acquire+0xb97/0x1ce0 [ 722.005434][T17930] __walk_page_range+0x163/0x820 [ 722.005582][T17930] walk_page_range_vma+0x2c7/0xa20 [ 722.005628][T17930] ? __pfx_walk_page_range_vma+0x10/0x10 [ 722.005659][T17930] ? finish_task_switch.isra.0+0x221/0xc10 [ 722.005699][T17930] madvise_vma_behavior+0x19cf/0x2d60 [ 722.005740][T17930] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 722.005774][T17930] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 722.005812][T17930] ? __pfx_mas_prev+0x10/0x10 [ 722.005853][T17930] ? find_vma_prev+0xda/0x160 [ 722.005896][T17930] ? find_held_lock+0x2b/0x80 [ 722.005919][T17930] ? __pfx_find_vma_prev+0x10/0x10 [ 722.005955][T17930] ? futex_unqueue+0x133/0x2c0 [ 722.005994][T17930] ? __futex_wait+0x24c/0x2f0 [ 722.006034][T17930] madvise_walk_vmas+0x31f/0x9c0 [ 722.006076][T17930] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 722.006128][T17930] madvise_do_behavior+0x1e2/0x530 [ 722.006165][T17930] ? futex_private_hash_put+0x18a/0x300 [ 722.006196][T17930] ? __pfx_madvise_do_behavior+0x10/0x10 [ 722.006234][T17930] ? down_read+0x13d/0x480 [ 722.006284][T17930] do_madvise+0x176/0x240 [ 722.006320][T17930] ? __pfx_do_madvise+0x10/0x10 [ 722.006355][T17930] ? do_futex+0x122/0x350 [ 722.006407][T17930] ? xfd_validate_state+0x61/0x180 [ 722.006444][T17930] ? __pfx_do_writev+0x10/0x10 [ 722.006479][T17930] __x64_sys_madvise+0xa9/0x110 [ 722.006516][T17930] ? lockdep_hardirqs_on+0x7c/0x110 [ 722.006547][T17930] do_syscall_64+0xcd/0x490 [ 722.006585][T17930] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 722.006610][T17930] RIP: 0033:0x7f2c2878ebe9 [ 722.006632][T17930] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 722.006656][T17930] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 722.006679][T17930] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 722.006695][T17930] RDX: 0000000000000003 RSI: 2000000080000001 RDI: 0000000000000000 [ 722.006710][T17930] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 722.006725][T17930] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 722.006740][T17930] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 722.006771][T17930] [ 722.558456][T17939] sctp: [Deprecated]: syz.1.4465 (pid 17939) Use of struct sctp_assoc_value in delayed_ack socket option. [ 722.558456][T17939] Use struct sctp_sack_info instead [ 723.928975][T17948] kvm: kvm [17946]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000077) [ 724.787806][ T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 724.798880][ T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 724.812586][ T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 724.823730][ T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 724.833316][ T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 724.879406][T17955] netlink: 290 bytes leftover after parsing attributes in process `syz.0.4474'. [ 726.008732][T17953] chnl_net:caif_netlink_parms(): no params data found [ 726.452369][ T79] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.611668][T17980] netlink: 330 bytes leftover after parsing attributes in process `syz.1.4482'. [ 726.777106][T17980] : renamed from lo (while UP) [ 726.897232][ T79] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 726.921103][ T51] Bluetooth: hci4: command tx timeout [ 726.999537][ C1] vcan0: j1939_tp_rxtimer: 0xffff888030a4e400: rx timeout, send abort [ 727.011635][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888030a4e400: 0x40000: (3) A timeout occurred and this is the connection abort to close the session. [ 727.070579][T17986] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 727.386769][ T79] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 727.489273][T17953] bridge0: port 1(bridge_slave_0) entered blocking state [ 727.530642][T17953] bridge0: port 1(bridge_slave_0) entered disabled state [ 727.565744][T17953] bridge_slave_0: entered allmulticast mode [ 727.619611][T17953] bridge_slave_0: entered promiscuous mode [ 727.632907][T17993] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4487'. [ 727.694761][T17993] unsupported nlmsg_type 40 [ 727.776170][ T79] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 727.863460][T17953] bridge0: port 2(bridge_slave_1) entered blocking state [ 727.914210][T17953] bridge0: port 2(bridge_slave_1) entered disabled state [ 727.953552][T17953] bridge_slave_1: entered allmulticast mode [ 728.002710][T17953] bridge_slave_1: entered promiscuous mode [ 728.233301][T17953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 728.263033][T18003] FAULT_INJECTION: forcing a failure. [ 728.263033][T18003] name failslab, interval 1, probability 0, space 0, times 0 [ 728.323760][T17953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 728.361828][T18003] CPU: 1 UID: 0 PID: 18003 Comm: syz.0.4491 Tainted: G I syzkaller #0 PREEMPT(full) [ 728.361874][T18003] Tainted: [I]=FIRMWARE_WORKAROUND [ 728.361883][T18003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 728.361898][T18003] Call Trace: [ 728.361906][T18003] [ 728.361916][T18003] dump_stack_lvl+0x16c/0x1f0 [ 728.361957][T18003] should_fail_ex+0x512/0x640 [ 728.361994][T18003] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 728.362023][T18003] should_failslab+0xc2/0x120 [ 728.362057][T18003] __kmalloc_cache_noprof+0x6a/0x3e0 [ 728.362082][T18003] ? apply_wqattrs_prepare+0x130/0xbd0 [ 728.362116][T18003] apply_wqattrs_prepare+0x130/0xbd0 [ 728.362156][T18003] apply_workqueue_attrs_locked+0x64/0xe0 [ 728.362186][T18003] __alloc_workqueue+0xf41/0x1810 [ 728.362230][T18003] alloc_workqueue_noprof+0xd2/0x200 [ 728.362263][T18003] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 728.362303][T18003] ? rcu_is_watching+0x12/0xc0 [ 728.362329][T18003] ? __kmalloc_noprof+0x242/0x510 [ 728.362358][T18003] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 728.362401][T18003] ieee80211_register_hw+0x1e8f/0x4060 [ 728.362459][T18003] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 728.362499][T18003] ? find_held_lock+0x2b/0x80 [ 728.362525][T18003] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 728.362564][T18003] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 728.362598][T18003] ? __hrtimer_setup+0x176/0x280 [ 728.362639][T18003] mac80211_hwsim_new_radio+0x3034/0x54d0 [ 728.362684][T18003] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 728.362719][T18003] hwsim_new_radio_nl+0xb51/0x12c0 [ 728.362747][T18003] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 728.362782][T18003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 728.362826][T18003] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 728.362875][T18003] genl_family_rcv_msg_doit+0x206/0x2f0 [ 728.362917][T18003] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 728.362969][T18003] ? bpf_lsm_capable+0x9/0x10 [ 728.362991][T18003] ? security_capable+0x7e/0x260 [ 728.363017][T18003] ? ns_capable+0xd7/0x110 [ 728.363047][T18003] genl_rcv_msg+0x55c/0x800 [ 728.363090][T18003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 728.363131][T18003] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 728.363167][T18003] netlink_rcv_skb+0x155/0x420 [ 728.363202][T18003] ? __pfx_genl_rcv_msg+0x10/0x10 [ 728.363244][T18003] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 728.363291][T18003] ? netlink_deliver_tap+0x1ae/0xd30 [ 728.363329][T18003] genl_rcv+0x28/0x40 [ 728.363364][T18003] netlink_unicast+0x5aa/0x870 [ 728.363403][T18003] ? __pfx_netlink_unicast+0x10/0x10 [ 728.363438][T18003] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 728.363478][T18003] ? __lock_acquire+0xb97/0x1ce0 [ 728.363519][T18003] netlink_sendmsg+0x8d1/0xdd0 [ 728.363559][T18003] ? __pfx_netlink_sendmsg+0x10/0x10 [ 728.363603][T18003] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 728.363635][T18003] ____sys_sendmsg+0xa95/0xc70 [ 728.363660][T18003] ? copy_msghdr_from_user+0x10a/0x160 [ 728.363694][T18003] ? __pfx_____sys_sendmsg+0x10/0x10 [ 728.363732][T18003] ___sys_sendmsg+0x134/0x1d0 [ 728.363768][T18003] ? __pfx____sys_sendmsg+0x10/0x10 [ 728.363841][T18003] __sys_sendmsg+0x16d/0x220 [ 728.363875][T18003] ? __pfx___sys_sendmsg+0x10/0x10 [ 728.363908][T18003] ? __x64_sys_futex+0x1e0/0x4c0 [ 728.363959][T18003] do_syscall_64+0xcd/0x490 [ 728.363996][T18003] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 728.364021][T18003] RIP: 0033:0x7f2c2878ebe9 [ 728.364042][T18003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 728.364066][T18003] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 728.364090][T18003] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 728.364106][T18003] RDX: 00000000040000c0 RSI: 0000200000000300 RDI: 0000000000000005 [ 728.364122][T18003] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 728.364137][T18003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 728.364152][T18003] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 728.364184][T18003] [ 729.557815][ T51] Bluetooth: hci4: command tx timeout [ 730.138897][T17953] team0: Port device team_slave_0 added [ 730.257775][T17953] team0: Port device team_slave_1 added [ 730.436699][T18009] netlink: 302 bytes leftover after parsing attributes in process `syz.4.4494'. [ 730.458934][T17953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 730.480906][T17953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.567683][T17953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 730.651768][T17953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 730.693808][T17953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 730.864967][T17953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 730.962228][ T79] bridge_slave_1: left allmulticast mode [ 730.969047][ T79] bridge_slave_1: left promiscuous mode [ 731.015227][ T79] bridge0: port 2(bridge_slave_1) entered disabled state [ 731.067420][ T79] bridge_slave_0: left allmulticast mode [ 731.110879][ T79] bridge_slave_0: left promiscuous mode [ 731.147611][ T79] bridge0: port 1(bridge_slave_0) entered disabled state [ 731.619405][T12746] Bluetooth: hci4: command tx timeout [ 732.522138][ T79] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 732.563921][ T79] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 732.607983][ T79] bond0 (unregistering): Released all slaves [ 733.220334][T17953] hsr_slave_0: entered promiscuous mode [ 733.275846][T17953] hsr_slave_1: entered promiscuous mode [ 733.301777][T17953] debugfs: 'hsr0' already exists in 'hsr' [ 733.322077][T17953] Cannot create hsr debugfs directory [ 733.609961][ T79] hsr_slave_0: left promiscuous mode [ 733.658388][ T79] hsr_slave_1: left promiscuous mode [ 733.679919][ T79] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 733.694275][T12746] Bluetooth: hci4: command tx timeout [ 733.747111][ T79] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 733.807006][ T79] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 733.861777][ T79] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 733.942537][ T79] veth1_macvtap: left promiscuous mode [ 733.997931][ T79] veth0_macvtap: left promiscuous mode [ 734.022462][ T79] veth1_vlan: left promiscuous mode [ 734.056746][ T79] veth0_vlan: left promiscuous mode [ 735.698472][T18046] serio: Serial port pty6 [ 736.151264][ T79] team0 (unregistering): Port device team_slave_1 removed [ 736.387109][ T79] team0 (unregistering): Port device team_slave_0 removed [ 739.884579][T17953] netdevsim netdevsim6 netdevsim0: renamed from eth0 [ 739.967613][T17953] netdevsim netdevsim6 netdevsim1: renamed from eth1 [ 740.073653][T17953] netdevsim netdevsim6 netdevsim2: renamed from eth2 [ 740.151789][T17953] netdevsim netdevsim6 netdevsim3: renamed from eth3 [ 741.088523][T17953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 741.220410][T17953] 8021q: adding VLAN 0 to HW filter on device team0 [ 741.359463][ T998] bridge0: port 1(bridge_slave_0) entered blocking state [ 741.368050][ T998] bridge0: port 1(bridge_slave_0) entered forwarding state [ 741.468199][ T998] bridge0: port 2(bridge_slave_1) entered blocking state [ 741.476916][ T998] bridge0: port 2(bridge_slave_1) entered forwarding state [ 742.682823][T17953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 744.454740][T18111] Process accounting resumed [ 744.547285][T17953] veth0_vlan: entered promiscuous mode [ 744.653634][T17953] veth1_vlan: entered promiscuous mode [ 744.812373][T17953] veth0_macvtap: entered promiscuous mode [ 744.880700][T17953] veth1_macvtap: entered promiscuous mode [ 745.036809][T17953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 745.119938][T17953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 745.210401][ T13] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.268987][ T13] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.361262][ T13] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.427285][ T13] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 745.753172][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 745.801889][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 745.995414][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 746.056639][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 746.706044][T18159] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 746.817729][T18159] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 746.898228][T18166] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 746.918160][T18159] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 747.013364][T18159] CPU0 is offline. [ 748.579876][T18186] FAULT_INJECTION: forcing a failure. [ 748.579876][T18186] name failslab, interval 1, probability 0, space 0, times 0 [ 748.617919][T18183] FAULT_INJECTION: forcing a failure. [ 748.617919][T18183] name failslab, interval 1, probability 0, space 0, times 0 [ 748.678859][T18186] CPU: 1 UID: 0 PID: 18186 Comm: syz.0.4550 Tainted: G I syzkaller #0 PREEMPT(full) [ 748.678899][T18186] Tainted: [I]=FIRMWARE_WORKAROUND [ 748.678915][T18186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 748.678929][T18186] Call Trace: [ 748.678937][T18186] [ 748.678946][T18186] dump_stack_lvl+0x16c/0x1f0 [ 748.678984][T18186] should_fail_ex+0x512/0x640 [ 748.679018][T18186] ? __kmalloc_noprof+0xbf/0x510 [ 748.679048][T18186] ? ptp_open+0x104/0x550 [ 748.679070][T18186] should_failslab+0xc2/0x120 [ 748.679102][T18186] __kmalloc_noprof+0xd2/0x510 [ 748.679133][T18186] ? kasan_save_track+0x14/0x30 [ 748.679163][T18186] ptp_open+0x104/0x550 [ 748.679190][T18186] ? __pfx_ptp_open+0x10/0x10 [ 748.679222][T18186] ? __pfx_ptp_open+0x10/0x10 [ 748.679249][T18186] posix_clock_open+0x178/0x290 [ 748.679278][T18186] ? __pfx_posix_clock_open+0x10/0x10 [ 748.679305][T18186] chrdev_open+0x234/0x6a0 [ 748.679336][T18186] ? __pfx_apparmor_file_open+0x10/0x10 [ 748.679363][T18186] ? __pfx_chrdev_open+0x10/0x10 [ 748.679396][T18186] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 748.679429][T18186] do_dentry_open+0x982/0x1530 [ 748.679460][T18186] ? __pfx_chrdev_open+0x10/0x10 [ 748.679497][T18186] vfs_open+0x82/0x3f0 [ 748.679536][T18186] path_openat+0x1de4/0x2cb0 [ 748.679575][T18186] ? __pfx_path_openat+0x10/0x10 [ 748.679612][T18186] do_filp_open+0x20b/0x470 [ 748.679640][T18186] ? __pfx_do_filp_open+0x10/0x10 [ 748.679690][T18186] ? alloc_fd+0x471/0x7d0 [ 748.679723][T18186] do_sys_openat2+0x11b/0x1d0 [ 748.679759][T18186] ? __pfx_do_sys_openat2+0x10/0x10 [ 748.679808][T18186] __x64_sys_openat+0x174/0x210 [ 748.679846][T18186] ? __pfx___x64_sys_openat+0x10/0x10 [ 748.679897][T18186] do_syscall_64+0xcd/0x490 [ 748.679937][T18186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 748.679961][T18186] RIP: 0033:0x7f2c2878ebe9 [ 748.679980][T18186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 748.680004][T18186] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 748.680026][T18186] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 748.680041][T18186] RDX: 0000000000000000 RSI: 0000200000005280 RDI: ffffffffffffff9c [ 748.680056][T18186] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 748.680071][T18186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 748.680085][T18186] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 748.680114][T18186] [ 749.063978][T18183] CPU: 1 UID: 0 PID: 18183 Comm: syz.1.4549 Tainted: G I syzkaller #0 PREEMPT(full) [ 749.064019][T18183] Tainted: [I]=FIRMWARE_WORKAROUND [ 749.064028][T18183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 749.064043][T18183] Call Trace: [ 749.064051][T18183] [ 749.064069][T18183] dump_stack_lvl+0x16c/0x1f0 [ 749.064106][T18183] should_fail_ex+0x512/0x640 [ 749.064140][T18183] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 749.064168][T18183] should_failslab+0xc2/0x120 [ 749.064200][T18183] __kmalloc_cache_noprof+0x6a/0x3e0 [ 749.064225][T18183] ? vsnprintf+0x318/0x1160 [ 749.064252][T18183] ? ptp_clock_register+0x172/0x15f0 [ 749.064281][T18183] ptp_clock_register+0x172/0x15f0 [ 749.064303][T18183] ? __pfx_vsnprintf+0x10/0x10 [ 749.064336][T18183] ? __pfx_ptp_clock_register+0x10/0x10 [ 749.064363][T18183] ? snprintf+0xc7/0x100 [ 749.064390][T18183] ? __pfx_snprintf+0x10/0x10 [ 749.064424][T18183] ? lockdep_init_map_type+0x5c/0x280 [ 749.064460][T18183] ? lockdep_init_map_type+0x5c/0x280 [ 749.064496][T18183] ptp_vclock_register+0x4c0/0x9f0 [ 749.064532][T18183] n_vclocks_store+0x33f/0x6d0 [ 749.064563][T18183] ? __pfx_n_vclocks_store+0x10/0x10 [ 749.064592][T18183] ? find_held_lock+0x2b/0x80 [ 749.064620][T18183] ? __pfx_n_vclocks_store+0x10/0x10 [ 749.064645][T18183] dev_attr_store+0x58/0x80 [ 749.064681][T18183] ? __pfx_dev_attr_store+0x10/0x10 [ 749.064717][T18183] sysfs_kf_write+0xf2/0x150 [ 749.064745][T18183] kernfs_fop_write_iter+0x354/0x510 [ 749.064767][T18183] ? __pfx_sysfs_kf_write+0x10/0x10 [ 749.064796][T18183] do_iter_readv_writev+0x65f/0x9e0 [ 749.064825][T18183] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 749.064865][T18183] vfs_writev+0x35f/0xde0 [ 749.064899][T18183] ? __pfx_vfs_writev+0x10/0x10 [ 749.064947][T18183] ? __fget_files+0x20e/0x3c0 [ 749.064981][T18183] ? do_pwritev+0x1a6/0x270 [ 749.065005][T18183] do_pwritev+0x1a6/0x270 [ 749.065032][T18183] ? __pfx_do_pwritev+0x10/0x10 [ 749.065072][T18183] do_syscall_64+0xcd/0x490 [ 749.065108][T18183] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 749.065132][T18183] RIP: 0033:0x7f770758ebe9 [ 749.065152][T18183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 749.065175][T18183] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 749.065198][T18183] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 749.065213][T18183] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003 [ 749.065227][T18183] RBP: 00007f7707611e19 R08: 0000000000000009 R09: 0000000000000000 [ 749.065242][T18183] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 749.065256][T18183] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 749.065286][T18183] [ 749.823450][T12746] Bluetooth: hci4: command 0x0c1a tx timeout [ 750.881983][T18210] FAULT_INJECTION: forcing a failure. [ 750.881983][T18210] name failslab, interval 1, probability 0, space 0, times 0 [ 750.934305][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 750.943814][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 751.082718][T18210] CPU: 1 UID: 0 PID: 18210 Comm: syz.0.4558 Tainted: G I syzkaller #0 PREEMPT(full) [ 751.082759][T18210] Tainted: [I]=FIRMWARE_WORKAROUND [ 751.082768][T18210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 751.082783][T18210] Call Trace: [ 751.082791][T18210] [ 751.082803][T18210] dump_stack_lvl+0x16c/0x1f0 [ 751.082840][T18210] should_fail_ex+0x512/0x640 [ 751.082874][T18210] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 751.082903][T18210] should_failslab+0xc2/0x120 [ 751.082940][T18210] __kmalloc_cache_noprof+0x6a/0x3e0 [ 751.082968][T18210] ? landlock_merge_ruleset+0x118/0x870 [ 751.083002][T18210] landlock_merge_ruleset+0x118/0x870 [ 751.083032][T18210] ? prepare_creds+0x583/0x7d0 [ 751.083070][T18210] __do_sys_landlock_restrict_self+0x2a2/0x910 [ 751.083101][T18210] do_syscall_64+0xcd/0x490 [ 751.083136][T18210] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 751.083160][T18210] RIP: 0033:0x7f2c2878ebe9 [ 751.083178][T18210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 751.083202][T18210] RSP: 002b:00007f2c2951a038 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 751.083231][T18210] RAX: ffffffffffffffda RBX: 00007f2c289b6090 RCX: 00007f2c2878ebe9 [ 751.083247][T18210] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000005 [ 751.083261][T18210] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 751.083275][T18210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 751.083289][T18210] R13: 00007f2c289b6128 R14: 00007f2c289b6090 R15: 00007ffe09fd3848 [ 751.083318][T18210] [ 751.919916][T12746] Bluetooth: hci4: command 0x0c1a tx timeout [ 753.276794][T18223] zswap: compressor 000 not available [ 753.994061][T12746] Bluetooth: hci4: command 0x0c1a tx timeout [ 754.766637][T18257] netlink: 'syz.1.4577': attribute type 1 has an invalid length. [ 754.822448][T18257] netlink: 'syz.1.4577': attribute type 6 has an invalid length. [ 755.338029][T18262] FAULT_INJECTION: forcing a failure. [ 755.338029][T18262] name failslab, interval 1, probability 0, space 0, times 0 [ 755.454006][T18262] CPU: 1 UID: 0 PID: 18262 Comm: syz.1.4579 Tainted: G I syzkaller #0 PREEMPT(full) [ 755.454046][T18262] Tainted: [I]=FIRMWARE_WORKAROUND [ 755.454055][T18262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 755.454070][T18262] Call Trace: [ 755.454079][T18262] [ 755.454088][T18262] dump_stack_lvl+0x16c/0x1f0 [ 755.454126][T18262] should_fail_ex+0x512/0x640 [ 755.454160][T18262] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 755.454187][T18262] ? __pfx_mon_text_open+0x10/0x10 [ 755.454214][T18262] should_failslab+0xc2/0x120 [ 755.454246][T18262] __kmalloc_cache_noprof+0x6a/0x3e0 [ 755.454272][T18262] ? mon_text_open+0x1cb/0x4f0 [ 755.454301][T18262] ? __pfx_mon_text_open+0x10/0x10 [ 755.454327][T18262] mon_text_open+0x1cb/0x4f0 [ 755.454360][T18262] ? __pfx_mon_text_open+0x10/0x10 [ 755.454385][T18262] ? __debugfs_file_get+0x1fe/0x840 [ 755.454423][T18262] ? __pfx___debugfs_file_get+0x10/0x10 [ 755.454460][T18262] ? __pfx_apparmor_file_open+0x10/0x10 [ 755.454485][T18262] ? lockdown_is_locked_down+0x3f/0x130 [ 755.454509][T18262] ? bpf_lsm_locked_down+0x9/0x10 [ 755.454535][T18262] ? __pfx_mon_text_open+0x10/0x10 [ 755.454560][T18262] full_proxy_open_regular+0x1b6/0x360 [ 755.454587][T18262] do_dentry_open+0x982/0x1530 [ 755.454617][T18262] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 755.454648][T18262] vfs_open+0x82/0x3f0 [ 755.454688][T18262] path_openat+0x1de4/0x2cb0 [ 755.454727][T18262] ? __pfx_path_openat+0x10/0x10 [ 755.454765][T18262] do_filp_open+0x20b/0x470 [ 755.454794][T18262] ? __pfx_do_filp_open+0x10/0x10 [ 755.454844][T18262] ? alloc_fd+0x471/0x7d0 [ 755.454879][T18262] do_sys_openat2+0x11b/0x1d0 [ 755.454916][T18262] ? __pfx_do_sys_openat2+0x10/0x10 [ 755.454966][T18262] __x64_sys_openat+0x174/0x210 [ 755.455005][T18262] ? __pfx___x64_sys_openat+0x10/0x10 [ 755.455059][T18262] do_syscall_64+0xcd/0x490 [ 755.455095][T18262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 755.455120][T18262] RIP: 0033:0x7f770758ebe9 [ 755.455139][T18262] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 755.455163][T18262] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 755.455186][T18262] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 755.455201][T18262] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 755.455215][T18262] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 755.455229][T18262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 755.455244][T18262] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 755.455274][T18262] [ 756.627730][T18269] netlink: 146 bytes leftover after parsing attributes in process `syz.1.4582'. [ 757.092421][T18271] loop6: detected capacity change from 0 to 8 [ 759.390812][T18287] netlink: 342 bytes leftover after parsing attributes in process `syz.6.4587'. [ 762.062784][T18330] netlink: 'syz.6.4603': attribute type 4 has an invalid length. [ 762.172069][T18330] netlink: 314 bytes leftover after parsing attributes in process `syz.6.4603'. [ 762.310064][T18330] IPv6: NLM_F_CREATE should be specified when creating new route [ 762.427191][T18330] IPv6: Can't replace route, no match found [ 764.934165][T18357] FAULT_INJECTION: forcing a failure. [ 764.934165][T18357] name failslab, interval 1, probability 0, space 0, times 0 [ 765.023350][T18357] CPU: 1 UID: 0 PID: 18357 Comm: syz.0.4619 Tainted: G I syzkaller #0 PREEMPT(full) [ 765.023391][T18357] Tainted: [I]=FIRMWARE_WORKAROUND [ 765.023400][T18357] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 765.023415][T18357] Call Trace: [ 765.023423][T18357] [ 765.023432][T18357] dump_stack_lvl+0x16c/0x1f0 [ 765.023468][T18357] should_fail_ex+0x512/0x640 [ 765.023503][T18357] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 765.023535][T18357] should_failslab+0xc2/0x120 [ 765.023567][T18357] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 765.023597][T18357] ? __kernfs_new_node+0xd2/0x8e0 [ 765.023633][T18357] __kernfs_new_node+0xd2/0x8e0 [ 765.023674][T18357] ? __pfx___kernfs_new_node+0x10/0x10 [ 765.023713][T18357] ? find_held_lock+0x2b/0x80 [ 765.023738][T18357] ? kernfs_root+0xee/0x2a0 [ 765.023774][T18357] kernfs_new_node+0x13c/0x1e0 [ 765.023815][T18357] __kernfs_create_file+0x53/0x350 [ 765.023843][T18357] sysfs_add_file_mode_ns+0x207/0x3c0 [ 765.023880][T18357] internal_create_group+0x578/0xf30 [ 765.023920][T18357] ? __pfx_internal_create_group+0x10/0x10 [ 765.023957][T18357] ? kernfs_create_link+0x1bd/0x240 [ 765.023986][T18357] internal_create_groups+0x9d/0x150 [ 765.024022][T18357] device_add+0x6d1/0x1aa0 [ 765.024048][T18357] ? __pfx_device_add+0x10/0x10 [ 765.024069][T18357] ? lockdep_init_map_type+0x5c/0x280 [ 765.024103][T18357] ? __init_waitqueue_head+0xca/0x150 [ 765.024148][T18357] netdev_register_kobject+0x1a9/0x3d0 [ 765.024192][T18357] register_netdevice+0x13dc/0x2270 [ 765.024235][T18357] ? __pfx_register_netdevice+0x10/0x10 [ 765.024280][T18357] slip_open+0xb86/0x1150 [ 765.024322][T18357] ? __pfx_slip_open+0x10/0x10 [ 765.024355][T18357] ? down_write+0x14d/0x200 [ 765.024392][T18357] ? __pfx_slip_open+0x10/0x10 [ 765.024427][T18357] tty_ldisc_open+0x9f/0x120 [ 765.024456][T18357] tty_set_ldisc+0x32b/0x780 [ 765.024489][T18357] tty_ioctl+0xc2e/0x1680 [ 765.024523][T18357] ? __pfx_tty_ioctl+0x10/0x10 [ 765.024565][T18357] ? find_held_lock+0x2b/0x80 [ 765.024587][T18357] ? hook_file_ioctl_common+0x145/0x410 [ 765.024625][T18357] ? __fget_files+0x20e/0x3c0 [ 765.024661][T18357] ? __pfx_tty_ioctl+0x10/0x10 [ 765.024695][T18357] __x64_sys_ioctl+0x18e/0x210 [ 765.024736][T18357] do_syscall_64+0xcd/0x490 [ 765.024771][T18357] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 765.024796][T18357] RIP: 0033:0x7f2c2878ebe9 [ 765.024815][T18357] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 765.024838][T18357] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 765.024861][T18357] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 765.024877][T18357] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 0000000000000005 [ 765.024891][T18357] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 765.024905][T18357] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 765.024919][T18357] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 765.024950][T18357] [ 768.716516][T18389] netlink: 'syz.1.4622': attribute type 21 has an invalid length. [ 768.776494][T18389] netlink: 326 bytes leftover after parsing attributes in process `syz.1.4622'. [ 768.831997][T18389] IPv6: NLM_F_CREATE should be specified when creating new route [ 770.860428][T18423] netlink: 338 bytes leftover after parsing attributes in process `syz.1.4638'. [ 771.512568][T18439] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4646'. [ 771.758266][T18446] FAULT_INJECTION: forcing a failure. [ 771.758266][T18446] name failslab, interval 1, probability 0, space 0, times 0 [ 771.864678][T18446] CPU: 1 UID: 0 PID: 18446 Comm: syz.1.4648 Tainted: G I syzkaller #0 PREEMPT(full) [ 771.864718][T18446] Tainted: [I]=FIRMWARE_WORKAROUND [ 771.864727][T18446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 771.864741][T18446] Call Trace: [ 771.864749][T18446] [ 771.864758][T18446] dump_stack_lvl+0x16c/0x1f0 [ 771.864794][T18446] should_fail_ex+0x512/0x640 [ 771.864833][T18446] should_failslab+0xc2/0x120 [ 771.864867][T18446] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 771.864898][T18446] ? xas_split_alloc+0x11c/0x490 [ 771.864935][T18446] xas_split_alloc+0x11c/0x490 [ 771.864976][T18446] __folio_split+0xdd0/0x4a80 [ 771.865019][T18446] ? __lock_acquire+0x531/0x1ce0 [ 771.865063][T18446] ? __mem_cgroup_try_charge_swap+0x8c/0x3f0 [ 771.865102][T18446] ? __pfx___folio_split+0x10/0x10 [ 771.865149][T18446] ? find_held_lock+0x2b/0x80 [ 771.865180][T18446] ? folio_alloc_swap+0x93f/0xc70 [ 771.865215][T18446] split_folio_to_list+0x9b/0x180 [ 771.865256][T18446] shmem_writeout+0x42e/0x1140 [ 771.865288][T18446] ? __pfx_shmem_writeout+0x10/0x10 [ 771.865315][T18446] ? __pfx_try_to_unmap+0x10/0x10 [ 771.865340][T18446] ? find_held_lock+0x2b/0x80 [ 771.865364][T18446] ? inode_to_bdi+0x9e/0x160 [ 771.865395][T18446] ? folio_clear_dirty_for_io+0x112/0x810 [ 771.865438][T18446] shrink_folio_list+0x2f4c/0x4880 [ 771.865472][T18446] ? __pfx_shrink_folio_list+0x10/0x10 [ 771.865494][T18446] ? xas_create+0x72b/0x1460 [ 771.865527][T18446] ? xas_store+0x90/0x1910 [ 771.865560][T18446] ? shmem_add_to_page_cache+0x7ae/0xa70 [ 771.865584][T18446] ? shmem_get_folio_gfp+0x869/0x1600 [ 771.865614][T18446] ? __lock_acquire+0x62e/0x1ce0 [ 771.865649][T18446] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.865680][T18446] ? lock_acquire+0x179/0x350 [ 771.865711][T18446] ? find_held_lock+0x2b/0x80 [ 771.865757][T18446] ? rcu_is_watching+0x12/0xc0 [ 771.865788][T18446] reclaim_folio_list+0xda/0x5d0 [ 771.865811][T18446] ? __pfx_css_rstat_updated+0x10/0x10 [ 771.865837][T18446] ? __lock_acquire+0x62e/0x1ce0 [ 771.865868][T18446] ? __pfx_reclaim_folio_list+0x10/0x10 [ 771.865905][T18446] ? lru_gen_update_size+0x543/0xe10 [ 771.865935][T18446] ? lru_gen_del_folio+0x32b/0x540 [ 771.865960][T18446] reclaim_pages+0x47b/0x650 [ 771.865988][T18446] ? __pfx_reclaim_pages+0x10/0x10 [ 771.866015][T18446] ? madvise_cold_or_pageout_pte_range+0x1e81/0x2120 [ 771.866058][T18446] madvise_cold_or_pageout_pte_range+0x152f/0x2120 [ 771.866101][T18446] ? __lock_acquire+0xb97/0x1ce0 [ 771.866143][T18446] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 771.866188][T18446] ? css_rstat_updated+0x1c2/0x510 [ 771.866214][T18446] ? __pfx_madvise_cold_or_pageout_pte_range+0x10/0x10 [ 771.866252][T18446] walk_pgd_range+0xc02/0x1f50 [ 771.866304][T18446] ? __pfx_walk_pgd_range+0x10/0x10 [ 771.866342][T18446] __walk_page_range+0x163/0x820 [ 771.866376][T18446] ? __lock_acquire+0xb97/0x1ce0 [ 771.866415][T18446] walk_page_range_vma+0x2c7/0xa20 [ 771.866449][T18446] ? __pfx_walk_page_range_vma+0x10/0x10 [ 771.866480][T18446] ? find_held_lock+0x2b/0x80 [ 771.866515][T18446] madvise_pageout+0x257/0x540 [ 771.866549][T18446] ? __pfx_madvise_pageout+0x10/0x10 [ 771.866579][T18446] ? finish_task_switch.isra.0+0x21c/0xc10 [ 771.866627][T18446] madvise_vma_behavior+0xb22/0x2d60 [ 771.866665][T18446] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 771.866697][T18446] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 771.866736][T18446] ? __pfx_mas_prev+0x10/0x10 [ 771.866774][T18446] ? find_vma_prev+0xda/0x160 [ 771.866807][T18446] ? find_held_lock+0x2b/0x80 [ 771.866829][T18446] ? __pfx_find_vma_prev+0x10/0x10 [ 771.866864][T18446] ? futex_unqueue+0x133/0x2c0 [ 771.866900][T18446] ? __futex_wait+0x24c/0x2f0 [ 771.866940][T18446] madvise_walk_vmas+0x31f/0x9c0 [ 771.866980][T18446] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 771.867023][T18446] madvise_do_behavior+0x1e2/0x530 [ 771.867057][T18446] ? futex_private_hash_put+0x18a/0x300 [ 771.867086][T18446] ? __pfx_madvise_do_behavior+0x10/0x10 [ 771.867129][T18446] ? down_read+0x13d/0x480 [ 771.867179][T18446] do_madvise+0x176/0x240 [ 771.867214][T18446] ? __pfx_do_madvise+0x10/0x10 [ 771.867247][T18446] ? do_futex+0x122/0x350 [ 771.867297][T18446] ? xfd_validate_state+0x61/0x180 [ 771.867333][T18446] ? __pfx_do_writev+0x10/0x10 [ 771.867364][T18446] __x64_sys_madvise+0xa9/0x110 [ 771.867399][T18446] ? lockdep_hardirqs_on+0x7c/0x110 [ 771.867429][T18446] do_syscall_64+0xcd/0x490 [ 771.867464][T18446] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 771.867489][T18446] RIP: 0033:0x7f770758ebe9 [ 771.867508][T18446] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 771.867533][T18446] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 771.867556][T18446] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 771.867572][T18446] RDX: 0000000000000015 RSI: 00000000002003f2 RDI: 0000000000000000 [ 771.867586][T18446] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 771.867601][T18446] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 771.867615][T18446] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 771.867645][T18446] [ 774.881681][T18439] Process accounting paused [ 775.057457][T18464] FAULT_INJECTION: forcing a failure. [ 775.057457][T18464] name failslab, interval 1, probability 0, space 0, times 0 [ 775.123096][T18464] CPU: 1 UID: 0 PID: 18464 Comm: syz.0.4653 Tainted: G I syzkaller #0 PREEMPT(full) [ 775.123135][T18464] Tainted: [I]=FIRMWARE_WORKAROUND [ 775.123144][T18464] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 775.123158][T18464] Call Trace: [ 775.123167][T18464] [ 775.123176][T18464] dump_stack_lvl+0x16c/0x1f0 [ 775.123212][T18464] should_fail_ex+0x512/0x640 [ 775.123246][T18464] ? __kmalloc_noprof+0xbf/0x510 [ 775.123277][T18464] ? acpi_ns_internalize_name+0x144/0x220 [ 775.123303][T18464] should_failslab+0xc2/0x120 [ 775.123336][T18464] __kmalloc_noprof+0xd2/0x510 [ 775.123366][T18464] ? acpi_ns_get_internal_name_length+0x272/0x400 [ 775.123397][T18464] acpi_ns_internalize_name+0x144/0x220 [ 775.123423][T18464] ? __pfx_acpi_ns_internalize_name+0x10/0x10 [ 775.123457][T18464] ? acpi_evaluate_integer+0xdd/0x200 [ 775.123479][T18464] ? status_show+0xa0/0x120 [ 775.123506][T18464] ? dev_attr_show+0x53/0xe0 [ 775.123542][T18464] ? sysfs_kf_seq_show+0x216/0x3e0 [ 775.123568][T18464] ? seq_read_iter+0x509/0x12c0 [ 775.123594][T18464] acpi_ns_get_node_unlocked+0x163/0x310 [ 775.123623][T18464] ? __pfx_acpi_ns_get_node_unlocked+0x10/0x10 [ 775.123650][T18464] ? find_held_lock+0x2b/0x80 [ 775.123684][T18464] ? down_timeout+0x6b/0x90 [ 775.123719][T18464] ? acpi_os_wait_semaphore+0xcb/0xf0 [ 775.123758][T18464] ? acpi_ns_get_node+0x4c/0x70 [ 775.123782][T18464] acpi_ns_get_node+0x4c/0x70 [ 775.123810][T18464] acpi_ns_evaluate+0x6ef/0xca0 [ 775.123848][T18464] ? kasan_save_track+0x14/0x30 [ 775.123879][T18464] acpi_evaluate_object+0x1fa/0xa90 [ 775.123907][T18464] ? avic_update_iommu_vcpu_affinity.constprop.0+0xee/0x140 [ 775.123937][T18464] ? do_syscall_64+0xcd/0x490 [ 775.123976][T18464] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.124002][T18464] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 775.124032][T18464] ? __mutex_trylock_common+0xe9/0x250 [ 775.124070][T18464] acpi_evaluate_integer+0xdd/0x200 [ 775.124094][T18464] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 775.124132][T18464] ? __pfx_status_show+0x10/0x10 [ 775.124160][T18464] status_show+0xa0/0x120 [ 775.124189][T18464] ? __pfx_status_show+0x10/0x10 [ 775.124226][T18464] dev_attr_show+0x53/0xe0 [ 775.124264][T18464] ? __pfx_dev_attr_show+0x10/0x10 [ 775.124300][T18464] sysfs_kf_seq_show+0x216/0x3e0 [ 775.124333][T18464] seq_read_iter+0x509/0x12c0 [ 775.124357][T18464] ? __mutex_trylock_common+0xe9/0x250 [ 775.124404][T18464] kernfs_fop_read_iter+0x40f/0x5a0 [ 775.124426][T18464] ? rw_verify_area+0xcf/0x6c0 [ 775.124453][T18464] vfs_read+0x8bc/0xcf0 [ 775.124485][T18464] ? __pfx___mutex_lock+0x10/0x10 [ 775.124518][T18464] ? __pfx_vfs_read+0x10/0x10 [ 775.124565][T18464] ksys_read+0x12a/0x250 [ 775.124592][T18464] ? __pfx_ksys_read+0x10/0x10 [ 775.124628][T18464] do_syscall_64+0xcd/0x490 [ 775.124663][T18464] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 775.124687][T18464] RIP: 0033:0x7f2c2878ebe9 [ 775.124707][T18464] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 775.124731][T18464] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 775.124754][T18464] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 775.124770][T18464] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000004 [ 775.124785][T18464] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 775.124799][T18464] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 775.124813][T18464] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 775.124843][T18464] [ 777.060763][T18485] netlink: 'syz.4.4663': attribute type 10 has an invalid length. [ 777.135292][T18485] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4663'. [ 777.681932][T18495] [U]  [ 777.685350][T18495] [U] [ 777.688609][T18495] [U] [ 777.691884][T18495] [U] [ 777.762592][T18495] [U] [ 777.765986][T18495] [U] [ 777.769232][T18495] [U] [ 777.772554][T18495] [U] [ 777.855759][T18495] [U] [ 777.859039][T18495] [U] [ 777.862273][T18495] [U] [ 777.865505][T18495] [U] [ 777.933584][T18495] [U] [ 777.936970][T18495] [U] [ 777.940203][T18495] [U] [ 777.943446][T18495] [U] [ 778.023864][T18495] [U] [ 778.027250][T18495] [U] [ 778.030488][T18495] [U] [ 778.033718][T18495] [U] [ 778.140473][T18495] [U] [ 778.143783][T18495] [U] [ 778.147028][T18495] [U] [ 778.150273][T18495] [U] [ 778.238048][T18495] [U] [ 778.241336][T18495] [U] [ 778.244574][T18495] [U] [ 778.247817][T18495] [U] [ 778.324991][T18495] [U] [ 778.328266][T18495] [U] [ 778.331516][T18495] [U] [ 778.334774][T18495] [U] [ 778.407565][T18495] [U] [ 778.410843][T18495] [U] [ 778.414095][T18495] [U] [ 778.417329][T18495] [U] [ 778.475327][T18495] [U] [ 778.478598][T18495] [U] [ 778.481834][T18495] [U] [ 778.485067][T18495] [U] [ 778.588529][T18495] [U] [ 778.591804][T18495] [U] [ 778.595059][T18495] [U] [ 778.598316][T18495] [U] [ 778.673161][T18495] [U] [ 778.676546][ C1] vcan0: j1939_tp_rxtimer: 0xffff88805cfdb800: rx timeout, send abort [ 778.686838][ C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88805cfdb800: 0x0ffff: (3) A timeout occurred and this is the connection abort to close the session. [ 779.804490][T18523] FAULT_INJECTION: forcing a failure. [ 779.804490][T18523] name failslab, interval 1, probability 0, space 0, times 0 [ 779.879572][T18523] CPU: 1 UID: 0 PID: 18523 Comm: syz.1.4676 Tainted: G I syzkaller #0 PREEMPT(full) [ 779.879610][T18523] Tainted: [I]=FIRMWARE_WORKAROUND [ 779.879619][T18523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 779.879634][T18523] Call Trace: [ 779.879641][T18523] [ 779.879650][T18523] dump_stack_lvl+0x16c/0x1f0 [ 779.879687][T18523] should_fail_ex+0x512/0x640 [ 779.879721][T18523] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 779.879755][T18523] should_failslab+0xc2/0x120 [ 779.879789][T18523] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 779.879820][T18523] ? __d_alloc+0x32/0xae0 [ 779.879855][T18523] __d_alloc+0x32/0xae0 [ 779.879889][T18523] d_alloc+0x4a/0x1e0 [ 779.879921][T18523] lookup_one_qstr_excl+0x175/0x250 [ 779.879959][T18523] ? mnt_want_write+0x161/0x450 [ 779.879983][T18523] do_renameat2+0x5aa/0xc50 [ 779.880024][T18523] ? __pfx_do_renameat2+0x10/0x10 [ 779.880060][T18523] ? find_held_lock+0x2b/0x80 [ 779.880082][T18523] ? __might_fault+0xe3/0x190 [ 779.880110][T18523] ? __might_fault+0x13b/0x190 [ 779.880152][T18523] ? getname_flags.part.0+0x1c5/0x550 [ 779.880197][T18523] __x64_sys_rename+0x7d/0xa0 [ 779.880232][T18523] do_syscall_64+0xcd/0x490 [ 779.880268][T18523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 779.880292][T18523] RIP: 0033:0x7f770758ebe9 [ 779.880311][T18523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 779.880335][T18523] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 779.880357][T18523] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 779.880372][T18523] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000200000000080 [ 779.880387][T18523] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 779.880401][T18523] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 779.880415][T18523] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 779.880444][T18523] [ 785.489820][T18615] FAULT_INJECTION: forcing a failure. [ 785.489820][T18615] name failslab, interval 1, probability 0, space 0, times 0 [ 785.584334][T18615] CPU: 1 UID: 0 PID: 18615 Comm: syz.1.4709 Tainted: G I syzkaller #0 PREEMPT(full) [ 785.584374][T18615] Tainted: [I]=FIRMWARE_WORKAROUND [ 785.584383][T18615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 785.584397][T18615] Call Trace: [ 785.584405][T18615] [ 785.584413][T18615] dump_stack_lvl+0x16c/0x1f0 [ 785.584450][T18615] should_fail_ex+0x512/0x640 [ 785.584485][T18615] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 785.584517][T18615] should_failslab+0xc2/0x120 [ 785.584550][T18615] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 785.584578][T18615] ? rcu_read_unlock+0x17/0x60 [ 785.584609][T18615] ? copy_pid_ns+0x2bf/0xce0 [ 785.584637][T18615] copy_pid_ns+0x2bf/0xce0 [ 785.584663][T18615] ? __pfx_copy_pid_ns+0x10/0x10 [ 785.584690][T18615] ? copy_mnt_ns+0xac/0xac0 [ 785.584720][T18615] ? trace_kmem_cache_alloc+0x28/0xc0 [ 785.584760][T18615] ? copy_ipcs+0xb6/0x610 [ 785.584791][T18615] create_new_namespaces+0x2aa/0xa90 [ 785.584826][T18615] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 785.584857][T18615] ksys_unshare+0x45b/0xa40 [ 785.584891][T18615] ? __pfx_ksys_unshare+0x10/0x10 [ 785.584926][T18615] ? xfd_validate_state+0x61/0x180 [ 785.584971][T18615] __x64_sys_unshare+0x31/0x40 [ 785.585004][T18615] do_syscall_64+0xcd/0x490 [ 785.585040][T18615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 785.585064][T18615] RIP: 0033:0x7f770758ebe9 [ 785.585082][T18615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 785.585106][T18615] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 785.585137][T18615] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 785.585154][T18615] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080 [ 785.585168][T18615] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 785.585182][T18615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 785.585200][T18615] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 785.585229][T18615] [ 787.574202][T18636] FAULT_INJECTION: forcing a failure. [ 787.574202][T18636] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 787.669823][T18636] CPU: 1 UID: 0 PID: 18636 Comm: syz.6.4717 Tainted: G I syzkaller #0 PREEMPT(full) [ 787.669863][T18636] Tainted: [I]=FIRMWARE_WORKAROUND [ 787.669872][T18636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 787.669886][T18636] Call Trace: [ 787.669895][T18636] [ 787.669904][T18636] dump_stack_lvl+0x16c/0x1f0 [ 787.669948][T18636] should_fail_ex+0x512/0x640 [ 787.669988][T18636] should_fail_alloc_page+0xe7/0x130 [ 787.670023][T18636] prepare_alloc_pages+0x3c2/0x610 [ 787.670060][T18636] ? rcu_is_watching+0x12/0xc0 [ 787.670087][T18636] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 787.670117][T18636] ? stack_depot_save_flags+0x29/0x9c0 [ 787.670156][T18636] ? __lock_acquire+0x62e/0x1ce0 [ 787.670195][T18636] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 787.670237][T18636] ? __lock_acquire+0x62e/0x1ce0 [ 787.670274][T18636] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 787.670313][T18636] ? policy_nodemask+0xea/0x4e0 [ 787.670348][T18636] alloc_pages_mpol+0x1fb/0x550 [ 787.670382][T18636] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 787.670417][T18636] ? __lock_acquire+0x62e/0x1ce0 [ 787.670452][T18636] folio_alloc_mpol_noprof+0x36/0x2f0 [ 787.670492][T18636] vma_alloc_folio_noprof+0xed/0x1e0 [ 787.670530][T18636] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 787.670577][T18636] do_pte_missing+0x2230/0x3ba0 [ 787.670603][T18636] ? find_held_lock+0x2b/0x80 [ 787.670635][T18636] __handle_mm_fault+0x152a/0x2a50 [ 787.670668][T18636] ? __pfx___handle_mm_fault+0x10/0x10 [ 787.670696][T18636] ? __pte_offset_map_lock+0x174/0x310 [ 787.670731][T18636] ? find_held_lock+0x2b/0x80 [ 787.670764][T18636] ? follow_page_pte.constprop.0+0x5cf/0x1390 [ 787.670809][T18636] handle_mm_fault+0x589/0xd10 [ 787.670841][T18636] __get_user_pages+0x551/0x34a0 [ 787.670890][T18636] ? __pfx___get_user_pages+0x10/0x10 [ 787.670936][T18636] populate_vma_page_range+0x267/0x3f0 [ 787.670987][T18636] ? __pfx_populate_vma_page_range+0x10/0x10 [ 787.671033][T18636] ? __pfx_find_vma_intersection+0x10/0x10 [ 787.671071][T18636] ? do_mmap+0x69c/0x1210 [ 787.671109][T18636] __mm_populate+0x1d8/0x380 [ 787.671150][T18636] ? __pfx___mm_populate+0x10/0x10 [ 787.671191][T18636] ? up_write+0x1b2/0x520 [ 787.671230][T18636] vm_mmap_pgoff+0x37f/0x470 [ 787.671270][T18636] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 787.671312][T18636] ? __x64_sys_futex+0x1e0/0x4c0 [ 787.671342][T18636] ? __x64_sys_futex+0x1e9/0x4c0 [ 787.671377][T18636] ksys_mmap_pgoff+0x7d/0x5c0 [ 787.671411][T18636] ? xfd_validate_state+0x61/0x180 [ 787.671452][T18636] __x64_sys_mmap+0x125/0x190 [ 787.671494][T18636] do_syscall_64+0xcd/0x490 [ 787.671531][T18636] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 787.671557][T18636] RIP: 0033:0x7f312478ebe9 [ 787.671577][T18636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 787.671600][T18636] RSP: 002b:00007f3125577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 787.671624][T18636] RAX: ffffffffffffffda RBX: 00007f31249b5fa0 RCX: 00007f312478ebe9 [ 787.671640][T18636] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 787.671655][T18636] RBP: 00007f3124811e19 R08: 0000000000000002 R09: 0000000000008000 [ 787.671671][T18636] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 787.671686][T18636] R13: 00007f31249b6038 R14: 00007f31249b5fa0 R15: 00007ffd0cf78e38 [ 787.671716][T18636] [ 788.495692][T18641] netlink: 18 bytes leftover after parsing attributes in process `syz.4.4720'. [ 790.911548][T18669] tipc: Started in network mode [ 790.933366][T18669] tipc: Node identity ee00, cluster identity 4711 [ 790.977359][T18669] tipc: Node number set to 60928 [ 791.046138][T18668] delete_channel: no stack [ 792.137130][T18690] FAULT_INJECTION: forcing a failure. [ 792.137130][T18690] name failslab, interval 1, probability 0, space 0, times 0 [ 792.296623][T18690] CPU: 1 UID: 0 PID: 18690 Comm: syz.0.4735 Tainted: G I syzkaller #0 PREEMPT(full) [ 792.296672][T18690] Tainted: [I]=FIRMWARE_WORKAROUND [ 792.296682][T18690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 792.296697][T18690] Call Trace: [ 792.296706][T18690] [ 792.296715][T18690] dump_stack_lvl+0x16c/0x1f0 [ 792.296752][T18690] should_fail_ex+0x512/0x640 [ 792.296787][T18690] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 792.296821][T18690] should_failslab+0xc2/0x120 [ 792.296854][T18690] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 792.296884][T18690] ? __d_alloc+0x32/0xae0 [ 792.296920][T18690] __d_alloc+0x32/0xae0 [ 792.296954][T18690] d_alloc+0x4a/0x1e0 [ 792.296987][T18690] lookup_one_qstr_excl+0x175/0x250 [ 792.297026][T18690] ? mnt_want_write+0x161/0x450 [ 792.297051][T18690] do_renameat2+0x5aa/0xc50 [ 792.297093][T18690] ? __pfx_do_renameat2+0x10/0x10 [ 792.297130][T18690] ? find_held_lock+0x2b/0x80 [ 792.297153][T18690] ? __might_fault+0xe3/0x190 [ 792.297182][T18690] ? __might_fault+0x13b/0x190 [ 792.297224][T18690] ? getname_flags.part.0+0x1c5/0x550 [ 792.297270][T18690] __x64_sys_rename+0x7d/0xa0 [ 792.297305][T18690] do_syscall_64+0xcd/0x490 [ 792.297341][T18690] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 792.297366][T18690] RIP: 0033:0x7f2c2878ebe9 [ 792.297385][T18690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 792.297408][T18690] RSP: 002b:00007f2c2951a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 792.297431][T18690] RAX: ffffffffffffffda RBX: 00007f2c289b6090 RCX: 00007f2c2878ebe9 [ 792.297448][T18690] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000200000000080 [ 792.297463][T18690] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 792.297478][T18690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 792.297493][T18690] R13: 00007f2c289b6128 R14: 00007f2c289b6090 R15: 00007ffe09fd3848 [ 792.297523][T18690] [ 793.821237][T18708] Console: switching to colour frame buffer device 14x6 [ 794.970304][T18725] [U] - [ 794.996152][T18725] [U] [ 795.029522][T18725] [U] S¬õµ [ 795.968018][T18742] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4757'. [ 796.140839][T18742] syz_tun (unregistering): left allmulticast mode [ 796.174817][T18742] syz_tun (unregistering): left promiscuous mode [ 796.222246][T18742] bridge0: port 3(syz_tun) entered disabled state [ 798.568959][T18783] FAULT_INJECTION: forcing a failure. [ 798.568959][T18783] name failslab, interval 1, probability 0, space 0, times 0 [ 798.712772][T18783] CPU: 1 UID: 0 PID: 18783 Comm: syz.6.4772 Tainted: G I syzkaller #0 PREEMPT(full) [ 798.712813][T18783] Tainted: [I]=FIRMWARE_WORKAROUND [ 798.712823][T18783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 798.712838][T18783] Call Trace: [ 798.712846][T18783] [ 798.712855][T18783] dump_stack_lvl+0x16c/0x1f0 [ 798.712892][T18783] should_fail_ex+0x512/0x640 [ 798.712927][T18783] ? kmem_cache_alloc_bulk_noprof+0x6d/0xbc0 [ 798.712961][T18783] should_failslab+0xc2/0x120 [ 798.712996][T18783] kmem_cache_alloc_bulk_noprof+0x85/0xbc0 [ 798.713031][T18783] ? trace_kmem_cache_alloc+0x28/0xc0 [ 798.713068][T18783] ? kmem_cache_alloc_noprof+0x21e/0x3b0 [ 798.713096][T18783] ? register_lock_class+0x41/0x4c0 [ 798.713131][T18783] ? mas_dup_build.constprop.0+0x5f3/0x1740 [ 798.713169][T18783] ? mas_dup_build.constprop.0+0xc52/0x1740 [ 798.713208][T18783] mas_dup_build.constprop.0+0xc52/0x1740 [ 798.713248][T18783] ? __lock_acquire+0x62e/0x1ce0 [ 798.713283][T18783] __mt_dup+0xeb/0x1f0 [ 798.713313][T18783] ? __pfx___mt_dup+0x10/0x10 [ 798.713375][T18783] dup_mmap+0x373/0x21d0 [ 798.713424][T18783] ? __pfx_dup_mmap+0x10/0x10 [ 798.713485][T18783] copy_process+0x4081/0x7690 [ 798.713518][T18783] ? __pfx___futex_wait+0x10/0x10 [ 798.713553][T18783] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 798.713593][T18783] ? __pfx_copy_process+0x10/0x10 [ 798.713624][T18783] ? futex_private_hash_put+0x176/0x300 [ 798.713657][T18783] ? futex_private_hash_put+0x18a/0x300 [ 798.713692][T18783] kernel_clone+0xfc/0x930 [ 798.713725][T18783] ? __pfx_kernel_clone+0x10/0x10 [ 798.713774][T18783] __do_sys_clone+0xce/0x120 [ 798.713805][T18783] ? __pfx___do_sys_clone+0x10/0x10 [ 798.713851][T18783] ? xfd_validate_state+0x61/0x180 [ 798.713897][T18783] do_syscall_64+0xcd/0x490 [ 798.713933][T18783] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 798.713958][T18783] RIP: 0033:0x7f312478ebe9 [ 798.713994][T18783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 798.714019][T18783] RSP: 002b:00007f3125555fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 798.714042][T18783] RAX: ffffffffffffffda RBX: 00007f31249b6090 RCX: 00007f312478ebe9 [ 798.714058][T18783] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 798.714074][T18783] RBP: 00007f3124811e19 R08: 0000000000000000 R09: 0000000000000000 [ 798.714089][T18783] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 798.714104][T18783] R13: 00007f31249b6128 R14: 00007f31249b6090 R15: 00007ffd0cf78e38 [ 798.714135][T18783] [ 799.020867][ C1] vkms_vblank_simulate: vblank timer overrun [ 800.419276][T18794] sp0: Synchronizing with TNC [ 801.157416][T18806] Loading of unsigned module is rejected [ 801.710602][T18806] FAULT_INJECTION: forcing a failure. [ 801.710602][T18806] name failslab, interval 1, probability 0, space 0, times 0 [ 801.803799][T18806] CPU: 1 UID: 0 PID: 18806 Comm: syz.0.4788 Tainted: G I syzkaller #0 PREEMPT(full) [ 801.803840][T18806] Tainted: [I]=FIRMWARE_WORKAROUND [ 801.803850][T18806] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 801.803864][T18806] Call Trace: [ 801.803873][T18806] [ 801.803888][T18806] dump_stack_lvl+0x16c/0x1f0 [ 801.803925][T18806] should_fail_ex+0x512/0x640 [ 801.803960][T18806] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 801.803994][T18806] should_failslab+0xc2/0x120 [ 801.804027][T18806] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 801.804057][T18806] ? __kernfs_new_node+0xd2/0x8e0 [ 801.804093][T18806] __kernfs_new_node+0xd2/0x8e0 [ 801.804129][T18806] ? __pfx___kernfs_new_node+0x10/0x10 [ 801.804168][T18806] ? find_held_lock+0x2b/0x80 [ 801.804193][T18806] ? kernfs_root+0xee/0x2a0 [ 801.804230][T18806] kernfs_new_node+0x13c/0x1e0 [ 801.804271][T18806] __kernfs_create_file+0x53/0x350 [ 801.804299][T18806] sysfs_add_file_mode_ns+0x207/0x3c0 [ 801.804336][T18806] internal_create_group+0x578/0xf30 [ 801.804376][T18806] ? __pfx_internal_create_group+0x10/0x10 [ 801.804414][T18806] ? kernfs_create_link+0x1bd/0x240 [ 801.804444][T18806] internal_create_groups+0x9d/0x150 [ 801.804479][T18806] device_add+0x6d1/0x1aa0 [ 801.804505][T18806] ? __pfx_device_add+0x10/0x10 [ 801.804527][T18806] ? lockdep_init_map_type+0x5c/0x280 [ 801.804561][T18806] ? __init_waitqueue_head+0xca/0x150 [ 801.804607][T18806] netdev_register_kobject+0x1a9/0x3d0 [ 801.804652][T18806] register_netdevice+0x13dc/0x2270 [ 801.804694][T18806] ? __pfx_register_netdevice+0x10/0x10 [ 801.804740][T18806] internal_dev_create+0x2d3/0x520 [ 801.804784][T18806] ovs_vport_add+0x144/0x4d0 [ 801.804821][T18806] new_vport+0x16/0x1d0 [ 801.804848][T18806] ovs_dp_cmd_new+0x6ba/0xe60 [ 801.804936][T18806] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 801.804972][T18806] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 801.805015][T18806] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 801.805064][T18806] genl_family_rcv_msg_doit+0x206/0x2f0 [ 801.805106][T18806] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 801.805156][T18806] ? bpf_lsm_capable+0x9/0x10 [ 801.805178][T18806] ? security_capable+0x7e/0x260 [ 801.805204][T18806] ? ns_capable+0xd7/0x110 [ 801.805233][T18806] genl_rcv_msg+0x55c/0x800 [ 801.805275][T18806] ? __pfx_genl_rcv_msg+0x10/0x10 [ 801.805315][T18806] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 801.805355][T18806] netlink_rcv_skb+0x155/0x420 [ 801.805389][T18806] ? __pfx_genl_rcv_msg+0x10/0x10 [ 801.805430][T18806] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 801.805477][T18806] ? netlink_deliver_tap+0x1ae/0xd30 [ 801.805514][T18806] genl_rcv+0x28/0x40 [ 801.805548][T18806] netlink_unicast+0x5aa/0x870 [ 801.805587][T18806] ? __pfx_netlink_unicast+0x10/0x10 [ 801.805622][T18806] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 801.805655][T18806] ? __lock_acquire+0xb97/0x1ce0 [ 801.805695][T18806] netlink_sendmsg+0x8d1/0xdd0 [ 801.805734][T18806] ? __pfx_netlink_sendmsg+0x10/0x10 [ 801.805773][T18806] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 801.805804][T18806] ____sys_sendmsg+0xa95/0xc70 [ 801.805829][T18806] ? copy_msghdr_from_user+0x10a/0x160 [ 801.805863][T18806] ? __pfx_____sys_sendmsg+0x10/0x10 [ 801.805906][T18806] ___sys_sendmsg+0x134/0x1d0 [ 801.805941][T18806] ? __pfx____sys_sendmsg+0x10/0x10 [ 801.806012][T18806] __sys_sendmsg+0x16d/0x220 [ 801.806046][T18806] ? __pfx___sys_sendmsg+0x10/0x10 [ 801.806079][T18806] ? __x64_sys_futex+0x1e0/0x4c0 [ 801.806129][T18806] do_syscall_64+0xcd/0x490 [ 801.806165][T18806] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 801.806190][T18806] RIP: 0033:0x7f2c2878ebe9 [ 801.806210][T18806] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 801.806234][T18806] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 801.806257][T18806] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 801.806273][T18806] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005 [ 801.806289][T18806] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 801.806304][T18806] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 801.806318][T18806] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 801.806350][T18806] [ 804.306167][T18838] netlink: 334 bytes leftover after parsing attributes in process `syz.0.4792'. [ 805.606134][T18841] Process accounting resumed [ 806.141711][T18861] netlink: 'syz.6.4800': attribute type 17 has an invalid length. [ 806.205376][T18861] netlink: 326 bytes leftover after parsing attributes in process `syz.6.4800'. [ 807.041496][T18875] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4805'. [ 807.653821][T18883] sp0: Synchronizing with TNC [ 808.768680][T18903] FAULT_INJECTION: forcing a failure. [ 808.768680][T18903] name failslab, interval 1, probability 0, space 0, times 0 [ 808.941745][T18903] CPU: 1 UID: 0 PID: 18903 Comm: syz.1.4812 Tainted: G I syzkaller #0 PREEMPT(full) [ 808.941786][T18903] Tainted: [I]=FIRMWARE_WORKAROUND [ 808.941796][T18903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 808.941812][T18903] Call Trace: [ 808.941820][T18903] [ 808.941830][T18903] dump_stack_lvl+0x16c/0x1f0 [ 808.941871][T18903] should_fail_ex+0x512/0x640 [ 808.941906][T18903] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 808.941934][T18903] should_failslab+0xc2/0x120 [ 808.941967][T18903] __kmalloc_cache_noprof+0x6a/0x3e0 [ 808.941993][T18903] ? do_epoll_create+0x62/0x480 [ 808.942023][T18903] do_epoll_create+0x62/0x480 [ 808.942050][T18903] __x64_sys_epoll_create+0x45/0x70 [ 808.942077][T18903] do_syscall_64+0xcd/0x490 [ 808.942113][T18903] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 808.942137][T18903] RIP: 0033:0x7f770758ebe9 [ 808.942156][T18903] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 808.942181][T18903] RSP: 002b:00007f7708422038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5 [ 808.942204][T18903] RAX: ffffffffffffffda RBX: 00007f77077b6090 RCX: 00007f770758ebe9 [ 808.942221][T18903] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 808.942235][T18903] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 808.942251][T18903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 808.942265][T18903] R13: 00007f77077b6128 R14: 00007f77077b6090 R15: 00007ffcaad4ffe8 [ 808.942295][T18903] [ 809.631998][T18907] netlink: 244 bytes leftover after parsing attributes in process `syz.4.4816'. [ 809.735347][T18905] sp0: Synchronizing with TNC [ 809.893593][T18912] netlink: 330 bytes leftover after parsing attributes in process `syz.4.4818'. [ 810.196701][T18912] gretap0: refused to change device tx_queue_len [ 812.045287][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 812.053109][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 812.354315][T18945] mkiss: ax0: crc mode is auto. [ 812.813541][T18957] sp0: Synchronizing with TNC [ 813.569208][T18966] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4838'. [ 813.664723][T18968] netlink: 13 bytes leftover after parsing attributes in process `syz.1.4838'. [ 815.421929][T19000] FAULT_INJECTION: forcing a failure. [ 815.421929][T19000] name failslab, interval 1, probability 0, space 0, times 0 [ 815.479351][T19002] FAULT_INJECTION: forcing a failure. [ 815.479351][T19002] name fail_futex, interval 1, probability 0, space 0, times 0 [ 815.572516][T19002] CPU: 1 UID: 0 PID: 19002 Comm: syz.6.4849 Tainted: G I syzkaller #0 PREEMPT(full) [ 815.572557][T19002] Tainted: [I]=FIRMWARE_WORKAROUND [ 815.572566][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 815.572582][T19002] Call Trace: [ 815.572591][T19002] [ 815.572600][T19002] dump_stack_lvl+0x16c/0x1f0 [ 815.572638][T19002] should_fail_ex+0x512/0x640 [ 815.572678][T19002] get_futex_key+0x1d0/0x1560 [ 815.572732][T19002] ? __pfx_get_futex_key+0x10/0x10 [ 815.572771][T19002] futex_wake+0xea/0x530 [ 815.572808][T19002] ? rcu_is_watching+0x12/0xc0 [ 815.572834][T19002] ? __pfx_futex_wake+0x10/0x10 [ 815.572880][T19002] ? kmem_cache_free+0x2d1/0x4d0 [ 815.572906][T19002] ? fd_install+0x225/0x750 [ 815.572931][T19002] ? putname+0x154/0x1a0 [ 815.572970][T19002] do_futex+0x1e3/0x350 [ 815.573002][T19002] ? __pfx_do_futex+0x10/0x10 [ 815.573035][T19002] ? find_held_lock+0x2b/0x80 [ 815.573063][T19002] __x64_sys_futex+0x1e0/0x4c0 [ 815.573096][T19002] ? __x64_sys_openat+0x174/0x210 [ 815.573135][T19002] ? __pfx___x64_sys_futex+0x10/0x10 [ 815.573179][T19002] do_syscall_64+0xcd/0x490 [ 815.573215][T19002] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 815.573240][T19002] RIP: 0033:0x7f312478ebe9 [ 815.573260][T19002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 815.573284][T19002] RSP: 002b:00007f31255770e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 815.573308][T19002] RAX: ffffffffffffffda RBX: 00007f31249b5fa8 RCX: 00007f312478ebe9 [ 815.573324][T19002] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f31249b5fac [ 815.573339][T19002] RBP: 00007f31249b5fa0 R08: 00007f3125578000 R09: 0000000000000000 [ 815.573354][T19002] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000000000 [ 815.573369][T19002] R13: 00007f31249b6038 R14: 00007ffd0cf78d50 R15: 00007ffd0cf78e38 [ 815.573398][T19002] [ 816.062051][T19000] CPU: 1 UID: 0 PID: 19000 Comm: syz.1.4848 Tainted: G I syzkaller #0 PREEMPT(full) [ 816.062093][T19000] Tainted: [I]=FIRMWARE_WORKAROUND [ 816.062102][T19000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 816.062118][T19000] Call Trace: [ 816.062126][T19000] [ 816.062136][T19000] dump_stack_lvl+0x16c/0x1f0 [ 816.062179][T19000] should_fail_ex+0x512/0x640 [ 816.062213][T19000] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 816.062247][T19000] should_failslab+0xc2/0x120 [ 816.062279][T19000] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 816.062309][T19000] ? acpi_ut_create_generic_state+0x5c/0xb0 [ 816.062343][T19000] acpi_ut_create_generic_state+0x5c/0xb0 [ 816.062370][T19000] acpi_ps_init_scope+0x1a/0x1c0 [ 816.062404][T19000] acpi_ds_init_aml_walk+0x1d9/0x590 [ 816.062443][T19000] acpi_ps_execute_method+0x32d/0xb30 [ 816.062480][T19000] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 816.062523][T19000] acpi_ns_evaluate+0x76c/0xca0 [ 816.062560][T19000] ? kasan_save_track+0x14/0x30 [ 816.062592][T19000] acpi_evaluate_object+0x1fa/0xa90 [ 816.062621][T19000] ? avic_update_iommu_vcpu_affinity.constprop.0+0xee/0x140 [ 816.062650][T19000] ? do_syscall_64+0xcd/0x490 [ 816.062682][T19000] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.062708][T19000] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 816.062738][T19000] ? __mutex_trylock_common+0xe9/0x250 [ 816.062777][T19000] acpi_evaluate_integer+0xdd/0x200 [ 816.062803][T19000] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 816.062849][T19000] ? __pfx_status_show+0x10/0x10 [ 816.062879][T19000] status_show+0xa0/0x120 [ 816.062908][T19000] ? __pfx_status_show+0x10/0x10 [ 816.062947][T19000] dev_attr_show+0x53/0xe0 [ 816.062987][T19000] ? __pfx_dev_attr_show+0x10/0x10 [ 816.063023][T19000] sysfs_kf_seq_show+0x216/0x3e0 [ 816.063056][T19000] seq_read_iter+0x509/0x12c0 [ 816.063082][T19000] ? __mutex_trylock_common+0xe9/0x250 [ 816.063125][T19000] kernfs_fop_read_iter+0x40f/0x5a0 [ 816.063148][T19000] ? rw_verify_area+0xcf/0x6c0 [ 816.063176][T19000] vfs_read+0x8bc/0xcf0 [ 816.063213][T19000] ? __pfx___mutex_lock+0x10/0x10 [ 816.063248][T19000] ? __pfx_vfs_read+0x10/0x10 [ 816.063295][T19000] ksys_read+0x12a/0x250 [ 816.063323][T19000] ? __pfx_ksys_read+0x10/0x10 [ 816.063361][T19000] do_syscall_64+0xcd/0x490 [ 816.063397][T19000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 816.063421][T19000] RIP: 0033:0x7f770758ebe9 [ 816.063441][T19000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 816.063465][T19000] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 816.063488][T19000] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 816.063504][T19000] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000003 [ 816.063520][T19000] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 816.063535][T19000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 816.063550][T19000] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 816.063581][T19000] [ 818.456181][T19033] FAULT_INJECTION: forcing a failure. [ 818.456181][T19033] name failslab, interval 1, probability 0, space 0, times 0 [ 818.538673][T19033] CPU: 1 UID: 0 PID: 19033 Comm: syz.6.4858 Tainted: G I syzkaller #0 PREEMPT(full) [ 818.538714][T19033] Tainted: [I]=FIRMWARE_WORKAROUND [ 818.538723][T19033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 818.538737][T19033] Call Trace: [ 818.538746][T19033] [ 818.538756][T19033] dump_stack_lvl+0x16c/0x1f0 [ 818.538792][T19033] should_fail_ex+0x512/0x640 [ 818.538827][T19033] ? __kmalloc_noprof+0xbf/0x510 [ 818.538858][T19033] ? __netif_set_xps_queue+0x80f/0x22d0 [ 818.538894][T19033] should_failslab+0xc2/0x120 [ 818.538927][T19033] __kmalloc_noprof+0xd2/0x510 [ 818.538963][T19033] __netif_set_xps_queue+0x80f/0x22d0 [ 818.539019][T19033] xps_rxqs_store+0x238/0x320 [ 818.539053][T19033] ? __pfx_xps_rxqs_store+0x10/0x10 [ 818.539082][T19033] netdev_queue_attr_store+0x61/0x90 [ 818.539121][T19033] ? __pfx_netdev_queue_attr_store+0x10/0x10 [ 818.539161][T19033] sysfs_kf_write+0xf2/0x150 [ 818.539191][T19033] kernfs_fop_write_iter+0x354/0x510 [ 818.539214][T19033] ? __pfx_sysfs_kf_write+0x10/0x10 [ 818.539244][T19033] do_iter_readv_writev+0x65f/0x9e0 [ 818.539275][T19033] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 818.539319][T19033] vfs_writev+0x35f/0xde0 [ 818.539362][T19033] ? __pfx_vfs_writev+0x10/0x10 [ 818.539412][T19033] ? __fget_files+0x20e/0x3c0 [ 818.539447][T19033] ? do_pwritev+0x1a6/0x270 [ 818.539472][T19033] do_pwritev+0x1a6/0x270 [ 818.539500][T19033] ? __pfx_do_pwritev+0x10/0x10 [ 818.539536][T19033] do_syscall_64+0xcd/0x490 [ 818.539572][T19033] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 818.539598][T19033] RIP: 0033:0x7f312478ebe9 [ 818.539617][T19033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 818.539649][T19033] RSP: 002b:00007f3125577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000128 [ 818.539672][T19033] RAX: ffffffffffffffda RBX: 00007f31249b5fa0 RCX: 00007f312478ebe9 [ 818.539688][T19033] RDX: 0000000000000005 RSI: 0000200000001000 RDI: 0000000000000003 [ 818.539707][T19033] RBP: 00007f3124811e19 R08: 0000000000000009 R09: 0000000000000000 [ 818.539721][T19033] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000 [ 818.539736][T19033] R13: 00007f31249b6038 R14: 00007f31249b5fa0 R15: 00007ffd0cf78e38 [ 818.539768][T19033] [ 819.545275][T19040] netlink: 'syz.6.4860': attribute type 29 has an invalid length. [ 820.242570][T19023] Bluetooth: hci4: Opcode 0x0c1a failed: -110 [ 820.250689][T19023] CPU0 is offline. [ 820.257614][ T51] Bluetooth: hci4: command 0x0c1a tx timeout [ 820.334285][T19050] netlink: 25 bytes leftover after parsing attributes in process `syz.0.4864'. [ 820.643077][T19055] openvswitch: netlink: IP tunnel dst address not specified [ 822.318636][T19086] FAULT_INJECTION: forcing a failure. [ 822.318636][T19086] name failslab, interval 1, probability 0, space 0, times 0 [ 822.430415][T19086] CPU: 1 UID: 0 PID: 19086 Comm: syz.0.4877 Tainted: G I syzkaller #0 PREEMPT(full) [ 822.430455][T19086] Tainted: [I]=FIRMWARE_WORKAROUND [ 822.430465][T19086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 822.430480][T19086] Call Trace: [ 822.430489][T19086] [ 822.430498][T19086] dump_stack_lvl+0x16c/0x1f0 [ 822.430535][T19086] should_fail_ex+0x512/0x640 [ 822.430571][T19086] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 822.430605][T19086] should_failslab+0xc2/0x120 [ 822.430639][T19086] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 822.430670][T19086] ? __alloc_skb+0x2b2/0x380 [ 822.430705][T19086] __alloc_skb+0x2b2/0x380 [ 822.430737][T19086] ? __pfx___alloc_skb+0x10/0x10 [ 822.430779][T19086] tipc_buf_acquire+0x26/0xe0 [ 822.430804][T19086] tipc_msg_build+0x112/0x1150 [ 822.430837][T19086] ? __pfx_tipc_msg_build+0x10/0x10 [ 822.430868][T19086] ? __pfx_aa_label_sk_perm+0x10/0x10 [ 822.430908][T19086] __tipc_sendmsg+0xa30/0x19a0 [ 822.430941][T19086] ? __pfx___tipc_sendmsg+0x10/0x10 [ 822.430981][T19086] ? __lock_acquire+0xb97/0x1ce0 [ 822.431022][T19086] ? __pfx_woken_wake_function+0x10/0x10 [ 822.431078][T19086] ? __local_bh_enable_ip+0xa4/0x120 [ 822.431111][T19086] tipc_sendmsg+0x4f/0x70 [ 822.431134][T19086] sock_write_iter+0x4ff/0x5b0 [ 822.431159][T19086] ? __pfx_sock_write_iter+0x10/0x10 [ 822.431194][T19086] ? __futex_wait+0x24c/0x2f0 [ 822.431231][T19086] ? copy_iovec_from_user+0x131/0x170 [ 822.431274][T19086] do_iter_readv_writev+0x65f/0x9e0 [ 822.431304][T19086] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 822.431336][T19086] ? bpf_lsm_file_permission+0x9/0x10 [ 822.431379][T19086] ? security_file_permission+0x71/0x210 [ 822.431415][T19086] ? rw_verify_area+0xcf/0x6c0 [ 822.431442][T19086] vfs_writev+0x35f/0xde0 [ 822.431472][T19086] ? __lock_acquire+0x62e/0x1ce0 [ 822.431507][T19086] ? __pfx_vfs_writev+0x10/0x10 [ 822.431554][T19086] ? __fget_files+0x20e/0x3c0 [ 822.431588][T19086] ? do_writev+0x28c/0x340 [ 822.431612][T19086] do_writev+0x28c/0x340 [ 822.431638][T19086] ? __pfx_do_writev+0x10/0x10 [ 822.431673][T19086] do_syscall_64+0xcd/0x490 [ 822.431709][T19086] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 822.431734][T19086] RIP: 0033:0x7f2c2878ebe9 [ 822.431754][T19086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 822.431778][T19086] RSP: 002b:00007f2c2953b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 822.431802][T19086] RAX: ffffffffffffffda RBX: 00007f2c289b5fa0 RCX: 00007f2c2878ebe9 [ 822.431819][T19086] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 822.431834][T19086] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 822.431849][T19086] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 822.431863][T19086] R13: 00007f2c289b6038 R14: 00007f2c289b5fa0 R15: 00007ffe09fd3848 [ 822.431894][T19086] [ 823.200116][T19088] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 824.594540][T19108] netlink: 'syz.6.4883': attribute type 16 has an invalid length. [ 824.681987][T19108] netlink: 'syz.6.4883': attribute type 17 has an invalid length. [ 824.754783][T19108] netlink: 'syz.6.4883': attribute type 19 has an invalid length. [ 824.812181][T19108] netlink: 102 bytes leftover after parsing attributes in process `syz.6.4883'. [ 826.346303][T19135] FAULT_INJECTION: forcing a failure. [ 826.346303][T19135] name failslab, interval 1, probability 0, space 0, times 0 [ 826.375413][T19137] netlink: 146 bytes leftover after parsing attributes in process `syz.4.4893'. [ 826.540290][T19139] FAULT_INJECTION: forcing a failure. [ 826.540290][T19139] name failslab, interval 1, probability 0, space 0, times 0 [ 826.668625][T19139] CPU: 1 UID: 0 PID: 19139 Comm: syz.6.4894 Tainted: G I syzkaller #0 PREEMPT(full) [ 826.668665][T19139] Tainted: [I]=FIRMWARE_WORKAROUND [ 826.668674][T19139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 826.668689][T19139] Call Trace: [ 826.668698][T19139] [ 826.668708][T19139] dump_stack_lvl+0x16c/0x1f0 [ 826.668746][T19139] should_fail_ex+0x512/0x640 [ 826.668781][T19139] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 826.668815][T19139] should_failslab+0xc2/0x120 [ 826.668848][T19139] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 826.668879][T19139] ? __d_alloc+0x32/0xae0 [ 826.668913][T19139] __d_alloc+0x32/0xae0 [ 826.668948][T19139] d_alloc_parallel+0x111/0x1480 [ 826.668996][T19139] ? register_lock_class+0x41/0x4c0 [ 826.669030][T19139] ? __lock_acquire+0xb97/0x1ce0 [ 826.669063][T19139] ? __pfx_d_alloc_parallel+0x10/0x10 [ 826.669106][T19139] ? lockdep_init_map_type+0x5c/0x280 [ 826.669147][T19139] ? lockdep_init_map_type+0x5c/0x280 [ 826.669186][T19139] __lookup_slow+0x193/0x460 [ 826.669225][T19139] ? __pfx___lookup_slow+0x10/0x10 [ 826.669285][T19139] ? lookup_fast+0x156/0x610 [ 826.669314][T19139] walk_component+0x353/0x5b0 [ 826.669341][T19139] link_path_walk+0x627/0xe20 [ 826.669377][T19139] path_lookupat+0x15a/0x6d0 [ 826.669403][T19139] ? __lock_acquire+0xb97/0x1ce0 [ 826.669437][T19139] filename_lookup+0x224/0x5f0 [ 826.669468][T19139] ? __pfx_filename_lookup+0x10/0x10 [ 826.669521][T19139] ? getname_flags.part.0+0x1c5/0x550 [ 826.669566][T19139] user_path_at+0x3a/0x60 [ 826.669593][T19139] vfs_open_tree+0x2ca/0x910 [ 826.669622][T19139] ? __pfx___rseq_handle_notify_resume+0x10/0x10 [ 826.669658][T19139] ? __pfx_vfs_open_tree+0x10/0x10 [ 826.669688][T19139] ? xfd_validate_state+0x61/0x180 [ 826.669731][T19139] __x64_sys_open_tree+0x84/0x130 [ 826.669764][T19139] do_syscall_64+0xcd/0x490 [ 826.669801][T19139] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 826.669826][T19139] RIP: 0033:0x7f312478ebe9 [ 826.669846][T19139] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 826.669871][T19139] RSP: 002b:00007f3125577038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 826.669893][T19139] RAX: ffffffffffffffda RBX: 00007f31249b5fa0 RCX: 00007f312478ebe9 [ 826.669909][T19139] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 826.669925][T19139] RBP: 00007f3124811e19 R08: 0000000000000000 R09: 0000000000000000 [ 826.669940][T19139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 826.669954][T19139] R13: 00007f31249b6038 R14: 00007f31249b5fa0 R15: 00007ffd0cf78e38 [ 826.669985][T19139] [ 827.342118][T19135] CPU: 1 UID: 0 PID: 19135 Comm: syz.0.4892 Tainted: G I syzkaller #0 PREEMPT(full) [ 827.342158][T19135] Tainted: [I]=FIRMWARE_WORKAROUND [ 827.342168][T19135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 827.342183][T19135] Call Trace: [ 827.342192][T19135] [ 827.342202][T19135] dump_stack_lvl+0x16c/0x1f0 [ 827.342238][T19135] should_fail_ex+0x512/0x640 [ 827.342273][T19135] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 827.342311][T19135] ? __pfx_clk_summary_open+0x10/0x10 [ 827.342344][T19135] should_failslab+0xc2/0x120 [ 827.342376][T19135] __kmalloc_cache_noprof+0x6a/0x3e0 [ 827.342402][T19135] ? __pfx___debugfs_file_get+0x10/0x10 [ 827.342440][T19135] ? single_open+0x4d/0x1f0 [ 827.342476][T19135] ? __pfx_apparmor_file_open+0x10/0x10 [ 827.342505][T19135] ? __pfx_clk_summary_open+0x10/0x10 [ 827.342536][T19135] ? __pfx_clk_summary_show+0x10/0x10 [ 827.342562][T19135] single_open+0x4d/0x1f0 [ 827.342599][T19135] full_proxy_open_regular+0x1b6/0x360 [ 827.342625][T19135] do_dentry_open+0x982/0x1530 [ 827.342657][T19135] ? __pfx_full_proxy_open_regular+0x10/0x10 [ 827.342687][T19135] vfs_open+0x82/0x3f0 [ 827.342727][T19135] path_openat+0x1de4/0x2cb0 [ 827.342765][T19135] ? __pfx_path_openat+0x10/0x10 [ 827.342802][T19135] do_filp_open+0x20b/0x470 [ 827.342832][T19135] ? __pfx_do_filp_open+0x10/0x10 [ 827.342882][T19135] ? alloc_fd+0x471/0x7d0 [ 827.342915][T19135] do_sys_openat2+0x11b/0x1d0 [ 827.342953][T19135] ? __pfx_do_sys_openat2+0x10/0x10 [ 827.342999][T19135] ? find_held_lock+0x2b/0x80 [ 827.343032][T19135] __x64_sys_openat+0x174/0x210 [ 827.343071][T19135] ? __pfx___x64_sys_openat+0x10/0x10 [ 827.343121][T19135] do_syscall_64+0xcd/0x490 [ 827.343157][T19135] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 827.343182][T19135] RIP: 0033:0x7f2c2878ebe9 [ 827.343202][T19135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 827.343227][T19135] RSP: 002b:00007f2c269f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 827.343250][T19135] RAX: ffffffffffffffda RBX: 00007f2c289b6180 RCX: 00007f2c2878ebe9 [ 827.343266][T19135] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 827.343282][T19135] RBP: 00007f2c28811e19 R08: 0000000000000000 R09: 0000000000000000 [ 827.343297][T19135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 827.343312][T19135] R13: 00007f2c289b6218 R14: 00007f2c289b6180 R15: 00007ffe09fd3848 [ 827.343343][T19135] [ 830.765666][T19178] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4907'. [ 835.075314][T19230] netlink: 'syz.0.4923': attribute type 16 has an invalid length. [ 835.132672][T19230] netlink: 'syz.0.4923': attribute type 17 has an invalid length. [ 835.203932][T19230] netlink: 'syz.0.4923': attribute type 19 has an invalid length. [ 835.285239][T19230] netlink: 'syz.0.4923': attribute type 27 has an invalid length. [ 835.349256][T19230] netlink: 'syz.0.4923': attribute type 28 has an invalid length. [ 835.440536][T19230] netlink: 'syz.0.4923': attribute type 29 has an invalid length. [ 835.502287][T19230] netlink: 'syz.0.4923': attribute type 30 has an invalid length. [ 835.563053][T19230] netlink: 'syz.0.4923': attribute type 31 has an invalid length. [ 835.624774][T19230] netlink: 2 bytes leftover after parsing attributes in process `syz.0.4923'. [ 835.864325][T19233] Process accounting paused [ 836.430064][T19254] lo: entered allmulticast mode [ 836.513889][T19255] lo: left allmulticast mode [ 838.326010][T19283] FAULT_INJECTION: forcing a failure. [ 838.326010][T19283] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 838.435228][T19283] CPU: 1 UID: 0 PID: 19283 Comm: syz.1.4941 Tainted: G I syzkaller #0 PREEMPT(full) [ 838.435275][T19283] Tainted: [I]=FIRMWARE_WORKAROUND [ 838.435284][T19283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 838.435299][T19283] Call Trace: [ 838.435308][T19283] [ 838.435319][T19283] dump_stack_lvl+0x16c/0x1f0 [ 838.435355][T19283] should_fail_ex+0x512/0x640 [ 838.435396][T19283] should_fail_alloc_page+0xe7/0x130 [ 838.435432][T19283] prepare_alloc_pages+0x3c2/0x610 [ 838.435469][T19283] ? rcu_is_watching+0x12/0xc0 [ 838.435497][T19283] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 838.435532][T19283] ? rcu_is_watching+0x12/0xc0 [ 838.435556][T19283] ? trace_mm_page_alloc+0x11f/0x1a0 [ 838.435596][T19283] ? __alloc_frozen_pages_noprof+0x294/0x23f0 [ 838.435626][T19283] ? stack_trace_save+0x8e/0xc0 [ 838.435655][T19283] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 838.435696][T19283] ? kmem_cache_alloc_node_noprof+0x1d5/0x3b0 [ 838.435725][T19283] ? __get_vm_area_node+0x1ca/0x330 [ 838.435761][T19283] ? __vmalloc_node_noprof+0xad/0xf0 [ 838.435782][T19283] ? n_tty_open+0x1a/0x170 [ 838.435818][T19283] ? tty_ldisc_open+0x9f/0x120 [ 838.435844][T19283] ? tty_ldisc_setup+0x87/0x100 [ 838.435871][T19283] ? tty_init_dev.part.0+0x1ec/0x500 [ 838.435905][T19283] ? tty_open+0xa50/0xf90 [ 838.435937][T19283] ? chrdev_open+0x234/0x6a0 [ 838.435970][T19283] ? __x64_sys_openat+0x174/0x210 [ 838.436008][T19283] ? do_syscall_64+0xcd/0x490 [ 838.436040][T19283] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 838.436070][T19283] alloc_pages_bulk_noprof+0x71c/0x1410 [ 838.436104][T19283] ? policy_nodemask+0xea/0x4e0 [ 838.436139][T19283] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 838.436172][T19283] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 838.436218][T19283] kasan_populate_vmalloc+0xf1/0x1f0 [ 838.436259][T19283] alloc_vmap_area+0x959/0x29c0 [ 838.436308][T19283] ? __pfx_alloc_vmap_area+0x10/0x10 [ 838.436353][T19283] __get_vm_area_node+0x1ca/0x330 [ 838.436397][T19283] __vmalloc_node_range_noprof+0x271/0x14b0 [ 838.436423][T19283] ? n_tty_open+0x1a/0x170 [ 838.436469][T19283] ? __lock_acquire+0xb97/0x1ce0 [ 838.436503][T19283] ? n_tty_open+0x1a/0x170 [ 838.436548][T19283] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 838.436576][T19283] ? find_held_lock+0x2b/0x80 [ 838.436600][T19283] ? n_tty_open+0x12b/0x170 [ 838.436640][T19283] ? n_tty_open+0x1a/0x170 [ 838.436676][T19283] __vmalloc_node_noprof+0xad/0xf0 [ 838.436699][T19283] ? n_tty_open+0x1a/0x170 [ 838.436739][T19283] ? __pfx_n_tty_open+0x10/0x10 [ 838.436782][T19283] n_tty_open+0x1a/0x170 [ 838.436818][T19283] ? __pfx_n_tty_open+0x10/0x10 [ 838.436855][T19283] tty_ldisc_open+0x9f/0x120 [ 838.436884][T19283] tty_ldisc_setup+0x87/0x100 [ 838.436915][T19283] tty_init_dev.part.0+0x1ec/0x500 [ 838.436953][T19283] tty_open+0xa50/0xf90 [ 838.436994][T19283] ? __pfx_tty_open+0x10/0x10 [ 838.437029][T19283] ? chrdev_open+0x58c/0x6a0 [ 838.437065][T19283] ? __pfx_tty_open+0x10/0x10 [ 838.437099][T19283] chrdev_open+0x234/0x6a0 [ 838.437132][T19283] ? __pfx_chrdev_open+0x10/0x10 [ 838.437165][T19283] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 838.437199][T19283] do_dentry_open+0x982/0x1530 [ 838.437230][T19283] ? __pfx_chrdev_open+0x10/0x10 [ 838.437274][T19283] vfs_open+0x82/0x3f0 [ 838.437315][T19283] path_openat+0x1de4/0x2cb0 [ 838.437355][T19283] ? __pfx_path_openat+0x10/0x10 [ 838.437392][T19283] do_filp_open+0x20b/0x470 [ 838.437422][T19283] ? __pfx_do_filp_open+0x10/0x10 [ 838.437474][T19283] ? alloc_fd+0x471/0x7d0 [ 838.437508][T19283] do_sys_openat2+0x11b/0x1d0 [ 838.437545][T19283] ? __pfx_do_sys_openat2+0x10/0x10 [ 838.437595][T19283] __x64_sys_openat+0x174/0x210 [ 838.437634][T19283] ? __pfx___x64_sys_openat+0x10/0x10 [ 838.437685][T19283] do_syscall_64+0xcd/0x490 [ 838.437722][T19283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 838.437746][T19283] RIP: 0033:0x7f770758ebe9 [ 838.437765][T19283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 838.437790][T19283] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 838.437813][T19283] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 838.437830][T19283] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 838.437845][T19283] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 838.437861][T19283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 838.437875][T19283] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 838.437906][T19283] [ 840.066626][T19291] netlink: 334 bytes leftover after parsing attributes in process `syz.4.4944'. [ 840.459674][T19298] netlink: 342 bytes leftover after parsing attributes in process `syz.0.4945'. [ 840.959279][T19307] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 841.528218][T19283] syz.1.4941: vmalloc error: size 9128, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 841.656287][T19283] CPU: 1 UID: 0 PID: 19283 Comm: syz.1.4941 Tainted: G I syzkaller #0 PREEMPT(full) [ 841.656328][T19283] Tainted: [I]=FIRMWARE_WORKAROUND [ 841.656339][T19283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 841.656355][T19283] Call Trace: [ 841.656364][T19283] [ 841.656373][T19283] dump_stack_lvl+0x16c/0x1f0 [ 841.656411][T19283] warn_alloc+0x248/0x3a0 [ 841.656443][T19283] ? __pfx_warn_alloc+0x10/0x10 [ 841.656475][T19283] ? kfree+0x2b4/0x4d0 [ 841.656504][T19283] ? __get_vm_area_node+0x208/0x330 [ 841.656554][T19283] __vmalloc_node_range_noprof+0xb2d/0x14b0 [ 841.656585][T19283] ? __lock_acquire+0xb97/0x1ce0 [ 841.656620][T19283] ? n_tty_open+0x1a/0x170 [ 841.656666][T19283] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 841.656694][T19283] ? find_held_lock+0x2b/0x80 [ 841.656719][T19283] ? n_tty_open+0x12b/0x170 [ 841.656758][T19283] ? n_tty_open+0x1a/0x170 [ 841.656794][T19283] __vmalloc_node_noprof+0xad/0xf0 [ 841.656817][T19283] ? n_tty_open+0x1a/0x170 [ 841.656854][T19283] ? __pfx_n_tty_open+0x10/0x10 [ 841.656893][T19283] n_tty_open+0x1a/0x170 [ 841.656936][T19283] ? __pfx_n_tty_open+0x10/0x10 [ 841.656974][T19283] tty_ldisc_open+0x9f/0x120 [ 841.657004][T19283] tty_ldisc_setup+0x87/0x100 [ 841.657035][T19283] tty_init_dev.part.0+0x1ec/0x500 [ 841.657074][T19283] tty_open+0xa50/0xf90 [ 841.657115][T19283] ? __pfx_tty_open+0x10/0x10 [ 841.657150][T19283] ? chrdev_open+0x58c/0x6a0 [ 841.657185][T19283] ? __pfx_tty_open+0x10/0x10 [ 841.657220][T19283] chrdev_open+0x234/0x6a0 [ 841.657252][T19283] ? __pfx_chrdev_open+0x10/0x10 [ 841.657286][T19283] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 841.657320][T19283] do_dentry_open+0x982/0x1530 [ 841.657351][T19283] ? __pfx_chrdev_open+0x10/0x10 [ 841.657389][T19283] vfs_open+0x82/0x3f0 [ 841.657429][T19283] path_openat+0x1de4/0x2cb0 [ 841.657469][T19283] ? __pfx_path_openat+0x10/0x10 [ 841.657506][T19283] do_filp_open+0x20b/0x470 [ 841.657536][T19283] ? __pfx_do_filp_open+0x10/0x10 [ 841.657587][T19283] ? alloc_fd+0x471/0x7d0 [ 841.657622][T19283] do_sys_openat2+0x11b/0x1d0 [ 841.657659][T19283] ? __pfx_do_sys_openat2+0x10/0x10 [ 841.657709][T19283] __x64_sys_openat+0x174/0x210 [ 841.657748][T19283] ? __pfx___x64_sys_openat+0x10/0x10 [ 841.657799][T19283] do_syscall_64+0xcd/0x490 [ 841.657836][T19283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 841.657860][T19283] RIP: 0033:0x7f770758ebe9 [ 841.657881][T19283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 841.657905][T19283] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 841.657936][T19283] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 841.657953][T19283] RDX: 0000000000040001 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 841.657969][T19283] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 841.657984][T19283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 841.657999][T19283] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 841.658031][T19283] [ 842.028206][T19283] Mem-Info: [ 842.032921][T19283] active_anon:10975 inactive_anon:16902 isolated_anon:0 [ 842.032921][T19283] active_file:3144 inactive_file:56621 isolated_file:0 [ 842.032921][T19283] unevictable:768 dirty:458 writeback:0 [ 842.032921][T19283] slab_reclaimable:13747 slab_unreclaimable:96603 [ 842.032921][T19283] mapped:27568 shmem:18249 pagetables:1391 [ 842.032921][T19283] sec_pagetables:0 bounce:0 [ 842.032921][T19283] kernel_misc_reclaimable:0 [ 842.032921][T19283] free:1289671 free_pcp:15927 free_cma:0 [ 842.088874][T19283] Node 0 active_anon:43900kB inactive_anon:67608kB active_file:12576kB inactive_file:226344kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:110268kB dirty:1828kB writeback:0kB shmem:71460kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:11856kB pagetables:5384kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 842.128045][T19283] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:140kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:180kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 842.164261][T19283] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 842.199331][T19283] lowmem_reserve[]: 0 2480 2481 2481 2481 [ 842.206603][T19283] Node 0 DMA32 free:1244500kB boost:0kB min:34320kB low:42900kB high:51480kB reserved_highatomic:0KB free_highatomic:0KB active_anon:43852kB inactive_anon:67608kB active_file:12576kB inactive_file:225036kB unevictable:1536kB writepending:1828kB present:3129332kB managed:2539588kB mlocked:0kB bounce:0kB free_pcp:48524kB local_pcp:48524kB free_cma:0kB [ 842.246031][T19283] lowmem_reserve[]: 0 0 1 1 1 [ 842.251771][T19283] Node 0 Normal free:16kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1308kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 842.287202][T19283] lowmem_reserve[]: 0 0 0 0 0 [ 842.293230][T19283] Node 1 Normal free:3898808kB boost:0kB min:55560kB low:69448kB high:83336kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:140kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:15168kB local_pcp:15168kB free_cma:0kB [ 842.331590][T19283] lowmem_reserve[]: 0 0 0 0 0 [ 842.337322][T19283] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 842.352591][T19283] Node 0 DMA32: 3109*4kB (UME) 2992*8kB (UME) 1612*16kB (UME) 886*32kB (UME) 701*64kB (UME) 371*128kB (UME) 269*256kB (UME) 197*512kB (UM) 131*1024kB (UME) 2*2048kB (ME) 184*4096kB (UM) = 1244500kB [ 842.376495][T19283] Node 0 Normal: 0*4kB 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16kB [ 842.391245][T19283] Node 1 Normal: 198*4kB (UME) 62*8kB (UME) 51*16kB (UME) 236*32kB (UME) 94*64kB (UME) 23*128kB (UME) 7*256kB (UM) 3*512kB (UM) 2*1024kB (ME) 2*2048kB (ME) 945*4096kB (UM) = 3898808kB [ 842.428135][T19283] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 842.449827][T19283] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 842.470651][T19283] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 842.482648][T19283] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 842.494269][T19283] 77993 total pagecache pages [ 842.500069][T19283] 7 pages in swap cache [ 842.505131][T19283] Free swap = 124712kB [ 842.510229][T19283] Total swap = 124996kB [ 842.531767][T19283] 2097051 pages RAM [ 842.567275][T19283] 0 pages HighMem/MovableOnly [ 842.593949][T19283] 430192 pages reserved [ 842.607336][T19283] 0 pages cma reserved [ 842.626427][T19283] pty pty228: ldisc open failed (-12), clearing slot 228 [ 844.203789][T19351] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4971'. [ 844.545871][T19360] FAULT_INJECTION: forcing a failure. [ 844.545871][T19360] name fail_futex, interval 1, probability 0, space 0, times 0 [ 844.843013][T19360] CPU: 1 UID: 0 PID: 19360 Comm: syz.1.4964 Tainted: G I syzkaller #0 PREEMPT(full) [ 844.843053][T19360] Tainted: [I]=FIRMWARE_WORKAROUND [ 844.843063][T19360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 844.843078][T19360] Call Trace: [ 844.843086][T19360] [ 844.843095][T19360] dump_stack_lvl+0x16c/0x1f0 [ 844.843133][T19360] should_fail_ex+0x512/0x640 [ 844.843173][T19360] get_futex_key+0x1d0/0x1560 [ 844.843207][T19360] ? __pfx_get_futex_key+0x10/0x10 [ 844.843238][T19360] ? __pfx___schedule+0x10/0x10 [ 844.843266][T19360] ? trace_sched_set_need_resched_tp+0xf3/0x150 [ 844.843314][T19360] futex_wait_setup+0x9d/0x550 [ 844.843359][T19360] __futex_wait+0x194/0x2f0 [ 844.843398][T19360] ? __pfx___futex_wait+0x10/0x10 [ 844.843440][T19360] ? __pfx_futex_wake_mark+0x10/0x10 [ 844.843482][T19360] ? futex_private_hash_put+0x176/0x300 [ 844.843515][T19360] ? futex_private_hash_put+0x18a/0x300 [ 844.843547][T19360] futex_wait+0xe8/0x380 [ 844.843584][T19360] ? __pfx_futex_wait+0x10/0x10 [ 844.843627][T19360] ? kmem_cache_free+0x2d1/0x4d0 [ 844.843654][T19360] ? fd_install+0x225/0x750 [ 844.843679][T19360] ? putname+0x154/0x1a0 [ 844.843718][T19360] do_futex+0x229/0x350 [ 844.843755][T19360] ? __pfx_do_futex+0x10/0x10 [ 844.843789][T19360] ? find_held_lock+0x2b/0x80 [ 844.843817][T19360] __x64_sys_futex+0x1e0/0x4c0 [ 844.843851][T19360] ? __x64_sys_openat+0x174/0x210 [ 844.843890][T19360] ? __pfx___x64_sys_futex+0x10/0x10 [ 844.843922][T19360] ? xfd_validate_state+0x61/0x180 [ 844.843972][T19360] do_syscall_64+0xcd/0x490 [ 844.844008][T19360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 844.844032][T19360] RIP: 0033:0x7f770758ebe9 [ 844.844052][T19360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 844.844076][T19360] RSP: 002b:00007f77084010e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 844.844100][T19360] RAX: ffffffffffffffda RBX: 00007f77077b6188 RCX: 00007f770758ebe9 [ 844.844116][T19360] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f77077b6188 [ 844.844131][T19360] RBP: 00007f77077b6180 R08: 0000000000000000 R09: 0000000000000000 [ 844.844147][T19360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 844.844162][T19360] R13: 00007f77077b6218 R14: 00007ffcaad4ff00 R15: 00007ffcaad4ffe8 [ 844.844192][T19360] [ 845.653273][T19368] netlink: 186 bytes leftover after parsing attributes in process `syz.6.4976'. [ 846.209496][T19371] netlink: 266 bytes leftover after parsing attributes in process `syz.4.4966'. [ 851.341288][T19450] netlink: 18 bytes leftover after parsing attributes in process `syz.0.4996'. [ 852.954207][T19473] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5005'. [ 853.034353][T19473] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 853.043147][T19473] IPv6: NLM_F_CREATE should be set when creating new route [ 853.051833][T19473] IPv6: NLM_F_CREATE should be set when creating new route [ 853.211497][T19474] netlink: 342 bytes leftover after parsing attributes in process `syz.4.5005'. [ 855.262669][T19496] __vm_enough_memory: pid: 19496, comm: syz.4.5014, bytes: 4398046511104 not enough memory for the allocation [ 856.338566][T19505] FAULT_INJECTION: forcing a failure. [ 856.338566][T19505] name failslab, interval 1, probability 0, space 0, times 0 [ 856.606106][T19505] CPU: 1 UID: 0 PID: 19505 Comm: syz.6.5017 Tainted: G I syzkaller #0 PREEMPT(full) [ 856.606146][T19505] Tainted: [I]=FIRMWARE_WORKAROUND [ 856.606156][T19505] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 856.606171][T19505] Call Trace: [ 856.606180][T19505] [ 856.606190][T19505] dump_stack_lvl+0x16c/0x1f0 [ 856.606229][T19505] should_fail_ex+0x512/0x640 [ 856.606263][T19505] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 856.606300][T19505] should_failslab+0xc2/0x120 [ 856.606333][T19505] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 856.606366][T19505] ? trace_kmem_cache_alloc+0x28/0xc0 [ 856.606402][T19505] ? key_alloc+0xc4d/0x1330 [ 856.606439][T19505] kmemdup_noprof+0x29/0x60 [ 856.606469][T19505] key_alloc+0xc4d/0x1330 [ 856.606512][T19505] ? __pfx_key_alloc+0x10/0x10 [ 856.606542][T19505] ? __asan_memcpy+0x3c/0x60 [ 856.606574][T19505] keyring_alloc+0x44/0xc0 [ 856.606613][T19505] keyctl_get_persistent+0x750/0x8c0 [ 856.606651][T19505] ? __pfx_keyctl_get_persistent+0x10/0x10 [ 856.606686][T19505] ? __rseq_handle_notify_resume+0x681/0x10e0 [ 856.606726][T19505] ? __pfx___rseq_handle_notify_resume+0x10/0x10 [ 856.606764][T19505] ? xfd_validate_state+0x61/0x180 [ 856.606816][T19505] __do_sys_keyctl+0x1a9/0x590 [ 856.606846][T19505] do_syscall_64+0xcd/0x490 [ 856.606883][T19505] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 856.606908][T19505] RIP: 0033:0x7f312478ebe9 [ 856.606927][T19505] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 856.606951][T19505] RSP: 002b:00007f3125577038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 856.606974][T19505] RAX: ffffffffffffffda RBX: 00007f31249b5fa0 RCX: 00007f312478ebe9 [ 856.606991][T19505] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000016 [ 856.607006][T19505] RBP: 00007f3124811e19 R08: 0000000000000001 R09: 0000000000000000 [ 856.607021][T19505] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 856.607036][T19505] R13: 00007f31249b6038 R14: 00007f31249b5fa0 R15: 00007ffd0cf78e38 [ 856.607070][T19505] [ 858.619761][T19520] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5024'. [ 858.929083][T19524] netlink: 326 bytes leftover after parsing attributes in process `syz.6.5023'. [ 863.596009][T19573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5043'. [ 865.905827][T19590] Process accounting resumed [ 867.767892][T19620] netlink: 'syz.4.5057': attribute type 16 has an invalid length. [ 867.830815][T19620] netlink: 50 bytes leftover after parsing attributes in process `syz.4.5057'. [ 868.605780][T19621] ================================================================== [ 868.615589][T19621] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 868.624875][T19621] Read of size 8 at addr ffff88802ac59e18 by task syz.1.5056/19621 [ 868.634446][T19621] [ 868.637236][T19621] CPU: 1 UID: 0 PID: 19621 Comm: syz.1.5056 Tainted: G I syzkaller #0 PREEMPT(full) [ 868.637272][T19621] Tainted: [I]=FIRMWARE_WORKAROUND [ 868.637283][T19621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 868.637298][T19621] Call Trace: [ 868.637309][T19621] [ 868.637319][T19621] dump_stack_lvl+0x116/0x1f0 [ 868.637356][T19621] print_report+0xcd/0x630 [ 868.637388][T19621] ? __virt_addr_valid+0x81/0x610 [ 868.637419][T19621] ? __phys_addr+0xe8/0x180 [ 868.637449][T19621] ? dvb_device_open+0x36a/0x3b0 [ 868.637484][T19621] kasan_report+0xe0/0x110 [ 868.637515][T19621] ? dvb_device_open+0x36a/0x3b0 [ 868.637552][T19621] ? __pfx_dvb_device_open+0x10/0x10 [ 868.637587][T19621] dvb_device_open+0x36a/0x3b0 [ 868.637621][T19621] ? __pfx_dvb_device_open+0x10/0x10 [ 868.637656][T19621] chrdev_open+0x234/0x6a0 [ 868.637687][T19621] ? __pfx_apparmor_file_open+0x10/0x10 [ 868.637715][T19621] ? __pfx_chrdev_open+0x10/0x10 [ 868.637746][T19621] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 868.637777][T19621] do_dentry_open+0x982/0x1530 [ 868.637808][T19621] ? __pfx_chrdev_open+0x10/0x10 [ 868.637842][T19621] vfs_open+0x82/0x3f0 [ 868.637880][T19621] path_openat+0x1de4/0x2cb0 [ 868.637913][T19621] ? __pfx_path_openat+0x10/0x10 [ 868.637951][T19621] do_filp_open+0x20b/0x470 [ 868.637980][T19621] ? __pfx_do_filp_open+0x10/0x10 [ 868.638019][T19621] ? alloc_fd+0x471/0x7d0 [ 868.638049][T19621] do_sys_openat2+0x11b/0x1d0 [ 868.638086][T19621] ? __pfx_do_sys_openat2+0x10/0x10 [ 868.638123][T19621] ? __pfx_do_sys_openat2+0x10/0x10 [ 868.638161][T19621] ? __pfx___might_resched+0x10/0x10 [ 868.638189][T19621] __x64_sys_openat+0x174/0x210 [ 868.638227][T19621] ? __pfx___x64_sys_openat+0x10/0x10 [ 868.638273][T19621] do_syscall_64+0xcd/0x490 [ 868.638307][T19621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 868.638333][T19621] RIP: 0033:0x7f770758ebe9 [ 868.638353][T19621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 868.638377][T19621] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 868.638400][T19621] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 868.638417][T19621] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 868.638433][T19621] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 868.638449][T19621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 868.638464][T19621] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 868.638489][T19621] [ 868.638497][T19621] [ 868.946915][T19621] Allocated by task 19358: [ 868.952205][T19621] kasan_save_stack+0x33/0x60 [ 868.957818][T19621] kasan_save_track+0x14/0x30 [ 868.963437][T19621] __kasan_kmalloc+0xaa/0xb0 [ 868.968940][T19621] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 868.976634][T19621] kmemdup_noprof+0x29/0x60 [ 868.982041][T19621] ipv4_frags_init_net+0x14d/0x3d0 [ 868.988173][T19621] ops_init+0x1e2/0x5f0 [ 868.993182][T19621] setup_net+0x10f/0x380 [ 868.998275][T19621] copy_net_ns+0x2a6/0x5f0 [ 869.003577][T19621] create_new_namespaces+0x3ea/0xa90 [ 869.009913][T19621] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 869.016663][T19621] ksys_unshare+0x45b/0xa40 [ 869.022064][T19621] __x64_sys_unshare+0x31/0x40 [ 869.027782][T19621] do_syscall_64+0xcd/0x490 [ 869.033193][T19621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.040256][T19621] [ 869.043030][T19621] Freed by task 19358: [ 869.047893][T19621] kasan_save_stack+0x33/0x60 [ 869.053524][T19621] kasan_save_track+0x14/0x30 [ 869.059127][T19621] kasan_save_free_info+0x3b/0x60 [ 869.065162][T19621] __kasan_slab_free+0x60/0x70 [ 869.070876][T19621] kfree+0x2b4/0x4d0 [ 869.075541][T19621] ipv4_frags_exit_net+0x64/0xb0 [ 869.081464][T19621] ops_undo_list+0x2ee/0xab0 [ 869.086982][T19621] setup_net+0x1f1/0x380 [ 869.092070][T19621] copy_net_ns+0x2a6/0x5f0 [ 869.097369][T19621] create_new_namespaces+0x3ea/0xa90 [ 869.103701][T19621] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 869.110553][T19621] ksys_unshare+0x45b/0xa40 [ 869.115964][T19621] __x64_sys_unshare+0x31/0x40 [ 869.121701][T19621] do_syscall_64+0xcd/0x490 [ 869.127098][T19621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 869.134159][T19621] [ 869.136942][T19621] The buggy address belongs to the object at ffff88802ac59e00 [ 869.136942][T19621] which belongs to the cache kmalloc-256 of size 256 [ 869.153918][T19621] The buggy address is located 24 bytes inside of [ 869.153918][T19621] freed 256-byte region [ffff88802ac59e00, ffff88802ac59f00) [ 869.170358][T19621] [ 869.173133][T19621] The buggy address belongs to the physical page: [ 869.180937][T19621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88802ac59e00 pfn:0x2ac58 [ 869.193051][T19621] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 869.203261][T19621] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff) [ 869.213474][T19621] page_type: f5(slab) [ 869.218255][T19621] raw: 00fff00000000240 ffff88801b841b40 ffffea0001e60510 ffffea0000cff190 [ 869.228668][T19621] raw: ffff88802ac59e00 000000000010000f 00000000f5000000 0000000000000000 [ 869.238983][T19621] head: 00fff00000000240 ffff88801b841b40 ffffea0001e60510 ffffea0000cff190 [ 869.249424][T19621] head: ffff88802ac59e00 000000000010000f 00000000f5000000 0000000000000000 [ 869.259882][T19621] head: 00fff00000000001 ffffea0000ab1601 00000000ffffffff 00000000ffffffff [ 869.270299][T19621] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 869.280751][T19621] page dumped because: kasan: bad access detected [ 869.288439][T19621] page_owner tracks the page as allocated [ 869.295313][T19621] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 25047570864, free_ts 0 [ 869.318971][T19621] post_alloc_hook+0x1c0/0x230 [ 869.324705][T19621] get_page_from_freelist+0x132b/0x38e0 [ 869.331373][T19621] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 869.338439][T19621] alloc_pages_mpol+0x1fb/0x550 [ 869.344280][T19621] new_slab+0x247/0x330 [ 869.349260][T19621] ___slab_alloc+0xcf2/0x1740 [ 869.354865][T19621] __slab_alloc.constprop.0+0x56/0xb0 [ 869.361309][T19621] __kmalloc_cache_noprof+0xfb/0x3e0 [ 869.367643][T19621] bus_add_driver+0x92/0x690 [ 869.373148][T19621] driver_register+0x15c/0x4b0 [ 869.378867][T19621] usb_register_driver+0x216/0x4d0 [ 869.385001][T19621] do_one_initcall+0x120/0x6e0 [ 869.390730][T19621] kernel_init_freeable+0x5c2/0x910 [ 869.396964][T19621] kernel_init+0x1c/0x2b0 [ 869.402273][T19621] ret_from_fork+0x5d4/0x6f0 [ 869.407784][T19621] ret_from_fork_asm+0x1a/0x30 [ 869.413497][T19621] page_owner free stack trace missing [ 869.419925][T19621] [ 869.422698][T19621] Memory state around the buggy address: [ 869.429435][T19621] ffff88802ac59d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 869.439121][T19621] ffff88802ac59d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 869.448809][T19621] >ffff88802ac59e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 869.458501][T19621] ^ [ 869.464305][T19621] ffff88802ac59e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 869.473979][T19621] ffff88802ac59f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 869.483635][T19621] ================================================================== SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 873.209246][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 873.232123][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 873.258681][ T36] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 873.843646][ T36] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 874.122526][ T36] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 874.311464][ T36] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 874.712867][ T36] bridge_slave_1: left allmulticast mode [ 874.757907][ T36] bridge_slave_1: left promiscuous mode [ 874.764837][ T36] bridge0: port 2(bridge_slave_1) entered disabled state [ 874.857899][ T36] bridge_slave_0: left allmulticast mode [ 874.864720][ T36] bridge_slave_0: left promiscuous mode [ 874.916783][ T36] bridge0: port 1(bridge_slave_0) entered disabled state [ 875.605729][T19621] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 875.614405][T19621] CPU: 1 UID: 0 PID: 19621 Comm: syz.1.5056 Tainted: GF R I syzkaller #0 PREEMPT(full) [ 875.627553][T19621] Tainted: [F]=FORCED_MODULE, [R]=FORCED_RMMOD, [I]=FIRMWARE_WORKAROUND [ 875.637555][T19621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 875.649666][T19621] Call Trace: [ 875.653603][T19621] [ 875.657114][T19621] dump_stack_lvl+0x3d/0x1f0 [ 875.662641][T19621] vpanic+0x6e8/0x7a0 [ 875.667433][T19621] ? __pfx_vpanic+0x10/0x10 [ 875.672853][T19621] ? __pfx_vprintk_emit+0x10/0x10 [ 875.678881][T19621] ? dvb_device_open+0x36a/0x3b0 [ 875.684808][T19621] panic+0xca/0xd0 [ 875.689300][T19621] ? __pfx_panic+0x10/0x10 [ 875.694611][T19621] ? dvb_device_open+0x36a/0x3b0 [ 875.700543][T19621] ? preempt_schedule_common+0x44/0xc0 [ 875.707096][T19621] ? preempt_schedule_thunk+0x16/0x30 [ 875.713564][T19621] check_panic_on_warn+0xab/0xb0 [ 875.719509][T19621] end_report+0x107/0x170 [ 875.724703][T19621] kasan_report+0xee/0x110 [ 875.730005][T19621] ? dvb_device_open+0x36a/0x3b0 [ 875.735943][T19621] ? __pfx_dvb_device_open+0x10/0x10 [ 875.742297][T19621] dvb_device_open+0x36a/0x3b0 [ 875.748013][T19621] ? __pfx_dvb_device_open+0x10/0x10 [ 875.754362][T19621] chrdev_open+0x234/0x6a0 [ 875.759661][T19621] ? __pfx_apparmor_file_open+0x10/0x10 [ 875.766325][T19621] ? __pfx_chrdev_open+0x10/0x10 [ 875.772251][T19621] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 875.779944][T19621] do_dentry_open+0x982/0x1530 [ 875.785684][T19621] ? __pfx_chrdev_open+0x10/0x10 [ 875.791637][T19621] vfs_open+0x82/0x3f0 [ 875.796542][T19621] path_openat+0x1de4/0x2cb0 [ 875.802054][T19621] ? __pfx_path_openat+0x10/0x10 [ 875.807984][T19621] do_filp_open+0x20b/0x470 [ 875.813391][T19621] ? __pfx_do_filp_open+0x10/0x10 [ 875.819441][T19621] ? alloc_fd+0x471/0x7d0 [ 875.824635][T19621] do_sys_openat2+0x11b/0x1d0 [ 875.830267][T19621] ? __pfx_do_sys_openat2+0x10/0x10 [ 875.836514][T19621] ? __pfx_do_sys_openat2+0x10/0x10 [ 875.842767][T19621] ? __pfx___might_resched+0x10/0x10 [ 875.849119][T19621] __x64_sys_openat+0x174/0x210 [ 875.854965][T19621] ? __pfx___x64_sys_openat+0x10/0x10 [ 875.861457][T19621] do_syscall_64+0xcd/0x490 [ 875.866871][T19621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 875.873939][T19621] RIP: 0033:0x7f770758ebe9 [ 875.879233][T19621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 875.902763][T19621] RSP: 002b:00007f7708443038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 875.912859][T19621] RAX: ffffffffffffffda RBX: 00007f77077b5fa0 RCX: 00007f770758ebe9 [ 875.922424][T19621] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 875.931982][T19621] RBP: 00007f7707611e19 R08: 0000000000000000 R09: 0000000000000000 [ 875.941589][T19621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 875.951160][T19621] R13: 00007f77077b6038 R14: 00007f77077b5fa0 R15: 00007ffcaad4ffe8 [ 875.960722][T19621] [ 875.964395][T19621] Kernel Offset: disabled [ 875.969597][T19621] Rebooting in 86400 seconds..