last executing test programs: 13.009885625s ago: executing program 1 (id=1390): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) lchown$auto(0x0, r1, r2) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 10.068088264s ago: executing program 1 (id=1395): socket(0xa, 0x3, 0xff) r0 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x1, 0x106) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) open_tree_attr$auto(0xffffffffffffffff, 0x0, 0x3000, 0x0, 0x7ff) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sysfs$auto(0x2, 0x23, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x4) rseq$auto(0x0, 0x8000, 0x0, 0x6) bind$auto(0x3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) shutdown$auto(0x200000003, 0x2) r3 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r3, @new_prog_fd=0x4, 0x4}, 0xa3) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000004240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, r0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@HWSIM_ATTR_PMSR_SUPPORT={0xc, 0x1a, 0x0, 0x1, [@NL80211_PMSR_ATTR_TYPE_CAPA={0x8, 0x4, 0x0, 0x1, [@NL80211_PMSR_TYPE_FTM={0x4}]}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x688cfcf374ddd4c2}, 0x4048000) ioctl$auto(0x3, 0x89e0, 0x91) 9.952473726s ago: executing program 2 (id=1397): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) setreuid$auto(0x0, r2) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9852e4e248e519e6e2d25bc83b3fb9ec16cbc5fe503b9662d19861c9bb377749418140efde7024c7215d323a6c79c5be94bc04ed0d9afbb9c9574ff829522a54b91ef7bcef85e226564639c87b944203a6814a00eea8134d42bc137511ab276827b7ee17d85c2722c34b6d9cd3c095bd1094df859fd44defb05f086d48e42b8cfe4f20b057126cfb78738004716a5e21149cc372c89149624db4102", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8bfb8d1ffa178e0f324273421083410618838d"}) socket(0xb, 0xa, 0xd9) setpgid$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(r3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) 9.493974448s ago: executing program 3 (id=1398): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, 0x0, 0x800) lchown$auto(0x0, r1, r2) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 8.598316418s ago: executing program 0 (id=1399): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, 0x0, 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r0, 0x5425, 0x0) 8.305384879s ago: executing program 0 (id=1400): connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000500), 0xffffffffffffffff) open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x1c7) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r2, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r3, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) shmctl$auto_IPC_RMID(0xa, 0x0, &(0x7f0000000200)={{0x9, 0xffffffffffffffff, 0xee01, 0x4, 0x100, 0xb2000000}, 0x400, 0x5, 0x8, 0x0, @raw=0x7, @raw=0x7, 0x2, 0x0, &(0x7f0000000540)="19c3b829e71f4b4088493f392082a22870971f0a6107a7a2bac7aa4a2307871211d729673290d92d4dc6cb4e8f3dc05610b1d7f8ecb09146bded6242685bbb2208133f1eee407cc1caedcbf9d3b9cf073be2e4adffd1e720d238f387fa431c6c5866af5935e869857d0c18be984d97fc5b5b135cc5a4e79e979488e956bcabe41981d0f39c42633024fd53f8a4cb8a5b15e19e4b6896ddbca6bf6a85bf75807268765275f93625635db6e13918c908b925f34d77fc8b2cf3411b5eb531fb2a6d267153e90168076f90a22ca54a13f47add32bd1d6c996483f5a941d7ba98ab5c", &(0x7f0000000740)="2e55e9ee5f293332e76b54634eea61dc2187145174aefcc713bfe59fa80a1971082349a14a5764ebef929a0070d08b7fc4764d868c484d3b33cf35999dddba58bc3c912d44653ee2a07d6fb5fce6cf876f8c881161ee593715c3446b2754c9472c0d80ae944cf2cb1cdbfbe3e96a113bb70487a1ffc871b90a5f449cb57223f4567195f4908eaeae629e8565823508cc0ef60f13baf5feddc5c36dec32c6dff8616368b87c38e2a6cdb93c7bb9a02f07b8d0e7f910f690c00c74996b44f3aebdb75315bf48bb924dbf2f"}) syz_clone3(&(0x7f0000000940)={0x80000, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0), {0x4}, &(0x7f0000000840)=""/229, 0xe5, &(0x7f0000000440)=""/181, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x8, {r1}}, 0x58) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_NCSI_CMD_PKG_INFO(0xffffffffffffffff, 0x0, 0x811) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x7, 0xd, 0x1, 0x948d, 0x1ff, 0x15f4da07, 0x3, 0x8003, 0x65, 0x8000001f, 0x1000, 0x100000000006d3e, 0x9, 0x1, 0x8]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x4303, 0x1, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) 8.219763799s ago: executing program 3 (id=1401): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) madvise$auto(0x0, 0x2003f0, 0x15) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, 0x0, 0x800) lchown$auto(0x0, r1, r2) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 8.166479814s ago: executing program 2 (id=1402): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x86, 0x0) open(0x0, 0x305481, 0x3b5) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0xc0045627, r1) socket(0x10, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x1ff) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) set_tid_address$auto(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto_FITHAW(0xffffffffffffffff, 0xc0045878, 0xbd8) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) 7.705253166s ago: executing program 1 (id=1403): r0 = socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x8000000) shmget$auto(0x0, 0xfffffffffeffffff, 0x69c2) syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000002c0), 0xffffffffffffffff) mmap$auto(0x7ffffffd, 0x40000c, 0x11, 0x9b72, 0x2, 0x8000) epoll_create$auto(0x4) socket(0x1d, 0x1, 0x7fff) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_meter(&(0x7f0000003040), 0xffffffffffffffff) sendmsg$auto_OVS_METER_CMD_SET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000640)={0x2c, r3, 0x159198c6007aa95d, 0x70bd29, 0x25dfdbfc, {}, [@OVS_METER_ATTR_KBPS={0x4}, @OVS_METER_ATTR_ID={0x8, 0x1, 0x5}, @OVS_METER_ATTR_BANDS={0xc, 0x4, 0x0, 0x1, [@generic, @nested={0x0, 0x10d, 0x0, 0x1, [@generic="430b9d17a8ecfa48c0e17755ecd5d46a8588fcd7cc3ad678edd7dac0aa4f92db17405d344d3202b390afa845d5378143a8f98e1ac2ec2396fa0ef5e35851efee7eec", @generic="d844d437e16a767fd1e4f94ca4e001894820f11f7c08f1a63851783f64a351d8b194575afba6e3d3334aa84448a2a59c5522386d2acf3163ec517e558256747ac80cb9235605d79e304c779ee91c1115172e3012daf3662a479d26c054c0b6f826cab6fc1ee0a0b18419c94b6a5ed58587256cf0a6ed968bedf42e9a70fc66f0a4be7f845d0d39e3fe1471583353d7c2862b523dd589a993e7cfe591a58afe6130b5be028264cc902c792a892246d064c4bcae0f45e40caf8170224200d461364828", @typed={0x0, 0xc4, 0x0, 0x0, @pid}, @nested={0x0, 0x122, 0x0, 0x1, [@generic="da0b0f3687a69245b6f6730a58dec2fcf783f8ec2c6e77d8f3098e3a45b17ad31f3ded4947974900350b7216ee8f68ad096bd66649b48f2edf7458e00363da324a7bff68753b7e37cb89c965ad543cbd44c3ce1b56a569fbf2b766549267fbd63da8f2e1589d4930d8475b09fc460c972ced3c9d554ad5213808e15f3032baf25f54de5e66c28e9be00ec217ab1ecd7f11462bc9201a5aa4f392ece95e11b86871556c6b566d0b63102cafb54e3243b3c38dbf03fc30af1b1b"]}, @generic="57bd5577b095bc0707", @typed={0x0, 0x9b, 0x0, 0x0, @binary="1ccdaff36829caeffe8ca2bec7831839bb8e9bbedfcc7bc9c6f99e6d9873a1af1f8d7d06e20fc6c8c7e2877a7f46735318f474ceb4bd161be52f5716f6f019b1cefa8a526f3a5ac78057b4bd8455"}, @typed={0x0, 0xcb, 0x0, 0x0, @binary="0853f092e07d31f8eb8809564d700de8aa06"}, @nested={0x0, 0xca, 0x0, 0x1, [@nested={0x0, 0x104, 0x0, 0x1, [@generic="be5fc8351fe62be0bc1551fd3e077313b4a95a2d7580a454a57e36d2", @nested={0x0, 0xee}]}, @generic="5009778284e30825f5cade16ca948ca5c396ea01254ca4a0a9390d7b57f915624d33817847cf6182fd92e8eb5c4f883fe75ee2e35c17e4de7becf724583e2b38159a40d8db0d3224811d9668ae91121a15293863e017d310613b1aabb6ce8bafc0973d48738630d6459d4765cf541d610e413cc5c984cb368ac9c5b44bd3e51a8e79c3e14eaf5712ffcffa7c38cd0e"]}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20008040}, 0x40) sendmsg$auto_OVS_VPORT_CMD_DEL(0xffffffffffffffff, 0x0, 0x8000) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/platform/vhci_hcd.1/usb12/configuration\x00', 0xc2481, 0x0) writev$auto(r4, &(0x7f0000000080)={&(0x7f0000000040), 0x1000}, 0x3) r5 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mtrr\x00', 0xc0000, 0x0) ioctl$auto(r5, 0x40104d0e, 0xe) socket(0x18, 0x5, 0x1) r6 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r6, 0x8000) connect$auto(r1, &(0x7f0000000080)=@isdn={0x22, 0x0, 0x7, 0xc, 0xae}, 0x9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) sendmsg$auto_NL80211_CMD_NEW_MPATH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x4404}, 0x0) 7.301508803s ago: executing program 0 (id=1404): mmap$auto(0x0, 0x400009, 0xfffffffffffffffa, 0x9b72, 0xffffffffffffffff, 0x2000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) openat$auto_snd_pcm_f_ops_pcm1(0xffffffffffffff9c, 0x0, 0x0, 0x0) setresuid$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) sched_setattr$auto(0x0, 0x0, 0x7b) msync$auto(0x1ffff000, 0x180000000000000, 0x400000004) mmap$auto(0x0, 0x7f, 0xdf, 0x9b72, 0x2, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004c18}, 0x810) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000040)=ANY=[@ANYBLOB='J\x00\x00\x00', @ANYRES16, @ANYBLOB="010025bd7000fcdbdf25020000002c00018028003c8008001b"], 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x44) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a00"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB=' '], 0x1ac}}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) getdents$auto(0xffffffffffffffff, 0x0, 0x400018) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x4, 0x2e) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) 7.200002058s ago: executing program 3 (id=1405): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, 0x0, 0x800) lchown$auto(0x0, r1, r2) r3 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r3, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 6.011251969s ago: executing program 2 (id=1406): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) close_range$auto(0x2, 0x8, 0x0) socketpair$auto(0x1, 0x2, 0x86, 0x0) open(0x0, 0x305481, 0x3b5) r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xf8, 0xfffffffffffffffa, 0x8000) fcntl$auto(0x3, 0x4, 0xa553) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r1 = socket(0x2b, 0x1, 0x0) ioctl$auto(0xffffffffffffffff, 0xc0045627, r1) socket(0x10, 0x2, 0x0) madvise$auto(0x0, 0xffffffffffff0001, 0x15) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x1ff) mmap$auto(0x0, 0x20009, 0x4000000000db, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) set_tid_address$auto(0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89fc, 0x0) move_pages$auto(0x0, 0x1002, 0x0, 0x0, 0x0, 0x2) ioctl$auto_FITHAW(0xffffffffffffffff, 0xc0045878, 0xbd8) openat2$dir(0xffffffffffffff9c, &(0x7f0000000000)='}[,&*}\x00', 0x0, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) 5.929648524s ago: executing program 1 (id=1407): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) write$auto(0x3, 0x0, 0xffd8) 5.64508724s ago: executing program 3 (id=1408): syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000040), 0xffffffffffffffff) rseq$auto(0x0, 0x8000, 0x0, 0x8000006) mmap$auto(0x7ffffffd, 0x40000c, 0x11, 0x9b72, 0x2, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x22, 0x0, 0x1) syz_genetlink_get_family_id$auto_smbd_genl(&(0x7f0000000240), 0xffffffffffffffff) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) r1 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000000), 0x109002, 0x0) sendfile$auto(r1, r1, 0x0, 0x10000800000003) sendmsg$auto_ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000011}, 0x2404c811) socket(0x2, 0x3, 0x2) ioctl$auto_BCH_IOCTL_QUERY_UUID(0xffffffffffffffff, 0x8010bc01, 0x0) setsockopt$auto(0xffffffffffffffff, 0x0, 0xc8, 0xfffffffffffffffc, 0x4) unshare$auto(0x40000080) close_range$auto(0x2, 0x8, 0x0) ioprio_set$auto(0x3, 0x0, 0x4b34) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f00000001c0), 0x40, 0x0) socket(0x2, 0x1, 0x106) sendmsg$auto_TIPC_NL_BEARER_DISABLE(0xffffffffffffffff, &(0x7f0000004080)={0x0, 0x0, &(0x7f0000004040)={&(0x7f0000000180)={0x18, 0x0, 0x1, 0x70bd26, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4}, 0x80) socket(0x10, 0x2, 0x0) r2 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="1300"], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000100)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x8) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000"], 0x1ac}}, 0x0) 5.140657601s ago: executing program 0 (id=1409): close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) landlock_add_rule$auto(0xffffffffffffffff, 0x1, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x201, 0x0) mmap$auto(0x0, 0x400008, 0x803c, 0x9b72, 0xffffffffffffffff, 0x8000) ioctl$auto__ctl_fops_dm_ioctl(0xffffffffffffffff, 0x70, 0x0) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) ioctl$auto(0xffffffffffffffff, 0x9000643a, 0xc35) fremovexattr$auto(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00') unshare$auto(0x40000080) mmap$auto(0x0, 0x2000d, 0x4000000200df, 0xeb1, 0x404, 0x8000) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x200) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x37}}, 0x6e) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x9, 0x20000000) setsockopt$auto(0x3, 0x1, 0x3e, 0x0, 0x9) sendto$auto(0x3, 0x0, 0x100000000, 0x40000008, 0x0, 0x19) 4.601352951s ago: executing program 1 (id=1410): r0 = socket(0xa, 0x801, 0x84) mmap$auto(0x0, 0x2020009, 0x9, 0xeb1, r0, 0x8000) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x2, @loopback}, 0x55) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) write$auto(0x3, 0x0, 0xffd8) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) msgctl$auto_IPC_RMID(0x7ff, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, &(0x7f0000000200)=0xa, 0x1, 0xfff, 0x0, 0x7, 0x9, 0x4, 0x9, 0xf}) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/mm/lru_gen/enabled\x00', 0xb02, 0x0) pread64$auto(0xffffffffffffffff, 0x0, 0x20000000001, 0x7fff) write$auto(0xffffffffffffffff, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x2, 0x400008, 0x2, 0x16, 0x2, 0x7fffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_FLOW_CMD_GET(r3, 0x0, 0x800) lchown$auto(0x0, r1, r2) r4 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r4, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 3.726929192s ago: executing program 2 (id=1411): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x9000000eb1, 0xfffffffffffffffa, 0x8000) io_uring_setup$auto(0x1, 0x0) ptrace$auto(0x10, r0, 0x4, 0x7ff) ptrace$auto_PTRACE_PEEKSIGINFO(0x4209, r0, 0x8, 0x6) madvise$auto(0x200000000007, 0x1, 0x15) mmap$auto(0x0, 0xe983, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) ioctl$auto_TCSBRKP2(r1, 0x5425, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_available_congestion_control\x00', 0x0, 0x0) bpf$auto(0x0, 0x0, 0x4f4) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/pagemap\x00', 0x50400, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x60042, 0x0) io_uring_setup$auto(0x6, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000440)='/proc/self/net/rt_cache\x00', 0x2000, 0x0) select$auto(0x10, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x800295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7f, 0xd, 0x1, 0x948f, 0x1005, 0x206, 0xa, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x100000000000000, 0xfffffffffffffffc, 0xf]}, 0x0) capset$auto(0x0, 0x0) 2.862819873s ago: executing program 0 (id=1412): openat$auto_console_fops_tty_io(0xffffffffffffff9c, 0x0, 0x4000, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x3) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto(0x3, 0x40081271, 0x38) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) r1 = setfsuid$auto(0xee00) r2 = setfsuid$auto(0xee01) setresuid$auto(r1, r2, r1) setreuid$auto(0x0, r2) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x1, 0x2020009, 0x3, 0xebe, 0xfffffffffffffffa, 0x8000) shmctl$auto_IPC_SET(0xc, 0x1, &(0x7f0000000300)={{0xffffffff, 0xffffffffffffffff, 0xee01, 0x1000, 0xae, 0x9, 0x6}, 0x1, 0x7, 0x2, 0x280, @raw, @raw=0x5, 0x3, 0x0, &(0x7f0000000140)="4666def67af41b4f051e39fd6511fd6cfab11faa93fdd757f3a42ab52c0db46c7c57737a54cb9ad1fccd9f47e3400debebecee8c4b3ab4b0ecd15cb89799d7a8a423d738e2914ff98f43b494873650cfa841ca9b379cdbceb067f222f9852e4e248e519e6e2d25bc83b3fb9ec16cbc5fe503b9662d19861c9bb377749418140efde7024c7215d323a6c79c5be94bc04ed0d9afbb9c9574ff829522a54b91ef7bcef85e226564639c87b944203a6814a00eea8134d42bc137511ab276827b7ee17d85c2722c34b6d9cd3c095bd1094df859fd44defb05f086d48e42b8cfe4f20b057126cfb78738004716a5e21149cc372c89149624db4102", &(0x7f0000000240)="41b431f15aa64d11716c2908cc9f948827ddb702f4ae4ad578a4d9e2fa81507ca870d066e25696b0b2ac35abb53a8fc6e9df9fdbbc11fe705ab85e88111e5684e28f8599bc486b93eea020ee76a340a548c82e805e2d182d741e51d53c799f7bb722a591e8ac4c48f3317ac8926b8bfb8d1ffa178e0f324273421083410618838d"}) socket(0xb, 0xa, 0xd9) setpgid$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) r3 = socket(0xa, 0x1, 0x84) bind$auto(r3, &(0x7f0000000100)=@in={0x2, 0x3, @empty}, 0x6a) mq_timedsend$auto(0xffffffffffffffff, 0x0, 0xffffffffbffffff9, 0x5, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) 2.688802942s ago: executing program 2 (id=1413): connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) r0 = openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x481, 0x0) syz_genetlink_get_family_id$auto_ila(&(0x7f0000000500), 0xffffffffffffffff) open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x1c7) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000002480), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_GET(r3, &(0x7f00000083c0)={0x0, 0x0, &(0x7f0000008380)={&(0x7f0000003680)={0x14, r4, 0x32f, 0x70bd2a, 0x25dfdbff, {0x12, 0x0, 0xf0}}, 0x14}, 0x1, 0x0, 0x0, 0x4801}, 0x8080) shmctl$auto_IPC_RMID(0xa, 0x0, &(0x7f0000000200)={{0x9, 0xffffffffffffffff, 0xee01, 0x4, 0x100, 0xb2000000}, 0x400, 0x5, 0x8, 0x0, @raw=0x7, @raw=0x7, 0x2, 0x0, &(0x7f0000000540)="19c3b829e71f4b4088493f392082a22870971f0a6107a7a2bac7aa4a2307871211d729673290d92d4dc6cb4e8f3dc05610b1d7f8ecb09146bded6242685bbb2208133f1eee407cc1caedcbf9d3b9cf073be2e4adffd1e720d238f387fa431c6c5866af5935e869857d0c18be984d97fc5b5b135cc5a4e79e979488e956bcabe41981d0f39c42633024fd53f8a4cb8a5b15e19e4b6896ddbca6bf6a85bf75807268765275f93625635db6e13918c908b925f34d77fc8b2cf3411b5eb531fb2a6d267153e90168076f90a22ca54a13f47add32bd1d6c996483f5a941d7ba98ab5c", &(0x7f0000000740)="2e55e9ee5f293332e76b54634eea61dc2187145174aefcc713bfe59fa80a1971082349a14a5764ebef929a0070d08b7fc4764d868c484d3b33cf35999dddba58bc3c912d44653ee2a07d6fb5fce6cf876f8c881161ee593715c3446b2754c9472c0d80ae944cf2cb1cdbfbe3e96a113bb70487a1ffc871b90a5f449cb57223f4567195f4908eaeae629e8565823508cc0ef60f13baf5feddc5c36dec32c6dff8616368b87c38e2a6cdb93c7bb9a02f07b8d0e7f910f690c00c74996b44f3aebdb75315bf48bb924dbf2f"}) syz_clone3(&(0x7f0000000940)={0x80000, &(0x7f0000000340), &(0x7f0000000380), &(0x7f00000003c0), {0x4}, &(0x7f0000000840)=""/229, 0xe5, &(0x7f0000000440)=""/181, &(0x7f0000000640)=[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0], 0x8, {r2}}, 0x58) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_NCSI_CMD_PKG_INFO(0xffffffffffffffff, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000f80)={0x7d0, 0x0, 0x100, 0x70bd25, 0x25dfdbfe, {}, [@NCSI_ATTR_CHANNEL_ID={0x8, 0x4, 0x101}, @NCSI_ATTR_MULTI_FLAG={0x4}, @NCSI_ATTR_PACKAGE_LIST={0x14, 0x2, 0x0, 0x1, [@typed={0xc, 0xca, 0x0, 0x0, @u64}, @nested={0x4, 0x18}]}, @NCSI_ATTR_CHANNEL_MASK={0x8, 0x8, 0x7f}, @NCSI_ATTR_PACKAGE_LIST={0xcf, 0x2, 0x0, 0x1, [@typed={0x8, 0xe5, 0x0, 0x0, @fd=r1}, @generic="aed195661f2deeca73add4204b929e1dd5423a1b5984cb7477b7182ade76b6f1669c142b730adc6444c0c23e5302ffbd05cb3f1a9664c7f45e0032f5eb8a4eb317916f083b83bbc33247316d36e7392658ae379603e2e278e561e139c80cfb55c3cb5c42a760e2fb678cbfc86d78e66b12bab3d560d6ccbc14fde6f14939e827f270499fcd26ee8f52ba21bc3ad89d745ffcfa7fc6553058308a71f854489801676a5a305a516fb9db526932edf74df22e96d66a5aa725", @typed={0x4, 0xa6}, @typed={0x8, 0x7d, 0x0, 0x0, @fd=r0}]}, @NCSI_ATTR_DATA={0x6c3, 0x5, "89d213a7c74fff209ecc7424b19881ec00a05da4975ad09030320a8d938d8baf1357fad1d9dacdbde2bf17b110ea65cc168ec4df327ea11b843eb4f3da1dea463ac3b3771a4e8d02ca8240d8e0021272bee0b2e6a4f33e5bbd3fdb50cb67dd936c09c79c6fe0eab2e23d88dfd0838a46783b234f34c2c54d2c0ef5688ad8b3e6ffd71afeb58fc173a8bd3d2696f23048adf292ff1decc3b10f87d5d3d589ff902f4ad7eb7c627e12697703432bcb13b922eca4b985c23503149fd9fbb97d3b890a8be0526022a861bd6071490f4887379fc712fbbffdb7e233b11f5d2b314ecde8f095cf71b35a0841ede4b2ff131076e9b9e208ac68b51f61597a046817b3519d8bbd0a39973000b4b7045954aefa8b21a692acd31454a3c6c119f0c61a35c6b6681873ee1d811f4c17e59c77a11b245f6bcbc364787d9060c990eba8b6c30656072154846e9e9ed1ef5f48a35568ceb97f79f104b3aea4cd12d2511ae11b72216f51255df5d4fd440db2a8bdcd814232fb58a142929cbc21292267bb7b9822b6b132dafd06572c6c59fcc0dc37acd431917538d4f7c9ddcd2c88b29d4e0a5b2724a88466ba01ee251a633a17964b3ee3314995f147a199a8cd3ef7a12bfd08a5ad3a58d116323e3f975b9c2e00afa9bff1c507ab0f5a3f65a043e92e712ac1ffacc268bf8b59fa8a94931ac5b7f0163b60d700e12b67306818baa0c6fcfa02c022a10afb1cb154ec8747095623386f8c7628326a3592b0c70ae75d89df1ff2df6a3f93133d6f85fe1730d3cb198368b3aeb50aa184f3eb79f33d581ebc12676906a65e37768596c8beb0a5721b78eb98897c5991e38f7f0428c92c90b394f1a0cd27414103d44d70413783e99bcd1c137e13e97f2e85042f4e9a4536497c95992ccc317c10507f7c39db32522148afb07a9065589f21dc6a214dd7ddc67ee697e509908761f994600d0568b4afc0c93bd90a4c77a516be2e006a2fa1f52ab847abceb975dcfa84d731ad0e7a2c727543c8fc6f1a96645e4d3500e574e2e6af80daf07a966d8202fda3c6dadb5fbad8b392abe055823d69815f6769a3c4482061134c5363603dd0a76b5be56bdab61cee64dc27cc3120c6f4c683008792ac43fb6cc98954129750113853f7a51116bebaf166ff90cb20a3371d755c041ae76b59497e26befc8c35d95ea63c6c2e33fb204b0f52c6ec96e7ef42c219bc256d15765594b5f0c2e3433609811eda8a3eb6983379fb5696a79b0f8a32fe9d1f6184842bf20106014dd21b14ea12e7516ddc0065ef31aaf9a1b1480c2483e916279eb7d2cf14d3f73ef2cbc969f02c4695376611d70d443605c7a7325f1f4ad022e1388cff68424ba25acce1a927fd22375cb3a04d114c12991badfa98698a134e282676a2fa7572c2d1b749f5dd1d21b71841f613c472604a502f85556428e6bae1fc5b16119b56716283e59a7f00ef032b51aaa83d9b04fae69ee662fd1169e25cca29bcae3efe6f605e5062b201373b6c35c0737498ae52fdf055218168d0d2166a7d59258aeac5aa37cb373a14f53123cb30495f52252cf44e94fe6c396630f31ec2550b6f7841826f374c193cf595f98c9e87feeb8372ab4e1e660bfdf97d1d20d7c68d38c51ca5b3405dfd182188153339369385faedc7c6586d08cff9b8d6e3a6c327a72f906a6ff8b2979f6101c028332b60f86277421a95f5f9a4c13735048e52181119837608dfb649ba18ec35604b757f96c84fd1a86626df7079b8d18980d2c9229c911554892ceb8bd2c3ffa3b7dbfb9a964f2df20420d2a49b074efe4a879a266cf5ab5d34ee0914e8aff5bb06a88eb6b1159f63ed153b742aa74ad720641e1a9689d2174cf5dd2983df2624c799d744a25dbc955f35d794e8e6bc47253b09e11bb14fa0b72ffde122a886a8165daea8c753460a9f35dbfe5c1592371884acc08ff6d460a9796a46f0831f57fbe9223c8f3e3549f237d3ace93890665528dc1183d384e3a1150c1c13b8370f87d75758596953c2289c6218ff8ce15eb15ff48f122fc6256c95da3702f5d921f3f98a133d1680ac32126ebc0d777715bce91c23dca6ae4b9cb3cf84e277d0697e89a8aeb9b493013bde54691c9c7060524c7c80e49a6be693790d31dd55b83778b17cc3c34dda22790c1501b3707ad172ccaff3d8891af65bf54d1939d36d5fd558cbd02b339cddbd5439d936cae782ba6febda580be1800c15125eac875beb2432b031b3b136ccb0b57ff078ab069dc7c20e4a077414068a3c53f84b0128b35beaad6a2c6be0d5f51b58e49b04a4e2bf27f9051929d72ca41e35ca0188673cdf5520b1bb7694bac2a68ad4294d4d4913aa2821acef9d85aba4390be7556d51d9c9c08a6380c4d905237edcef2a23b468ac61421e04a01ef962b15849225812a810b119bc067e5b24d8cf4067f5"}]}, 0x7d0}, 0x1, 0x0, 0x0, 0x4800}, 0x811) select$auto(0x8, 0x0, 0x0, &(0x7f00000002c0)={[0x1fe, 0x7, 0xd, 0x1, 0x948d, 0x1ff, 0x15f4da07, 0x3, 0x8003, 0x65, 0x8000001f, 0x1000, 0x100000000006d3e, 0x9, 0x1, 0x8]}, 0x0) select$auto(0x9, &(0x7f00000000c0)={[0xeeda, 0x7, 0x100000001, 0x9, 0x6, 0x1ff, 0x6, 0x3, 0x4, 0x4618ecd2, 0x3, 0x4303, 0x1, 0x9a8c, 0x9, 0x10001]}, 0x0, 0x0, &(0x7f0000000280)={0x6, 0xcb}) 1.678972731s ago: executing program 0 (id=1414): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$auto_MACSEC_CMD_UPD_RXSA(r0, &(0x7f0000006200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\f\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="230027bd7000fedbdf250900000008000100", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x4008008}, 0x0) getpgid$auto(0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x71, 0x0, 0x0) readv$auto(0x3, 0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/devices/virtual/block/loop10/queue/max_sectors_kb\x00', 0x80000, 0x0) read$auto(r2, 0x0, 0x20) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x40000, 0x0) socket(0x21, 0xe, 0x4) unshare$auto(0x40000080) readv$auto(0x3, &(0x7f0000000000)={0x0, 0x10000ffff}, 0x1) mmap$auto(0xfffffffffffffffd, 0x3ff, 0x3, 0x17, 0xfffffffffffffffa, 0x5) lsm_get_self_attr$auto(0x68, 0x0, &(0x7f0000002440)=0x8, 0x0) mbind$auto(0x400000000000000, 0x2091d2, 0x4, 0x0, 0x6, 0x5) r4 = fanotify_init$auto(0x5, 0x2000000000002) fanotify_mark$auto(r4, 0x1, 0x803a, r4, 0x0) madvise$auto(0x110c230000, 0x46, 0x9) ioctl$auto(0xffffffffffffffff, 0x76, 0xffffffffffffffff) futex$auto(0x0, 0xc, 0xffffffff, 0x0, 0x0, 0x4) getsockopt$auto_SO_TYPE(0xffffffffffffffff, 0x7fffffff, 0x3, &(0x7f0000000040)='/proc/thread-self/fail-nth\x00', &(0x7f0000000100)=0x14) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) set_tid_address$auto(0x0) 1.678822402s ago: executing program 3 (id=1415): openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/nbd12\x00', 0x14fa02, 0x0) mmap$auto(0x0, 0x810004, 0x400000000ffb, 0x8000000008011, 0x3, 0x8000) setresuid$auto(0x0, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_STATION(0xffffffffffffffff, 0x0, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x181500, 0x0) r2 = openat$auto_vmwgfx_driver_fops_vmwgfx_drv(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dri/card0\x00', 0x0, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x121000, 0x0) r4 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r4, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) close_range$auto(r3, 0x8, 0x0) brk$auto(0xffffffffffffff66) ioctl$auto_KVM_CREATE_VM(r1, 0xae01, 0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0xda) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_SET_CQM(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000ff", @ANYRES16=r6, @ANYBLOB="010026bd7000fddbdf253f0000000800"], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40800) r7 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000140)='/proc/kcore\x00', 0x10b402, 0x0) pread64$auto(r7, 0x0, 0x800003, 0x270) mmap$auto(0x6b2, 0x40000a, 0x4, 0x13, r2, 0x7ffd) close_range$auto(0x0, 0xfffffffffffff000, 0x2) 1.579420149s ago: executing program 2 (id=1416): unshare$auto(0x40000080) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) setsockopt$auto(0x3, 0x1, 0x34, 0x0, 0x4) r0 = socket(0x1d, 0x3, 0x2) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x18dd01, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) mmap$auto(0x0, 0x40009, 0x3, 0x9b72, 0x7, 0x28000) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) futex$auto(0x0, 0x85, 0x38, 0x0, 0x0, 0x80800005) r1 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0xac0, 0x8000, 0x7d, &(0x7f0000000140)=0x9) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7073000000001400000008000300", @ANYRES32=r3], 0x24}, 0x1, 0x1400, 0x0, 0x800}, 0x20040080) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) move_pages$auto(0x1, 0xf54, 0x0, 0x0, 0x0, 0x8000000000000000) fsopen$auto(0x0, 0x1) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000200), r0) sendmsg$auto_NL80211_CMD_UPDATE_OWE_INFO(r2, &(0x7f0000000300)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x2c, r4, 0x8, 0x70bd29, 0x25dfdbfd, {}, [@NL80211_ATTR_STA_CAPABILITY={0x6}, @NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x101}, @NL80211_ATTR_STA_CAPABILITY={0x6, 0xab, 0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x40015) r5 = openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x68082, 0x0) ioctl$auto_BLKPG2(r5, 0x1269, 0x0) r6 = openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) ioctl$auto_XFS_IOC_ALLOCSP(r6, 0x4030580a, &(0x7f0000000100)={0x1, 0x1, 0x5, 0x7, 0x3}) 842.528977ms ago: executing program 1 (id=1417): write$auto(0xffffffffffffffff, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) r0 = socket(0xa, 0x2, 0x0) r1 = socket(0xa, 0x3, 0xff) connect$auto(r1, &(0x7f00000018c0)=@generic={0xa}, 0x55) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7fffffe) mmap$auto(0x200, 0x400008, 0x200, 0x9b72, r0, 0x6) write$auto_proc_mem_operations_base(0xffffffffffffffff, &(0x7f0000001680)="a7", 0x80000) syz_clone3(0x0, 0x0) madvise$auto(0x1ffff000, 0x7, 0x100000000) mmap$auto(0x0, 0x400008, 0xb, 0x9b72, 0x2, 0x8000) sysfs$auto(0x2, 0x20, 0x0) fsopen$auto(0x0, 0x1) mbind$auto(0x0, 0x100000004, 0x100000000, 0x0, 0x20000000000006, 0x2) shmget$auto(0x8, 0x10563, 0x568d1af2) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/input/event2\x00', 0x20081, 0x0) bpf$auto(0x14, &(0x7f00000000c0)=@enable_stats={0x1}, 0x7) mmap$auto(0x0, 0x2000a, 0x10000000000df, 0xeb2, 0x401, 0x8000) arch_prctl$auto(0x5005, 0x9) 0s ago: executing program 3 (id=1418): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/system/cpu/cpu1/online\x00', 0x62, 0x0) write$auto(r0, &(0x7f00000002c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef`\xd8\x9c\xf7?:\x1a\xc62\x911e\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\b};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xacA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xff\x7f\xd0UV\x11\xcb\xdd\x81\xbe\xde\f/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3CRnz\xc2\x13<\xf0\v\x1f\x14\xf3\xd0\xf2\xd1L!\x81\xea\x83\xa0\r|%\xbf\x02trg\x9a\xe7\x00\x85Z\x06?\x12\x98\x0f)\a\xf4\xaa\x05\xc0\xa0r\xd2\x85\x8dH\xd0>\xca\xfc5\x01\x95O4\xca\x95\x1d\x83\xec\nD\x8e\xfb\xce\xd1w\x15:\xe9\x81/B#\xc6\xa1\xfa-\x1b\x8cr\x92nM\xa1;\xe4pd$\xd7\x1b\v\x82\r\f\xd0Hq\xd9\r\x88#\x89\x8d\xcd\x1e\x87N\xeeO\x8dO\xe9\xfc\x91\xa1\xa8HR+\a\xb7R\t\n+\x7f\xd5H\x90G=\x9a\r\xb10\x17n\x1b\xf8\v\x11\v\xbb\xc8^\xa4\xe2\x05\x91|\x123\xc3:\xfd\xee\x04a\xc8\x12\xce\xa2\x12\xcb\x8c\x87f\xebGQ\xe9\x96\xd5E\x13a\xb7\x057<&\xe0\x94\xa7\xfb\x9d;\xfa\xb1\x1b4a,\'\xb2Ym\xe1:\xbf\x8cs\x06\xa3u\x8d!\n\x80-\x9a\xbb;\xf4\xf3\xe1\x97\xfc8\xff\xa7\\\x8b\xf9\x95\x10$\xef\x1a #b\xfb\xfe\xe9\x06fK0\xdd\x84T,\xfa\xb5\x00\x83d\xbba\xd7\n\x92l\xdfAN\x9d\xcb\x96\xc7\xe8\xe6\x8bC\xeb\xc7EZ\xc8\x1a\x81nf\tZ-sZ\x13n\xec\xa9\xbf\xd0$\xb9\xd8\x00\x00\x00\x00\x00\x00\x00', 0x5) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r1 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) getsockopt$auto_SO_NO_CHECK(r0, 0x7, 0xb, 0x0, 0x0) getcwd$auto(0x0, 0x3) bpf$auto(0x0, &(0x7f0000000580)=@task_fd_query={0x7, 0x4, 0x200, 0x37e, 0x0, 0xf, 0xffffffffffffffff, 0x2, 0x5}, 0x6f4) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mbind$auto(0x0, 0x800605, 0x8003, &(0x7f0000000100)=0xfffe, 0x3, 0x3) mbind$auto(0x1000, 0xb, 0x3, &(0x7f0000000180)=0xffff, 0x3, 0x3) r2 = signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) read$auto_kernel_debug_fops_orangefs_debugfs(r2, &(0x7f0000000640)=""/4096, 0x1000) read$auto_l2cap_debugfs_fops_(r2, 0x0, 0x0) ioctl$auto_BCH_IOCTL_DISK_RESIZE(r2, 0x4018bc0e, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x2a}) read$auto(r1, 0x0, 0x1f40) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) openat$auto_mtd_fops_mtdchar(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mtd0\x00', 0x28082, 0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) tkill$auto(0x0, 0x9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video43\x00', 0x129900, 0x0) ioctl$auto(r3, 0xfffffff9, 0xffffffffffffffff) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) unshare$auto(0x2) unshare$auto(0x7fffffff) kernel console output (not intermixed with test programs): ace will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 86.103540][ T5848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 86.131009][ T5845] hsr_slave_0: entered promiscuous mode [ 86.137288][ T5845] hsr_slave_1: entered promiscuous mode [ 86.143351][ T5843] Bluetooth: hci1: command tx timeout [ 86.149272][ T5845] debugfs: 'hsr0' already exists in 'hsr' [ 86.155271][ T5845] Cannot create hsr debugfs directory [ 86.228701][ T5843] Bluetooth: hci3: command tx timeout [ 86.262192][ T5840] hsr_slave_0: entered promiscuous mode [ 86.268788][ T5840] hsr_slave_1: entered promiscuous mode [ 86.274921][ T5840] debugfs: 'hsr0' already exists in 'hsr' [ 86.280799][ T5840] Cannot create hsr debugfs directory [ 86.314580][ T5848] hsr_slave_0: entered promiscuous mode [ 86.321363][ T5848] hsr_slave_1: entered promiscuous mode [ 86.327421][ T5848] debugfs: 'hsr0' already exists in 'hsr' [ 86.333249][ T5848] Cannot create hsr debugfs directory [ 86.715610][ T5836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 86.743451][ T5836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 86.763120][ T5836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 86.774884][ T5836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 86.840579][ T5845] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 86.869096][ T5845] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 86.891514][ T5845] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 86.923517][ T5845] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 87.027718][ T5840] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 87.076875][ T5840] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 87.126042][ T5840] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 87.144628][ T5840] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 87.242276][ T5848] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 87.254862][ T5848] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 87.269559][ T5848] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 87.281231][ T5848] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 87.298879][ T5836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.360528][ T5836] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.390443][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.397644][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.417641][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.424854][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.474023][ T5845] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.541787][ T5845] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.571315][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.578503][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.592082][ T5840] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.606721][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.614114][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.706076][ T5840] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.746758][ T5848] 8021q: adding VLAN 0 to HW filter on device bond0 [ 87.770738][ T3661] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.778411][ T3661] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.798837][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 87.806026][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 87.880083][ T5848] 8021q: adding VLAN 0 to HW filter on device team0 [ 87.945830][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 87.953050][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 87.997679][ T4930] bridge0: port 2(bridge_slave_1) entered blocking state [ 88.004989][ T4930] bridge0: port 2(bridge_slave_1) entered forwarding state [ 88.041093][ T5840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 88.073544][ T5836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.141567][ T5843] Bluetooth: hci2: command tx timeout [ 88.141599][ T51] Bluetooth: hci0: command tx timeout [ 88.218994][ T51] Bluetooth: hci1: command tx timeout [ 88.247415][ T5836] veth0_vlan: entered promiscuous mode [ 88.263080][ T5845] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.297600][ T5836] veth1_vlan: entered promiscuous mode [ 88.303473][ T51] Bluetooth: hci3: command tx timeout [ 88.444810][ T5845] veth0_vlan: entered promiscuous mode [ 88.460782][ T5836] veth0_macvtap: entered promiscuous mode [ 88.490413][ T5836] veth1_macvtap: entered promiscuous mode [ 88.505391][ T5845] veth1_vlan: entered promiscuous mode [ 88.521107][ T5840] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.580732][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.603372][ T5836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.620875][ T5845] veth0_macvtap: entered promiscuous mode [ 88.638617][ T5848] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 88.659967][ T3661] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.670560][ T3661] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.683982][ T5845] veth1_macvtap: entered promiscuous mode [ 88.693246][ T3661] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.705371][ T3661] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.757708][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 88.792712][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 88.834014][ T5840] veth0_vlan: entered promiscuous mode [ 88.845658][ T49] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.855273][ T49] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.877682][ T49] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.889088][ T49] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 88.932620][ T5840] veth1_vlan: entered promiscuous mode [ 88.943887][ T5848] veth0_vlan: entered promiscuous mode [ 88.953630][ T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 88.982133][ T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.023022][ T5848] veth1_vlan: entered promiscuous mode [ 89.059734][ T1335] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.067576][ T1335] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.148455][ T5848] veth0_macvtap: entered promiscuous mode [ 89.160628][ T5840] veth0_macvtap: entered promiscuous mode [ 89.169592][ T4930] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.175803][ T5840] veth1_macvtap: entered promiscuous mode [ 89.180103][ T4930] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.194845][ T5848] veth1_macvtap: entered promiscuous mode [ 89.217054][ T5836] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 89.287510][ T4930] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.312779][ T4930] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.314539][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.340040][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 89.365004][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.388938][ T5840] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 89.406801][ T3661] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.416952][ T3661] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.430131][ T3661] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.452271][ T3661] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.507411][ T3661] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.558507][ T3661] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.571311][ T3661] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.595049][ T3661] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 89.702465][ T5932] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input5 [ 89.816509][ T3661] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.831032][ T3661] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 89.928744][ T3661] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 89.948939][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 89.968525][ T3661] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.029790][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 90.151475][ T5937] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 90.163862][ T3661] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.193051][ T5933] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 90.220781][ T3661] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.222246][ T51] Bluetooth: hci2: command tx timeout [ 90.228282][ T5843] Bluetooth: hci0: command tx timeout [ 90.266125][ T5939] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5'. [ 90.310337][ T51] Bluetooth: hci1: command tx timeout [ 90.317426][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 90.347338][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 90.378969][ T51] Bluetooth: hci3: command tx timeout [ 90.764981][ T5943] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 91.216452][ T5933] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 91.238521][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 91.518587][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.016834][ T9] cfg80211: failed to load regulatory.db [ 92.208326][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.215476][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 92.298092][ T51] Bluetooth: hci2: command tx timeout [ 92.298153][ T5843] Bluetooth: hci0: command tx timeout [ 92.380790][ T5843] Bluetooth: hci1: command tx timeout [ 92.466438][ T5843] Bluetooth: hci3: command tx timeout [ 92.528779][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 92.870626][ T5972] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 93.065491][ T5975] netlink: 28 bytes leftover after parsing attributes in process `syz.3.12'. [ 93.216135][ T5975] veth0_macvtap: left promiscuous mode [ 93.260232][ T5975] macvtap0: entered promiscuous mode [ 93.309382][ T5975] macvtap0: entered allmulticast mode [ 93.798301][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 93.820067][ T0] NOHZ tick-stop error: local softirq work is pending, handler #208!!! [ 93.965601][ T5988] Zero length message leads to an empty skb [ 94.134400][ T6003] Console: switching to colour VGA+ 80x25 [ 94.379258][ T6008] binder: 5986:6008 ioctl 40046f41 0 returned -22 [ 94.611069][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 94.892106][ T6013] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 95.735972][ T6014] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 96.066766][ T6026] zero sized request [ 97.804898][ T6056] CIFS: VFS: Invalid SecurityFlags: [ 97.974454][ T6061] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE ùrõ£Ò„yù*›"¤l-ý¤ôy–ú„ [ 98.267169][ T5843] Bluetooth: hci2: Malformed LE Event: 0x0b [ 98.899062][ T6067] process 'syz.3.30' launched ':,' with NULL argv: empty string added [ 99.295188][ T6076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.32'. [ 99.391855][ T6076] netlink: 354 bytes leftover after parsing attributes in process `syz.0.32'. [ 99.932470][ T6083] nbd: must specify an index to disconnect [ 100.719325][ T6092] netlink: 24 bytes leftover after parsing attributes in process `syz.2.35'. [ 100.903342][ T6095] svc: failed to register nfsdv3 RPC service (errno 111). [ 100.912640][ T6092] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 100.935498][ T6095] svc: failed to register nfsaclv3 RPC service (errno 111). [ 100.986170][ T6092] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 101.018395][ T6092] bond0 (unregistering): Released all slaves [ 102.387042][ T6118] vhci_hcd: default hub control req: 2304 v0002 i0002 l8 [ 102.441141][ T6118] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.023500][ T6130] netlink: 4 bytes leftover after parsing attributes in process `syz.2.44'. [ 103.047457][ T6130] netlink: 354 bytes leftover after parsing attributes in process `syz.2.44'. [ 103.350072][ T6138] mmap: syz.2.47 (6138) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 103.382926][ T6141] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 103.444261][ T6140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.46'. [ 104.013842][ T6145] FAULT_INJECTION: forcing a failure. [ 104.013842][ T6145] name failslab, interval 1, probability 0, space 0, times 1 [ 104.054303][ T6145] CPU: 1 UID: 0 PID: 6145 Comm: syz.3.48 Not tainted syzkaller #0 PREEMPT(full) [ 104.054339][ T6145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 104.054358][ T6145] Call Trace: [ 104.054367][ T6145] [ 104.054376][ T6145] dump_stack_lvl+0x16c/0x1f0 [ 104.054412][ T6145] should_fail_ex+0x512/0x640 [ 104.054438][ T6145] ? fs_reclaim_acquire+0xae/0x150 [ 104.054472][ T6145] should_failslab+0xc2/0x120 [ 104.054505][ T6145] kmem_cache_alloc_noprof+0x75/0x720 [ 104.054540][ T6145] ? __pfx_map_id_range_down+0x10/0x10 [ 104.054569][ T6145] ? security_inode_alloc+0x3b/0x2b0 [ 104.054602][ T6145] ? security_inode_alloc+0x3b/0x2b0 [ 104.054626][ T6145] security_inode_alloc+0x3b/0x2b0 [ 104.054653][ T6145] inode_init_always_gfp+0xced/0x1040 [ 104.054688][ T6145] alloc_inode+0x86/0x240 [ 104.054710][ T6145] new_inode+0x22/0x1c0 [ 104.054734][ T6145] proc_pid_make_inode+0x22/0x160 [ 104.054760][ T6145] proc_pident_instantiate+0x85/0x310 [ 104.054789][ T6145] proc_fill_cache+0x361/0x470 [ 104.054813][ T6145] ? __pfx_proc_pident_instantiate+0x10/0x10 [ 104.054842][ T6145] ? __pfx_proc_fill_cache+0x10/0x10 [ 104.054865][ T6145] ? __lock_acquire+0x433/0x22f0 [ 104.054925][ T6145] proc_pident_readdir+0x1bc/0x530 [ 104.054967][ T6145] iterate_dir+0x296/0xaf0 [ 104.055000][ T6145] __x64_sys_getdents+0x13c/0x2b0 [ 104.055029][ T6145] ? __pfx___x64_sys_getdents+0x10/0x10 [ 104.055055][ T6145] ? __x64_sys_openat+0x174/0x210 [ 104.055080][ T6145] ? __pfx_filldir+0x10/0x10 [ 104.055119][ T6145] do_syscall_64+0xcd/0xf80 [ 104.055149][ T6145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 104.055173][ T6145] RIP: 0033:0x7f7175d8f7c9 [ 104.055193][ T6145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 104.055222][ T6145] RSP: 002b:00007f7176b9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e [ 104.055246][ T6145] RAX: ffffffffffffffda RBX: 00007f7175fe5fa0 RCX: 00007f7175d8f7c9 [ 104.055263][ T6145] RDX: 0000000000000fff RSI: 0000000000000000 RDI: 0000000000000002 [ 104.055277][ T6145] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 104.055292][ T6145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 104.055307][ T6145] R13: 00007f7175fe6038 R14: 00007f7175fe5fa0 R15: 00007ffedb168c78 [ 104.055345][ T6145] syzkaller syzkaller login: [ 106.975103][ T6185] FAULT_INJECTION: forcing a failure. [ 106.975103][ T6185] name failslab, interval 1, probability 0, space 0, times 0 [ 107.068161][ T6185] CPU: 1 UID: 0 PID: 6185 Comm: syz.3.56 Not tainted syzkaller #0 PREEMPT(full) [ 107.068195][ T6185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 107.068209][ T6185] Call Trace: [ 107.068224][ T6185] [ 107.068234][ T6185] dump_stack_lvl+0x16c/0x1f0 [ 107.068276][ T6185] should_fail_ex+0x512/0x640 [ 107.068304][ T6185] ? __kmalloc_node_noprof+0xcd/0x890 [ 107.068335][ T6185] should_failslab+0xc2/0x120 [ 107.068374][ T6185] __kmalloc_node_noprof+0xe0/0x890 [ 107.068403][ T6185] ? alloc_slab_obj_exts+0x43/0xf0 [ 107.068447][ T6185] ? alloc_slab_obj_exts+0x43/0xf0 [ 107.068480][ T6185] alloc_slab_obj_exts+0x43/0xf0 [ 107.068511][ T6185] new_slab+0x283/0x360 [ 107.068545][ T6185] ___slab_alloc+0xee7/0x1cd0 [ 107.068574][ T6185] ? __lock_acquire+0x433/0x22f0 [ 107.068600][ T6185] ? __pcs_replace_empty_main+0x2ac/0x4d0 [ 107.068643][ T6185] ? find_held_lock+0x2b/0x80 [ 107.068684][ T6185] ? __kmem_cache_alloc_bulk+0x225/0x760 [ 107.068705][ T6185] __kmem_cache_alloc_bulk+0x225/0x760 [ 107.068743][ T6185] __pcs_replace_empty_main+0x2ac/0x4d0 [ 107.068786][ T6185] kmem_cache_alloc_noprof+0x576/0x720 [ 107.068834][ T6185] ? vm_area_dup+0x27/0x8d0 [ 107.068874][ T6185] ? vm_area_dup+0x27/0x8d0 [ 107.068906][ T6185] vm_area_dup+0x27/0x8d0 [ 107.068941][ T6185] dup_mmap+0x86f/0x2250 [ 107.068987][ T6185] ? __pfx_dup_mmap+0x10/0x10 [ 107.069062][ T6185] copy_process+0x3f16/0x7680 [ 107.069112][ T6185] ? preempt_schedule_thunk+0x16/0x30 [ 107.069167][ T6185] ? __pfx_copy_process+0x10/0x10 [ 107.069199][ T6185] ? find_held_lock+0x2b/0x80 [ 107.069236][ T6185] ? futex_private_hash_put+0xd5/0x190 [ 107.069269][ T6185] kernel_clone+0xfc/0x910 [ 107.069310][ T6185] ? __pfx_futex_wake+0x10/0x10 [ 107.069341][ T6185] ? __pfx_kernel_clone+0x10/0x10 [ 107.069398][ T6185] __do_sys_clone+0xce/0x120 [ 107.069433][ T6185] ? __pfx___do_sys_clone+0x10/0x10 [ 107.069467][ T6185] ? __sys_sendmsg+0x18c/0x220 [ 107.069509][ T6185] ? xfd_validate_state+0x61/0x180 [ 107.069559][ T6185] do_syscall_64+0xcd/0xf80 [ 107.069592][ T6185] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 107.069617][ T6185] RIP: 0033:0x7f7175d8f7c9 [ 107.069637][ T6185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 107.069660][ T6185] RSP: 002b:00007f7173bf3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 107.069686][ T6185] RAX: ffffffffffffffda RBX: 00007f7175fe6270 RCX: 00007f7175d8f7c9 [ 107.069704][ T6185] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 107.069718][ T6185] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 107.069733][ T6185] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 107.069748][ T6185] R13: 00007f7175fe6308 R14: 00007f7175fe6270 R15: 00007ffedb168c78 [ 107.069791][ T6185] [ 108.678191][ T6221] futex_wake_op: syz.0.62 tries to shift op by -2048; fix this program [ 108.686846][ T6221] futex_wake_op: syz.0.62 tries to shift op by -2048; fix this program [ 108.720274][ T6222] HfR: entered promiscuous mode [ 108.779517][ T6221] ubi1: attaching mtd0 [ 108.806947][ T6221] ubi1: scanning is finished [ 108.829321][ T6221] ubi1: empty MTD device detected [ 108.908676][ T6213] netlink: set zone limit has 8 unknown bytes [ 109.185260][ T6221] ubi1: attached mtd0 (name "mtdram test device", size 0 MiB) [ 109.201164][ T6221] ubi1: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 109.226866][ T6221] ubi1: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 109.236204][ T6221] ubi1: VID header offset: 64 (aligned 64), data offset: 128 [ 109.259365][ T6221] ubi1: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 109.272692][ T6221] ubi1: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 109.301953][ T6221] ubi1: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1109896250 [ 109.312828][ T6221] ubi1: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 109.324062][ T6231] ubi1: background thread "ubi_bgt1d" started, PID 6231 [ 109.616402][ T6239] ecryptfs_miscdev_write: Minimum acceptable packet size is [14], but amount of data written is only [5]. Discarding response packet. [ 109.794869][ T6242] FAULT_INJECTION: forcing a failure. [ 109.794869][ T6242] name failslab, interval 1, probability 0, space 0, times 0 [ 109.874986][ T6242] CPU: 0 UID: 0 PID: 6242 Comm: syz.0.65 Not tainted syzkaller #0 PREEMPT(full) [ 109.875021][ T6242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 109.875037][ T6242] Call Trace: [ 109.875045][ T6242] [ 109.875055][ T6242] dump_stack_lvl+0x16c/0x1f0 [ 109.875095][ T6242] should_fail_ex+0x512/0x640 [ 109.875123][ T6242] ? kmem_cache_alloc_noprof+0x62/0x720 [ 109.875167][ T6242] should_failslab+0xc2/0x120 [ 109.875201][ T6242] kmem_cache_alloc_noprof+0x75/0x720 [ 109.875239][ T6242] ? __proc_create+0x2c8/0x8d0 [ 109.875275][ T6242] ? __proc_create+0x2c8/0x8d0 [ 109.875301][ T6242] __proc_create+0x2c8/0x8d0 [ 109.875345][ T6242] ? __pfx___proc_create+0x10/0x10 [ 109.875387][ T6242] ? _raw_write_unlock+0x28/0x50 [ 109.875415][ T6242] ? proc_register+0x559/0x8b0 [ 109.875449][ T6242] proc_create_reg+0x7d/0x180 [ 109.875483][ T6242] proc_create_net_data+0x8e/0x1c0 [ 109.875516][ T6242] ? __pfx_proc_create_net_data+0x10/0x10 [ 109.875555][ T6242] ? __pfx_vlan_init_net+0x10/0x10 [ 109.875585][ T6242] vlan_proc_init+0xe3/0x180 [ 109.875609][ T6242] ops_init+0x1e2/0x5f0 [ 109.875641][ T6242] setup_net+0x11d/0x3a0 [ 109.875680][ T6242] ? __pfx_setup_net+0x10/0x10 [ 109.875706][ T6242] ? lockdep_init_map_type+0x5c/0x270 [ 109.875734][ T6242] ? mutex_init_lockep+0x110/0x150 [ 109.875766][ T6242] copy_net_ns+0x351/0x5d0 [ 109.875799][ T6242] create_new_namespaces+0x3ea/0xab0 [ 109.875840][ T6242] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 109.875878][ T6242] ksys_unshare+0x45b/0xa40 [ 109.875902][ T6242] ? __pfx_ksys_unshare+0x10/0x10 [ 109.875940][ T6242] ? xfd_validate_state+0x61/0x180 [ 109.875988][ T6242] __x64_sys_unshare+0x31/0x40 [ 109.876011][ T6242] do_syscall_64+0xcd/0xf80 [ 109.876044][ T6242] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 109.876070][ T6242] RIP: 0033:0x7f85f2b8f7c9 [ 109.876091][ T6242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 109.876115][ T6242] RSP: 002b:00007f85f0df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 109.876141][ T6242] RAX: ffffffffffffffda RBX: 00007f85f2de5fa0 RCX: 00007f85f2b8f7c9 [ 109.876159][ T6242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 109.876175][ T6242] RBP: 00007f85f2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 109.876190][ T6242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 109.876205][ T6242] R13: 00007f85f2de6038 R14: 00007f85f2de5fa0 R15: 00007ffe59dcaba8 [ 109.876242][ T6242] [ 110.276415][ T6242] 8021q: can't create entry in proc filesystem! [ 110.888287][ T6260] FAULT_INJECTION: forcing a failure. [ 110.888287][ T6260] name failslab, interval 1, probability 0, space 0, times 0 [ 110.901420][ T6260] CPU: 1 UID: 7 PID: 6260 Comm: syz.2.68 Not tainted syzkaller #0 PREEMPT(full) [ 110.901441][ T6260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 110.901450][ T6260] Call Trace: [ 110.901457][ T6260] [ 110.901464][ T6260] dump_stack_lvl+0x16c/0x1f0 [ 110.901486][ T6260] should_fail_ex+0x512/0x640 [ 110.901505][ T6260] should_failslab+0xc2/0x120 [ 110.901525][ T6260] __kmalloc_noprof+0xdd/0x870 [ 110.901546][ T6260] ? nsim_fib_event_nb+0x45e/0x10d0 [ 110.901569][ T6260] ? nsim_fib_event_nb+0x45e/0x10d0 [ 110.901587][ T6260] nsim_fib_event_nb+0x45e/0x10d0 [ 110.901614][ T6260] call_fib_notifier+0x3c/0x80 [ 110.901632][ T6260] fib6_node_dump+0x1ea/0x320 [ 110.901650][ T6260] ? __pfx_fib6_node_dump+0x10/0x10 [ 110.901672][ T6260] ? fib6_walk_continue+0xbe/0x8d0 [ 110.901690][ T6260] fib6_walk_continue+0x452/0x8d0 [ 110.901710][ T6260] fib6_walk+0x182/0x370 [ 110.901728][ T6260] fib6_tables_dump+0x222/0x370 [ 110.901750][ T6260] ? __pfx_fib6_tables_dump+0x10/0x10 [ 110.901776][ T6260] fib6_dump+0x48/0x60 [ 110.901794][ T6260] register_fib_notifier+0x123/0x470 [ 110.901811][ T6260] ? __pfx_nsim_fib_dump_inconsistent+0x10/0x10 [ 110.901832][ T6260] nsim_fib_create+0x938/0xc90 [ 110.901856][ T6260] ? __pfx_nsim_fib_create+0x10/0x10 [ 110.901881][ T6260] nsim_drv_probe+0xcec/0x1520 [ 110.901901][ T6260] ? __pfx_nsim_drv_probe+0x10/0x10 [ 110.901923][ T6260] ? kernfs_put+0x35/0x60 [ 110.901940][ T6260] ? sysfs_create_link+0x68/0xc0 [ 110.901954][ T6260] ? __pfx_nsim_bus_probe+0x10/0x10 [ 110.901973][ T6260] really_probe+0x241/0xa90 [ 110.901996][ T6260] __driver_probe_device+0x1de/0x440 [ 110.902015][ T6260] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 110.902032][ T6260] driver_probe_device+0x4c/0x1b0 [ 110.902052][ T6260] __device_attach_driver+0x1df/0x310 [ 110.902073][ T6260] ? __pfx___device_attach_driver+0x10/0x10 [ 110.902092][ T6260] bus_for_each_drv+0x159/0x1e0 [ 110.902110][ T6260] ? __pfx_bus_for_each_drv+0x10/0x10 [ 110.902132][ T6260] __device_attach+0x1e4/0x4b0 [ 110.902152][ T6260] ? __pfx___device_attach+0x10/0x10 [ 110.902172][ T6260] ? do_raw_spin_unlock+0x172/0x230 [ 110.902194][ T6260] bus_probe_device+0x17f/0x1c0 [ 110.902214][ T6260] device_add+0x1148/0x1950 [ 110.902229][ T6260] ? __pfx_device_add+0x10/0x10 [ 110.902242][ T6260] ? lockdep_init_map_type+0x5c/0x270 [ 110.902258][ T6260] ? __init_waitqueue_head+0xca/0x150 [ 110.902281][ T6260] new_device_store+0x41b/0x730 [ 110.902301][ T6260] ? __pfx_new_device_store+0x10/0x10 [ 110.902331][ T6260] ? find_held_lock+0x2b/0x80 [ 110.902373][ T6260] ? sysfs_file_kobj+0xe4/0x290 [ 110.902404][ T6260] ? __pfx_new_device_store+0x10/0x10 [ 110.902439][ T6260] bus_attr_store+0x74/0xb0 [ 110.902460][ T6260] ? __pfx_bus_attr_store+0x10/0x10 [ 110.902475][ T6260] sysfs_kf_write+0xf2/0x150 [ 110.902496][ T6260] kernfs_fop_write_iter+0x3af/0x570 [ 110.902513][ T6260] ? __pfx_sysfs_kf_write+0x10/0x10 [ 110.902536][ T6260] do_iter_readv_writev+0x662/0x9e0 [ 110.902554][ T6260] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 110.902579][ T6260] vfs_writev+0x35f/0xde0 [ 110.902594][ T6260] ? rcu_is_watching+0x12/0xc0 [ 110.902618][ T6260] ? __pfx_vfs_writev+0x10/0x10 [ 110.902633][ T6260] ? fdget_pos+0x2a2/0x370 [ 110.902650][ T6260] ? lockdep_hardirqs_on+0x7c/0x110 [ 110.902680][ T6260] ? __fget_files+0x20e/0x3c0 [ 110.902701][ T6260] ? do_writev+0x132/0x340 [ 110.902714][ T6260] do_writev+0x132/0x340 [ 110.902729][ T6260] ? __pfx_do_writev+0x10/0x10 [ 110.902750][ T6260] do_syscall_64+0xcd/0xf80 [ 110.902769][ T6260] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 110.902783][ T6260] RIP: 0033:0x7f0813d8f7c9 [ 110.902796][ T6260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 110.902810][ T6260] RSP: 002b:00007f0814bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 110.902826][ T6260] RAX: ffffffffffffffda RBX: 00007f0813fe5fa0 RCX: 00007f0813d8f7c9 [ 110.902835][ T6260] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000004 [ 110.902843][ T6260] RBP: 00007f0813e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 110.902851][ T6260] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 110.902859][ T6260] R13: 00007f0813fe6038 R14: 00007f0813fe5fa0 R15: 00007ffec97e3638 [ 110.902879][ T6260] [ 111.330856][ T6260] Failed to register fib notifier [ 111.850151][ T6271] random: crng reseeded on system resumption [ 114.917432][ T6260] netdevsim netdevsim511: probe with driver netdevsim failed with error -1 [ 116.439913][ T6376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.83'. [ 116.558275][ T6376] netlink: 354 bytes leftover after parsing attributes in process `syz.1.83'. [ 118.622802][ T6407] sp0: Synchronizing with TNC [ 118.630791][ T6398] misc userio: No port type given on /dev/userio [ 118.691720][ T6398] netlink: 252 bytes leftover after parsing attributes in process `syz.3.88'. [ 118.709859][ T6410] ptp ptp0: only physical clock in use now [ 118.748523][ T6416] zero sized request [ 118.755644][ T6398] unsupported nla_type 65535 [ 119.222078][ T6428] netlink: 28 bytes leftover after parsing attributes in process `syz.2.91'. [ 121.795908][ T6471] Invalid ELF header magic: != ELF [ 121.804460][ T6471] netlink: 28 bytes leftover after parsing attributes in process `syz.1.98'. [ 121.840058][ T6471] veth0_macvtap: left promiscuous mode [ 123.826500][ T6490] FAULT_INJECTION: forcing a failure. [ 123.826500][ T6490] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 123.861279][ T6490] CPU: 0 UID: 0 PID: 6490 Comm: syz.2.103 Not tainted syzkaller #0 PREEMPT(full) [ 123.861301][ T6490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 123.861309][ T6490] Call Trace: [ 123.861318][ T6490] [ 123.861325][ T6490] dump_stack_lvl+0x16c/0x1f0 [ 123.861346][ T6490] should_fail_ex+0x512/0x640 [ 123.861364][ T6490] _copy_from_user+0x2e/0xd0 [ 123.861381][ T6490] do_sys_name_to_handle+0x205/0x830 [ 123.861404][ T6490] ? __pfx_do_sys_name_to_handle+0x10/0x10 [ 123.861425][ T6490] ? putname+0xf5/0x1a0 [ 123.861442][ T6490] ? putname+0xf5/0x1a0 [ 123.861463][ T6490] __x64_sys_name_to_handle_at+0x2af/0x310 [ 123.861484][ T6490] ? __pfx___x64_sys_name_to_handle_at+0x10/0x10 [ 123.861509][ T6490] do_syscall_64+0xcd/0xf80 [ 123.861527][ T6490] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.861541][ T6490] RIP: 0033:0x7f0813d8f7c9 [ 123.861554][ T6490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.861568][ T6490] RSP: 002b:00007f0814ba0038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f [ 123.861582][ T6490] RAX: ffffffffffffffda RBX: 00007f0813fe6090 RCX: 00007f0813d8f7c9 [ 123.861592][ T6490] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 123.861601][ T6490] RBP: 00007f0813e13f91 R08: 0000000000000002 R09: 0000000000000000 [ 123.861609][ T6490] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000000 [ 123.861617][ T6490] R13: 00007f0813fe6128 R14: 00007f0813fe6090 R15: 00007ffec97e3638 [ 123.861636][ T6490] [ 124.121200][ T6501] [U] [ 124.124311][ T6501] [U] [ 124.127114][ T6501] [U] [ 124.129828][ T6501] [U] [ 124.132544][ T6501] [U] [ 124.243570][ T6501] [U] [ 124.246287][ T6501] [U] [ 124.248965][ T6501] [U] [ 124.251639][ T6501] [U] [ 124.288332][ T6501] [U] [ 124.291090][ T6501] [U] [ 124.293803][ T6501] [U] [ 124.296602][ T6501] [U] [ 124.318463][ T6501] [U] [ 124.321216][ T6501] [U] [ 124.323915][ T6501] [U] [ 124.326611][ T6501] [U] [ 124.415698][ T6501] [U] [ 124.418460][ T6501] [U] [ 124.421176][ T6501] [U] [ 124.423890][ T6501] [U] [ 124.467545][ T6501] [U] [ 124.470305][ T6501] [U] [ 124.473023][ T6501] [U] [ 124.475840][ T6501] [U] [ 124.511076][ T6501] [U] [ 124.513842][ T6501] [U] [ 124.516554][ T6501] [U] [ 124.519262][ T6501] [U] [ 124.548223][ T6501] [U] [ 124.550979][ T6501] [U] [ 124.553694][ T6501] [U] [ 124.556401][ T6501] [U] [ 124.575410][ T6501] [U] [ 124.578205][ T6501] [U] [ 124.580914][ T6501] [U] [ 124.583622][ T6501] [U] [ 124.650250][ T6501] [U] [ 125.131969][ T6516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 125.179789][ T6516] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 125.218162][ T6516] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 125.226137][ T6516] page_type: f5(slab) [ 125.262280][ T6516] raw: 00fff00000000040 ffff88813ffa7280 dead000000000122 0000000000000000 [ 125.305171][ T6516] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 125.329721][ T6516] head: 00fff00000000040 ffff88813ffa7280 dead000000000122 0000000000000000 [ 125.357671][ T6516] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000 [ 125.395965][ T6516] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 125.448119][ T6516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 125.479012][ T6516] page dumped because: unmovable page [ 125.509359][ T6516] page_owner tracks the page as allocated [ 125.543335][ T6516] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6478, tgid 6473 (syz.0.100), ts 122516980161, free_ts 122515266143 [ 125.638366][ T6516] post_alloc_hook+0x1af/0x220 [ 125.643208][ T6516] get_page_from_freelist+0xd0b/0x31a0 [ 125.670164][ T6516] __alloc_frozen_pages_noprof+0x25f/0x2440 [ 125.697561][ T6516] alloc_pages_mpol+0x1fb/0x550 [ 125.725221][ T6516] new_slab+0x24a/0x360 [ 125.739249][ T6516] ___slab_alloc+0xee7/0x1cd0 [ 125.788092][ T6516] __slab_alloc.constprop.0+0x63/0x110 [ 125.793680][ T6516] __kmalloc_noprof+0x501/0x870 [ 125.926103][ T6516] kernfs_fop_write_iter+0x237/0x570 [ 125.950120][ T6516] vfs_write+0x7d3/0x11d0 [ 125.954613][ T6516] ksys_write+0x12a/0x250 [ 126.002169][ T6516] do_syscall_64+0xcd/0xf80 [ 126.018688][ T6516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 126.052308][ T6516] page last free pid 6478 tgid 6473 stack trace: [ 126.068218][ T6516] __free_frozen_pages+0x7df/0x1160 [ 126.078314][ T6516] __put_partials+0x130/0x170 [ 126.094037][ T6516] qlist_free_all+0x4d/0x120 [ 126.102705][ T6516] kasan_quarantine_reduce+0x195/0x1e0 [ 126.120273][ T6516] __kasan_slab_alloc+0x69/0x90 [ 126.129508][ T6516] __kmalloc_noprof+0x2e8/0x870 [ 126.141727][ T6516] kernfs_fop_write_iter+0x237/0x570 [ 126.153890][ T6516] vfs_write+0x7d3/0x11d0 [ 126.162958][ T6516] ksys_write+0x12a/0x250 [ 126.173481][ T6516] do_syscall_64+0xcd/0xf80 [ 126.186194][ T6516] entry_SYSCALL_64_after_hwframe+0x77/0x7f syzkaller syzkaller login: syzkaller syzkaller login: [ 130.335651][ T6600] ptp ptp0: only physical clock in use now [ 130.349983][ T6598] sp0: Synchronizing with TNC [ 130.562023][ T6599] netlink: set zone limit has 8 unknown bytes [ 130.851807][ T6599] HfR: entered promiscuous mode [ 131.966289][ T6622] netlink: 28 bytes leftover after parsing attributes in process `syz.0.122'. [ 132.955546][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.962462][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 syzkaller syzkaller login: [ 134.774610][ T6666] FAULT_INJECTION: forcing a failure. [ 134.774610][ T6666] name failslab, interval 1, probability 0, space 0, times 0 [ 134.810595][ T6666] CPU: 1 UID: 0 PID: 6666 Comm: syz.0.138 Not tainted syzkaller #0 PREEMPT(full) [ 134.810618][ T6666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 134.810628][ T6666] Call Trace: [ 134.810633][ T6666] [ 134.810639][ T6666] dump_stack_lvl+0x16c/0x1f0 [ 134.810662][ T6666] should_fail_ex+0x512/0x640 [ 134.810678][ T6666] ? fs_reclaim_acquire+0xae/0x150 [ 134.810697][ T6666] should_failslab+0xc2/0x120 [ 134.810716][ T6666] kmem_cache_alloc_noprof+0x75/0x720 [ 134.810737][ T6666] ? __pfx_map_id_range_down+0x10/0x10 [ 134.810756][ T6666] ? security_inode_alloc+0x3b/0x2b0 [ 134.810775][ T6666] ? security_inode_alloc+0x3b/0x2b0 [ 134.810789][ T6666] security_inode_alloc+0x3b/0x2b0 [ 134.810804][ T6666] inode_init_always_gfp+0xced/0x1040 [ 134.810825][ T6666] alloc_inode+0x86/0x240 [ 134.810838][ T6666] iget_locked+0x1d9/0x6d0 [ 134.810851][ T6666] ? __pfx_iget_locked+0x10/0x10 [ 134.810896][ T6666] ? kernfs_root+0xee/0x2a0 [ 134.810917][ T6666] kernfs_get_inode+0x46/0x470 [ 134.810931][ T6666] kernfs_iop_lookup+0x1a7/0x2d0 [ 134.810948][ T6666] __lookup_slow+0x251/0x460 [ 134.810962][ T6666] ? __pfx___lookup_slow+0x10/0x10 [ 134.810994][ T6666] ? __d_lookup+0x266/0x4a0 [ 134.811012][ T6666] lookup_slow+0x50/0x70 [ 134.811025][ T6666] path_lookupat+0x5e9/0xc40 [ 134.811043][ T6666] filename_lookup+0x224/0x5f0 [ 134.811061][ T6666] ? __pfx_filename_lookup+0x10/0x10 [ 134.811094][ T6666] ? getname_flags.part.0+0x1c5/0x550 [ 134.811118][ T6666] user_path_at+0x3a/0x60 [ 134.811134][ T6666] __x64_sys_name_to_handle_at+0x1e7/0x310 [ 134.811156][ T6666] ? __pfx___x64_sys_name_to_handle_at+0x10/0x10 [ 134.811181][ T6666] do_syscall_64+0xcd/0xf80 [ 134.811199][ T6666] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 134.811214][ T6666] RIP: 0033:0x7f85f2b8f7c9 [ 134.811226][ T6666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 134.811239][ T6666] RSP: 002b:00007f85f0dd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012f [ 134.811253][ T6666] RAX: ffffffffffffffda RBX: 00007f85f2de6090 RCX: 00007f85f2b8f7c9 [ 134.811262][ T6666] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 134.811278][ T6666] RBP: 00007f85f2c13f91 R08: 0000000000000002 R09: 0000000000000000 [ 134.811287][ T6666] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000000 [ 134.811295][ T6666] R13: 00007f85f2de6128 R14: 00007f85f2de6090 R15: 00007ffe59dcaba8 [ 134.811315][ T6666] [ 136.080767][ T6686] netlink: set zone limit has 8 unknown bytes [ 136.297272][ T6695] HfR: entered promiscuous mode [ 136.959106][ T6703] zero sized request [ 138.730153][ T6723] zero sized request [ 140.660120][ T6751] zero sized request [ 141.427019][ T6760] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 144.773152][ T6804] zero sized request syzkaller syzkaller login: [ 147.132099][ T6832] netlink: 28 bytes leftover after parsing attributes in process `syz.1.165'. [ 148.546388][ T5843] Bluetooth: hci1: Malformed LE Event: 0x0b syzkaller syzkaller login: [ 153.975529][ T6915] HfR: entered promiscuous mode [ 154.037502][ T6912] netlink: set zone limit has 8 unknown bytes syzkaller syzkaller login: [ 156.404218][ T6946] zero sized request [ 156.444376][ T6948] zero sized request [ 156.457067][ T6949] netlink: 330 bytes leftover after parsing attributes in process `syz.1.197'. [ 156.467323][ T6949] mac80211_hwsim hwsim13 ›: renamed from wlan0 [ 159.026647][ T6989] openvswitch: HfR: Dropping previously announced user features [ 159.102692][ T6985] netlink: set zone limit has 8 unknown bytes syzkaller syzkaller login: [ 161.087287][ T7028] zero sized request syzkaller syzkaller login: [ 164.435156][ T7080] netlink: 330 bytes leftover after parsing attributes in process `syz.2.215'. [ 165.750470][ T7092] zero sized request syzkaller syzkaller login: [ 169.003187][ T7134] netlink: 330 bytes leftover after parsing attributes in process `syz.1.227'. [ 170.577719][ T30] audit: type=1800 audit(1764682216.046:2): pid=7159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.231" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 171.312044][ T7169] netlink: 28 bytes leftover after parsing attributes in process `syz.1.234'. [ 172.738793][ T30] audit: type=1800 audit(1764682218.216:3): pid=7192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.238" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 174.789493][ T7222] netlink: 330 bytes leftover after parsing attributes in process `syz.3.245'. syzkaller syzkaller login: [ 180.722421][ T5843] Bluetooth: hci3: unexpected event 0x17 length: 440 > 6 [ 180.910178][ T7287] FAULT_INJECTION: forcing a failure. [ 180.910178][ T7287] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 181.038755][ T7287] CPU: 1 UID: 0 PID: 7287 Comm: syz.3.257 Not tainted syzkaller #0 PREEMPT(full) [ 181.038778][ T7287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 181.038787][ T7287] Call Trace: [ 181.038792][ T7287] [ 181.038798][ T7287] dump_stack_lvl+0x16c/0x1f0 [ 181.038820][ T7287] should_fail_ex+0x512/0x640 [ 181.038839][ T7287] should_fail_alloc_page+0xe7/0x130 [ 181.038860][ T7287] prepare_alloc_pages+0x3c2/0x610 [ 181.038882][ T7287] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 181.038904][ T7287] ? stack_trace_save+0x8e/0xc0 [ 181.038917][ T7287] ? __pfx_stack_trace_save+0x10/0x10 [ 181.038931][ T7287] ? stack_depot_save_flags+0x29/0x9b0 [ 181.038944][ T7287] ? trace_mm_page_alloc+0x11b/0x180 [ 181.038964][ T7287] ? kasan_save_stack+0x42/0x60 [ 181.038979][ T7287] ? kasan_save_stack+0x33/0x60 [ 181.038992][ T7287] ? kasan_save_track+0x14/0x30 [ 181.039006][ T7287] ? __kasan_slab_alloc+0x89/0x90 [ 181.039022][ T7287] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 181.039042][ T7287] ? dup_mmap+0xe80/0x2250 [ 181.039058][ T7287] ? kernel_clone+0xfc/0x910 [ 181.039077][ T7287] ? do_syscall_64+0xcd/0xf80 [ 181.039092][ T7287] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.039116][ T7287] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 181.039137][ T7287] ? policy_nodemask+0xea/0x4e0 [ 181.039156][ T7287] alloc_pages_mpol+0x1fb/0x550 [ 181.039183][ T7287] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 181.039206][ T7287] alloc_pages_noprof+0x12d/0x180 [ 181.039224][ T7287] pte_alloc_one+0x1e/0x350 [ 181.039244][ T7287] __pte_alloc+0x6d/0x380 [ 181.039259][ T7287] ? __pfx___pte_alloc+0x10/0x10 [ 181.039274][ T7287] ? _raw_spin_unlock+0x28/0x50 [ 181.039287][ T7287] ? __pmd_alloc+0x64f/0x8b0 [ 181.039305][ T7287] copy_page_range+0x4821/0x7100 [ 181.039326][ T7287] ? do_syscall_64+0xcd/0xf80 [ 181.039341][ T7287] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.039358][ T7287] ? __lock_acquire+0x433/0x22f0 [ 181.039382][ T7287] ? __pfx___sanitizer_cov_trace_const_cmp8+0xb/0x10 [ 181.039403][ T7287] ? __pfx_copy_page_range+0x10/0x10 [ 181.039426][ T7287] ? mas_store+0x860/0x1030 [ 181.039443][ T7287] ? __pfx___might_resched+0x10/0x10 [ 181.039463][ T7287] ? find_held_lock+0x2b/0x80 [ 181.039482][ T7287] ? __pfx_mas_store+0x10/0x10 [ 181.039499][ T7287] ? __vma_enter_locked+0x163/0x3f0 [ 181.039528][ T7287] dup_mmap+0xe80/0x2250 [ 181.039552][ T7287] ? __pfx_dup_mmap+0x10/0x10 [ 181.039581][ T7287] copy_process+0x3f16/0x7680 [ 181.039600][ T7287] ? preempt_schedule_thunk+0x16/0x30 [ 181.039629][ T7287] ? __pfx_copy_process+0x10/0x10 [ 181.039648][ T7287] ? find_held_lock+0x2b/0x80 [ 181.039668][ T7287] ? futex_private_hash_put+0xd5/0x190 [ 181.039687][ T7287] kernel_clone+0xfc/0x910 [ 181.039706][ T7287] ? __pfx_futex_wake+0x10/0x10 [ 181.039723][ T7287] ? __pfx_kernel_clone+0x10/0x10 [ 181.039769][ T7287] __do_sys_clone+0xce/0x120 [ 181.039802][ T7287] ? __pfx___do_sys_clone+0x10/0x10 [ 181.039837][ T7287] ? xfd_validate_state+0x61/0x180 [ 181.039857][ T7287] ? __pfx_from_kuid_munged+0x10/0x10 [ 181.039882][ T7287] do_syscall_64+0xcd/0xf80 [ 181.039901][ T7287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 181.039915][ T7287] RIP: 0033:0x7f7175d8f7c9 [ 181.039927][ T7287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 181.039941][ T7287] RSP: 002b:00007f7173bf3fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 181.039955][ T7287] RAX: ffffffffffffffda RBX: 00007f7175fe6270 RCX: 00007f7175d8f7c9 [ 181.039965][ T7287] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 181.039974][ T7287] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 181.039982][ T7287] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 181.039991][ T7287] R13: 00007f7175fe6308 R14: 00007f7175fe6270 R15: 00007ffedb168c78 [ 181.040011][ T7287] [ 182.083533][ T7306] Console: switching to colour frame buffer device 128x48 [ 185.465604][ T30] audit: type=1800 audit(1764682230.936:4): pid=7348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.267" name="SYSV00000008" dev="hugetlbfs" ino=0 res=0 errno=0 [ 186.033877][ T7382] binder: 7364:7382 ioctl 40046f41 0 returned -22 [ 186.417675][ T7392] netlink: 4 bytes leftover after parsing attributes in process `syz.2.273'. [ 186.510479][ T7392] netlink: 354 bytes leftover after parsing attributes in process `syz.2.273'. [ 186.949562][ T7399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.282'. [ 187.001466][ T7403] Console: switching to colour VGA+ 80x25 [ 187.010307][ T7399] netlink: 354 bytes leftover after parsing attributes in process `syz.1.282'. [ 187.509311][ T7408] Console: switching to colour frame buffer device 128x48 syzkaller syzkaller login: [ 190.438850][ T7454] netlink: 28 bytes leftover after parsing attributes in process `syz.0.285'. [ 193.893984][ T7509] zero sized request [ 194.381970][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.388698][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.915823][ T7524] netlink: 326 bytes leftover after parsing attributes in process `syz.3.300'. [ 195.016452][ T7524] bridge0: port 2(bridge_slave_1) entered disabled state [ 195.024588][ T7524] bridge0: port 1(bridge_slave_0) entered disabled state [ 201.156387][ T7589] syz.2.315 (7589): /proc/7579/oom_adj is deprecated, please use /proc/7579/oom_score_adj instead. [ 201.268383][ T7583] : Can't lookup blockdev syzkaller syzkaller login: [ 206.698095][ T5157] Bluetooth: hci1: command 0x0406 tx timeout [ 206.706659][ T7676] Bluetooth: hci3: command 0x0406 tx timeout [ 206.713826][ T7651] Bluetooth: hci0: command 0x0406 tx timeout [ 206.720221][ T7651] Bluetooth: hci2: command 0x0406 tx timeout [ 208.037925][ T7697] futex_wake_op: syz.0.340 tries to shift op by -2048; fix this program [ 208.093267][ T7697] futex_wake_op: syz.0.340 tries to shift op by -2048; fix this program [ 208.109238][ T7698] 0x000000000001-0x000000020000 : "" [ 208.250123][ T7698] ftl_cs: FTL header corrupt! [ 211.205683][ T7741] netlink: 28 bytes leftover after parsing attributes in process `syz.1.351'. syzkaller syzkaller login: syzkaller syzkaller login: [ 214.894907][ T7807] zero sized request syzkaller syzkaller login: [ 218.083232][ T7862] zero sized request [ 218.690240][ T7877] random: crng reseeded on system resumption syzkaller syzkaller login: [ 221.556386][ T7918] futex_wake_op: syz.2.391 tries to shift op by -2048; fix this program [ 221.589885][ T7918] futex_wake_op: syz.2.391 tries to shift op by -2048; fix this program [ 221.599197][ T7921] zero sized request [ 221.606488][ T7918] 0x000000000001-0x000000020000 : "" [ 221.617475][ T7918] ftl_cs: FTL header corrupt! [ 221.980375][ T7934] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. syzkaller syzkaller login: syzkaller syzkaller login: [ 226.011992][ T7991] futex_wake_op: syz.3.406 tries to shift op by -2048; fix this program [ 226.108253][ T7991] futex_wake_op: syz.3.406 tries to shift op by -2048; fix this program [ 226.120323][ T7991] 0x000000000001-0x000000020000 : "" [ 226.148142][ T7991] ftl_cs: FTL header corrupt! [ 227.350483][ T8014] random: crng reseeded on system resumption syzkaller syzkaller login: [ 228.524897][ T8034] FAULT_INJECTION: forcing a failure. [ 228.524897][ T8034] name failslab, interval 1, probability 0, space 0, times 0 [ 228.551442][ T8034] CPU: 1 UID: 0 PID: 8034 Comm: syz.1.422 Not tainted syzkaller #0 PREEMPT(full) [ 228.551477][ T8034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 228.551493][ T8034] Call Trace: [ 228.551501][ T8034] [ 228.551511][ T8034] dump_stack_lvl+0x16c/0x1f0 [ 228.551546][ T8034] should_fail_ex+0x512/0x640 [ 228.551573][ T8034] ? kmem_cache_alloc_noprof+0x62/0x720 [ 228.551615][ T8034] should_failslab+0xc2/0x120 [ 228.551648][ T8034] kmem_cache_alloc_noprof+0x75/0x720 [ 228.551685][ T8034] ? proc_reg_open+0x23f/0x5f0 [ 228.551716][ T8034] ? proc_reg_open+0x23f/0x5f0 [ 228.551737][ T8034] proc_reg_open+0x23f/0x5f0 [ 228.551763][ T8034] do_dentry_open+0x748/0x1590 [ 228.551791][ T8034] ? __pfx_proc_reg_open+0x10/0x10 [ 228.551824][ T8034] vfs_open+0x82/0x3f0 [ 228.551862][ T8034] path_openat+0x2078/0x3140 [ 228.551903][ T8034] ? __pfx_path_openat+0x10/0x10 [ 228.551945][ T8034] do_filp_open+0x20b/0x470 [ 228.551988][ T8034] ? __pfx_do_filp_open+0x10/0x10 [ 228.552045][ T8034] ? alloc_fd+0x471/0x7d0 [ 228.552085][ T8034] do_sys_openat2+0x11f/0x280 [ 228.552107][ T8034] ? __pfx_do_sys_openat2+0x10/0x10 [ 228.552144][ T8034] __x64_sys_openat+0x174/0x210 [ 228.552168][ T8034] ? __pfx___x64_sys_openat+0x10/0x10 [ 228.552193][ T8034] ? syscall_user_dispatch+0x78/0x140 [ 228.552234][ T8034] do_syscall_64+0xcd/0xf80 [ 228.552264][ T8034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.552289][ T8034] RIP: 0033:0x7fcca658f7c9 [ 228.552308][ T8034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.552330][ T8034] RSP: 002b:00007fcca74ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 228.552354][ T8034] RAX: ffffffffffffffda RBX: 00007fcca67e5fa0 RCX: 00007fcca658f7c9 [ 228.552371][ T8034] RDX: 0000000000008340 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 228.552387][ T8034] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 228.552402][ T8034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.552417][ T8034] R13: 00007fcca67e6038 R14: 00007fcca67e5fa0 R15: 00007fff44075988 [ 228.552452][ T8034] [ 229.115704][ T8039] FAULT_INJECTION: forcing a failure. [ 229.115704][ T8039] name failslab, interval 1, probability 0, space 0, times 0 [ 229.115780][ T8039] CPU: 1 UID: 0 PID: 8039 Comm: syz.1.415 Not tainted syzkaller #0 PREEMPT(full) [ 229.115811][ T8039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 229.115826][ T8039] Call Trace: [ 229.115835][ T8039] [ 229.115845][ T8039] dump_stack_lvl+0x16c/0x1f0 [ 229.115879][ T8039] should_fail_ex+0x512/0x640 [ 229.115914][ T8039] ? __kvmalloc_node_noprof+0x12e/0x9b0 [ 229.115948][ T8039] should_failslab+0xc2/0x120 [ 229.115982][ T8039] __kvmalloc_node_noprof+0x141/0x9b0 [ 229.116010][ T8039] ? kfree+0x252/0x710 [ 229.116045][ T8039] ? snd_pcm_plugin_alloc+0x5fd/0x7f0 [ 229.116090][ T8039] ? snd_pcm_plugin_alloc+0x5fd/0x7f0 [ 229.116125][ T8039] snd_pcm_plugin_alloc+0x5fd/0x7f0 [ 229.116171][ T8039] snd_pcm_plug_alloc+0x146/0x330 [ 229.116210][ T8039] snd_pcm_oss_change_params_locked+0x19b8/0x3a30 [ 229.116264][ T8039] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 229.116302][ T8039] ? snd_pcm_oss_ioctl+0x110e/0x37c0 [ 229.116365][ T8039] snd_pcm_oss_get_active_substream+0x168/0x1d0 [ 229.116407][ T8039] snd_pcm_oss_ioctl+0x2212/0x37c0 [ 229.116446][ T8039] ? hook_file_ioctl_common+0x145/0x410 [ 229.116478][ T8039] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 229.116519][ T8039] ? __fget_files+0x20e/0x3c0 [ 229.116554][ T8039] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 229.116592][ T8039] __x64_sys_ioctl+0x18e/0x210 [ 229.116621][ T8039] do_syscall_64+0xcd/0xf80 [ 229.116654][ T8039] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.116680][ T8039] RIP: 0033:0x7fcca658f7c9 [ 229.116702][ T8039] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 229.116725][ T8039] RSP: 002b:00007fcca74ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 229.116749][ T8039] RAX: ffffffffffffffda RBX: 00007fcca67e6090 RCX: 00007fcca658f7c9 [ 229.116767][ T8039] RDX: 0000000000000000 RSI: 00000000c0045002 RDI: 0000000000000008 [ 229.116782][ T8039] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 229.116797][ T8039] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.116813][ T8039] R13: 00007fcca67e6128 R14: 00007fcca67e6090 R15: 00007fff44075988 [ 229.116851][ T8039] [ 230.126726][ T8053] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 230.243809][ T8056] futex_wake_op: syz.1.420 tries to shift op by -2048; fix this program [ 230.288322][ T8056] futex_wake_op: syz.1.420 tries to shift op by -2048; fix this program [ 230.348930][ T8056] 0x000000000001-0x000000020000 : "" [ 230.380113][ T8056] ftl_cs: FTL header corrupt! [ 230.895362][ T8067] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 syzkaller syzkaller login: [ 231.983595][ T8083] FAULT_INJECTION: forcing a failure. [ 231.983595][ T8083] name failslab, interval 1, probability 0, space 0, times 0 [ 232.018154][ T8083] CPU: 1 UID: 0 PID: 8083 Comm: syz.0.426 Not tainted syzkaller #0 PREEMPT(full) [ 232.018176][ T8083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 232.018185][ T8083] Call Trace: [ 232.018190][ T8083] [ 232.018196][ T8083] dump_stack_lvl+0x16c/0x1f0 [ 232.018218][ T8083] should_fail_ex+0x512/0x640 [ 232.018234][ T8083] ? __kmalloc_cache_noprof+0x5f/0x770 [ 232.018265][ T8083] should_failslab+0xc2/0x120 [ 232.018284][ T8083] __kmalloc_cache_noprof+0x72/0x770 [ 232.018304][ T8083] ? rcu_is_watching+0x12/0xc0 [ 232.018324][ T8083] ? single_open+0x4d/0x1f0 [ 232.018339][ T8083] ? __pfx_proc_dma_show+0x10/0x10 [ 232.018356][ T8083] ? single_open+0x4d/0x1f0 [ 232.018369][ T8083] single_open+0x4d/0x1f0 [ 232.018381][ T8083] ? __pfx_proc_single_open+0x10/0x10 [ 232.018397][ T8083] proc_reg_open+0x2ab/0x5f0 [ 232.018412][ T8083] do_dentry_open+0x748/0x1590 [ 232.018428][ T8083] ? __pfx_proc_reg_open+0x10/0x10 [ 232.018447][ T8083] vfs_open+0x82/0x3f0 [ 232.018469][ T8083] path_openat+0x2078/0x3140 [ 232.018494][ T8083] ? __pfx_path_openat+0x10/0x10 [ 232.018518][ T8083] do_filp_open+0x20b/0x470 [ 232.018536][ T8083] ? __pfx_do_filp_open+0x10/0x10 [ 232.018567][ T8083] ? alloc_fd+0x471/0x7d0 [ 232.018589][ T8083] do_sys_openat2+0x11f/0x280 [ 232.018601][ T8083] ? __pfx_do_sys_openat2+0x10/0x10 [ 232.018621][ T8083] __x64_sys_openat+0x174/0x210 [ 232.018634][ T8083] ? __pfx___x64_sys_openat+0x10/0x10 [ 232.018648][ T8083] ? syscall_user_dispatch+0x78/0x140 [ 232.018671][ T8083] do_syscall_64+0xcd/0xf80 [ 232.018689][ T8083] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.018712][ T8083] RIP: 0033:0x7f85f2b8f7c9 [ 232.018725][ T8083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 232.018739][ T8083] RSP: 002b:00007f85f0df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 232.018753][ T8083] RAX: ffffffffffffffda RBX: 00007f85f2de5fa0 RCX: 00007f85f2b8f7c9 [ 232.018763][ T8083] RDX: 0000000000008340 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 232.018772][ T8083] RBP: 00007f85f2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 232.018780][ T8083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 232.018788][ T8083] R13: 00007f85f2de6038 R14: 00007f85f2de5fa0 R15: 00007ffe59dcaba8 [ 232.018807][ T8083] [ 232.802816][ T8086] netlink: 4 bytes leftover after parsing attributes in process `syz.0.427'. [ 232.829348][ T8086] netlink: 354 bytes leftover after parsing attributes in process `syz.0.427'. [ 233.899644][ T8092] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 234.649215][ T8092] vhci_hcd: invalid port number 252 [ 234.655912][ T8092] vhci_hcd: default hub control req: 040f v0772 i00fc l2 [ 235.079412][ T8106] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 235.292217][ T8113] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. syzkaller syzkaller login: [ 236.101558][ T8122] random: crng reseeded on system resumption [ 237.905701][ T8149] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 238.918541][ T8166] netlink: 4 bytes leftover after parsing attributes in process `syz.1.444'. [ 239.020646][ T8168] futex_wake_op: syz.3.445 tries to shift op by -2048; fix this program [ 239.032620][ T8166] netlink: 354 bytes leftover after parsing attributes in process `syz.1.444'. [ 239.089316][ T8168] futex_wake_op: syz.3.445 tries to shift op by -2048; fix this program [ 239.140619][ T8168] 0x000000000001-0x000000020000 : "" [ 239.198871][ T8168] ftl_cs: FTL header corrupt! syzkaller syzkaller login: [ 241.696366][ T8196] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 241.886620][ T8204] Format for adding new device is "id port_count num_queues" (uint uint unit). syzkaller syzkaller login: [ 244.853734][ T8249] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 244.991063][ T8251] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 245.225585][ T8253] FAULT_INJECTION: forcing a failure. [ 245.225585][ T8253] name failslab, interval 1, probability 0, space 0, times 0 [ 245.248788][ T8253] CPU: 1 UID: 0 PID: 8253 Comm: syz.2.465 Not tainted syzkaller #0 PREEMPT(full) [ 245.248824][ T8253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 245.248839][ T8253] Call Trace: [ 245.248848][ T8253] [ 245.248858][ T8253] dump_stack_lvl+0x16c/0x1f0 [ 245.248894][ T8253] should_fail_ex+0x512/0x640 [ 245.248920][ T8253] ? __kmalloc_cache_node_noprof+0x62/0x790 [ 245.248951][ T8253] should_failslab+0xc2/0x120 [ 245.248982][ T8253] __kmalloc_cache_node_noprof+0x75/0x790 [ 245.249009][ T8253] ? lockdep_init_map_type+0x5c/0x270 [ 245.249034][ T8253] ? __alloc_workqueue+0x670/0x1810 [ 245.249074][ T8253] ? __alloc_workqueue+0x670/0x1810 [ 245.249107][ T8253] __alloc_workqueue+0x670/0x1810 [ 245.249153][ T8253] alloc_workqueue_noprof+0xd2/0x200 [ 245.249187][ T8253] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 245.249225][ T8253] ? rcu_is_watching+0x12/0xc0 [ 245.249258][ T8253] ? trace_kmalloc+0x2b/0xb0 [ 245.249286][ T8253] ? __kmalloc_noprof+0x34f/0x870 [ 245.249322][ T8253] ? ieee80211_register_hw+0x15c9/0x4120 [ 245.249360][ T8253] ieee80211_register_hw+0x1f1a/0x4120 [ 245.249398][ T8253] ? lockdep_hardirqs_on+0x11/0x110 [ 245.249428][ T8253] ? __pfx__raw_spin_unlock_irqrestore+0x1/0x10 [ 245.249462][ T8253] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 245.249507][ T8253] ? __pfx___debug_object_init+0x10/0x10 [ 245.249553][ T8253] ? find_held_lock+0x2b/0x80 [ 245.249586][ T8253] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 245.249622][ T8253] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 245.249658][ T8253] ? __hrtimer_setup+0x176/0x280 [ 245.249693][ T8253] mac80211_hwsim_new_radio+0x329f/0x5080 [ 245.249744][ T8253] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 245.249787][ T8253] hwsim_new_radio_nl+0xba2/0x1330 [ 245.249822][ T8253] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 245.249864][ T8253] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 245.249902][ T8253] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 245.249946][ T8253] genl_family_rcv_msg_doit+0x209/0x2f0 [ 245.249985][ T8253] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 245.250020][ T8253] ? genl_get_cmd+0x194/0x580 [ 245.250060][ T8253] ? bpf_lsm_capable+0x9/0x10 [ 245.250087][ T8253] ? security_capable+0x7e/0x260 [ 245.250114][ T8253] ? ns_capable+0xd7/0x110 [ 245.250150][ T8253] genl_rcv_msg+0x55c/0x800 [ 245.250189][ T8253] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.250224][ T8253] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 245.250269][ T8253] netlink_rcv_skb+0x158/0x420 [ 245.250300][ T8253] ? __pfx_genl_rcv_msg+0x10/0x10 [ 245.250350][ T8253] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 245.250398][ T8253] ? netlink_deliver_tap+0x1ae/0xd30 [ 245.250434][ T8253] genl_rcv+0x28/0x40 [ 245.250463][ T8253] netlink_unicast+0x5aa/0x870 [ 245.250505][ T8253] ? __pfx_netlink_unicast+0x10/0x10 [ 245.250552][ T8253] netlink_sendmsg+0x8c8/0xdd0 [ 245.250592][ T8253] ? __pfx_netlink_sendmsg+0x10/0x10 [ 245.250629][ T8253] ? aa_sock_msg_perm.constprop.0+0x100/0x1b0 [ 245.250663][ T8253] ____sys_sendmsg+0xa5d/0xc30 [ 245.250698][ T8253] ? copy_msghdr_from_user+0x10a/0x160 [ 245.250726][ T8253] ? __pfx_____sys_sendmsg+0x10/0x10 [ 245.250756][ T8253] ? preempt_schedule_thunk+0x16/0x30 [ 245.250800][ T8253] ? try_to_wake_up+0xa67/0x1870 [ 245.250840][ T8253] ___sys_sendmsg+0x134/0x1d0 [ 245.250865][ T8253] ? find_held_lock+0x2b/0x80 [ 245.250900][ T8253] ? __pfx____sys_sendmsg+0x10/0x10 [ 245.250927][ T8253] ? __lock_acquire+0x433/0x22f0 [ 245.250997][ T8253] __sys_sendmsg+0x16d/0x220 [ 245.251026][ T8253] ? __pfx___sys_sendmsg+0x10/0x10 [ 245.251053][ T8253] ? __x64_sys_futex+0x1e0/0x4c0 [ 245.251104][ T8253] do_syscall_64+0xcd/0xf80 [ 245.251146][ T8253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 245.251173][ T8253] RIP: 0033:0x7f0813d8f7c9 [ 245.251196][ T8253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 245.251220][ T8253] RSP: 002b:00007f0814bc1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 245.251246][ T8253] RAX: ffffffffffffffda RBX: 00007f0813fe5fa0 RCX: 00007f0813d8f7c9 [ 245.251269][ T8253] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000007 [ 245.251284][ T8253] RBP: 00007f0813e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 245.251299][ T8253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 245.251314][ T8253] R13: 00007f0813fe6038 R14: 00007f0813fe5fa0 R15: 00007ffec97e3638 [ 245.251351][ T8253] [ 245.861028][ T8238] kexec: Could not allocate control_code_buffer [ 246.231700][ T8262] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 247.415303][ T8265] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input12 [ 248.712463][ T8290] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 248.877037][ T8293] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 248.911062][ T8295] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 251.660022][ T8334] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 251.819049][ T8339] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input13 [ 252.587093][ T8354] netlink: 338 bytes leftover after parsing attributes in process `syz.3.487'. [ 252.691260][ T30] audit: type=1400 audit(1764682298.166:5): apparmor="DENIED" operation="setprocattr" info="current" error=-22 profile="unconfined" pid=8353 comm="syz.3.487" [ 252.953440][ T8336] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input14 [ 254.157022][ T8364] futex_wake_op: syz.2.489 tries to shift op by -2048; fix this program [ 254.199108][ T8364] futex_wake_op: syz.2.489 tries to shift op by -2048; fix this program [ 254.229865][ T8364] 0x000000000001-0x000000020000 : "" [ 254.258708][ T8364] ftl_cs: FTL header corrupt! [ 255.330198][ T8374] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 255.833098][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.841409][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.652728][ T8392] [U] [ 256.655575][ T8392] [U] [ 256.658301][ T8392] [U] [ 256.661197][ T8392] [U] [ 256.665139][ T8392] [U] [ 256.667865][ T8392] [U] [ 256.670580][ T8392] [U] [ 256.673579][ T8392] [U] [ 256.679713][ T8392] [U] [ 256.682452][ T8392] [U] [ 256.685167][ T8392] [U] [ 256.687887][ T8392] [U] [ 256.692175][ T8392] [U] [ 256.694902][ T8392] [U] [ 256.697712][ T8392] [U] [ 256.700422][ T8392] [U] [ 256.708942][ T8392] [U] [ 256.711760][ T8392] [U] [ 256.714482][ T8392] [U] [ 256.717213][ T8392] [U] [ 256.720834][ T8392] [U] [ 256.723812][ T8392] [U] \ E\ÖŽ)7N>'€ƒ¡T¢2ÏÀÒÏALR"—Ê`QØÕTÀÀ¼†—|ß΂±\B'Œ/ME\OÈLÈO‰É1‰ÖÇNY§º’0)RB:~Ù š2ÛKF¥Y±÷·|ÕNš^(—OœØ Æ¤œÁAW¾ ‹©Ñ><~VCÓBÌS‚Ó¤К3À‘Ä:ؼSÞ%¥µ‰E*‘—ÞL¶œ”?%*ŸÎÚ ƒ_ „ÈŸÐØÁIÍRµ,W;%[@° [ 256.860305][ T8392] [U] |ÝО©ØU^ÕUO$Ø­¬œ±RÇUZ`LKÔ«R ÄEƒ Ø‡¡.TŠÅÁ“ÌSÚ«—ØÚG¿Ù [ 256.891201][ T8392] [U] ݶ–ÞØÙ?&}ž4NP@?“KE,.7Á$ÕYUÔÃݶٙ–ÅÈH)Þ6(Òß'E»NÝ7 ¬?Ë!ß5@\É [ 256.928821][ T8392] [U] Ï8 L šÎ3"D6QRJ‚D)Ñ"È©ž”ÊÀO(VRRÉڅϽÉZÆAHIÖ ¹º‡/ÌS÷Z±#>šÆ¹Ñ[÷R=9?¦KVÒ”½K0Ü„‚›4Ÿ¯X¯ÔÊ°FO“ZžÎFFœÒÓÐÞ X>Âݧ T8BVÓC [ 256.978450][ T8392] [U] Æ—QTRGY"Ì7W¦ @Ý/Ý¿ÛHÔ9ÚB‰ÌPž?¨SBMÝ£,VʧC¿Ô [ 256.986635][ T8392] [U] …A°: MÕZЛI¦Í`Ë˵*Wª}ÁØÉ‚R§Ö5×ÆÇYʼ¯†GÈ¿½YÑ÷D½Ë [ 257.069307][ T8392] [U] Ú»‘ÓÏ—N=Ù·¹ÔÓ‹ÎÈÇ™ÓAX¨3#ÎP]Ù|œÒÈEÆÞ,¡³,X“EÞÉJÌ9~ÔÒÑœK&˜0O>ÎÝÚM¼ÉUN|÷«¾ÎÅÓ½œ¶¾ËÔF# QNÐI+N€LJÀ8ƒMQJT–O5&¿T_‡ÓK½Ë|%ÒΟšOA¬MT!U×ÔÞDI!5ÂDKªVF€Ë€ÛÝMHHÚBS®ž.³Õ6UM<˜ÀÜ!»Ò7|Ô¦À PUÞÜZHÂ.šÈVN­¸E@¡ÛÞ‰G)ž‘¡#TYÌŠÃ’ÄÐSM [ 257.154234][ T8392] [U] PE·Ê¸˜X,Û†ÌQŠÓ(Z®RŽAÖØžQŠS´µ–ÑÔÏX` [ 257.161722][ T8392] [U] KVT{§›HH@?›Ã`”2‚I£„U£UZYÊšÈEÏ~…ÙŸÏÇ [ 257.168309][ T8392] [U] Û³BµZÖ×Íß¾‰Ú-;ÛØÑ©Ú'XE¢Q6£ÞÙM@ÐÊ9FI;"®OE÷ÞB¿DFÍ$£NÉLY¿C [ 257.176883][ T8392] [U] ÔØ—D:.PΠÛEÅXJÝ~*S¿^<1¶A!RBƒˆÎʘÌÀMÃ9­¸0SXÛCY~Ð(Z¬ÛT‘ÈØ@ªžÏºXѻϒXÞŠ$ [ 257.189253][ T8392] [U] 9ÕÍÚÓÑ ÛC=Ô´ÎV-ÎÐÜ4RFµ]¼ª-´5MV;ÍÕR}`° [ 257.197151][ T8392] [U] ¾«U.]_ÖÄFÅAš†G\“ÆÄ}œÝ$Ô©¸ÙÉÍ°Z³Ê%Ë’O—תN¨LU“Ý0B¿Õ¬JJ³Œ´QŸKÊ$¤Eܳ°ÙQ‡D@ØBÉCMÑWGDÈ¿$EÆƉK%ÐH®|ÏË™#XF‚ŒKÎÆÑ?#F^ЦQBÍÆUB–/3`÷R¹VÅÏD³R¼’«TMB„—Ø.>ÇT3Ò¢Ö0€#ÐPMUÏJX—BÈPœ-¿Vµ÷J*¢MÄ3{ƒÔ´˜D,ÊA–ÅSEJQ¬Ý߃Œƒ Ó”ÑÏ¿:™LÝÍI ?ÊQŒ1¹ WÙÂѹ0…M¿\ÉŽ#DDŸÐÁ™©ÇC×Þ,%Ð [ 257.278688][ T8392] [U] §H—ÊœÃ<£…Õ Ä#ßÄ;;A÷MÔ Z¤ËŒUÇ<ÛPC"%]CD [ 257.290711][ T8392] [U] +5 8¾2+»Ø‘Ê•š’ÝQ/Ž˜^ÍH²KÞÞŸCÍ1ÃKסDÐÒ4¬ß0` ØZÍRBB3 6¬PŒ¹Ô ]&UBÁ\µN™§…YBFM¿›к‚'ƒF­JÛ)C [ 257.334771][ T8392] [U] ‰Â;ÐÃ]°%…œߨ,1Ì"¢¦C„B`E/Ã&«ѨÞYÜRE~ÕYZ‹0 ß`Ä ³BÎYÒÞÚŒ'ÁZ1SSAØÞLOØ´V®¥ [ 257.348623][ T8392] [U] Ð;D­[OžÙÍŠ3³¹EQÊÌÙÖÔD0€MÓ34G 0X۪߷~R{ØËS•OÖÝ«(B\ŠT„~CÓÖ7)EÉ„CCÊ@RAÄTIÇAŽÑÁ˜0žDÒÆÍJ ³ÌÊ°2¯Œ…ÙÀMYGʉÅQ{Õ`OUÇ‚U¶AšÍ2¶ÊÀ 5F [ 257.412554][ T8392] [U] ÔŽE=‚ÕÓ}ÈLX.SÔ4"TͧWØÐWLÅÔ’]ÔFS¸-†±¸ÃØKÌ^§¤E [ 257.490203][ T8392] [U] Q WÜA [ 257.493930][ T8392] [U] £Â®ÝÝ:U¢ÂȦSÙÙ¥B¥…ÁJBJÊžÛ¯Y$–!·@0@ÀTÆ$±ÎX«}“€»Ø02F<¢²»ÉGWΪRÅÀ DÇ÷GµIJ.Ê@®-„F ±C{‡ÒÚAVO ÓDΔDž®`!UÂÚUÁOןDE,ÂJV{LŽ,J\I×Ñ£¤Y¥+S´‡ŒÕϼY ;Ë.T˜“šÐ$ÂGÉ—]µ¨L4΄Z[(9L²²Ø)M%¯Ï0_ÂWFÀ] XGN …[¼­CÅXѮ˺¹ÅDÛE¡¦ËX•.ÆÒÞ$ŸK¯# ÏU< [ 257.660516][ T8392] [U] V2.@WœÀRPQÐ‡Ø [ 257.664917][ T8392] [U] ÒžÂT¡¤Õ‰KK‘ŸU#Ô3 MG†WUUHYĨ®–½A„Â…I¿®Ô˲Ԉ"K††G$ÕØ9‰¤¢U5E[R¶ÛÀ®´EÀÁ£Ô®×Å“'¥ÖÌ )KTÅÞ ZCM÷<)·+;{+ÌÜ=OV}Ê4›'ÜHÂÄ– [ 257.841611][ T8392] [U] É›KÙFÌ€`\ÕAPIÒG]ÍÄÒ‹ÄM«É4›2†*‰Í4HG:ÐCÕÅœ [ 257.938549][ T8392] [U] ™ÊW(ŠX»;ÄØ™%ÂÓ‹A‰8À—Ì0HϦKÿÔ:‹¤´Û|œ ßO8™X¸¯¹LÚÞ‹Z [ 257.947327][ T8392] [U] Ö`Ú'‘3_¬‹˜ÙA019¬ÀÅÅ¿ *†EÌPS­G_Ä(EFÊÝ [ 258.008734][ T8392] [U] ? Z§M!‚ÉBDRÐÍ9+JÊEÕYTP‹¶}C¡BÌ”GG¾‰8–¥ [ 258.015020][ T8392] [U] ÖÕÛO G‘ØS¢ص•G~ZÇ*CP=ƒ©ÆC [ 258.028958][ T8392] [U] ŸŸEÁ/I(=ŠÆÞÃ|ž1»V|3XÞÊÇ`ZF1Y [ 258.056220][ T8392] [U] }CZÜ=œ?Ú!ÓL”ΙÅΪWS5܇6‡¬«PL¿‘L´ŽT¸ÎK[ϼL±‰]—4Ìš?(«ß @;¢©M¦™€ªIÙWD«×T"DË7Ð5Å{§M2¯Ó?¤ÉTX~L†“V2‚RÏ¥ž¯Ì•Ý2«Œ"¯C€>NÞÇ{ÓÝ.GÇ›”?›ÒÇGXU¸ [ 258.149745][ T8392] [U] ‘}}ÐM9ÜA}ضH/ÞÜ” [ 258.154185][ T8392] [U]  ÐÆIÀ•`·Iض_ZÖÀ\‰(œ$9˺ÕN•®DMD#7“’†‘”9„ÓFO·>% [ 258.209460][ T8392] [U] Š’Ð-K>¬ÛA¥HCZOȯ{IÞÅؾ_©¾Q˵¡HÔ»ÒPƒžÏœ­Ü7¹ÎY°+ŸÎV~¨²µ™Fš .ZÑYÏ›/ UÓO¨Ç“$-I¹ ‘1ÔÌXÌÓ¸¦F/¬‹È‹%W?ŽËL° Â>—Úª"CW’¿·}Í@±•‰[ÏDJ ˜Á‡ÀͶÐ5;ÜD#…ÃÍÛÍ}=À¶Q&LÍ#\†& KÙœ¬Fº‹ÏÞ/‘ÆQÄIØPªRMÍC2Δ¶ÊÞÇÏ4NÕ=V9 [ 258.248287][ T8392] [U] LWHÁK¶ƒ [ 258.251878][ T8392] [U] Y ¼X%´ÔK.*šÌ¼Y4€Çß½ [ 261.893580][ T8447] Format for adding new device is "id port_count num_queues" (uint uint unit). syzkaller syzkaller login: [ 267.490768][ T8520] vhci_hcd: default hub control req: 0000 v0000 i0000 l0 [ 267.841405][ T8536] vhci_hcd: invalid port number 252 [ 267.846689][ T8536] vhci_hcd: default hub control req: 040f v0772 i00fc l2 [ 269.102311][ T8541] FAULT_INJECTION: forcing a failure. [ 269.102311][ T8541] name failslab, interval 1, probability 0, space 0, times 0 [ 269.138307][ T8541] CPU: 1 UID: 0 PID: 8541 Comm: syz.2.533 Not tainted syzkaller #0 PREEMPT(full) [ 269.138342][ T8541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 269.138358][ T8541] Call Trace: [ 269.138366][ T8541] [ 269.138376][ T8541] dump_stack_lvl+0x16c/0x1f0 [ 269.138421][ T8541] should_fail_ex+0x512/0x640 [ 269.138448][ T8541] ? __kmalloc_cache_noprof+0x5f/0x770 [ 269.138491][ T8541] should_failslab+0xc2/0x120 [ 269.138523][ T8541] __kmalloc_cache_noprof+0x72/0x770 [ 269.138561][ T8541] ? vhost_net_open+0xb9/0x8a0 [ 269.138593][ T8541] ? vhost_net_open+0xb9/0x8a0 [ 269.138617][ T8541] vhost_net_open+0xb9/0x8a0 [ 269.138642][ T8541] ? __pfx_vhost_net_open+0x10/0x10 [ 269.138668][ T8541] misc_open+0x26d/0x450 [ 269.138695][ T8541] ? __pfx_misc_open+0x10/0x10 [ 269.138720][ T8541] chrdev_open+0x234/0x6a0 [ 269.138751][ T8541] ? __pfx_apparmor_file_open+0x10/0x10 [ 269.138779][ T8541] ? __pfx_chrdev_open+0x10/0x10 [ 269.138812][ T8541] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 269.138853][ T8541] do_dentry_open+0x748/0x1590 [ 269.138883][ T8541] ? __pfx_chrdev_open+0x10/0x10 [ 269.138924][ T8541] vfs_open+0x82/0x3f0 [ 269.138965][ T8541] path_openat+0x2078/0x3140 [ 269.139009][ T8541] ? __pfx_path_openat+0x10/0x10 [ 269.139055][ T8541] do_filp_open+0x20b/0x470 [ 269.139087][ T8541] ? __pfx_do_filp_open+0x10/0x10 [ 269.139146][ T8541] ? alloc_fd+0x471/0x7d0 [ 269.139187][ T8541] do_sys_openat2+0x11f/0x280 [ 269.139210][ T8541] ? __pfx_do_sys_openat2+0x10/0x10 [ 269.139248][ T8541] __x64_sys_openat+0x174/0x210 [ 269.139273][ T8541] ? __pfx___x64_sys_openat+0x10/0x10 [ 269.139312][ T8541] do_syscall_64+0xcd/0xf80 [ 269.139344][ T8541] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.139370][ T8541] RIP: 0033:0x7f0813d8f7c9 [ 269.139391][ T8541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 269.139420][ T8541] RSP: 002b:00007f0814bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 269.139444][ T8541] RAX: ffffffffffffffda RBX: 00007f0813fe5fa0 RCX: 00007f0813d8f7c9 [ 269.139462][ T8541] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 269.139479][ T8541] RBP: 00007f0813e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 269.139494][ T8541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 269.139509][ T8541] R13: 00007f0813fe6038 R14: 00007f0813fe5fa0 R15: 00007ffec97e3638 [ 269.139546][ T8541] [ 269.839444][ T8559] zswap: compressor not available [ 273.002986][ T8604] binder: BINDER_SET_CONTEXT_MGR already set [ 273.040221][ T8604] binder: 8602:8604 ioctl 4018620d 9 returned -16 [ 274.787145][ T8624] zswap: compressor not available [ 279.654464][ T5843] Bluetooth: hci1: ACL packet for unknown connection handle 0 [ 284.609624][ T8767] binder: BINDER_SET_CONTEXT_MGR already set [ 284.616757][ T8767] binder: 8762:8767 ioctl 4018620d 9 returned -16 [ 287.908202][ T8826] zswap: compressor not available [ 289.070525][ T8850] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 290.193453][ T8862] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 290.251082][ T5843] Bluetooth: hci3: ACL packet for unknown connection handle 0 [ 291.372327][ T8878] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 291.919601][ T8886] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 292.183726][ T8897] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 292.376189][ T8882] zswap: compressor not available [ 293.068376][ T8914] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 295.137784][ T8935] syz.1.618 (8935) used greatest stack depth: 19752 bytes left [ 295.524280][ T8950] FAULT_INJECTION: forcing a failure. [ 295.524280][ T8950] name failslab, interval 1, probability 0, space 0, times 0 [ 295.537034][ T8950] CPU: 0 UID: 0 PID: 8950 Comm: syz.0.624 Not tainted syzkaller #0 PREEMPT(full) [ 295.537054][ T8950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 295.537063][ T8950] Call Trace: [ 295.537069][ T8950] [ 295.537080][ T8950] dump_stack_lvl+0x16c/0x1f0 [ 295.537101][ T8950] should_fail_ex+0x512/0x640 [ 295.537116][ T8950] ? kmem_cache_alloc_noprof+0x62/0x720 [ 295.537141][ T8950] should_failslab+0xc2/0x120 [ 295.537160][ T8950] kmem_cache_alloc_noprof+0x75/0x720 [ 295.537181][ T8950] ? security_file_alloc+0x34/0x2b0 [ 295.537203][ T8950] ? security_file_alloc+0x34/0x2b0 [ 295.537220][ T8950] security_file_alloc+0x34/0x2b0 [ 295.537237][ T8950] init_file+0x93/0x4c0 [ 295.537257][ T8950] alloc_empty_file+0x73/0x1e0 [ 295.537277][ T8950] alloc_file_pseudo+0x13a/0x230 [ 295.537298][ T8950] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 295.537321][ T8950] ? do_raw_spin_unlock+0x172/0x230 [ 295.537341][ T8950] __anon_inode_getfile+0xe8/0x280 [ 295.537363][ T8950] anon_inode_getfile_fmode+0x37/0xa0 [ 295.537384][ T8950] __do_sys_timerfd_create+0x219/0x4e0 [ 295.537407][ T8950] do_syscall_64+0xcd/0xf80 [ 295.537425][ T8950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.537439][ T8950] RIP: 0033:0x7f85f2b8f7c9 [ 295.537451][ T8950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.537464][ T8950] RSP: 002b:00007f85f0df6038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 295.537477][ T8950] RAX: ffffffffffffffda RBX: 00007f85f2de5fa0 RCX: 00007f85f2b8f7c9 [ 295.537486][ T8950] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000008 [ 295.537494][ T8950] RBP: 00007f85f2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 295.537502][ T8950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 295.537510][ T8950] R13: 00007f85f2de6038 R14: 00007f85f2de5fa0 R15: 00007ffe59dcaba8 [ 295.537529][ T8950] [ 298.464646][ T8987] netlink: 25 bytes leftover after parsing attributes in process `syz.1.634'. [ 299.604207][ T9000] zswap: compressor - not available [ 299.769279][ T9000] FAULT_INJECTION: forcing a failure. [ 299.769279][ T9000] name failslab, interval 1, probability 0, space 0, times 0 [ 299.782892][ T9000] CPU: 0 UID: 0 PID: 9000 Comm: syz.0.633 Not tainted syzkaller #0 PREEMPT(full) [ 299.782928][ T9000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 299.782944][ T9000] Call Trace: [ 299.782953][ T9000] [ 299.782963][ T9000] dump_stack_lvl+0x16c/0x1f0 [ 299.782999][ T9000] should_fail_ex+0x512/0x640 [ 299.783025][ T9000] ? __kmalloc_node_track_caller_noprof+0xcb/0x890 [ 299.783060][ T9000] should_failslab+0xc2/0x120 [ 299.783093][ T9000] __kmalloc_node_track_caller_noprof+0xde/0x890 [ 299.783124][ T9000] ? __devinet_sysctl_register+0xbc/0x360 [ 299.783158][ T9000] ? nlmsg_notify+0x11e/0x220 [ 299.783195][ T9000] ? kmemdup_noprof+0x29/0x60 [ 299.783231][ T9000] kmemdup_noprof+0x29/0x60 [ 299.783268][ T9000] __devinet_sysctl_register+0xbc/0x360 [ 299.783305][ T9000] ? rcu_is_watching+0x12/0xc0 [ 299.783340][ T9000] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 299.783374][ T9000] ? __kmalloc_node_track_caller_noprof+0x362/0x890 [ 299.783412][ T9000] ? __asan_memcpy+0x3c/0x60 [ 299.783442][ T9000] devinet_init_net+0x347/0x910 [ 299.783480][ T9000] ? __pfx_devinet_init_net+0x10/0x10 [ 299.783515][ T9000] ops_init+0x1e2/0x5f0 [ 299.783548][ T9000] setup_net+0x11d/0x3a0 [ 299.783578][ T9000] ? __pfx_setup_net+0x10/0x10 [ 299.783603][ T9000] ? lockdep_init_map_type+0x5c/0x270 [ 299.783631][ T9000] ? mutex_init_lockep+0x110/0x150 [ 299.783664][ T9000] copy_net_ns+0x351/0x5d0 [ 299.783709][ T9000] create_new_namespaces+0x3ea/0xab0 [ 299.783754][ T9000] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 299.783791][ T9000] ksys_unshare+0x45b/0xa40 [ 299.783815][ T9000] ? __pfx_ksys_unshare+0x10/0x10 [ 299.783853][ T9000] ? xfd_validate_state+0x61/0x180 [ 299.783901][ T9000] __x64_sys_unshare+0x31/0x40 [ 299.783924][ T9000] do_syscall_64+0xcd/0xf80 [ 299.783956][ T9000] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.783983][ T9000] RIP: 0033:0x7f85f2b8f7c9 [ 299.784005][ T9000] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 299.784030][ T9000] RSP: 002b:00007f85f0df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 299.784055][ T9000] RAX: ffffffffffffffda RBX: 00007f85f2de5fa0 RCX: 00007f85f2b8f7c9 [ 299.784072][ T9000] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 299.784087][ T9000] RBP: 00007f85f2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 299.784102][ T9000] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.784117][ T9000] R13: 00007f85f2de6038 R14: 00007f85f2de5fa0 R15: 00007ffe59dcaba8 [ 299.784154][ T9000] [ 304.500063][ T30] audit: type=1800 audit(1764682349.976:6): pid=9066 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.654" name="lu_gp_id" dev="configfs" ino=26094 res=0 errno=0 [ 304.729107][ T9073] FAULT_INJECTION: forcing a failure. [ 304.729107][ T9073] name failslab, interval 1, probability 0, space 0, times 0 [ 304.908329][ T9073] CPU: 0 UID: 0 PID: 9073 Comm: syz.3.651 Not tainted syzkaller #0 PREEMPT(full) [ 304.908352][ T9073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 304.908371][ T9073] Call Trace: [ 304.908377][ T9073] [ 304.908383][ T9073] dump_stack_lvl+0x16c/0x1f0 [ 304.908404][ T9073] should_fail_ex+0x512/0x640 [ 304.908420][ T9073] ? __kmalloc_cache_noprof+0x5f/0x770 [ 304.908444][ T9073] should_failslab+0xc2/0x120 [ 304.908464][ T9073] __kmalloc_cache_noprof+0x72/0x770 [ 304.908485][ T9073] ? __do_sys_timerfd_create+0xec/0x4e0 [ 304.908507][ T9073] ? security_capable+0x7e/0x260 [ 304.908522][ T9073] ? __do_sys_timerfd_create+0xec/0x4e0 [ 304.908542][ T9073] __do_sys_timerfd_create+0xec/0x4e0 [ 304.908565][ T9073] do_syscall_64+0xcd/0xf80 [ 304.908583][ T9073] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.908598][ T9073] RIP: 0033:0x7f7175d8f7c9 [ 304.908609][ T9073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.908623][ T9073] RSP: 002b:00007f7176b9d038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 304.908636][ T9073] RAX: ffffffffffffffda RBX: 00007f7175fe5fa0 RCX: 00007f7175d8f7c9 [ 304.908645][ T9073] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000008 [ 304.908653][ T9073] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 304.908661][ T9073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 304.908669][ T9073] R13: 00007f7175fe6038 R14: 00007f7175fe5fa0 R15: 00007ffedb168c78 [ 304.908688][ T9073] [ 308.534250][ T9110] FAULT_INJECTION: forcing a failure. [ 308.534250][ T9110] name failslab, interval 1, probability 0, space 0, times 0 [ 308.574705][ T9110] CPU: 1 UID: 0 PID: 9110 Comm: syz.2.667 Not tainted syzkaller #0 PREEMPT(full) [ 308.574739][ T9110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 308.574748][ T9110] Call Trace: [ 308.574754][ T9110] [ 308.574760][ T9110] dump_stack_lvl+0x16c/0x1f0 [ 308.574781][ T9110] should_fail_ex+0x512/0x640 [ 308.574797][ T9110] ? __kmalloc_cache_noprof+0x5f/0x770 [ 308.574822][ T9110] should_failslab+0xc2/0x120 [ 308.574840][ T9110] __kmalloc_cache_noprof+0x72/0x770 [ 308.574860][ T9110] ? __asan_memcpy+0x3c/0x60 [ 308.574873][ T9110] ? ima_add_digest_entry+0x52/0x540 [ 308.574898][ T9110] ? ima_add_digest_entry+0x52/0x540 [ 308.574918][ T9110] ima_add_digest_entry+0x52/0x540 [ 308.574942][ T9110] ima_add_template_entry+0x478/0x870 [ 308.574968][ T9110] ? __pfx_ima_add_template_entry+0x10/0x10 [ 308.574990][ T9110] ? ima_alloc_init_template+0x536/0x720 [ 308.575010][ T9110] ima_add_violation+0x17f/0x3d0 [ 308.575028][ T9110] ? __pfx_ima_add_violation+0x10/0x10 [ 308.575043][ T9110] ? ima_d_path+0x12b/0x2a0 [ 308.575063][ T9110] ? lockdep_init_map_type+0x5c/0x270 [ 308.575079][ T9110] ? ima_inode_get+0x39e/0x580 [ 308.575091][ T9110] ? ima_inode_get+0xf4/0x580 [ 308.575105][ T9110] process_measurement+0x1783/0x23e0 [ 308.575125][ T9110] ? __pfx_process_measurement+0x10/0x10 [ 308.575139][ T9110] ? rcu_is_watching+0x12/0xc0 [ 308.575162][ T9110] ? find_held_lock+0x2b/0x80 [ 308.575190][ T9110] ? tracing_check_open_get_tr.part.0+0xdc/0x190 [ 308.575228][ T9110] ? tracing_check_open_get_tr.part.0+0xe1/0x190 [ 308.575246][ T9110] ? inode_to_bdi+0x9e/0x160 [ 308.575265][ T9110] ima_file_check+0xc5/0x110 [ 308.575279][ T9110] ? __pfx_ima_file_check+0x10/0x10 [ 308.575297][ T9110] security_file_post_open+0x8e/0x210 [ 308.575316][ T9110] path_openat+0xe5f/0x3140 [ 308.575340][ T9110] ? __pfx_path_openat+0x10/0x10 [ 308.575365][ T9110] do_filp_open+0x20b/0x470 [ 308.575382][ T9110] ? __pfx_do_filp_open+0x10/0x10 [ 308.575414][ T9110] ? alloc_fd+0x471/0x7d0 [ 308.575436][ T9110] do_sys_openat2+0x11f/0x280 [ 308.575449][ T9110] ? __pfx_do_sys_openat2+0x10/0x10 [ 308.575476][ T9110] __x64_sys_openat+0x174/0x210 [ 308.575490][ T9110] ? __pfx___x64_sys_openat+0x10/0x10 [ 308.575506][ T9110] ? fdget+0x187/0x210 [ 308.575526][ T9110] do_syscall_64+0xcd/0xf80 [ 308.575545][ T9110] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.575559][ T9110] RIP: 0033:0x7f0813d8f7c9 [ 308.575572][ T9110] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 308.575586][ T9110] RSP: 002b:00007f0814bc1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 308.575600][ T9110] RAX: ffffffffffffffda RBX: 00007f0813fe5fa0 RCX: 00007f0813d8f7c9 [ 308.575609][ T9110] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 308.575618][ T9110] RBP: 00007f0813e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 308.575627][ T9110] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 308.575635][ T9110] R13: 00007f0813fe6038 R14: 00007f0813fe5fa0 R15: 00007ffec97e3638 [ 308.575655][ T9110] [ 308.575662][ T9110] ima: OUT OF MEMORY ERROR creating queue entry [ 308.903694][ T30] audit: type=1804 audit(1764682354.376:7): pid=9110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.667" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=1158 res=0 errno=0 [ 308.927432][ C1] vkms_vblank_simulate: vblank timer overrun [ 308.989210][ T30] audit: type=1804 audit(1764682354.426:8): pid=9110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.667" name="/newroot/sys/kernel/tracing/current_tracer" dev="tracefs" ino=1158 res=0 errno=0 [ 309.012692][ C1] vkms_vblank_simulate: vblank timer overrun [ 309.541149][ T9123] syz.0.672 uses obsolete (PF_INET,SOCK_PACKET) [ 309.838600][ T9135] netlink: 25 bytes leftover after parsing attributes in process `syz.0.675'. [ 310.584359][ T9145] FAULT_INJECTION: forcing a failure. [ 310.584359][ T9145] name failslab, interval 1, probability 0, space 0, times 0 [ 310.597344][ T9145] CPU: 0 UID: 0 PID: 9145 Comm: syz.1.677 Not tainted syzkaller #0 PREEMPT(full) [ 310.597379][ T9145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 310.597394][ T9145] Call Trace: [ 310.597403][ T9145] [ 310.597413][ T9145] dump_stack_lvl+0x16c/0x1f0 [ 310.597449][ T9145] should_fail_ex+0x512/0x640 [ 310.597475][ T9145] ? __kmalloc_cache_noprof+0x5f/0x770 [ 310.597518][ T9145] should_failslab+0xc2/0x120 [ 310.597550][ T9145] __kmalloc_cache_noprof+0x72/0x770 [ 310.597588][ T9145] ? __do_sys_timerfd_create+0xec/0x4e0 [ 310.597626][ T9145] ? security_capable+0x7e/0x260 [ 310.597653][ T9145] ? __do_sys_timerfd_create+0xec/0x4e0 [ 310.597690][ T9145] __do_sys_timerfd_create+0xec/0x4e0 [ 310.597731][ T9145] do_syscall_64+0xcd/0xf80 [ 310.597763][ T9145] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 310.597790][ T9145] RIP: 0033:0x7fcca658f7c9 [ 310.597810][ T9145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 310.597835][ T9145] RSP: 002b:00007fcca74ce038 EFLAGS: 00000246 ORIG_RAX: 000000000000011b [ 310.597860][ T9145] RAX: ffffffffffffffda RBX: 00007fcca67e5fa0 RCX: 00007fcca658f7c9 [ 310.597878][ T9145] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000008 [ 310.597894][ T9145] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 310.597909][ T9145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 310.597924][ T9145] R13: 00007fcca67e6038 R14: 00007fcca67e5fa0 R15: 00007fff44075988 [ 310.597960][ T9145] [ 312.509115][ T30] audit: type=1800 audit(1764682357.986:9): pid=9172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.682" name="lu_gp_id" dev="configfs" ino=27292 res=0 errno=0 [ 313.863200][ T9191] input: f¬ as /devices/virtual/input/input15 [ 315.621514][ T30] audit: type=1800 audit(1764682361.096:10): pid=9228 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.697" name="lu_gp_id" dev="configfs" ino=26569 res=0 errno=0 [ 315.810890][ T9211] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 315.827033][ T9211] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 315.855368][ T9211] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 315.870132][ T9211] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 315.886140][ T9211] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 315.899123][ T9211] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 315.921235][ T9211] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 315.939285][ T9211] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 316.431702][ T9238] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 316.732832][ T9262] syz.3.708 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 317.003110][ T9255] could not allocate digest TFM handle [ 317.266000][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.272442][ T5843] Bluetooth: hci0: command 0x0406 tx timeout [ 317.278667][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.915718][ T5843] Bluetooth: hci1: command 0x0406 tx timeout [ 317.915725][ T51] Bluetooth: hci2: command 0x0406 tx timeout [ 317.968072][ T9282] futex_wake_op: syz.1.707 tries to shift op by -2048; fix this program [ 317.978047][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 318.140600][ T9277] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 318.151079][ T9277] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 318.168377][ T9277] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 318.174902][ T9277] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 318.628156][ T30] audit: type=1800 audit(1764682364.096:11): pid=9295 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.714" name="lu_gp_id" dev="configfs" ino=27570 res=0 errno=0 [ 318.984441][ T9298] FAULT_INJECTION: forcing a failure. [ 318.984441][ T9298] name failslab, interval 1, probability 0, space 0, times 0 [ 319.147219][ T9298] CPU: 1 UID: 0 PID: 9298 Comm: syz.1.715 Not tainted syzkaller #0 PREEMPT(full) [ 319.147249][ T9298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 319.147258][ T9298] Call Trace: [ 319.147264][ T9298] [ 319.147270][ T9298] dump_stack_lvl+0x16c/0x1f0 [ 319.147302][ T9298] should_fail_ex+0x512/0x640 [ 319.147318][ T9298] ? kmem_cache_alloc_noprof+0x62/0x720 [ 319.147343][ T9298] should_failslab+0xc2/0x120 [ 319.147361][ T9298] kmem_cache_alloc_noprof+0x75/0x720 [ 319.147382][ T9298] ? auditd_test_task+0x131/0x2f0 [ 319.147396][ T9298] ? audit_log_start+0x29b/0x950 [ 319.147415][ T9298] ? audit_log_start+0x29b/0x950 [ 319.147430][ T9298] audit_log_start+0x29b/0x950 [ 319.147447][ T9298] ? __pfx_audit_log_start+0x10/0x10 [ 319.147468][ T9298] ? integrity_audit_msg+0x41/0x60 [ 319.147491][ T9298] integrity_audit_message+0x10c/0x580 [ 319.147513][ T9298] ? __pfx_integrity_audit_message+0x10/0x10 [ 319.147534][ T9298] ? __pfx_ima_add_template_entry+0x10/0x10 [ 319.147559][ T9298] integrity_audit_msg+0x41/0x60 [ 319.147580][ T9298] ima_add_violation+0x1b4/0x3d0 [ 319.147599][ T9298] ? __pfx_ima_add_violation+0x10/0x10 [ 319.147614][ T9298] ? ima_d_path+0x12b/0x2a0 [ 319.147633][ T9298] ? __pfx_down_write+0x10/0x10 [ 319.147654][ T9298] ? ima_inode_get+0xf4/0x580 [ 319.147669][ T9298] process_measurement+0x1783/0x23e0 [ 319.147689][ T9298] ? __pfx_process_measurement+0x10/0x10 [ 319.147702][ T9298] ? rcu_is_watching+0x12/0xc0 [ 319.147726][ T9298] ? find_held_lock+0x2b/0x80 [ 319.147751][ T9298] ? tracing_check_open_get_tr.part.0+0xdc/0x190 [ 319.147792][ T9298] ? tracing_check_open_get_tr.part.0+0xe1/0x190 [ 319.147811][ T9298] ? inode_to_bdi+0x9e/0x160 [ 319.147828][ T9298] ima_file_check+0xc5/0x110 [ 319.147841][ T9298] ? __pfx_ima_file_check+0x10/0x10 [ 319.147860][ T9298] security_file_post_open+0x8e/0x210 [ 319.147878][ T9298] path_openat+0xe5f/0x3140 [ 319.147902][ T9298] ? __pfx_path_openat+0x10/0x10 [ 319.147930][ T9298] do_filp_open+0x20b/0x470 [ 319.147961][ T9298] ? __pfx_do_filp_open+0x10/0x10 [ 319.148014][ T9298] ? alloc_fd+0x471/0x7d0 [ 319.148048][ T9298] do_sys_openat2+0x11f/0x280 [ 319.148062][ T9298] ? __pfx_do_sys_openat2+0x10/0x10 [ 319.148081][ T9298] __x64_sys_openat+0x174/0x210 [ 319.148095][ T9298] ? __pfx___x64_sys_openat+0x10/0x10 [ 319.148115][ T9298] do_syscall_64+0xcd/0xf80 [ 319.148135][ T9298] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 319.148159][ T9298] RIP: 0033:0x7fcca658f7c9 [ 319.148181][ T9298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 319.148206][ T9298] RSP: 002b:00007fcca74ce038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 319.148230][ T9298] RAX: ffffffffffffffda RBX: 00007fcca67e5fa0 RCX: 00007fcca658f7c9 [ 319.148247][ T9298] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 319.148262][ T9298] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 319.148278][ T9298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 319.148302][ T9298] R13: 00007fcca67e6038 R14: 00007fcca67e5fa0 R15: 00007fff44075988 [ 319.148339][ T9298] [ 319.570658][ T9298] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64 [ 319.628129][ T9298] audit: out of memory in audit_log_start [ 319.658070][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 319.963307][ T9302] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 320.219164][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 320.219193][ T5843] Bluetooth: hci2: command 0x0406 tx timeout [ 320.219199][ T5844] Bluetooth: hci1: command 0x0406 tx timeout [ 321.372322][ T9346] FAULT_INJECTION: forcing a failure. [ 321.372322][ T9346] name failslab, interval 1, probability 0, space 0, times 0 [ 321.407509][ T9346] CPU: 1 UID: 0 PID: 9346 Comm: syz.3.731 Not tainted syzkaller #0 PREEMPT(full) [ 321.407544][ T9346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 321.407558][ T9346] Call Trace: [ 321.407566][ T9346] [ 321.407575][ T9346] dump_stack_lvl+0x16c/0x1f0 [ 321.407609][ T9346] should_fail_ex+0x512/0x640 [ 321.407635][ T9346] ? kmem_cache_alloc_noprof+0x62/0x720 [ 321.407678][ T9346] should_failslab+0xc2/0x120 [ 321.407711][ T9346] kmem_cache_alloc_noprof+0x75/0x720 [ 321.407749][ T9346] ? auditd_test_task+0x131/0x2f0 [ 321.407775][ T9346] ? audit_log_start+0x29b/0x950 [ 321.407813][ T9346] ? audit_log_start+0x29b/0x950 [ 321.407848][ T9346] audit_log_start+0x29b/0x950 [ 321.407887][ T9346] ? __pfx_audit_log_start+0x10/0x10 [ 321.407930][ T9346] ? integrity_audit_msg+0x41/0x60 [ 321.407968][ T9346] integrity_audit_message+0x10c/0x580 [ 321.408010][ T9346] ? __pfx_integrity_audit_message+0x10/0x10 [ 321.408058][ T9346] ? __pfx_ima_add_template_entry+0x10/0x10 [ 321.408105][ T9346] integrity_audit_msg+0x41/0x60 [ 321.408148][ T9346] ima_add_violation+0x1b4/0x3d0 [ 321.408182][ T9346] ? __pfx_ima_add_violation+0x10/0x10 [ 321.408211][ T9346] ? ima_d_path+0x12b/0x2a0 [ 321.408249][ T9346] ? __pfx_down_write+0x10/0x10 [ 321.408284][ T9346] ? ima_inode_get+0xf4/0x580 [ 321.408313][ T9346] process_measurement+0x1783/0x23e0 [ 321.408351][ T9346] ? __pfx_process_measurement+0x10/0x10 [ 321.408376][ T9346] ? rcu_is_watching+0x12/0xc0 [ 321.408417][ T9346] ? find_held_lock+0x2b/0x80 [ 321.408451][ T9346] ? tracing_check_open_get_tr.part.0+0xdc/0x190 [ 321.408526][ T9346] ? tracing_check_open_get_tr.part.0+0xe1/0x190 [ 321.408560][ T9346] ? inode_to_bdi+0x9e/0x160 [ 321.408592][ T9346] ima_file_check+0xc5/0x110 [ 321.408617][ T9346] ? __pfx_ima_file_check+0x10/0x10 [ 321.408652][ T9346] security_file_post_open+0x8e/0x210 [ 321.408685][ T9346] path_openat+0xe5f/0x3140 [ 321.408727][ T9346] ? __pfx_path_openat+0x10/0x10 [ 321.408773][ T9346] do_filp_open+0x20b/0x470 [ 321.408806][ T9346] ? __pfx_do_filp_open+0x10/0x10 [ 321.408866][ T9346] ? alloc_fd+0x471/0x7d0 [ 321.408906][ T9346] do_sys_openat2+0x11f/0x280 [ 321.408928][ T9346] ? __pfx_do_sys_openat2+0x10/0x10 [ 321.408960][ T9346] __x64_sys_openat+0x174/0x210 [ 321.408983][ T9346] ? __pfx___x64_sys_openat+0x10/0x10 [ 321.409029][ T9346] do_syscall_64+0xcd/0xf80 [ 321.409064][ T9346] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 321.409090][ T9346] RIP: 0033:0x7f7175d8f7c9 [ 321.409113][ T9346] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 321.409137][ T9346] RSP: 002b:00007f7176b9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 321.409163][ T9346] RAX: ffffffffffffffda RBX: 00007f7175fe5fa0 RCX: 00007f7175d8f7c9 [ 321.409180][ T9346] RDX: 0000000000040000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 321.409197][ T9346] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 321.409214][ T9346] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 321.409229][ T9346] R13: 00007f7175fe6038 R14: 00007f7175fe5fa0 R15: 00007ffedb168c78 [ 321.409268][ T9346] [ 321.729458][ T9346] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64 [ 321.737497][ T9346] audit: out of memory in audit_log_start [ 322.436563][ T9355] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 324.029669][ T9378] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 324.038359][ T9378] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 324.063811][ T9378] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 324.080721][ T9378] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 325.658606][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 325.959312][ T9407] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 326.058247][ T51] Bluetooth: hci1: command 0x0406 tx timeout [ 326.138566][ T51] Bluetooth: hci3: command 0x0406 tx timeout [ 326.138575][ T5843] Bluetooth: hci2: command 0x0406 tx timeout [ 326.695289][ T30] audit: type=1800 audit(1764682372.166:12): pid=9431 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.752" name="lu_gp_id" dev="configfs" ino=28870 res=0 errno=0 [ 328.262641][ T9463] input: f¬ as /devices/virtual/input/input16 [ 329.804297][ T30] audit: type=1800 audit(1764682375.276:13): pid=9492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.771" name="lu_gp_id" dev="configfs" ino=28310 res=0 errno=0 [ 339.555581][ T9611] hub 1-0:1.0: USB hub found [ 339.566578][ T9611] hub 1-0:1.0: 1 port detected [ 341.503455][ T9636] netlink: 338 bytes leftover after parsing attributes in process `syz.1.806'. [ 341.586704][ T9636] macsec0: entered allmulticast mode [ 341.592416][ T9636] veth1_macvtap: entered allmulticast mode [ 342.512305][ T9653] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 344.162770][ T9695] random: crng reseeded on system resumption [ 344.467339][ T9696] netlink: 338 bytes leftover after parsing attributes in process `syz.2.818'. [ 344.591027][ T9696] macsec0: entered allmulticast mode [ 344.710865][ T9696] veth1_macvtap: entered allmulticast mode [ 347.030929][ T9731] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 349.602288][ T9772] netlink: 338 bytes leftover after parsing attributes in process `syz.0.837'. [ 349.621735][ T9772] macsec0: entered allmulticast mode [ 349.627081][ T9772] veth1_macvtap: entered allmulticast mode [ 352.731088][ T9816] netlink: 338 bytes leftover after parsing attributes in process `syz.0.847'. [ 355.286486][ T9855] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 356.540480][ T9879] netlink: 28 bytes leftover after parsing attributes in process `syz.0.863'. [ 357.769120][ T9898] netlink: 28 bytes leftover after parsing attributes in process `syz.1.869'. [ 358.283276][ T9909] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 361.070575][ T9941] Invalid ELF header len 5 [ 361.163120][ T9941] netlink: 28 bytes leftover after parsing attributes in process `syz.2.881'. [ 361.172809][ T9941] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 361.215133][ T9941] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 361.259656][ T9941] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 361.267245][ T9941] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 365.605263][ T51] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 367.546538][T10030] netlink: 338 bytes leftover after parsing attributes in process `syz.1.901'. [ 367.665352][ T51] Bluetooth: hci0: command 0x0406 tx timeout [ 367.802684][T10039] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(3) [ 368.141357][T10045] netlink: 338 bytes leftover after parsing attributes in process `syz.1.904'. [ 369.099724][T10062] random: crng reseeded on system resumption [ 370.470736][T10074] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 370.579978][T10077] netlink: 28 bytes leftover after parsing attributes in process `syz.1.910'. [ 372.067224][T10092] netlink: 338 bytes leftover after parsing attributes in process `syz.0.914'. [ 372.988781][T10108] netlink: 338 bytes leftover after parsing attributes in process `syz.1.920'. [ 374.106862][T10126] netlink: 4 bytes leftover after parsing attributes in process `syz.2.923'. [ 374.117228][T10126] netlink: 354 bytes leftover after parsing attributes in process `syz.2.923'. [ 375.457292][T10149] netlink: 338 bytes leftover after parsing attributes in process `syz.2.926'. [ 377.522176][T10187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.935'. [ 377.851414][T10188] FAULT_INJECTION: forcing a failure. [ 377.851414][T10188] name failslab, interval 1, probability 0, space 0, times 0 [ 377.920094][T10188] CPU: 1 UID: 0 PID: 10188 Comm: syz.1.936 Not tainted syzkaller #0 PREEMPT(full) [ 377.920125][T10188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 377.920139][T10188] Call Trace: [ 377.920152][T10188] [ 377.920160][T10188] dump_stack_lvl+0x16c/0x1f0 [ 377.920195][T10188] should_fail_ex+0x512/0x640 [ 377.920217][T10188] ? kmem_cache_alloc_lru_noprof+0x66/0x720 [ 377.920253][T10188] should_failslab+0xc2/0x120 [ 377.920281][T10188] kmem_cache_alloc_lru_noprof+0x79/0x720 [ 377.920314][T10188] ? stack_trace_save+0x8e/0xc0 [ 377.920333][T10188] ? __d_alloc+0x35/0xa80 [ 377.920364][T10188] ? __d_alloc+0x35/0xa80 [ 377.920386][T10188] __d_alloc+0x35/0xa80 [ 377.920410][T10188] ? __lock_acquire+0x433/0x22f0 [ 377.920434][T10188] d_alloc_parallel+0x111/0x1510 [ 377.920461][T10188] ? find_held_lock+0x2b/0x80 [ 377.920489][T10188] ? __pfx_d_alloc_parallel+0x10/0x10 [ 377.920513][T10188] ? __d_lookup+0x266/0x4a0 [ 377.920539][T10188] lookup_open.isra.0+0x66c/0x1780 [ 377.920567][T10188] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 377.920604][T10188] ? mnt_get_write_access+0x1e9/0x2f0 [ 377.920638][T10188] path_openat+0x12bb/0x3140 [ 377.920672][T10188] ? __pfx_path_openat+0x10/0x10 [ 377.920716][T10188] do_filp_open+0x20b/0x470 [ 377.920744][T10188] ? __pfx_do_filp_open+0x10/0x10 [ 377.920791][T10188] ? alloc_fd+0x471/0x7d0 [ 377.920825][T10188] do_sys_openat2+0x11f/0x280 [ 377.920845][T10188] ? __pfx_do_sys_openat2+0x10/0x10 [ 377.920875][T10188] __x64_sys_openat+0x174/0x210 [ 377.920896][T10188] ? __pfx___x64_sys_openat+0x10/0x10 [ 377.920926][T10188] do_syscall_64+0xcd/0xf80 [ 377.920952][T10188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 377.920972][T10188] RIP: 0033:0x7fcca658f7c9 [ 377.920988][T10188] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 377.921006][T10188] RSP: 002b:00007fcca74ad038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 377.921025][T10188] RAX: ffffffffffffffda RBX: 00007fcca67e6090 RCX: 00007fcca658f7c9 [ 377.921039][T10188] RDX: 0000000000040001 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 377.921051][T10188] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 377.921064][T10188] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 377.921076][T10188] R13: 00007fcca67e6128 R14: 00007fcca67e6090 R15: 00007fff44075988 [ 377.921105][T10188] [ 378.705856][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.712377][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 380.781014][T10222] tipc: Started in network mode [ 380.786066][T10222] tipc: Node identity ee00, cluster identity 4711 [ 380.808205][T10222] tipc: Node number set to 60928 [ 380.919363][T10227] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 382.229067][T10245] netlink: 28 bytes leftover after parsing attributes in process `syz.2.950'. [ 382.302225][T10247] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input17 [ 384.246998][T10287] ecryptfs_miscdev_write: Dropping miscdev message of unrecognized type [0] [ 388.007747][T10334] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 392.096467][T10388] Format for adding new device is "id port_count num_queues" (uint uint unit). [ 398.319951][T10453] netlink: 338 bytes leftover after parsing attributes in process `syz.3.999'. [ 398.348457][T10454] random: crng reseeded on system resumption [ 398.420511][T10453] macsec0: entered allmulticast mode [ 398.468134][T10453] veth1_macvtap: entered allmulticast mode [ 398.961256][T10456] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1001'. [ 400.108630][T10467] bond0: invalid ARP target specified [ 401.773468][T10472] tipc: Started in network mode [ 401.793847][T10472] tipc: Node identity ee00, cluster identity 4711 [ 401.827827][T10472] tipc: Node number set to 60928 [ 402.840322][T10500] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1010'. [ 407.071151][T10554] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 408.076961][T10565] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1024'. [ 409.473782][ T30] audit: type=1800 audit(4294967340.319:14): pid=10577 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1026" name="lu_gp_id" dev="configfs" ino=42349 res=0 errno=0 [ 414.965344][T10640] bond0: invalid ARP target specified [ 416.826575][T10654] netlink: 338 bytes leftover after parsing attributes in process `syz.3.1041'. [ 417.240258][T10667] block nbd9: NBD_DISCONNECT [ 420.531733][T10701] random: crng reseeded on system resumption [ 424.580823][T10731] random: crng reseeded on system resumption [ 424.778410][ T30] audit: type=1800 audit(4294967300.070:15): pid=10749 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1059" name="lu_gp_id" dev="configfs" ino=49369 res=0 errno=0 [ 428.789385][T10799] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 0 out of range (51000000..2150000000) [ 430.578206][ T30] audit: type=1800 audit(4294967305.869:16): pid=10819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1073" name="lu_gp_id" dev="configfs" ino=50175 res=0 errno=0 [ 431.191383][T10831] FAULT_INJECTION: forcing a failure. [ 431.191383][T10831] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 431.210088][T10831] CPU: 1 UID: 0 PID: 10831 Comm: syz.3.1076 Not tainted syzkaller #0 PREEMPT(full) [ 431.210110][T10831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 431.210119][T10831] Call Trace: [ 431.210125][T10831] [ 431.210131][T10831] dump_stack_lvl+0x16c/0x1f0 [ 431.210155][T10831] should_fail_ex+0x512/0x640 [ 431.210173][T10831] should_fail_alloc_page+0xe7/0x130 [ 431.210202][T10831] prepare_alloc_pages+0x3c2/0x610 [ 431.210223][T10831] __alloc_frozen_pages_noprof+0x18b/0x2440 [ 431.210255][T10831] ? irqentry_exit+0x3b/0x90 [ 431.210272][T10831] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 431.210301][T10831] ? rep_movs_alternative+0x4a/0x90 [ 431.210321][T10831] ? _copy_from_iter+0x15d/0x1720 [ 431.210337][T10831] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 431.210358][T10831] ? policy_nodemask+0xea/0x4e0 [ 431.210377][T10831] alloc_pages_mpol+0x1fb/0x550 [ 431.210395][T10831] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 431.210418][T10831] alloc_pages_noprof+0x12d/0x180 [ 431.210435][T10831] anon_pipe_write+0xecb/0x1990 [ 431.210464][T10831] ? __pfx_anon_pipe_write+0x10/0x10 [ 431.210481][T10831] ? common_file_perm+0x1b1/0x500 [ 431.210498][T10831] ? futex_wake+0x1ad/0x530 [ 431.210516][T10831] ? bpf_lsm_file_permission+0x9/0x10 [ 431.210529][T10831] ? security_file_permission+0x71/0x210 [ 431.210547][T10831] ? rw_verify_area+0xcf/0x6c0 [ 431.210564][T10831] vfs_write+0x7d3/0x11d0 [ 431.210580][T10831] ? __pfx_anon_pipe_write+0x10/0x10 [ 431.210600][T10831] ? __pfx_vfs_write+0x10/0x10 [ 431.210614][T10831] ? find_held_lock+0x2b/0x80 [ 431.210645][T10831] ksys_write+0x1f8/0x250 [ 431.210660][T10831] ? __pfx_ksys_write+0x10/0x10 [ 431.210675][T10831] ? syscall_user_dispatch+0x78/0x140 [ 431.210698][T10831] do_syscall_64+0xcd/0xf80 [ 431.210715][T10831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.210730][T10831] RIP: 0033:0x7f7175d8f7c9 [ 431.210743][T10831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.210757][T10831] RSP: 002b:00007f7176b9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 431.210771][T10831] RAX: ffffffffffffffda RBX: 00007f7175fe5fa0 RCX: 00007f7175d8f7c9 [ 431.210780][T10831] RDX: 0000000004000000 RSI: 0000200000000380 RDI: 0000000000000000 [ 431.210788][T10831] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 431.210796][T10831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 431.210805][T10831] R13: 00007f7175fe6038 R14: 00007f7175fe5fa0 R15: 00007ffedb168c78 [ 431.210824][T10831] [ 434.302951][ T30] audit: type=1800 audit(4294967309.599:17): pid=10865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1082" name="lu_gp_id" dev="configfs" ino=52994 res=0 errno=0 [ 437.523074][ T30] audit: type=1800 audit(4294967312.819:18): pid=10894 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1086" name="lu_gp_id" dev="configfs" ino=54523 res=0 errno=0 [ 438.958771][T10919] block nbd9: NBD_DISCONNECT [ 440.157319][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.163828][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 440.346969][ T30] audit: type=1800 audit(4294967315.639:19): pid=10942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1096" name="lu_gp_id" dev="configfs" ino=55803 res=0 errno=0 [ 441.721701][T10956] netlink: 334 bytes leftover after parsing attributes in process `syz.0.1101'. [ 442.847660][ T30] audit: type=1800 audit(4294967318.139:20): pid=10978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1103" name="lu_gp_id" dev="configfs" ino=56395 res=0 errno=0 [ 447.575860][ T30] audit: type=1800 audit(4294967322.869:21): pid=11015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1113" name="lu_gp_id" dev="configfs" ino=59036 res=0 errno=0 [ 451.707513][T11074] bond0: invalid ARP target specified [ 463.659872][ T5926] Process accounting resumed [ 468.077575][T11291] could not allocate digest TFM handle 237 [ 468.077575][T11291] [ 470.311076][ T30] audit: type=1800 audit(4294967345.609:22): pid=11330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1181" name="lu_gp_id" dev="configfs" ino=69155 res=0 errno=0 [ 473.873177][ T5925] Process accounting resumed [ 474.998200][T11389] netlink: 342 bytes leftover after parsing attributes in process `syz.1.1195'. [ 475.282210][T11390] Kernel: The 'panic_print' parameter is now deprecated. Please use 'panic_sys_info' and 'panic_console_replay' instead. [ 477.674585][T11384] kexec: Could not allocate control_code_buffer [ 483.515003][T11484] ima: Unable to open file: /surit‹¯Ròy/integrity?iqa/policy (-2) [ 483.735995][T11488] ima: policy update failed [ 483.777153][ T30] audit: type=1802 audit(4294967359.069:23): pid=11488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1215" res=0 errno=0 [ 487.447080][T11537] vhci_hcd: invalid port number 9 [ 487.542652][T11537] vhci_hcd: invalid port number 9 [ 491.206687][T11573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1236'. [ 491.262706][T11573] netlink: 354 bytes leftover after parsing attributes in process `syz.3.1236'. [ 494.408434][T11616] netlink: 342 bytes leftover after parsing attributes in process `syz.3.1244'. [ 496.228138][T11630] tipc: Started in network mode [ 496.282022][T11630] tipc: Node identity ee00, cluster identity 4711 [ 496.320128][T11630] tipc: Node number set to 60928 [ 496.401082][T11630] Process accounting resumed [ 501.021637][T11689] futex_wake_op: syz.1.1257 tries to shift op by -2048; fix this program [ 501.062318][T11689] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1257'. [ 501.599084][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 501.605623][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.407543][T11700] vhci_hcd: invalid port number 9 [ 502.451417][T11700] vhci_hcd: invalid port number 9 [ 502.542191][T11700] FAULT_INJECTION: forcing a failure. [ 502.542191][T11700] name failslab, interval 1, probability 0, space 0, times 0 [ 502.715608][T11700] CPU: 1 UID: 0 PID: 11700 Comm: syz.3.1259 Not tainted syzkaller #0 PREEMPT(full) [ 502.715645][T11700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 502.715661][T11700] Call Trace: [ 502.715670][T11700] [ 502.715679][T11700] dump_stack_lvl+0x16c/0x1f0 [ 502.715716][T11700] should_fail_ex+0x512/0x640 [ 502.715741][T11700] ? __kmalloc_cache_noprof+0x5f/0x770 [ 502.715781][T11700] should_failslab+0xc2/0x120 [ 502.715815][T11700] __kmalloc_cache_noprof+0x72/0x770 [ 502.715862][T11700] ? __io_uring_add_tctx_node+0x132/0x500 [ 502.715898][T11700] ? __io_uring_add_tctx_node+0x132/0x500 [ 502.715927][T11700] __io_uring_add_tctx_node+0x132/0x500 [ 502.715957][T11700] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 502.715989][T11700] ? __anon_inode_getfile+0x17c/0x280 [ 502.716028][T11700] io_uring_setup+0x156b/0x20c0 [ 502.716065][T11700] ? __pfx_io_uring_setup+0x10/0x10 [ 502.716123][T11700] ? xfd_validate_state+0x61/0x180 [ 502.716167][T11700] __x64_sys_io_uring_setup+0xc2/0x170 [ 502.716203][T11700] do_syscall_64+0xcd/0xf80 [ 502.716235][T11700] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 502.716261][T11700] RIP: 0033:0x7f7175d8f7c9 [ 502.716281][T11700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 502.716306][T11700] RSP: 002b:00007f7176b7c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 502.716335][T11700] RAX: ffffffffffffffda RBX: 00007f7175fe6090 RCX: 00007f7175d8f7c9 [ 502.716352][T11700] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 502.716367][T11700] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 502.716382][T11700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 502.716397][T11700] R13: 00007f7175fe6128 R14: 00007f7175fe6090 R15: 00007ffedb168c78 [ 502.716434][T11700] [ 503.174417][T11665] kexec: Could not allocate control_code_buffer [ 514.266646][T11837] __vm_enough_memory: pid: 11837, comm: syz.1.1285, bytes: 8589938688 not enough memory for the allocation [ 516.316102][T11869] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1293'. [ 516.327020][T11869] netlink: 354 bytes leftover after parsing attributes in process `syz.0.1293'. [ 516.768021][T11874] netlink: 342 bytes leftover after parsing attributes in process `syz.0.1294'. [ 517.538982][T11879] warning: `syz.3.1295' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 517.984674][T11885] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 519.243507][T11884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 519.289974][T11884] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 519.309851][T11884] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 519.318477][T11884] page_type: f5(slab) [ 519.360080][T11884] raw: 00fff00000000040 ffff88801ea95a00 dead000000000122 0000000000000000 [ 519.369737][T11884] raw: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 519.410818][T11884] head: 00fff00000000040 ffff88801ea95a00 dead000000000122 0000000000000000 [ 519.469898][T11884] head: 0000000000000000 00000000000c000c 00000000f5000000 0000000000000000 [ 519.478616][T11884] head: 00fff00000000001 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 519.528814][T11884] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 519.560002][T11884] page dumped because: unmovable page [ 519.565635][T11884] page_owner tracks the page as allocated [ 519.575880][T11884] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 3439, tgid 3439 (kworker/u8:10), ts 512461350647, free_ts 504808730590 [ 519.605580][T11884] post_alloc_hook+0x1af/0x220 [ 519.620006][T11884] get_page_from_freelist+0xd0b/0x31a0 [ 519.625537][T11884] __alloc_frozen_pages_noprof+0x25f/0x2440 [ 519.660071][T11884] alloc_pages_mpol+0x1fb/0x550 [ 519.664963][T11884] new_slab+0x24a/0x360 [ 519.669119][T11884] ___slab_alloc+0xee7/0x1cd0 [ 519.674486][T11884] __slab_alloc.constprop.0+0x63/0x110 [ 519.680342][T11884] kmem_cache_alloc_node_noprof+0x43c/0x760 [ 519.686428][T11884] __alloc_skb+0x2b2/0x380 [ 519.691331][T11884] tcp_stream_alloc_skb+0x34/0x560 [ 519.696632][T11884] tcp_sendmsg_locked+0x12de/0x42a0 [ 519.702604][T11884] tcp_sendmsg+0x2e/0x50 [ 519.706998][T11884] inet_sendmsg+0xb9/0x140 [ 519.711947][T11884] sock_sendmsg+0x37f/0x470 [ 519.716494][T11884] rds_tcp_sendmsg+0xba/0x100 [ 519.721717][T11884] rds_tcp_xmit+0x6f8/0xc40 [ 519.726267][T11884] page last free pid 3439 tgid 3439 stack trace: [ 519.734262][T11884] __free_frozen_pages+0x7df/0x1160 [ 519.739516][T11884] qlist_free_all+0x4d/0x120 [ 519.750358][T11884] kasan_quarantine_reduce+0x195/0x1e0 [ 519.755880][T11884] __kasan_slab_alloc+0x69/0x90 [ 519.780106][T11884] kmem_cache_alloc_lru_noprof+0x254/0x720 [ 519.785969][T11884] sock_alloc_inode+0x25/0x1c0 [ 519.810279][T11884] alloc_inode+0x64/0x240 [ 519.814653][T11884] sock_alloc+0x40/0x280 [ 519.818892][T11884] __sock_create+0xc2/0x8a0 [ 519.830352][T11884] rds_tcp_conn_path_connect+0x2d0/0x7f0 [ 519.837613][T11884] rds_connect_worker+0x1af/0x2c0 [ 519.843272][T11884] process_one_work+0x9ba/0x1b20 [ 519.848394][T11884] worker_thread+0x6c8/0xf10 [ 519.855835][T11884] kthread+0x3c5/0x780 [ 519.860380][T11884] ret_from_fork+0x855/0xa50 [ 519.865171][T11884] ret_from_fork_asm+0x1a/0x30 [ 521.218990][T11920] vhci_hcd: invalid port number 9 [ 521.260864][T11920] vhci_hcd: invalid port number 9 [ 522.798476][T11930] Process accounting resumed [ 525.337703][T11977] ubi: mtd0 is already attached to ubi1 [ 526.726126][T11986] Process accounting paused [ 526.746665][T11990] netlink: 342 bytes leftover after parsing attributes in process `syz.2.1315'. [ 532.472677][T12050] FAULT_INJECTION: forcing a failure. [ 532.472677][T12050] name failslab, interval 1, probability 0, space 0, times 0 [ 532.506169][T12050] CPU: 1 UID: 0 PID: 12050 Comm: syz.3.1329 Not tainted syzkaller #0 PREEMPT(full) [ 532.506204][T12050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 532.506220][T12050] Call Trace: [ 532.506229][T12050] [ 532.506239][T12050] dump_stack_lvl+0x16c/0x1f0 [ 532.506274][T12050] should_fail_ex+0x512/0x640 [ 532.506299][T12050] ? __kmalloc_noprof+0xca/0x870 [ 532.506341][T12050] should_failslab+0xc2/0x120 [ 532.506370][T12050] __kmalloc_noprof+0xdd/0x870 [ 532.506403][T12050] ? __register_sysctl_table+0xb3/0x1900 [ 532.506439][T12050] ? __register_sysctl_table+0xb3/0x1900 [ 532.506465][T12050] __register_sysctl_table+0xb3/0x1900 [ 532.506492][T12050] ? is_module_address+0x5f/0xf0 [ 532.506535][T12050] ? __pfx___register_sysctl_table+0x10/0x10 [ 532.506563][T12050] ? is_module_address+0x69/0xf0 [ 532.506592][T12050] ? register_net_sysctl_sz+0x222/0x3d0 [ 532.506635][T12050] __addrconf_sysctl_register+0x1a2/0x360 [ 532.506671][T12050] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 532.506707][T12050] ? lockdep_init_map_type+0x5c/0x270 [ 532.506731][T12050] ? mld_in_v1_mode+0x2b2/0x3a0 [ 532.506768][T12050] addrconf_sysctl_register+0x15f/0x1f0 [ 532.506800][T12050] ipv6_add_dev+0xb31/0x1590 [ 532.506834][T12050] addrconf_notify+0x53e/0x19b0 [ 532.506856][T12050] ? ip6mr_device_event+0x1bc/0x230 [ 532.506888][T12050] notifier_call_chain+0xbc/0x3e0 [ 532.506913][T12050] ? __pfx_addrconf_notify+0x10/0x10 [ 532.506943][T12050] call_netdevice_notifiers_info+0xbe/0x110 [ 532.506981][T12050] register_netdevice+0x1792/0x21d0 [ 532.507019][T12050] ? __pfx_register_netdevice+0x10/0x10 [ 532.507059][T12050] __ip_tunnel_create+0x540/0x6b0 [ 532.507094][T12050] ? __pfx___ip_tunnel_create+0x10/0x10 [ 532.507135][T12050] ip_tunnel_init_net+0x22f/0x7d0 [ 532.507173][T12050] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 532.507215][T12050] ? ops_init+0x77/0x5f0 [ 532.507247][T12050] ? __pfx_erspan_init_net+0x10/0x10 [ 532.507273][T12050] ops_init+0x1e2/0x5f0 [ 532.507305][T12050] setup_net+0x11d/0x3a0 [ 532.507334][T12050] ? __pfx_setup_net+0x10/0x10 [ 532.507360][T12050] ? lockdep_init_map_type+0x5c/0x270 [ 532.507388][T12050] ? mutex_init_lockep+0x110/0x150 [ 532.507421][T12050] copy_net_ns+0x351/0x5d0 [ 532.507457][T12050] create_new_namespaces+0x3ea/0xab0 [ 532.507496][T12050] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 532.507544][T12050] ksys_unshare+0x45b/0xa40 [ 532.507569][T12050] ? __pfx_ksys_unshare+0x10/0x10 [ 532.507607][T12050] ? xfd_validate_state+0x61/0x180 [ 532.507652][T12050] __x64_sys_unshare+0x31/0x40 [ 532.507674][T12050] do_syscall_64+0xcd/0xf80 [ 532.507707][T12050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 532.507733][T12050] RIP: 0033:0x7f7175d8f7c9 [ 532.507756][T12050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 532.507780][T12050] RSP: 002b:00007f7176b9d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 532.507806][T12050] RAX: ffffffffffffffda RBX: 00007f7175fe5fa0 RCX: 00007f7175d8f7c9 [ 532.507822][T12050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 532.507837][T12050] RBP: 00007f7175e13f91 R08: 0000000000000000 R09: 0000000000000000 [ 532.507851][T12050] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 532.507865][T12050] R13: 00007f7175fe6038 R14: 00007f7175fe5fa0 R15: 00007ffedb168c78 [ 532.507901][T12050] [ 533.629790][T12045] delete_channel: no stack [ 541.819681][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1350'. [ 542.652491][T12170] bond0: invalid ARP target specified [ 549.777569][T12232] : Can't lookup blockdev [ 553.203799][T12298] futex_wake_op: syz.0.1378 tries to shift op by -2048; fix this program [ 553.286590][T12305] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1378'. [ 555.339149][T12317] delete_channel: no stack [ 555.510531][T12299] Process accounting paused [ 555.845626][ T10] smpboot: CPU 1 is now offline [ 556.051523][T12330] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 557.685595][T12340] Process accounting resumed [ 560.210555][T12386] capability: warning: `syz.2.1393' uses 32-bit capabilities (legacy support in use) [ 561.145358][ T10] smpboot: CPU 1 is now offline [ 561.295607][T12396] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 561.773733][ T1304] ieee802154 phy0 wpan0: encryption failed: -22 [ 561.780060][ T1304] ieee802154 phy1 wpan1: encryption failed: -22 [ 569.795637][T12500] futex_wake_op: syz.2.1416 tries to shift op by -2048; fix this program [ 569.839929][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1416'. [ 569.947049][T12492] FAULT_INJECTION: forcing a failure. [ 569.947049][T12492] name failslab, interval 1, probability 0, space 0, times 0 [ 570.095371][T12492] CPU: 1 UID: 0 PID: 12492 Comm: syz.0.1414 Not tainted syzkaller #0 PREEMPT(full) [ 570.095409][T12492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 570.095425][T12492] Call Trace: [ 570.095433][T12492] [ 570.095444][T12492] dump_stack_lvl+0x16c/0x1f0 [ 570.095479][T12492] should_fail_ex+0x512/0x640 [ 570.095506][T12492] ? __kmalloc_cache_noprof+0x5f/0x770 [ 570.095547][T12492] should_failslab+0xc2/0x120 [ 570.095584][T12492] __kmalloc_cache_noprof+0x72/0x770 [ 570.095621][T12492] ? in6_dev_get+0x133/0x310 [ 570.095645][T12492] ? __ipv6_dev_mc_inc+0x2f1/0xbc0 [ 570.095678][T12492] ? __ipv6_dev_mc_inc+0x2f1/0xbc0 [ 570.095704][T12492] __ipv6_dev_mc_inc+0x2f1/0xbc0 [ 570.095743][T12492] ipv6_add_dev+0xbb7/0x1590 [ 570.095786][T12492] addrconf_notify+0x53e/0x19b0 [ 570.095811][T12492] ? ip6mr_device_event+0x1bc/0x230 [ 570.095844][T12492] notifier_call_chain+0xbc/0x3e0 [ 570.095869][T12492] ? __pfx_addrconf_notify+0x10/0x10 [ 570.095901][T12492] call_netdevice_notifiers_info+0xbe/0x110 [ 570.095938][T12492] register_netdevice+0x1792/0x21d0 [ 570.095976][T12492] ? __pfx_register_netdevice+0x10/0x10 [ 570.096026][T12492] __ip_tunnel_create+0x540/0x6b0 [ 570.096063][T12492] ? __pfx___ip_tunnel_create+0x10/0x10 [ 570.096110][T12492] ip_tunnel_init_net+0x22f/0x7d0 [ 570.096148][T12492] ? __pfx_ip_tunnel_init_net+0x10/0x10 [ 570.096193][T12492] ? ops_init+0x77/0x5f0 [ 570.096221][T12492] ? __pfx_erspan_init_net+0x10/0x10 [ 570.096248][T12492] ops_init+0x1e2/0x5f0 [ 570.096279][T12492] setup_net+0x11d/0x3a0 [ 570.096308][T12492] ? __pfx_setup_net+0x10/0x10 [ 570.096334][T12492] ? lockdep_init_map_type+0x5c/0x270 [ 570.096363][T12492] ? mutex_init_lockep+0x110/0x150 [ 570.096396][T12492] copy_net_ns+0x351/0x5d0 [ 570.096430][T12492] create_new_namespaces+0x3ea/0xab0 [ 570.096472][T12492] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 570.096508][T12492] ksys_unshare+0x45b/0xa40 [ 570.096532][T12492] ? __pfx_ksys_unshare+0x10/0x10 [ 570.096570][T12492] ? xfd_validate_state+0x61/0x180 [ 570.096616][T12492] __x64_sys_unshare+0x31/0x40 [ 570.096639][T12492] do_syscall_64+0xcd/0xf80 [ 570.096669][T12492] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 570.096694][T12492] RIP: 0033:0x7f85f2b8f7c9 [ 570.096715][T12492] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 570.096740][T12492] RSP: 002b:00007f85f0df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 570.096765][T12492] RAX: ffffffffffffffda RBX: 00007f85f2de5fa0 RCX: 00007f85f2b8f7c9 [ 570.096782][T12492] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 570.096796][T12492] RBP: 00007f85f2c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 570.096811][T12492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 570.096826][T12492] R13: 00007f85f2de6038 R14: 00007f85f2de5fa0 R15: 00007ffe59dcaba8 [ 570.096865][T12492] [ 570.602427][T12500] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR [ 571.249767][ T5850] smpboot: CPU 1 is now offline [ 571.330856][T12514] smpboot: Booting Node 0 Processor 1 APIC 0x1 [ 571.366429][T12509] ------------[ cut here ]------------ [ 571.367667][T12509] [ 571.367676][T12509] ====================================================== [ 571.367684][T12509] WARNING: possible circular locking dependency detected [ 571.367693][T12509] syzkaller #0 Not tainted [ 571.367705][T12509] ------------------------------------------------------ [ 571.367713][T12509] syz.1.1417/12509 is trying to acquire lock: [ 571.367725][T12509] ffffffff8e0d56a0 (console_owner){-...}-{0:0}, at: console_lock_spinning_enable+0x61/0x80 [ 571.367791][T12509] [ 571.367791][T12509] but task is already holding lock: [ 571.367798][T12509] ffff8880b843a958 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 571.367862][T12509] [ 571.367862][T12509] which lock already depends on the new lock. [ 571.367862][T12509] [ 571.367870][T12509] [ 571.367870][T12509] the existing dependency chain (in reverse order) is: [ 571.367877][T12509] [ 571.367877][T12509] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 571.367906][T12509] _raw_spin_lock_nested+0x31/0x40 [ 571.367930][T12509] raw_spin_rq_lock_nested+0x29/0x130 [ 571.367958][T12509] task_rq_lock+0xcf/0x490 [ 571.367987][T12509] cgroup_move_task+0x81/0x2a0 [ 571.368018][T12509] css_set_move_task+0x288/0x5f0 [ 571.368043][T12509] cgroup_post_fork+0x201/0x9e0 [ 571.368073][T12509] copy_process+0x6037/0x7680 [ 571.368103][T12509] kernel_clone+0xfc/0x910 [ 571.368133][T12509] user_mode_thread+0xc8/0x110 [ 571.368163][T12509] rest_init+0x23/0x2b0 [ 571.368192][T12509] start_kernel+0x3f6/0x4d0 [ 571.368216][T12509] x86_64_start_reservations+0x18/0x30 [ 571.368242][T12509] x86_64_start_kernel+0x130/0x190 [ 571.368267][T12509] common_startup_64+0x13e/0x148 [ 571.368290][T12509] [ 571.368290][T12509] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 571.368320][T12509] _raw_spin_lock_irqsave+0x3a/0x60 [ 571.368342][T12509] try_to_wake_up+0xb7/0x1870 [ 571.368369][T12509] __wake_up_common+0x135/0x1f0 [ 571.368390][T12509] __wake_up+0x31/0x60 [ 571.368420][T12509] tty_port_default_wakeup+0x47/0x60 [ 571.368451][T12509] serial8250_tx_chars+0x68e/0x860 [ 571.368481][T12509] serial8250_handle_irq+0x761/0xcb0 [ 571.368511][T12509] serial8250_default_handle_irq+0x9e/0x270 [ 571.368544][T12509] serial8250_interrupt+0xf8/0x1d0 [ 571.368564][T12509] __handle_irq_event_percpu+0x236/0x890 [ 571.368596][T12509] handle_irq_event+0xab/0x1e0 [ 571.368624][T12509] handle_edge_irq+0x3ca/0x9e0 [ 571.368651][T12509] __common_interrupt+0xd0/0x2f0 [ 571.368680][T12509] common_interrupt+0xba/0xe0 [ 571.368711][T12509] asm_common_interrupt+0x26/0x40 [ 571.368733][T12509] do_syscall_64+0x9a/0xf80 [ 571.368757][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.368779][T12509] [ 571.368779][T12509] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 571.368809][T12509] _raw_spin_lock_irqsave+0x3a/0x60 [ 571.368835][T12509] __wake_up+0x1c/0x60 [ 571.368864][T12509] tty_port_default_wakeup+0x47/0x60 [ 571.368894][T12509] serial8250_tx_chars+0x68e/0x860 [ 571.368923][T12509] serial8250_handle_irq+0x761/0xcb0 [ 571.368954][T12509] serial8250_default_handle_irq+0x9e/0x270 [ 571.368986][T12509] serial8250_interrupt+0xf8/0x1d0 [ 571.369006][T12509] __handle_irq_event_percpu+0x236/0x890 [ 571.369036][T12509] handle_irq_event+0xab/0x1e0 [ 571.369064][T12509] handle_edge_irq+0x3ca/0x9e0 [ 571.369088][T12509] __common_interrupt+0xd0/0x2f0 [ 571.369117][T12509] common_interrupt+0xba/0xe0 [ 571.369147][T12509] asm_common_interrupt+0x26/0x40 [ 571.369168][T12509] _raw_spin_unlock_irqrestore+0x31/0x80 [ 571.369191][T12509] uart_write+0x2a4/0xb30 [ 571.369218][T12509] n_tty_write+0x41e/0x11e0 [ 571.369250][T12509] file_tty_write.constprop.0+0x503/0x9b0 [ 571.369278][T12509] redirected_tty_write+0xd4/0x120 [ 571.369305][T12509] vfs_write+0x7d3/0x11d0 [ 571.369329][T12509] ksys_write+0x12a/0x250 [ 571.369353][T12509] do_syscall_64+0xcd/0xf80 [ 571.369377][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.369398][T12509] [ 571.369398][T12509] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 571.369428][T12509] _raw_spin_lock_irqsave+0x3a/0x60 [ 571.369450][T12509] serial8250_console_write+0x181/0x1890 [ 571.369483][T12509] console_flush_all+0x801/0xc60 [ 571.369511][T12509] console_unlock+0xd8/0x210 [ 571.369538][T12509] vprintk_emit+0x3d7/0x680 [ 571.369567][T12509] _printk+0xc7/0x100 [ 571.369588][T12509] register_console+0xc27/0x11b0 [ 571.369618][T12509] univ8250_console_init+0x5f/0x90 [ 571.369645][T12509] console_init+0x152/0x600 [ 571.369671][T12509] start_kernel+0x29f/0x4d0 [ 571.369693][T12509] x86_64_start_reservations+0x18/0x30 [ 571.369718][T12509] x86_64_start_kernel+0x130/0x190 [ 571.369743][T12509] common_startup_64+0x13e/0x148 [ 571.369765][T12509] [ 571.369765][T12509] -> #0 (console_owner){-...}-{0:0}: [ 571.369794][T12509] __lock_acquire+0x1542/0x22f0 [ 571.369821][T12509] lock_acquire+0x179/0x330 [ 571.369842][T12509] console_lock_spinning_enable+0x72/0x80 [ 571.369870][T12509] console_flush_all+0x7aa/0xc60 [ 571.369897][T12509] console_unlock+0xd8/0x210 [ 571.369925][T12509] vprintk_emit+0x3d7/0x680 [ 571.369953][T12509] _printk+0xc7/0x100 [ 571.369974][T12509] __report_bug+0x3a6/0x520 [ 571.369994][T12509] report_bug+0xb2/0x220 [ 571.370013][T12509] handle_bug+0x127/0x260 [ 571.370040][T12509] exc_invalid_op+0x17/0x50 [ 571.370067][T12509] asm_exc_invalid_op+0x1a/0x20 [ 571.370088][T12509] update_rq_clock+0x34a/0xc70 [ 571.370117][T12509] __schedule+0x2035/0x5de0 [ 571.370138][T12509] preempt_schedule_irq+0x51/0x90 [ 571.370162][T12509] irqentry_exit+0x36/0x90 [ 571.370186][T12509] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 571.370209][T12509] debug_lockdep_rcu_enabled+0x26/0x40 [ 571.370235][T12509] unwind_next_frame+0x3de/0x20a0 [ 571.370261][T12509] arch_stack_walk+0x94/0x100 [ 571.370284][T12509] stack_trace_save+0x8e/0xc0 [ 571.370303][T12509] ref_tracker_alloc+0x1d2/0x5b0 [ 571.370327][T12509] dst_init+0xda/0x580 [ 571.370346][T12509] dst_alloc+0xbb/0x1a0 [ 571.370364][T12509] ip6_rt_cache_alloc+0x1f6/0x8c0 [ 571.370395][T12509] ip6_pol_route+0xd7b/0x1230 [ 571.370413][T12509] fib6_rule_lookup+0x386/0x720 [ 571.370442][T12509] ip6_route_output_flags+0x1d0/0x640 [ 571.370472][T12509] ip6_dst_lookup_tail.constprop.0+0x115a/0x2140 [ 571.370508][T12509] ip6_dst_lookup_flow+0x99/0x1d0 [ 571.370540][T12509] rawv6_sendmsg+0xe86/0x4860 [ 571.370567][T12509] inet_sendmsg+0x11c/0x140 [ 571.370586][T12509] ____sys_sendmsg+0x973/0xc30 [ 571.370613][T12509] ___sys_sendmsg+0x134/0x1d0 [ 571.370635][T12509] __sys_sendmmsg+0x200/0x420 [ 571.370657][T12509] __x64_sys_sendmmsg+0x9c/0x100 [ 571.370681][T12509] do_syscall_64+0xcd/0xf80 [ 571.370704][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.370726][T12509] [ 571.370726][T12509] other info that might help us debug this: [ 571.370726][T12509] [ 571.370733][T12509] Chain exists of: [ 571.370733][T12509] console_owner --> &p->pi_lock --> &rq->__lock [ 571.370733][T12509] [ 571.370766][T12509] Possible unsafe locking scenario: [ 571.370766][T12509] [ 571.370773][T12509] CPU0 CPU1 [ 571.370779][T12509] ---- ---- [ 571.370786][T12509] lock(&rq->__lock); [ 571.370799][T12509] lock(&p->pi_lock); [ 571.370815][T12509] lock(&rq->__lock); [ 571.370835][T12509] lock(console_owner); [ 571.370849][T12509] [ 571.370849][T12509] *** DEADLOCK *** [ 571.370849][T12509] [ 571.370854][T12509] 6 locks held by syz.1.1417/12509: [ 571.370867][T12509] #0: ffffffff8e1c8620 (rcu_read_lock){....}-{1:3}, at: ip6_route_output_flags+0x3a/0x640 [ 571.370927][T12509] #1: ffffffff8e1c8620 (rcu_read_lock){....}-{1:3}, at: ip6_pol_route+0x17a/0x1230 [ 571.370977][T12509] #2: ffffffff8e1c8620 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xbd/0x20a0 [ 571.371031][T12509] #3: ffff8880b843a958 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 571.371092][T12509] #4: ffffffff8e1b5ae0 (console_lock){+.+.}-{0:0}, at: _printk+0xc7/0x100 [ 571.371144][T12509] #5: ffffffff8e1b5b50 (console_srcu){....}-{0:0}, at: console_flush_all+0x158/0xc60 [ 571.371203][T12509] [ 571.371203][T12509] stack backtrace: [ 571.371214][T12509] CPU: 0 UID: 0 PID: 12509 Comm: syz.1.1417 Not tainted syzkaller #0 PREEMPT(full) [ 571.371242][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 571.371256][T12509] Call Trace: [ 571.371264][T12509] [ 571.371272][T12509] dump_stack_lvl+0x116/0x1f0 [ 571.371299][T12509] print_circular_bug+0x2db/0x410 [ 571.371323][T12509] check_noncircular+0x146/0x160 [ 571.371350][T12509] __lock_acquire+0x1542/0x22f0 [ 571.371378][T12509] lock_acquire+0x179/0x330 [ 571.371400][T12509] ? console_lock_spinning_enable+0x61/0x80 [ 571.371433][T12509] ? console_lock_spinning_enable+0x4a/0x80 [ 571.371466][T12509] console_lock_spinning_enable+0x72/0x80 [ 571.371496][T12509] ? console_lock_spinning_enable+0x61/0x80 [ 571.371526][T12509] console_flush_all+0x7aa/0xc60 [ 571.371559][T12509] ? __pfx_console_flush_all+0x10/0x10 [ 571.371590][T12509] ? __lock_acquire+0x433/0x22f0 [ 571.371616][T12509] ? is_printk_cpu_sync_owner+0x32/0x40 [ 571.371652][T12509] console_unlock+0xd8/0x210 [ 571.371681][T12509] ? __pfx_console_unlock+0x10/0x10 [ 571.371711][T12509] ? do_raw_spin_unlock+0x170/0x230 [ 571.371740][T12509] ? _printk+0xc7/0x100 [ 571.371764][T12509] ? __down_trylock_console_sem+0xb0/0x140 [ 571.371793][T12509] vprintk_emit+0x3d7/0x680 [ 571.371828][T12509] ? __pfx_vprintk_emit+0x10/0x10 [ 571.371860][T12509] ? unwind_next_frame+0x3fe/0x20a0 [ 571.371886][T12509] ? ip6_dst_lookup_flow+0x99/0x1d0 [ 571.371922][T12509] _printk+0xc7/0x100 [ 571.371945][T12509] ? __pfx__printk+0x10/0x10 [ 571.371973][T12509] ? __report_bug+0x396/0x520 [ 571.371996][T12509] __report_bug+0x3a6/0x520 [ 571.372017][T12509] ? update_rq_clock+0x34a/0xc70 [ 571.372049][T12509] ? __pfx___report_bug+0x10/0x10 [ 571.372076][T12509] ? __lock_acquire+0x433/0x22f0 [ 571.372100][T12509] ? update_rq_clock+0x34a/0xc70 [ 571.372132][T12509] report_bug+0xb2/0x220 [ 571.372154][T12509] ? update_rq_clock+0x34a/0xc70 [ 571.372184][T12509] handle_bug+0x127/0x260 [ 571.372213][T12509] exc_invalid_op+0x17/0x50 [ 571.372243][T12509] asm_exc_invalid_op+0x1a/0x20 [ 571.372264][T12509] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 571.372297][T12509] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 571.372320][T12509] RSP: 0018:ffffc900051eeac8 EFLAGS: 00010046 [ 571.372339][T12509] RAX: 0000000000000000 RBX: ffff8880b853a940 RCX: 0000000000000001 [ 571.372354][T12509] RDX: 0000000000000000 RSI: ffffffff8d8785ac RDI: ffffffff8bd1bd00 [ 571.372370][T12509] RBP: 0000000000000001 R08: ffff8880b843b448 R09: fffffbfff20cb9fa [ 571.372385][T12509] R10: ffffffff9065cfd7 R11: 0000000000000001 R12: ffffffff90660034 [ 571.372401][T12509] R13: ffffffff8db359e0 R14: ffff88801d2dbd00 R15: ffff8880b853a940 [ 571.372425][T12509] ? update_rq_clock+0x99/0xc70 [ 571.372458][T12509] __schedule+0x2035/0x5de0 [ 571.372490][T12509] ? __pfx___schedule+0x10/0x10 [ 571.372513][T12509] ? kernel_text_address+0x8d/0x100 [ 571.372539][T12509] ? __kernel_text_address+0xd/0x40 [ 571.372566][T12509] ? arch_stack_walk+0xa6/0x100 [ 571.372594][T12509] ? __lock_acquire+0x433/0x22f0 [ 571.372619][T12509] ? __lock_acquire+0x433/0x22f0 [ 571.372644][T12509] preempt_schedule_irq+0x51/0x90 [ 571.372670][T12509] irqentry_exit+0x36/0x90 [ 571.372695][T12509] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 571.372719][T12509] RIP: 0010:debug_lockdep_rcu_enabled+0x26/0x40 [ 571.372748][T12509] Code: 90 90 90 90 f3 0f 1e fa 8b 05 56 88 0a 05 85 c0 74 20 8b 05 c0 b7 0a 05 85 c0 74 16 65 48 8b 05 98 37 2c 08 8b 80 2c 0b 00 00 <85> c0 0f 94 c0 0f b6 c0 e9 cd 1d 03 00 66 2e 0f 1f 84 00 00 00 00 [ 571.372770][T12509] RSP: 0018:ffffc900051eee20 EFLAGS: 00000202 [ 571.372787][T12509] RAX: 0000000000000000 RBX: ffffc900051ef170 RCX: ffffc900051f0001 [ 571.372803][T12509] RDX: ffffc900051ef178 RSI: ffffc900051ef140 RDI: ffffc900051eeea8 [ 571.372823][T12509] RBP: 0000000000000001 R08: 0000000000000001 R09: 00000000501fefef [ 571.372838][T12509] R10: ffff88801d7d66b0 R11: 00000000000832b8 R12: ffffc900051eeee8 [ 571.372854][T12509] R13: ffffc900051eee98 R14: ffffc900051ef170 R15: ffffc900051eeecc [ 571.372878][T12509] unwind_next_frame+0x3de/0x20a0 [ 571.372904][T12509] ? dst_alloc+0xbb/0x1a0 [ 571.372926][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 571.372949][T12509] arch_stack_walk+0x94/0x100 [ 571.372977][T12509] ? ip6_rt_cache_alloc+0x1f6/0x8c0 [ 571.373011][T12509] stack_trace_save+0x8e/0xc0 [ 571.373031][T12509] ? __pfx_stack_trace_save+0x10/0x10 [ 571.373055][T12509] ? kasan_save_track+0x14/0x30 [ 571.373081][T12509] ? __kasan_kmalloc+0xaa/0xb0 [ 571.373106][T12509] ref_tracker_alloc+0x1d2/0x5b0 [ 571.373131][T12509] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 571.373157][T12509] ? dst_init+0xda/0x580 [ 571.373176][T12509] ? dst_alloc+0xbb/0x1a0 [ 571.373201][T12509] ? rcu_is_watching+0x12/0xc0 [ 571.373232][T12509] ? trace_kmem_cache_alloc+0x28/0xb0 [ 571.373262][T12509] ? kmem_cache_alloc_noprof+0x2a1/0x720 [ 571.373299][T12509] dst_init+0xda/0x580 [ 571.373320][T12509] dst_alloc+0xbb/0x1a0 [ 571.373342][T12509] ip6_rt_cache_alloc+0x1f6/0x8c0 [ 571.373376][T12509] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 571.373413][T12509] ip6_pol_route+0xd7b/0x1230 [ 571.373436][T12509] ? __pfx_ip6_pol_route+0x10/0x10 [ 571.373457][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 571.373480][T12509] ? kernel_text_address+0x8d/0x100 [ 571.373507][T12509] ? unwind_get_return_address+0x59/0xa0 [ 571.373534][T12509] ? arch_stack_walk+0xa6/0x100 [ 571.373561][T12509] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 571.373583][T12509] fib6_rule_lookup+0x386/0x720 [ 571.373615][T12509] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 571.373647][T12509] ? stack_trace_save+0x8e/0xc0 [ 571.373672][T12509] ? kasan_save_stack+0x42/0x60 [ 571.373697][T12509] ? kasan_save_stack+0x33/0x60 [ 571.373721][T12509] ? kasan_record_aux_stack+0xa7/0xc0 [ 571.373755][T12509] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 571.373786][T12509] ip6_route_output_flags+0x1d0/0x640 [ 571.373823][T12509] ip6_dst_lookup_tail.constprop.0+0x115a/0x2140 [ 571.373865][T12509] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 571.373905][T12509] ? __lock_acquire+0x433/0x22f0 [ 571.373932][T12509] ip6_dst_lookup_flow+0x99/0x1d0 [ 571.373966][T12509] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 571.374000][T12509] ? find_held_lock+0x2b/0x80 [ 571.374030][T12509] ? rawv6_sendmsg+0xb68/0x4860 [ 571.374062][T12509] rawv6_sendmsg+0xe86/0x4860 [ 571.374092][T12509] ? aa_label_sk_perm+0x195/0x5f0 [ 571.374123][T12509] ? aa_profile_af_perm+0x321/0x390 [ 571.374152][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 571.374185][T12509] ? find_held_lock+0x2b/0x80 [ 571.374214][T12509] ? find_held_lock+0x2b/0x80 [ 571.374260][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 571.374291][T12509] ? inet_sendmsg+0x11c/0x140 [ 571.374311][T12509] inet_sendmsg+0x11c/0x140 [ 571.374332][T12509] ____sys_sendmsg+0x973/0xc30 [ 571.374362][T12509] ? copy_msghdr_from_user+0x10a/0x160 [ 571.374386][T12509] ? __pfx_____sys_sendmsg+0x10/0x10 [ 571.374423][T12509] ___sys_sendmsg+0x134/0x1d0 [ 571.374448][T12509] ? __pfx____sys_sendmsg+0x10/0x10 [ 571.374471][T12509] ? __pfx___up_read+0x10/0x10 [ 571.374511][T12509] ? __pfx___might_resched+0x10/0x10 [ 571.374546][T12509] __sys_sendmmsg+0x200/0x420 [ 571.374571][T12509] ? __pfx___sys_sendmmsg+0x10/0x10 [ 571.374595][T12509] ? __local_bh_enable_ip+0xa4/0x120 [ 571.374631][T12509] ? __pfx_do_futex+0x10/0x10 [ 571.374665][T12509] ? xfd_validate_state+0x61/0x180 [ 571.374702][T12509] __x64_sys_sendmmsg+0x9c/0x100 [ 571.374727][T12509] ? lockdep_hardirqs_on+0x7c/0x110 [ 571.374753][T12509] do_syscall_64+0xcd/0xf80 [ 571.374780][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 571.374803][T12509] RIP: 0033:0x7fcca658f7c9 [ 571.374826][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 571.374848][T12509] RSP: 002b:00007fcca748c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 571.374869][T12509] RAX: ffffffffffffffda RBX: 00007fcca67e6180 RCX: 00007fcca658f7c9 [ 571.374886][T12509] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 571.374900][T12509] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 571.374915][T12509] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 571.374930][T12509] R13: 00007fcca67e6218 R14: 00007fcca67e6180 R15: 00007fff44075988 [ 571.374955][T12509] [ 573.007783][T12509] WARNING: kernel/sched/sched.h:1547 at update_rq_clock+0x34a/0xc70, CPU#0: syz.1.1417/12509 [ 573.017966][T12509] Modules linked in: [ 573.021872][T12509] CPU: 0 UID: 0 PID: 12509 Comm: syz.1.1417 Not tainted syzkaller #0 PREEMPT(full) [ 573.031252][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 573.041304][T12509] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 573.046876][T12509] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 573.066496][T12509] RSP: 0018:ffffc900051eeac8 EFLAGS: 00010046 [ 573.072573][T12509] RAX: 0000000000000000 RBX: ffff8880b853a940 RCX: 0000000000000001 [ 573.080632][T12509] RDX: 0000000000000000 RSI: ffffffff8d8785ac RDI: ffffffff8bd1bd00 [ 573.088607][T12509] RBP: 0000000000000001 R08: ffff8880b843b448 R09: fffffbfff20cb9fa [ 573.096666][T12509] R10: ffffffff9065cfd7 R11: 0000000000000001 R12: ffffffff90660034 [ 573.104635][T12509] R13: ffffffff8db359e0 R14: ffff88801d2dbd00 R15: ffff8880b853a940 [ 573.112616][T12509] FS: 00007fcca748c6c0(0000) GS:ffff888124ba8000(0000) knlGS:0000000000000000 [ 573.121559][T12509] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 573.128144][T12509] CR2: 0000001b31ae9ff8 CR3: 0000000079532000 CR4: 00000000003526f0 [ 573.136202][T12509] Call Trace: [ 573.139479][T12509] [ 573.142411][T12509] __schedule+0x2035/0x5de0 [ 573.146928][T12509] ? __pfx___schedule+0x10/0x10 [ 573.151779][T12509] ? kernel_text_address+0x8d/0x100 [ 573.156983][T12509] ? __kernel_text_address+0xd/0x40 [ 573.162184][T12509] ? arch_stack_walk+0xa6/0x100 [ 573.167038][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.171976][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.176913][T12509] preempt_schedule_irq+0x51/0x90 [ 573.181939][T12509] irqentry_exit+0x36/0x90 [ 573.186359][T12509] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 573.192340][T12509] RIP: 0010:debug_lockdep_rcu_enabled+0x26/0x40 [ 573.198589][T12509] Code: 90 90 90 90 f3 0f 1e fa 8b 05 56 88 0a 05 85 c0 74 20 8b 05 c0 b7 0a 05 85 c0 74 16 65 48 8b 05 98 37 2c 08 8b 80 2c 0b 00 00 <85> c0 0f 94 c0 0f b6 c0 e9 cd 1d 03 00 66 2e 0f 1f 84 00 00 00 00 [ 573.218207][T12509] RSP: 0018:ffffc900051eee20 EFLAGS: 00000202 [ 573.224276][T12509] RAX: 0000000000000000 RBX: ffffc900051ef170 RCX: ffffc900051f0001 [ 573.232253][T12509] RDX: ffffc900051ef178 RSI: ffffc900051ef140 RDI: ffffc900051eeea8 [ 573.240223][T12509] RBP: 0000000000000001 R08: 0000000000000001 R09: 00000000501fefef [ 573.248189][T12509] R10: ffff88801d7d66b0 R11: 00000000000832b8 R12: ffffc900051eeee8 [ 573.256163][T12509] R13: ffffc900051eee98 R14: ffffc900051ef170 R15: ffffc900051eeecc [ 573.264183][T12509] unwind_next_frame+0x3de/0x20a0 [ 573.269221][T12509] ? dst_alloc+0xbb/0x1a0 [ 573.273561][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 573.279718][T12509] arch_stack_walk+0x94/0x100 [ 573.284416][T12509] ? ip6_rt_cache_alloc+0x1f6/0x8c0 [ 573.289637][T12509] stack_trace_save+0x8e/0xc0 [ 573.294316][T12509] ? __pfx_stack_trace_save+0x10/0x10 [ 573.299689][T12509] ? kasan_save_track+0x14/0x30 [ 573.304545][T12509] ? __kasan_kmalloc+0xaa/0xb0 [ 573.309310][T12509] ref_tracker_alloc+0x1d2/0x5b0 [ 573.314263][T12509] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 573.319727][T12509] ? dst_init+0xda/0x580 [ 573.323964][T12509] ? dst_alloc+0xbb/0x1a0 [ 573.328295][T12509] ? rcu_is_watching+0x12/0xc0 [ 573.333068][T12509] ? trace_kmem_cache_alloc+0x28/0xb0 [ 573.338444][T12509] ? kmem_cache_alloc_noprof+0x2a1/0x720 [ 573.344176][T12509] dst_init+0xda/0x580 [ 573.348244][T12509] dst_alloc+0xbb/0x1a0 [ 573.352396][T12509] ip6_rt_cache_alloc+0x1f6/0x8c0 [ 573.357434][T12509] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 573.362996][T12509] ip6_pol_route+0xd7b/0x1230 [ 573.367682][T12509] ? __pfx_ip6_pol_route+0x10/0x10 [ 573.372792][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 573.378944][T12509] ? kernel_text_address+0x8d/0x100 [ 573.384148][T12509] ? unwind_get_return_address+0x59/0xa0 [ 573.389787][T12509] ? arch_stack_walk+0xa6/0x100 [ 573.394644][T12509] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 573.400363][T12509] fib6_rule_lookup+0x386/0x720 [ 573.405225][T12509] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 573.410608][T12509] ? stack_trace_save+0x8e/0xc0 [ 573.415466][T12509] ? kasan_save_stack+0x42/0x60 [ 573.420317][T12509] ? kasan_save_stack+0x33/0x60 [ 573.425168][T12509] ? kasan_record_aux_stack+0xa7/0xc0 [ 573.430548][T12509] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 573.436630][T12509] ip6_route_output_flags+0x1d0/0x640 [ 573.442025][T12509] ip6_dst_lookup_tail.constprop.0+0x115a/0x2140 [ 573.448373][T12509] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 573.455161][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.460110][T12509] ip6_dst_lookup_flow+0x99/0x1d0 [ 573.465159][T12509] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 573.470804][T12509] ? find_held_lock+0x2b/0x80 [ 573.475489][T12509] ? rawv6_sendmsg+0xb68/0x4860 [ 573.480351][T12509] rawv6_sendmsg+0xe86/0x4860 [ 573.485121][T12509] ? aa_label_sk_perm+0x195/0x5f0 [ 573.490155][T12509] ? aa_profile_af_perm+0x321/0x390 [ 573.495359][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 573.500482][T12509] ? find_held_lock+0x2b/0x80 [ 573.505166][T12509] ? find_held_lock+0x2b/0x80 [ 573.509872][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 573.514999][T12509] ? inet_sendmsg+0x11c/0x140 [ 573.519673][T12509] inet_sendmsg+0x11c/0x140 [ 573.524175][T12509] ____sys_sendmsg+0x973/0xc30 [ 573.528954][T12509] ? copy_msghdr_from_user+0x10a/0x160 [ 573.534412][T12509] ? __pfx_____sys_sendmsg+0x10/0x10 [ 573.539710][T12509] ___sys_sendmsg+0x134/0x1d0 [ 573.544388][T12509] ? __pfx____sys_sendmsg+0x10/0x10 [ 573.549586][T12509] ? __pfx___up_read+0x10/0x10 [ 573.554366][T12509] ? __pfx___might_resched+0x10/0x10 [ 573.559663][T12509] __sys_sendmmsg+0x200/0x420 [ 573.564365][T12509] ? __pfx___sys_sendmmsg+0x10/0x10 [ 573.569586][T12509] ? __local_bh_enable_ip+0xa4/0x120 [ 573.574895][T12509] ? __pfx_do_futex+0x10/0x10 [ 573.579590][T12509] ? xfd_validate_state+0x61/0x180 [ 573.584732][T12509] __x64_sys_sendmmsg+0x9c/0x100 [ 573.589681][T12509] ? lockdep_hardirqs_on+0x7c/0x110 [ 573.594890][T12509] do_syscall_64+0xcd/0xf80 [ 573.599401][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 573.605297][T12509] RIP: 0033:0x7fcca658f7c9 [ 573.609708][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 573.629314][T12509] RSP: 002b:00007fcca748c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 573.637729][T12509] RAX: ffffffffffffffda RBX: 00007fcca67e6180 RCX: 00007fcca658f7c9 [ 573.645695][T12509] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 573.653662][T12509] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 573.661635][T12509] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 573.669637][T12509] R13: 00007fcca67e6218 R14: 00007fcca67e6180 R15: 00007fff44075988 [ 573.677798][T12509] [ 573.680818][T12509] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 573.688295][T12509] CPU: 0 UID: 0 PID: 12509 Comm: syz.1.1417 Not tainted syzkaller #0 PREEMPT(full) [ 573.697680][T12509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 573.707741][T12509] Call Trace: [ 573.711032][T12509] [ 573.713964][T12509] dump_stack_lvl+0x3d/0x1f0 [ 573.718579][T12509] vpanic+0x640/0x6f0 [ 573.722566][T12509] ? update_rq_clock+0x34a/0xc70 [ 573.727514][T12509] panic+0xca/0xd0 [ 573.731235][T12509] ? __pfx_panic+0x10/0x10 [ 573.735660][T12509] check_panic_on_warn+0xab/0xb0 [ 573.740630][T12509] __warn+0x108/0x3c0 [ 573.744616][T12509] __report_bug+0x2a0/0x520 [ 573.749118][T12509] ? update_rq_clock+0x34a/0xc70 [ 573.754080][T12509] ? __pfx___report_bug+0x10/0x10 [ 573.759124][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.764077][T12509] ? update_rq_clock+0x34a/0xc70 [ 573.769057][T12509] report_bug+0xb2/0x220 [ 573.773317][T12509] ? update_rq_clock+0x34a/0xc70 [ 573.778274][T12509] handle_bug+0x127/0x260 [ 573.782625][T12509] exc_invalid_op+0x17/0x50 [ 573.787143][T12509] asm_exc_invalid_op+0x1a/0x20 [ 573.792030][T12509] RIP: 0010:update_rq_clock+0x34a/0xc70 [ 573.797584][T12509] Code: ab 48 0b 00 00 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc a8 04 0f 84 9c fd ff ff 90 0f 0b 90 e9 93 fd ff ff 90 <0f> 0b 90 e9 4f fd ff ff 48 8d bb 18 0e 00 00 48 b8 00 00 00 00 00 [ 573.817191][T12509] RSP: 0018:ffffc900051eeac8 EFLAGS: 00010046 [ 573.823259][T12509] RAX: 0000000000000000 RBX: ffff8880b853a940 RCX: 0000000000000001 [ 573.831229][T12509] RDX: 0000000000000000 RSI: ffffffff8d8785ac RDI: ffffffff8bd1bd00 [ 573.839199][T12509] RBP: 0000000000000001 R08: ffff8880b843b448 R09: fffffbfff20cb9fa [ 573.847166][T12509] R10: ffffffff9065cfd7 R11: 0000000000000001 R12: ffffffff90660034 [ 573.855169][T12509] R13: ffffffff8db359e0 R14: ffff88801d2dbd00 R15: ffff8880b853a940 [ 573.863146][T12509] ? update_rq_clock+0x99/0xc70 [ 573.868015][T12509] __schedule+0x2035/0x5de0 [ 573.872529][T12509] ? __pfx___schedule+0x10/0x10 [ 573.877379][T12509] ? kernel_text_address+0x8d/0x100 [ 573.882583][T12509] ? __kernel_text_address+0xd/0x40 [ 573.887785][T12509] ? arch_stack_walk+0xa6/0x100 [ 573.892644][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.897581][T12509] ? __lock_acquire+0x433/0x22f0 [ 573.902523][T12509] preempt_schedule_irq+0x51/0x90 [ 573.907550][T12509] irqentry_exit+0x36/0x90 [ 573.911965][T12509] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 573.917958][T12509] RIP: 0010:debug_lockdep_rcu_enabled+0x26/0x40 [ 573.924225][T12509] Code: 90 90 90 90 f3 0f 1e fa 8b 05 56 88 0a 05 85 c0 74 20 8b 05 c0 b7 0a 05 85 c0 74 16 65 48 8b 05 98 37 2c 08 8b 80 2c 0b 00 00 <85> c0 0f 94 c0 0f b6 c0 e9 cd 1d 03 00 66 2e 0f 1f 84 00 00 00 00 [ 573.943857][T12509] RSP: 0018:ffffc900051eee20 EFLAGS: 00000202 [ 573.949940][T12509] RAX: 0000000000000000 RBX: ffffc900051ef170 RCX: ffffc900051f0001 [ 573.957915][T12509] RDX: ffffc900051ef178 RSI: ffffc900051ef140 RDI: ffffc900051eeea8 [ 573.965884][T12509] RBP: 0000000000000001 R08: 0000000000000001 R09: 00000000501fefef [ 573.973854][T12509] R10: ffff88801d7d66b0 R11: 00000000000832b8 R12: ffffc900051eeee8 [ 573.981822][T12509] R13: ffffc900051eee98 R14: ffffc900051ef170 R15: ffffc900051eeecc [ 573.989809][T12509] unwind_next_frame+0x3de/0x20a0 [ 573.994850][T12509] ? dst_alloc+0xbb/0x1a0 [ 573.999182][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 574.005339][T12509] arch_stack_walk+0x94/0x100 [ 574.010022][T12509] ? ip6_rt_cache_alloc+0x1f6/0x8c0 [ 574.015233][T12509] stack_trace_save+0x8e/0xc0 [ 574.019906][T12509] ? __pfx_stack_trace_save+0x10/0x10 [ 574.025276][T12509] ? kasan_save_track+0x14/0x30 [ 574.030130][T12509] ? __kasan_kmalloc+0xaa/0xb0 [ 574.034892][T12509] ref_tracker_alloc+0x1d2/0x5b0 [ 574.039840][T12509] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 574.045303][T12509] ? dst_init+0xda/0x580 [ 574.049547][T12509] ? dst_alloc+0xbb/0x1a0 [ 574.053876][T12509] ? rcu_is_watching+0x12/0xc0 [ 574.058647][T12509] ? trace_kmem_cache_alloc+0x28/0xb0 [ 574.064037][T12509] ? kmem_cache_alloc_noprof+0x2a1/0x720 [ 574.069710][T12509] dst_init+0xda/0x580 [ 574.073797][T12509] dst_alloc+0xbb/0x1a0 [ 574.077957][T12509] ip6_rt_cache_alloc+0x1f6/0x8c0 [ 574.082999][T12509] ? __pfx_ip6_rt_cache_alloc+0x10/0x10 [ 574.088566][T12509] ip6_pol_route+0xd7b/0x1230 [ 574.093248][T12509] ? __pfx_ip6_pol_route+0x10/0x10 [ 574.098363][T12509] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 574.104521][T12509] ? kernel_text_address+0x8d/0x100 [ 574.109727][T12509] ? unwind_get_return_address+0x59/0xa0 [ 574.115368][T12509] ? arch_stack_walk+0xa6/0x100 [ 574.120226][T12509] ? __pfx_ip6_pol_route_output+0x10/0x10 [ 574.125943][T12509] fib6_rule_lookup+0x386/0x720 [ 574.130810][T12509] ? __pfx_fib6_rule_lookup+0x10/0x10 [ 574.136193][T12509] ? stack_trace_save+0x8e/0xc0 [ 574.141048][T12509] ? kasan_save_stack+0x42/0x60 [ 574.145905][T12509] ? kasan_save_stack+0x33/0x60 [ 574.150761][T12509] ? kasan_record_aux_stack+0xa7/0xc0 [ 574.156144][T12509] ? __call_rcu_common.constprop.0+0xa5/0xa10 [ 574.162228][T12509] ip6_route_output_flags+0x1d0/0x640 [ 574.167613][T12509] ip6_dst_lookup_tail.constprop.0+0x115a/0x2140 [ 574.173959][T12509] ? __pfx_ip6_dst_lookup_tail.constprop.0+0x10/0x10 [ 574.180825][T12509] ? __lock_acquire+0x433/0x22f0 [ 574.185774][T12509] ip6_dst_lookup_flow+0x99/0x1d0 [ 574.190831][T12509] ? __pfx_ip6_dst_lookup_flow+0x10/0x10 [ 574.196583][T12509] ? find_held_lock+0x2b/0x80 [ 574.201289][T12509] ? rawv6_sendmsg+0xb68/0x4860 [ 574.206158][T12509] rawv6_sendmsg+0xe86/0x4860 [ 574.210940][T12509] ? aa_label_sk_perm+0x195/0x5f0 [ 574.215983][T12509] ? aa_profile_af_perm+0x321/0x390 [ 574.221200][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 574.226333][T12509] ? find_held_lock+0x2b/0x80 [ 574.231114][T12509] ? find_held_lock+0x2b/0x80 [ 574.235913][T12509] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 574.241068][T12509] ? inet_sendmsg+0x11c/0x140 [ 574.245746][T12509] inet_sendmsg+0x11c/0x140 [ 574.250275][T12509] ____sys_sendmsg+0x973/0xc30 [ 574.255141][T12509] ? copy_msghdr_from_user+0x10a/0x160 [ 574.260602][T12509] ? __pfx_____sys_sendmsg+0x10/0x10 [ 574.265907][T12509] ___sys_sendmsg+0x134/0x1d0 [ 574.270587][T12509] ? __pfx____sys_sendmsg+0x10/0x10 [ 574.275788][T12509] ? __pfx___up_read+0x10/0x10 [ 574.280571][T12509] ? __pfx___might_resched+0x10/0x10 [ 574.285880][T12509] __sys_sendmmsg+0x200/0x420 [ 574.290558][T12509] ? __pfx___sys_sendmmsg+0x10/0x10 [ 574.295767][T12509] ? __local_bh_enable_ip+0xa4/0x120 [ 574.301069][T12509] ? __pfx_do_futex+0x10/0x10 [ 574.305772][T12509] ? xfd_validate_state+0x61/0x180 [ 574.311000][T12509] __x64_sys_sendmmsg+0x9c/0x100 [ 574.315944][T12509] ? lockdep_hardirqs_on+0x7c/0x110 [ 574.321146][T12509] do_syscall_64+0xcd/0xf80 [ 574.325658][T12509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 574.331558][T12509] RIP: 0033:0x7fcca658f7c9 [ 574.335971][T12509] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 574.355584][T12509] RSP: 002b:00007fcca748c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 574.364000][T12509] RAX: ffffffffffffffda RBX: 00007fcca67e6180 RCX: 00007fcca658f7c9 [ 574.372063][T12509] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 574.380030][T12509] RBP: 00007fcca6613f91 R08: 0000000000000000 R09: 0000000000000000 [ 574.388005][T12509] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000000 [ 574.395973][T12509] R13: 00007fcca67e6218 R14: 00007fcca67e6180 R15: 00007fff44075988 [ 574.403960][T12509] [ 574.407433][T12509] Kernel Offset: disabled [ 574.411938][T12509] Rebooting in 86400 seconds..