last executing test programs: 8.220818787s ago: executing program 0 (id=650): mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/tracing/set_event\x00', 0x20002, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x2, 0x0) r2 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x22240, 0x155) socket(0x2, 0x1, 0x106) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0xffff, @remote}, 0x6a) socket(0x2, 0x1, 0x106) listen$auto(0x3, 0x81) sendmmsg$auto(r2, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x4, 0x0, 0x100082) syz_genetlink_get_family_id$auto_mac80211_hwsim(0x0, 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r1, &(0x7f0000001400)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x24000000}, 0x18800) madvise$auto(0xfffffffffffffffe, 0x43226f3d, 0x0) close_range$auto(r0, 0x8, 0x0) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) syslog$auto(0x3, 0x0, 0xda) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x10b402, 0x0) 8.190382599s ago: executing program 1 (id=651): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) openat$auto_tap_fops_tap(0xffffffffffffff9c, 0x0, 0x20840, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0xa, 0x8) r0 = socket(0x2b, 0x1, 0x0) r1 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000600)='/dev/audio\x00', 0x20000, 0x0) ioctl$auto_SOUND_MIXER_READ_STEREODEVS2(r1, 0x80044dfb, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x9}, 0x80000a}, 0x7, 0x20000000) mmap$auto(0x9, 0x101, 0x8, 0xeb1, 0x200000401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0xc844) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) setsockopt$auto(0x3, 0x1, 0x2f, 0x0, 0x9) syz_genetlink_get_family_id$auto_nl80211(0x0, 0xffffffffffffffff) clock_adjtime$auto(0xfffffffd, 0x0) mmap$auto(0x0, 0x200006, 0x2, 0x40eb1, 0x602, 0x300000000000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(0x3, 0x0, 0xfffffdef) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r2 = openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, 0x0, 0x109002, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_CREATE(r2, 0xc02054a5, 0x0) socket(0x2, 0x5, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2000, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, 0x0, 0x0) 7.894779268s ago: executing program 3 (id=652): r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) preadv2$auto(0x3, 0x0, 0x5, 0xffffffffffffffff, 0x7, 0x2e) write$auto_tty_fops_tty_io(r0, &(0x7f0000000200)="352c8efa610c0bcf83a4ebdb040000000000000021cb244b19a48bb5e0d12df9735b745b9554dfb0ad77a37be296ebe6f598901d632a206d9bb056d8c8d9a5b4cf165c931477ba53f3a80c522fc11555ea", 0x51) mmap$auto(0x0, 0x6, 0x2, 0x40eb2, 0xffffffffffffffff, 0x308000000000) ioctl$auto(0xffffffffffffffff, 0x8912, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xfffffffffffffffe, 0x8000) ustat$auto(0x801, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) writev$auto(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x40}, 0x8) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) madvise$auto(0x0, 0x2003f0, 0x15) io_uring_setup$auto(0x1, 0x0) bpf$auto(0x5, 0x0, 0x102) getpid() r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000164c0), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_GET_SCAN(r3, &(0x7f00000165c0)={0x0, 0x0, &(0x7f0000016580)={&(0x7f0000000140)={0x14, r4, 0xd3ac6c422733a379, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004000}, 0x0) read$auto(r2, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) ioprio_get$auto_IOPRIO_WHO_PGRP(0x2, 0x0) 7.335372583s ago: executing program 0 (id=653): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) preadv2$auto(r0, &(0x7f0000000080)={0x0, 0x80000000}, 0x6, 0xffffffffffffffff, 0x0, 0x2e) ioctl$auto_BLKFLSBUF(r0, 0x1261, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0x1, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/system/memory/memory12/power/control\x00', 0x100, 0x0) close_range$auto(r3, 0x5, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(0x3, 0x4048aec9, r4) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x8010) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) signalfd4$auto(0xffffffff, 0x0, 0x8, 0x0) syz_open_procfs$namespace(0x0, 0x0) msync$auto(0x7f, 0x6, 0x0) clock_nanosleep$auto(0x8001, 0x9, 0x0, &(0x7f0000000240)={0x0, 0x1}) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x4) 7.090658073s ago: executing program 1 (id=655): mmap$auto(0x0, 0x400005, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_dma_heap_fops_dma_heap(0xffffffffffffffff, 0xffffffffffdffe00, &(0x7f0000000140)=';') r0 = openat$auto_snd_mixer_oss_f_ops_mixer_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer1\x00', 0x0, 0x0) r1 = dup$auto(r0) ioctl$auto_ECCGETLAYOUT(r1, 0x81484d11, &(0x7f0000000340)={0x101, [0x101, 0x1, 0x80000000, 0x3, 0xa, 0x5, 0x1, 0x5, 0x808f, 0xe, 0x5, 0x7, 0x2, 0xf, 0x57, 0x8dbc, 0x8, 0x7, 0xd1, 0x72944006, 0x1, 0xfe54, 0x0, 0xfffff645, 0x9, 0x6, 0x9, 0x80, 0x80000000, 0x8dc, 0x4, 0x8, 0xfffff0bf, 0xa, 0x575e6e2c, 0x101, 0xff, 0x2, 0xffff0000, 0x3, 0x71c7, 0x1, 0x8, 0x90, 0xfffffffb, 0x7, 0x3, 0x5, 0x200, 0x100, 0x71d1, 0xffff, 0x9, 0x8, 0x8, 0x3, 0x2, 0x81, 0xe, 0x17, 0xe0b, 0x1, 0x0, 0x57a1], 0x6, [{0xff, 0x6e14}, {0x9, 0x8}, {0x4d1, 0xb9bc}, {0xe, 0x8}, {0x4, 0x24}, {0x1, 0x8}, {0x1, 0x1ff}, {0x1, 0x40}]}) openat$auto_rfkill_fops_core(0xffffffffffffff9c, 0x0, 0x40, 0x0) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) unshare$auto(0x40000080) ioctl$auto(0x3, 0xae60, 0x10000000000402) ioctl$auto(0x3, 0x4008ae48, 0x38) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) mmap$auto(0x0, 0x5, 0x2, 0x40eb2, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000000)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xac}, 0x5, 0x0, 0x1, 0x697b}, 0xed7138c}, 0x2, 0x9) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) ioctl$auto_SNDCTL_DSP_SETDUPLEX(0xffffffffffffffff, 0x5016, 0x0) 6.861507558s ago: executing program 2 (id=656): mmap$auto(0x0, 0x400008, 0xdd, 0x38, 0x1, 0x8000000000000000) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) mmap$auto(0x1, 0x20009, 0x8, 0xeb1, 0x7f, 0x8000) sysfs$auto(0x2, 0x10000000000002a, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) prctl$auto(0x3e, 0x4000000000001, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmsg$auto_NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x8000800) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) r0 = openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f0000001580)='/sys/kernel/debug/tracing/events/vmalloc/enable\x00', 0x204, 0x1a00) read$auto(r0, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) listmount$auto(0x0, 0x0, 0xf4240, 0x1) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x60040, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socket(0x10, 0x2, 0x15) sendmsg$auto_NL80211_CMD_GET_REG(r1, 0x0, 0x4040c34) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x4, &(0x7f00000002c0)={0x0, 0x9}, 0x7fff, 0x0, 0x0, 0xfffffff8}, 0x7}, 0x3, 0xdc85) mseal$auto(0x0, 0x7dda, 0x0) r2 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x101000, 0x0) preadv$auto(r2, &(0x7f00000000c0)={0x0, 0x8010000}, 0x200, 0xf9, 0x8000000001) madvise$auto(0x0, 0x200007, 0x8) sendmmsg$auto(r0, 0x0, 0x9a6, 0x7000000) 6.5057341s ago: executing program 3 (id=657): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) membarrier$auto(0x2, 0x0, 0x9) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0xc02, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) r0 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/radio6\x00', 0x8a240, 0x0) ioctl$auto(r0, 0x5646, r0) connect$auto(0x3, &(0x7f0000000000)=@xdp={0x2c, 0x0, 0x0, 0x2b}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) getpid() r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0xc8201, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) sendmsg$auto_ETHTOOL_MSG_MODULE_EEPROM_GET(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000040), 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x110, 0x0, 0x8, 0x70bd28, 0x25dfdbff, {}, [@ETHTOOL_A_MODULE_EEPROM_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x73e}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6tnl0\x00'}]}, @ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x10}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x655}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x401}]}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}]}, @ETHTOOL_A_MODULE_EEPROM_I2C_ADDRESS={0x5, 0x6, 0x8}, @ETHTOOL_A_MODULE_EEPROM_LENGTH={0x8, 0x3, 0x4}, @ETHTOOL_A_MODULE_EEPROM_BANK={0x5, 0x5, 0x7f}, @ETHTOOL_A_MODULE_EEPROM_BANK={0x5, 0x5, 0x2}, @ETHTOOL_A_MODULE_EEPROM_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xcd41}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x4}, 0x40000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) 5.697768382s ago: executing program 2 (id=658): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4ea2, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) recvfrom$auto(0x3, 0x0, 0x800000000e, 0x100, 0x0, 0xfffffffffffffffd) r1 = openat$auto_ima_ascii_measurements_ops_ima_fs(0xffffffffffffff9c, 0x0, 0x80, 0x0) fadvise64$auto_POSIX_FADV_NORMAL(r1, 0x7, 0xd, 0x0) write$auto(0x3, 0x0, 0x7fffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) setsockopt$auto(0x3, 0x1, 0x21, 0x0, 0x9) sendmsg$auto_NL80211_CMD_PROBE_MESH_LINK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x14, 0x0, 0x300, 0x70bd26, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x24000000}, 0x400c080) write$auto(0x3, 0x0, 0xfffffdef) mmap$auto(0x0, 0x70, 0xdf, 0x9b72, 0x2, 0x80000000008000) connect$auto(0x3, 0x0, 0x55) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ram7\x00', 0x14f602, 0x0) openat$auto_mgts_fops_(0xffffffffffffff9c, &(0x7f0000000040), 0xa001, 0x0) rename$auto(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') read$auto(0x3, 0x0, 0x80) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x4, 0x300000000000) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) 5.355977661s ago: executing program 0 (id=659): r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/fs/cifs/mount_params\x00', 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x7fffffffffffffff, 0xeb1, r0, 0x8000) r1 = openat$auto_event_trigger_fops_trace(0xffffffffffffff9c, &(0x7f0000000340)='/sys/kernel/debug/tracing/events/vmalloc/purge_vmap_area_lazy/trigger\x00', 0x1, 0x0) write$auto(r1, &(0x7f0000001080)='\xcb:\x00', 0x2) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0x7fffffffefff}, 0x7) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000380)='/sys/devices/system/cpu/cpu1/hotplug/target\x00', 0x800, 0x0) read$auto(r2, 0x0, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_VENDOR(r3, 0x0, 0x4000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_l2tp(&(0x7f0000000640), 0xffffffffffffffff) sendmsg$auto_L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x5c, r5, 0x1, 0x70bd2b, 0x25dfdbf9, {}, [@L2TP_ATTR_ENCAP_TYPE={0x6, 0x2, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x58}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x8}, @L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x8}, @L2TP_ATTR_IP6_SADDR={0x14}, @L2TP_ATTR_IP6_DADDR={0x14, 0x20, @ipv4={'\x00', '\xff\xff', @remote}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x40000}, 0x0) sendmsg$auto_L2TP_CMD_SESSION_CREATE(r3, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="0500000005001500"/22], 0x1c}, 0x1, 0x0, 0x0, 0x40011}, 0x4008080) r6 = prctl$auto(0x3a, 0x1, 0x0, 0x2, 0x203) openat$auto_ftrace_system_enable_fops_trace_events(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/tracing/events/vmalloc/enable\x00', 0x143000, 0x0) bind$auto(r6, 0x0, 0x7fffffff) openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) r7 = socket(0x10, 0x2, 0x0) r8 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r8, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), r8) r9 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000440), r8) sendmsg$auto_ETHTOOL_MSG_LINKMODES_GET(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x30, r9, 0x1, 0x70bd2d, 0x25dfdbfb, {}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_LINKMODES_HEADER={0x4}, @ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x9}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x2004d081}, 0x4010) ioctl$auto_UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0xb16, 0x9, 0xffffffffffffff9f}) 5.013045724s ago: executing program 1 (id=660): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) setsockopt$auto(0x3, 0x1, 0x41, 0x0, 0x88) openat$auto_iommufd_fops_main(0xffffffffffffff9c, 0x0, 0x80001, 0x0) r0 = socket(0x2, 0x1, 0x0) io_uring_setup$auto(0x1, 0x0) sendmsg$auto_MACSEC_CMD_ADD_RXSC(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x3bc}, 0x1, 0x0, 0x0, 0x1}, 0x20008000) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x10000000001, 0x0, 0x1, 0x0) openat$auto_generic(0xffffffffffffff9c, &(0x7f0000000040)='/proc/kmsg\x00', 0x80900, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) setsockopt$auto(0x3, 0x1, 0x23, 0x0, 0x9) select$auto(0xe, 0x0, 0x0, &(0x7f0000000140)={[0x1ff, 0x4, 0xd3e, 0x1, 0x948b, 0x3, 0x295f4da0a, 0x2, 0x3, 0x62, 0x80000001, 0x50a7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x4, 0xd, 0x8000000000001, 0x948f, 0x1003, 0x15f4da07, 0x3, 0xfffffffffffffff6, 0x7, 0x9, 0x79d, 0x6, 0x0, 0x2, 0xb]}, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) io_uring_setup$auto(0x2, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/v4l-subdev5\x00', 0x0, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ttyS0\x00', 0x48140, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0x24, 0x0, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x4}, @NL80211_ATTR_SAE_PASSWORD={0x4}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x5}]}, 0x24}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) sendmsg$auto_NL80211_CMD_SET_TID_TO_LINK_MAPPING(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2000c004}, 0x10) lseek$auto(0x3, 0x7fffffffffffffff, 0x1) 4.695828305s ago: executing program 0 (id=661): io_submit$auto(0x9, 0x1, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x40000000eb1, 0xfffffffffffffffa, 0x8000) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000180)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) r0 = socket(0x6, 0x1, 0x1) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000240)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000280)='/dev/snd/midiC2D0\x00', 0x448202, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000f40)={'batadv0\x00'}) syz_genetlink_get_family_id$auto_batadv(0x0, r0) sendmsg$auto_BATADV_CMD_SET_MESH(r2, 0x0, 0x140000e4) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x101502, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000040)="1f91f2c3881f4610e18d5fc5e5bfd9800e9b71", 0x13) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) syz_clone(0x4040400, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1002, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) sendfile$auto(0xffffffffffffffff, r2, 0x0, 0xd551) mmap$auto(0x20, 0x800000005, 0x2, 0x40eb2, 0x401, 0x3000000001fd) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sda\x00', 0x14f602, 0x0) 4.219141273s ago: executing program 2 (id=662): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x4000080) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) ioctl$auto(0x3, 0x89e2, 0x91) write$auto(0xffffffffffffffff, 0x0, 0xb90) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0x200d) socket(0x18, 0x4, 0x3) write$auto(0xffffffffffffffff, 0x0, 0x10001) setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b) 3.76008055s ago: executing program 2 (id=663): r0 = socket(0x2a, 0x2, 0x1) r1 = socket(0x2, 0x80002, 0x73) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto(0x3, 0x800005411, 0x38) connect$auto(r0, &(0x7f00000000c0)=@qipcrtr={0x2a, 0xffffffff, 0xfffffffe}, 0x55) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r2 = socket$nl_generic(0x10, 0x3, 0x10) socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000b00)={'bond_slave_1\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000b80)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000b40)={&(0x7f0000006040)={0x11dc, 0x0, 0x400, 0x70bd25, 0x25dfdbff, {}, [@ETHTOOL_A_DEBUG_MSGMASK={0x4}, @ETHTOOL_A_DEBUG_MSGMASK={0x111e, 0x2, 0x0, 0x1, [@nested={0xff8, 0x114, 0x0, 0x1, [@nested={0x4, 0x60}, @typed={0x5, 0xbf, 0x0, 0x0, @str='\x00'}, @typed={0xfe7, 0x88, 0x0, 0x0, @binary="e11880d7535d0f85e3c1999c388cc781c17a5387b6382e8665af39b33947c09dca77f3b6dadd8d79ef4b986775d3f78657ea824394e4654f96bf3cb537569d79f9c2f791d2c67cfffbc6947fadc29dc1c5fda3c097991d36a4369b684bc7918c95eadbfaef98aa65345bfb345181bb5cc616903f0ae053eed3adfbf93509766fc0faff0d684f58b652bcda807ee1a2b6b3394c1e5d581f0ee55fc3ccde127f86d3cde2c928ac47119d8f63c4d047d800253d431d4d708c6177fe10d4135b192c18a0dc0a353d6b72f383c2a3a261093339957be1197c32e82e592df1333758e647085434c117b67e3882503262e1040ea500b3f9546f76629e041e6f15e580af302c217ef5113c00dea0e60f8431f26622f9c0c2941e184825027de4a8f57aa8df00607d58a9d845f74db8ea143717b5496bcbd785c1fd9a2b6e44bb6422c3d971b97d6a524266b32824b22bb902eed00305a6915dc0622fdc65f157381915881ca5d287763090902a5ec9c0cfbe9550af1bcc4a707112375b1cdb0def9e3c179bf865a203cf1c9a4d378ad9ec786c63df019d1284f9bbc5fe3e824516cba315246dfd3b93607c3b9aad611e42b9849682da92df777a9103d70cb2440c3ec143d2073b621dd22748514853559c517f136e2ecf4c4ceae46088a36e07ed71d91222d59f61b59e4d64682c6995a1a44bd1218e44553cec4c42d8be7348a940ac0547412babf3b617aac7d2dd5a3b979e9a7e99fa23827b1479a407123c270770c4fe1ba14d325b021f0d6613c645b9bae08d7a4bc89005d9c7dea5aa88739a6435ca9940280803b2e0b9529c62c47b2c0c954bb7317014a8895c913ace3d9ef8cfe983ddfaef6d4646f0760229e3ff9ad7036f2d89c0a4b6f53f631202078f5c60c8a3d1a627feeb0183f48350e1e62593011d3bf986691eb35989ecc22f8af26526d79370d900f8b78c92be3007b48d6912c72d94d4b19721713615ace6d4451a805dd4827722e0c55ed24003c5c79b875a6247464271c0fbf54c42885e12c0400d6d3c389ca5a0361c6223ece990278c4b6ef3fdb9d4ad33c32bf948a8202b1e9e04576d0283fdead13c83448f8140d1428a5f791b7f178fa8d8a6f0b655c4b73a5aa32f61eeee07fc67abb59e313aa9597afdbbca644331783b5747fd9e9f02e8e1af0ce0478411492fd80c6a77a90a367d9394977e6651e5d8c1b148452a5d38b7c9ac43ad14862943a0beff30041bc9a945721808b66b486e5aaa1f5ea879d864ec853299eaae43f74d273a1f45a5cb937b57682598176fc7afe773a4c0964d7f888d3cec1c47d70cb5a6c41e5af56bcd69f0313b30d51c7de9f6491d3ca90ee54fa3c56441c1803af6e56b7c25f5354ca745f4895a3be13ae02fa201df3680bf054a165f0b0e3280262f01ca769f42ab80c031586b9e749fa83ab78ca54cf948aa875e360f48e0254a3c012db7adf931e3cfe79387d4f68481908350c513d87eec7c4b43c769d8fc2d4241356832e509a7ef19454f76ab6a6e982677435d7ff9dbb25918c9ab5ee2d1f8ec496fc1902d37ebf82c8a5dd0bd78814c167cf04b6228864baf292e23c232fc49e7dfa8f633da4c275826b98e3c80c8c570f503366bf778cd1b27c4d15c34a063d93e35f4232d7d8b0c61c954ed80c1c29f550f3f0cbc835a1a0552690c2a7462a0b155e104b1f8a1e57579d912daf344bdee437849c7585d7781214b1fa7cdf6e3f440193c6e10487b5a8124923dfe75c7dced9807f3cf43e08bdd2f648bc116c795e054bbb98bb4351365981e4256b9f3309c77d51c59c02a10f83033cfafee45f6b81426dd7f38f557817ef6d230104747370bceb35bf1c859e5a7368846571ed81f7620c42fed0c3ebdb51b848b550176769f21414495ba7c6cd9ce5657294e038ecb72f79587074b8dd6572a791917670dc5e79a396ff6175b9a540207028de8be7aaadb4405633fd106cab3e8520d9e190399623b3b1660222039f11ef900194f7d3426c1dd104c9fff28a3323e03dc2716a32f0dc50f1eaaf82cfaeb386ba98b8dd2a15402c16ceb2b2bbd72b98cfdea0cabb0f4a6b66b9fbc7ad0da2349d8b7ecbebbe06114e3ca8fa5c9c72b9e5dcca405c1a1a9332a9e7972ba781eba6da781135e5bf4dcf8fba5df4cfe66d65ee25fdc48f577d07deb714ec5077513e89c6ae0c54d94f0ff2c761a2918cd2bee059d63caa2e47ab6d7bc75dc3dac353c7c84b213a8e54b043b2087662a47365558df7b6bdb8ff91b713ddc4a8556cba1b82220e1739d0159f10b81090ee4cf9bfdd776fa55cb974f2cb220932ca7d0c5613ea9b682ccf6cb0de01be58558c8a0c13d67272787cdcc17cd340df41eba3f8423ab897c818a8c0b8d8fd218963c5e994859e67fd9a6bbaa81d021907baec46c544d8f283a4f6cef6871ad4702b55bf5edb558ec032bef8fae5d28065a9835f41de7f8d84ccc6ffadb3c42964a184c0f22e43788fb88d8b426c4462da16ad352f0d1834dad0afd7e8bf9337c1873caadb43d97b975fa2f6107cf53ae9e172c40e610d4eadbed4a57fd4b4109c4635661e5313923c516124a4c1ee71ffcc16c07410b73131e3efcdb6afa7351058823d58477825789702833a0ab497cf2dd17a91498061f10a35eb3907f3204798768188d3e79a29dadf98924da31f853da87af23b4f5334a2318cd238451a473ee08d02ff204a84a26dc724468613da431e716e101971434c68a823252bf62f59431dfa565ef1f37fdf665dae3e7fb6799cb290c3fee6d8725339102ac493ba8e3bb8954ee87fe1e51ab06446b78b0d5ea74d6a0c9f95e5042fdf55a61467a14f8b2398d802233eeacef9033cd5b3c976468ca4348a514984828d7ddcaf685307d91e9f61fdf495dccb5f6ab86e56ce7c1fe577f5592997ae1e65a8dc4420d3b9c0239ec96057aa0468c07d1cd2564529c1b4320a0119b37a8e0a1f015e513bd598e110d03ad1d4648dd754d2472910c7330a5e9e2d27734816cce13ecaaaf5351bf77855c8e7ef08e8ecf015586a8186123d2f9538b0e939cda6fa34df2fe2442df2512ee56d9ad00fbd442ffc2fddab06b8c83439beaf34e61fcfaaa93a974f98ac6914cdd270e4f38c75e7dd8162e974d53ff87d88c2090ee01e7e3f2ccca0297a29f0695ba04d651e6b295d8f10c6d44fa330b7154f4e95e8c2129f0d17875abb13dc7f0812b1c5acb2a67556535537dd5e417fca4be7bb77c1f06e6f178f5fdb02429c87fba53f2a9a7ff5b7133f5eae53785471998c9bb1e6758cde72142b7ec0dd84295c56a7194b8b5cb9ca671901f20e46f52471041684414646f7d9fab3e2757290d23105d07663643867d91ac7ee290505b2743c7696f81a18a05d620e4e2809c487163e3739d679a48c77f91a5885a47696b3ae58b1a435f4b0b6fc3090433775124a5e7268d8b6deec0904a203186017418a9db66ceb651c886fd85ef03059b245b1c8201a8432786868ba29e5f986bedca6c03c8479182519d96b0da91792a7639191912db18dc45a752b1ba569539dfde1da4756b033a4cdf153e74ec37b3bb7ad05ca3f483669503608c8cb3d5dc2548b69e8d1de9ca4bfa6633233ad33633a1b4e1925f07014e8b441e09f0129750a4eee5f556f13b0354ee7f3ed4be83666a44d00089df09a3d1951957b5073792d8c260ccf5ff2fdf9558aa1d9f43185eff36a075369f50fbd4e56aee87cd6bc1554be73ad15cbb74030f7aa29ec2d9ad27dd3972ef54ed884c032ea03a751a172a58bd7038df74d5e4cab87e3c8ed5e7b0f842b65940a7b2e727b3e3aa15ceaff90547d73c729e2a484fa15724dea348bcf51e298b41485d3bb7a26fd2d57dcfa5c7ea95ee52f37ad8450327fbed165c7b593b051dce399bb3c169a92e1d88bd131389bd60cd1601878677c4a9ac6ee7dfd9f2e7752d0114fc4ba1c1b78722a60adccd564e882cda8e8d271ed990fdea75807efd0af600f8e247ba33aa136056c38fb6c87551d3cc5022e6be1086cd9c26f6d4988a2ee2477199e8b24945127750c9d0f2297ab182197c47561fa68963ae328d8a344a646533122e8e349ce7d6d9b6b2c07b1c90c9f0d1968e18504d261548f58f392cceee6aedf4b227e6db7277e3fba0cbbd3b0fcb03f03c797c0ae0819cec7625047c1b4675e9d862abe01cf7f16186cabdb025529365db3bd322f2bf560cad0d7ff91cbcf4cd84e87439ca8b845e8daa2ccc4d345b9c85f06f1eef33883a88fc889bbbf96aeb8b824256829761e556487d19450a77cb6ddda56ead63fa391749cdbcd792d1a7a94aaa208690bb40c19dc6f58811823ba5c753ac7dc38cde759a750fb266312c87b7457ec8567948c58f8d489e8f92224cadd5899a70dda291e052977a1f02dd3c544965abb9ca6c3f9bc57ac25caf0dd5eafc018d48ac6cc575900fb4e3a509fa2cfbccd1194dbfab74ff965ecc673668626bd0888bba4912c77d6a1c0d0fdb87a1afa0f214fb3d4b81743023dde92cc970ab4c46b748e38480d5600ca4e45ba544b00ee3a3e168e17555e41274f192891c7b09df52986697251ab8840abc82eca9a695773ea791de09c8f4fd2b36966c47c22261a7c5f74ee298b4185163fcd6fa0a864847f1f97268715e8085b2e82719572a077bd9173f96f02f016cbe5a7583ac5568b2aad17689e7f804263429cb87edf2dd7cafe5cb02e6243140b4f10d7b44235144ad22ccc78df0e7f869592774cda1fa21927f6694c828fb5ff93c506935929cadf99b025ff7531f0197c686e8c2304584abb1e16d9dd9770dfe71c55d0ca30b691503ba4da26b9e420bc4e28a29e64151984acaa174f778a6869ae17cc3c193184182be649b4abb3ef3ceeb0d6e4bc6e9e993c77964bca2bcc69c750e83239d0f883b0dff32577989ec3b7a4ccd14bd16306c9d2cd9ba1725a280c7250352e3960558e1b4b6e4a856a14b9a3cf6ccabbf3337cb0bd8b75eeb1fe9be5222359a45a366c30c1da7801c419f755305eb08e433671e77e48ca5f56f8b4ad3fa7322f8dc5fe2fd47168194d1999549a69e14bfbe57dff68303b4f8f4b81240c1b87e61da3d90f7ce34588cdc39e17d993356da7e351f556349ea51e4f5db6acb50385b07e9c8e3ad0e33722b661af6d8e3f597e710e5cf1bcfe5f1a94011310949c100c46c4fa76325ebf949a4381809896697478a9d305c55d1cf6e927b2808f23dbb9a5eda58ea13870bc8d247b6055d3271bad26311fb1669be1b3022347219049155292e8df4261951ca9b86720f106b4a7c4db09d0fe63a1f92e66876189e2e0bd6dce09cc238867e5b0be232f58cdd9ddf18205f1fd2f1b83129ed4adce8e1a6fc7fb8403bfb944817e95a699f69ede22928e7986c294c6478e7e32562e88eea4c14dc745bf6019688f8a7c6ddd9c6ba5f7485fdb5cb213e16be423cde1ddcbc519d61a8ea802eeb8f6000d463225f4459291f28abe786bb88b334ec03e17a47d3f19d90b3e3ce9c390b0f3295d2cb12724680b813ae7bf1cda0eac64c41959f695e9acdc720f5191a75c7fe24e6c571e68f6e36cc94659feb561f7c3b5ace14ba13522b20444d3b29960649c90213cf3a01f2a380e5738048193c7d48a20b2c0dbc325b651b170185a118e465b89eb0433697cb666b3418c28ff992161a79804d379b5208ad2845e47571915d5af0c656a07e54933bde0d193c87a6f489a41e209e7cbca9da11e4861c365b95a3"}]}, @typed={0x14, 0x86, 0x0, 0x0, @ipv6=@mcast1}, @nested={0x4, 0x151}, @generic="16226779d42d5e21dde42770eabb9099c6a6402e80751a8b193fcdc30ab4369f769ddc147eed60f04a2220b79c6f22d3907bf3b66a9f88c95ac1ec5076122f0b438e056cfec753aba4881a55306ee3ef5d8821254cfc0442953695c207b0547b627d5339856c45343358b4b25e0b0505a9528c53106e999151880b4e3bf6fcf60c16131992befe0c6e5f28b93ba8fc4691e360d989faa76a87767281cf521d4add4d700d8726a5008a8e9279308928628fbd584ad5eca5f691cf87093754eb924b9a519348157ac935cfaf99ca1da89528779237da463e148b92d22847ab2eb1426adbb2235171b6842da6", @generic="bade1a77670c3c86260abdf6ebedbaf21a93d52884c095", @typed={0x8, 0xfc, 0x0, 0x0, @fd}]}, @ETHTOOL_A_DEBUG_HEADER={0x4}, @ETHTOOL_A_DEBUG_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_DEBUG_MSGMASK={0x8, 0x2, 0x0, 0x1, [@nested={0x4, 0x96}]}, @ETHTOOL_A_DEBUG_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6erspan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team_slave_1\x00'}]}, @ETHTOOL_A_DEBUG_HEADER={0x1c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}, @ETHTOOL_A_DEBUG_HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x81}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}]}]}, 0x11dc}, 0x1, 0x0, 0x0, 0xd4}, 0x20000014) io_uring_setup$auto(0x1, 0x0) setsockopt$auto(0x3, 0x0, 0x2, 0x0, 0x3) r4 = openat$auto_fault_around_bytes_fops_(0xffffffffffffff9c, &(0x7f0000000100), 0x2282, 0x0) read$auto(r4, 0x0, 0x80) ioctl$auto_PPPIOCSMRU(0xffffffffffffffff, 0xc004743e, 0x0) ioctl$auto_PPPIOCSMAXCID(0xffffffffffffffff, 0x40047451, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) fcntl$auto(0x3, 0x4, 0xa553) close_range$auto(0x2, 0x8, 0x0) 3.671596916s ago: executing program 1 (id=664): prctl$auto_PR_SCHED_CORE_SHARE_FROM(0x8, 0x3, 0x0, 0x0, 0x2) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xd, 0x8fd6, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x3, 0x62, 0x80000001, 0x7, 0x1, 0x9, 0x1, 0xfffffffffffffffe]}, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) ioctl$auto_SNDCTL_DSP_GETTRIGGER(0xffffffffffffffff, 0x80045010, &(0x7f0000004440)) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) syz_clone3(&(0x7f0000000640)={0x108000, 0x0, 0x0, 0x0, {0x15}, 0x0, 0x0, 0x0, 0x0}, 0x58) r2 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fba86c9dd051a0094a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f", 0xa}) ioctl$auto_UI_DEV_CREATE(r2, 0x5501, 0x0) writev$auto(r2, &(0x7f0000000340)={&(0x7f00000002c0), 0xda7e}, 0x9) mmap$auto(0x0, 0x20005, 0xdf, 0x12, r0, 0x4) r3 = open_by_handle_at$auto(r1, &(0x7f00000002c0)={0x1b, 0x136a, "8f42b1077e737d4629d7867bca48102625b1c2c21fa15504a19b9a"}, 0x7d) setsockopt$auto(r3, 0x1, 0x1021, 0x0, 0xd) geteuid() sendmsg$auto_OVS_CT_LIMIT_CMD_GET(0xffffffffffffffff, 0x0, 0x200000c0) mmap$auto(0x100000000, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0xa, 0x0) io_submit$auto(0x9, 0x0, &(0x7f0000000400)=&(0x7f0000000280)={0x1000, 0x8, 0x8, 0x2, 0x9e, r3, 0x80000000, 0x6, 0xf7, 0x0, 0x3}) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) r4 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) r5 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000005c0)={0xfc, r4, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES={0x71, 0xbe, "2851deffd25c1ad8570b3ccab61efec8b5287da5740b3f69513508f66478fa0a946f3a3d7266145466ac77c9ad2c8c402858f8ff080284b3fc289fccf971e084e9b8aec596b715aec67311f3932a1379544aff4f5b730bb2779cc29c75729120f7b386758524dc5054da379991"}, @NL80211_ATTR_WIPHY_TX_POWER_LEVEL={0x8, 0x62, 0xfffffffc}, @NL80211_ATTR_SAE_PASSWORD={0x63, 0x115, "c3991eff9f839e066026e213626609000000b805414f5b112a44d6875b15c45625a1d8502d7cc067902bf55ce2c5c11d4225f128db3dec1907e02bcf361e22fa649e8610ccef1ef63d274d664ea74441c76891de999e8c4f69131d6669b8c0"}, @NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS={0x6, 0x143, 0x5}]}, 0xfc}, 0x1, 0x68, 0x0, 0x24000000}, 0xd0) 3.340327413s ago: executing program 2 (id=665): unshare$auto(0x40000080) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, 0x0, 0x40040, 0x0) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) openat$auto_kmsg_fops_printk(0xffffffffffffff9c, &(0x7f0000000000), 0x40001, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/security/tomoyo/manager\x00', 0x2, 0x0) pidfd_open$auto(0x1, 0x2) mmap$auto(0x0, 0x200006, 0x3, 0x40eb1, 0x602, 0x300000000000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000080)={{0x0, 0x698, 0x0, 0x8, 0x0, 0x20, 0x3}, 0x5b3}, 0x200, 0x101) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200"], 0x1ac}, 0x1, 0x0, 0x0, 0x8000}, 0x40) r1 = openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) write$auto_rfkill_fops_core(r1, 0x0, 0x700) openat$auto_qrtr_tun_ops_tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0) openat$auto_fuse_dev_operations_fuse_i(0xffffffffffffff9c, &(0x7f0000001b40)='/dev/cuse\x00', 0x1842, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x201, 0x0) mmap$auto(0x0, 0x0, 0xdf, 0x16, 0x401, 0x8000) r2 = openat$auto_vhost_vsock_fops_vsock(0xffffffffffffff9c, 0x0, 0x1, 0x0) poll$auto(&(0x7f0000000180)={r2, 0x1, 0x9816}, 0x7f, 0x0) ioctl$auto(0x3, 0x4008af03, 0x0) io_uring_setup$auto(0x166, 0x0) ioctl$auto_VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/platform/i8042/serio0/firmware_id\x00', 0x48000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x8, 0xd, 0x7d48, 0x948b, 0x4, 0x15f4da0c, 0x1, 0x3, 0x0, 0x80000001, 0x7, 0x4, 0x5, 0x2, 0x1]}, 0x0) 3.09384102s ago: executing program 3 (id=666): r0 = openat$auto_vsock_device_ops_af_vsock(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0) ioctl$auto_IOCTL_VM_SOCKETS_GET_LOCAL_CID(r0, 0x7b9, 0x700000000000000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD2(0xffffffffffffffff, 0xc1004111, 0x0) r1 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/lru_gen\x00', 0xc0040, 0x0) pread64$auto(r1, 0x0, 0x7ff, 0x400) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r3 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xf, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x7, 0xfffffffffffffffd, 0x2d, 0x400000000000948b, 0x3, 0x15f4da0a, 0x5, 0x3, 0x7, 0x3c, 0x100000000, 0x1, 0x9, 0x1, 0x8]}, 0x0) write$auto(r2, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) read$auto_regulator_summary_fops_(0xffffffffffffffff, &(0x7f0000000400)=""/17, 0x11) gettimeofday$auto(&(0x7f0000000280)={0xd7db, 0x7}, &(0x7f0000000380)={0x9ed, 0xc}) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) utimes$auto(&(0x7f0000000180)='./file0\x00', &(0x7f0000000240)={0xfffffffffffffff7, 0x4}) listen$auto(r4, 0x6) setresgid$auto(0xffffffffffffffff, 0x0, 0x7fffffffffffffff) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptyx3\x00', 0x42880, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/graphics/fbcon/rotate\x00', 0x10b842, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)={0x40, 0x0, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@HSR_A_IFINDEX={0x8}, @HSR_A_IF2_AGE={0x8, 0x4, 0xcb6c}, @HSR_A_IF2_AGE={0x8, 0x4, 0xa}, @HSR_A_NODE_ADDR_B={0xa}, @HSR_A_IF1_SEQ={0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800) r5 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv6/conf/veth0/accept_ra_pinfo\x00', 0x2000, 0x0) read$auto(r5, 0x0, 0x1ff) write$auto(0x3, 0x0, 0x7) 2.468352855s ago: executing program 0 (id=667): socket(0x2d, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x100, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop6\x00', 0x12d981, 0x0) socket(0x2b, 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/module/kvm/parameters/nx_huge_pages\x00', 0x0, 0x0) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/proc/thread-self/pagemap\x00', 0x201, 0x0) socket(0x10, 0x2, 0x14) r0 = socket(0x11, 0x3, 0x9) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x5, 0x0) memfd_create$auto(0x0, 0x2) socket(0xa, 0x2, 0x0) openat$auto_ima_measure_policy_ops_ima_fs(0xffffffffffffff9c, &(0x7f0000000000), 0x48001, 0x0) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x202002, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x10, 0x2, 0x2) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x8800) write$auto(r2, &(0x7f0000000000)='-\x00', 0xfdef) 2.016634533s ago: executing program 2 (id=668): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) sendmsg$auto_SMC_NETLINK_ENABLE_HS_LIMITATION(0xffffffffffffffff, 0x0, 0x20048804) sendmmsg$auto(0x3, 0x0, 0x3, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffff7, 0x8000) openat$auto_cachefiles_daemon_fops_internal(0xffffffffffffff9c, 0x0, 0x181002, 0x0) socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) futex$auto(0x0, 0x8c, 0x1, 0x0, 0x0, 0x1) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x1c1800, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) recvmmsg$auto(0x3, 0x0, 0x10000, 0x7000000, 0x0) mmap$auto(0x0, 0x40009, 0xe2, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0x18000) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x2) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/version\x00', 0x88880, 0x0) unshare$auto(0x40000080) write$auto(0xca, &(0x7f0000000000)='\x04\x01\x04\x00\x00\x00\xf1\xff\x00\xb6', 0x8) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x29fb8}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 1.601638734s ago: executing program 1 (id=669): setsockopt$auto(0xffffffffffffffff, 0x110, 0x4, 0x0, 0x2004) fstat$auto(0xffffffffffffffff, &(0x7f0000000000)={0x5, 0x80000001, 0x0, 0x100, 0xee01, 0x0, 0x0, 0xffffffffffffff91, 0x8000, 0x6, 0xec, 0x7, 0x8000000007f, 0x8, 0x3, 0xfffffffffffffff8, 0xfffffffffffffffd}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/eql/speed\x00', 0x4c000, 0x0) read$auto(0x3, 0x0, 0x80) openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder0\x00', 0x20040, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty41\x00', 0x80, 0x0) mmap$auto(0x0, 0x400004, 0x3ff, 0x9b72, 0x2, 0x8000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x6c}, 0x1, 0x0, 0x0, 0x40084}, 0x40) io_uring_setup$auto(0x9f6, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x6, 0x8000) bpf$auto(0x8000000000000024, 0xfffffffffffffffc, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) r4 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/ram9/diskseq\x00', 0x0, 0x0) read$auto(r4, 0x0, 0x20) writev$auto(r3, &(0x7f00000001c0)={0x0, 0x45}, 0x1) mkdir$auto(&(0x7f0000000080)='./cgroup.cpu/cpuset.cpus\x00', 0x2) 1.293741601s ago: executing program 0 (id=670): socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0xfffffffffffffffe, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0xffffffffffffffff, 0x8, 0x2) open(0x0, 0x6041, 0x0) r1 = gettid() process_vm_readv$auto(r1, &(0x7f0000000080)={&(0x7f0000000040)="0e5165", 0x1}, 0x2, &(0x7f00000001c0)={0x0, 0x7}, 0x2, 0x0) clone3$auto(&(0x7f0000000100)={0x6, 0x7, 0x0, 0x5, 0xd, 0x80000000, 0x3ff, 0x8, 0x2, 0x2, 0x1}, 0x3) ioctl$auto_BLKTRACESETUP32(r0, 0xc0401273, &(0x7f0000000240)={"f63073df8058c302b0d3672f446ffae0e2e72cce81bb817c6c1737b5f32b9d13", 0xaf, 0x2, 0xda, 0xffffffffffffffff, 0x7}) openat$auto_drm_crtc_crc_control_fops_drm_debugfs_crc(0xffffffffffffff9c, &(0x7f0000000080), 0x2e6100, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) r3 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x900, 0x0) ioctl$auto_CEC_ADAP_G_LOG_ADDRS(r3, 0x805c6103, &(0x7f00000001c0)={"8911bd3a", 0x1, 0x0, 0x6, 0x4, 0x6, "feaf587cdf4d2f534a1c88d3e40a00", "e6cf6512", "f34cae3a", "10a991b3", ["3ae887a128f1d8c79420d880", "b11feafce4d296d8c985d069", "0149f0a7102c3fffab592db0", "0059c09dca7de9bdbbc6be07"]}) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) 913.156957ms ago: executing program 3 (id=671): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x4000080) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) ioctl$auto(0x3, 0x89e2, 0x91) write$auto(0xffffffffffffffff, 0x0, 0xb90) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0x200d) socket(0x18, 0x4, 0x3) write$auto(0xffffffffffffffff, 0x0, 0x10001) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3) ioctl$auto_SNDRV_TIMER_IOCTL_STOP(0xffffffffffffffff, 0x54a1, 0x0) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000003740)='/dev/sequencer2\x00', 0x88241, 0x0) socket(0xa, 0x3, 0xff) setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b) close_range$auto(0x2, 0x8, 0x0) 463.281382ms ago: executing program 3 (id=672): r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_NL80211_CMD_SET_PMK(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r0, 0x8, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_STA_VLAN={0x8, 0x14, 0xfff}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8080}, 0x4000080) socket(0x2d, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x89e0, 0x91) ioctl$auto(0x3, 0x89e2, 0x91) write$auto(0xffffffffffffffff, 0x0, 0xb90) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xa001, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x81) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) write$auto_force_devcoredump_fops_hci_vhci(0xffffffffffffffff, 0x0, 0x0) statmount$auto(0x0, 0x0, 0x1fe, 0x200d) socket(0x18, 0x4, 0x3) setsockopt$auto(0x400000000000003, 0x29, 0x16, 0x0, 0x20056b) 379.182439ms ago: executing program 1 (id=673): mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) r0 = socket(0x29, 0x2, 0x0) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x2000000}, 0x4) openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen\x00', 0x20800, 0x0) r2 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video15\x00', 0x180, 0x0) read$auto_v4l2_fops_v4l2_dev(r2, &(0x7f0000000000)=""/192, 0xc0) select$auto(0x5, &(0x7f0000000080)={[0x400020000008, 0xfffffffffffffffc, 0x7, 0x6, 0xc, 0x3, 0x3, 0x1ffe000, 0xcad, 0x2, 0x9, 0xf, 0xa657, 0x202, 0xd3, 0x1]}, 0x0, 0x0, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/virtual/workqueue/nvme_tcp_wq/max_active\x00', 0x182b02, 0x0) sendfile$auto(r3, r3, 0x0, 0x3) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) write$auto(0x1, 0x0, 0x80000000) socketpair$auto(0x3, 0x5, 0x7, 0x0) write$auto(0xca, 0x0, 0x2d9) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) syz_clone(0x40100100, 0x0, 0x0, 0x0, 0x0, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x5400, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) read$auto_stat_fops_per_vm_kvm_main(0xffffffffffffffff, &(0x7f0000000340)=""/200, 0xc8) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB="1200", @ANYBLOB="5de1"], 0x1ac}}, 0x40000) recvmmsg$auto(r1, &(0x7f0000000140)={{0x0, 0xfffffffe, 0x0, 0x5, 0x0, 0x200002, 0x8}, 0x801}, 0xfffffff9, 0x10, 0x0) ioctl$auto(r0, 0x891e, 0x24) 0s ago: executing program 3 (id=674): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/tty12\x00', 0x101840, 0x0) r1 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) ioctl$auto(r0, 0x541c, r1) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) clock_nanosleep$auto(0x8000a, 0x0, 0x0, 0x0) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0x10001, 0x3, 0x62, 0x80000001, 0x7, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) syz_genetlink_get_family_id$auto_batadv(&(0x7f0000000680), 0xffffffffffffffff) select$auto(0x11, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da0a, 0x3, 0x1000, 0x62, 0x4000008000001f, 0x7, 0x6d3e, 0x5, 0x2, 0x2]}, 0x0) read$auto_check_wx_fops_(0xffffffffffffffff, &(0x7f0000000140)=""/154, 0x9a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) madvise$auto(0x0, 0xffffffffffff0004, 0x19) madvise$auto(0x0, 0xf663, 0x15) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) kernel console output (not intermixed with test programs): ill be removed in 2030 [ 108.012402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.022192][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 108.031039][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 109.731935][ T5870] Bluetooth: hci0: command tx timeout [ 109.801949][ T5870] Bluetooth: hci1: command tx timeout [ 109.892297][ T5870] Bluetooth: hci2: command tx timeout [ 109.981865][ T5870] Bluetooth: hci3: command tx timeout [ 110.192111][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.200518][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.212148][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 110.262496][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.271105][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.382073][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 110.390835][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 111.909020][ T5996] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 112.097206][ T5999] netlink: 28 bytes leftover after parsing attributes in process `syz.3.11'. [ 112.110824][ T5999] veth0_macvtap: left promiscuous mode [ 112.621552][ T6011] vivid-007: ================= START STATUS ================= [ 112.645339][ T6011] vivid-007: Generate PTS: true [ 112.650304][ T6011] vivid-007: Generate SCR: true [ 112.667061][ T6011] tpg source WxH: 320x240 (Y'CbCr) [ 112.681455][ T6011] tpg field: 1 [ 112.687886][ T6011] tpg crop: (0,0)/320x240 [ 112.697334][ T6011] tpg compose: (0,0)/320x240 [ 112.710991][ T6011] tpg colorspace: 8 [ 112.715092][ T6011] tpg transfer function: 0/0 [ 112.720412][ T6011] tpg Y'CbCr encoding: 0/0 [ 112.737228][ T6011] tpg quantization: 0/0 [ 112.744609][ T6011] tpg RGB range: 0/2 [ 112.780552][ T6011] vivid-007: ================== END STATUS ================== [ 116.120116][ T6039] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 117.039156][ T6055] process 'syz.2.22' launched './file0' with NULL argv: empty string added [ 117.944146][ T6058] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 117.963816][ T6061] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 118.048539][ T6064] __vm_enough_memory: pid: 6064, comm: syz.2.26, bytes: 4398046511104 not enough memory for the allocation [ 118.148996][ T6067] ima: policy update failed [ 118.159476][ T6067] netlink: 25 bytes leftover after parsing attributes in process `syz.1.27'. [ 118.162455][ T30] audit: type=1802 audit(1756323328.047:2): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.27" res=0 errno=0 [ 118.435902][ T6075] FAULT_INJECTION: forcing a failure. [ 118.435902][ T6075] name failslab, interval 1, probability 0, space 0, times 1 [ 118.583055][ T6075] CPU: 1 UID: 0 PID: 6075 Comm: syz.2.29 Not tainted syzkaller #0 PREEMPT(full) [ 118.583084][ T6075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 118.583102][ T6075] Call Trace: [ 118.583112][ T6075] [ 118.583120][ T6075] dump_stack_lvl+0x16c/0x1f0 [ 118.583155][ T6075] should_fail_ex+0x512/0x640 [ 118.583187][ T6075] ? fs_reclaim_acquire+0xae/0x150 [ 118.583223][ T6075] should_failslab+0xc2/0x120 [ 118.583252][ T6075] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 118.583279][ T6075] ? security_inode_alloc+0x3b/0x2b0 [ 118.583309][ T6075] security_inode_alloc+0x3b/0x2b0 [ 118.583335][ T6075] inode_init_always_gfp+0xce4/0x1030 [ 118.583365][ T6075] alloc_inode+0x86/0x240 [ 118.583397][ T6075] new_inode+0x22/0x1c0 [ 118.583431][ T6075] rpc_new_dir+0xa1/0x440 [ 118.583472][ T6075] rpc_populate.constprop.0+0x51/0x1d0 [ 118.583493][ T6075] ? d_instantiate+0x77/0x90 [ 118.583542][ T6075] ? __pfx_rpc_fill_super+0x10/0x10 [ 118.583565][ T6075] rpc_fill_super+0x2b9/0x4f0 [ 118.583588][ T6075] ? __pfx_rpc_fill_super+0x10/0x10 [ 118.583618][ T6075] get_tree_keyed+0x10e/0x1d0 [ 118.583647][ T6075] vfs_get_tree+0x8b/0x340 [ 118.583670][ T6075] vfs_cmd_create+0xd7/0x2a0 [ 118.583704][ T6075] __do_sys_fsconfig+0x7b8/0xbe0 [ 118.583740][ T6075] ? __pfx___do_sys_fsconfig+0x10/0x10 [ 118.583771][ T6075] ? __fget_files+0x20e/0x3c0 [ 118.583810][ T6075] do_syscall_64+0xcd/0x490 [ 118.583845][ T6075] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 118.583869][ T6075] RIP: 0033:0x7f37b258ebe9 [ 118.583894][ T6075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 118.583917][ T6075] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af [ 118.583938][ T6075] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 118.583954][ T6075] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000007 [ 118.583967][ T6075] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 118.583981][ T6075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 118.583995][ T6075] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 118.584025][ T6075] [ 118.584245][ T6075] net/sunrpc/rpc_pipe.c: rpc_populate failed to populate directory / [ 119.926911][ T6094] mmap: syz.2.32 (6094) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 121.186340][ T6112] FAULT_INJECTION: forcing a failure. [ 121.186340][ T6112] name failslab, interval 1, probability 0, space 0, times 0 [ 121.227419][ T6111] ecryptfs_parse_packet_length: Five-byte packet length not supported [ 121.238815][ T6111] ecryptfs_miscdev_write: Error parsing packet length; rc = [-22] [ 121.254020][ T6112] CPU: 0 UID: 0 PID: 6112 Comm: syz.0.36 Not tainted syzkaller #0 PREEMPT(full) [ 121.254060][ T6112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 121.254079][ T6112] Call Trace: [ 121.254091][ T6112] [ 121.254104][ T6112] dump_stack_lvl+0x16c/0x1f0 [ 121.254165][ T6112] should_fail_ex+0x512/0x640 [ 121.254219][ T6112] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 121.254270][ T6112] should_failslab+0xc2/0x120 [ 121.254314][ T6112] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 121.254360][ T6112] ? devinet_init_net+0xc3/0x910 [ 121.254419][ T6112] kmemdup_noprof+0x29/0x60 [ 121.254461][ T6112] devinet_init_net+0xc3/0x910 [ 121.254515][ T6112] ? __pfx_devinet_init_net+0x10/0x10 [ 121.254568][ T6112] ops_init+0x1e2/0x5f0 [ 121.254621][ T6112] setup_net+0x10f/0x380 [ 121.254676][ T6112] ? lockdep_init_map_type+0x5c/0x280 [ 121.254732][ T6112] ? __pfx_setup_net+0x10/0x10 [ 121.254776][ T6112] ? debug_mutex_init+0x37/0x70 [ 121.254810][ T6112] copy_net_ns+0x2a6/0x5f0 [ 121.254861][ T6112] create_new_namespaces+0x3ea/0xa90 [ 121.254903][ T6112] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 121.254940][ T6112] ksys_unshare+0x45b/0xa40 [ 121.254980][ T6112] ? __pfx_ksys_unshare+0x10/0x10 [ 121.255022][ T6112] ? xfd_validate_state+0x61/0x180 [ 121.255086][ T6112] __x64_sys_unshare+0x31/0x40 [ 121.255126][ T6112] do_syscall_64+0xcd/0x490 [ 121.255175][ T6112] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 121.255205][ T6112] RIP: 0033:0x7f7e7b38ebe9 [ 121.255228][ T6112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 121.255255][ T6112] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 121.255282][ T6112] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 121.255301][ T6112] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 121.255318][ T6112] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 121.255336][ T6112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 121.255352][ T6112] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 121.255390][ T6112] [ 121.879202][ T6108] zswap: compressor not available [ 122.640703][ T6130] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input5 [ 122.819136][ T6135] Process accounting resumed [ 122.847006][ T6137] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 123.215292][ T6147] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 124.297962][ T6157] warning: `syz.3.46' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 124.316739][ T6157] program syz.3.46 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 125.376516][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.383052][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.399360][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.405889][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.415272][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.421631][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 125.431307][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.446147][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 126.481094][ T6182] random: crng reseeded on system resumption [ 126.740146][ T6187] netlink: 20 bytes leftover after parsing attributes in process `syz.0.52'. [ 126.904118][ T6187] mac80211_hwsim hwsim8 wlan1: entered allmulticast mode [ 127.007675][ T6193] lo: entered allmulticast mode [ 127.251426][ T6182] netlink: 338 bytes leftover after parsing attributes in process `syz.1.51'. [ 127.391037][ T6194] lo: left allmulticast mode [ 127.528783][ T5955] smpboot: CPU 0 is now offline [ 128.941295][ T6218] FAULT_INJECTION: forcing a failure. [ 128.941295][ T6218] name failslab, interval 1, probability 0, space 0, times 0 [ 129.023380][ T6218] CPU: 1 UID: 0 PID: 6218 Comm: syz.0.57 Not tainted syzkaller #0 PREEMPT(full) [ 129.023409][ T6218] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 129.023422][ T6218] Call Trace: [ 129.023429][ T6218] [ 129.023436][ T6218] dump_stack_lvl+0x16c/0x1f0 [ 129.023474][ T6218] should_fail_ex+0x512/0x640 [ 129.023505][ T6218] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 129.023548][ T6218] should_failslab+0xc2/0x120 [ 129.023580][ T6218] __kmalloc_cache_noprof+0x6a/0x3e0 [ 129.023613][ T6218] ? ovs_flow_tbl_init+0x8b/0x600 [ 129.023644][ T6218] ovs_flow_tbl_init+0x8b/0x600 [ 129.023674][ T6218] ovs_dp_cmd_new+0x251/0xe60 [ 129.023710][ T6218] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 129.023745][ T6218] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 129.023786][ T6218] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 129.023832][ T6218] genl_family_rcv_msg_doit+0x206/0x2f0 [ 129.023873][ T6218] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 129.023922][ T6218] ? bpf_lsm_capable+0x9/0x10 [ 129.023944][ T6218] ? security_capable+0x7e/0x260 [ 129.023968][ T6218] ? ns_capable+0xd7/0x110 [ 129.023996][ T6218] genl_rcv_msg+0x55c/0x800 [ 129.024037][ T6218] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.024075][ T6218] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 129.024114][ T6218] netlink_rcv_skb+0x155/0x420 [ 129.024147][ T6218] ? __pfx_genl_rcv_msg+0x10/0x10 [ 129.024186][ T6218] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 129.024232][ T6218] ? netlink_deliver_tap+0x1ae/0xd30 [ 129.024267][ T6218] genl_rcv+0x28/0x40 [ 129.024301][ T6218] netlink_unicast+0x5aa/0x870 [ 129.024339][ T6218] ? __pfx_netlink_unicast+0x10/0x10 [ 129.024372][ T6218] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 129.024404][ T6218] ? __lock_acquire+0xb97/0x1ce0 [ 129.024447][ T6218] netlink_sendmsg+0x8d1/0xdd0 [ 129.024485][ T6218] ? __pfx_netlink_sendmsg+0x10/0x10 [ 129.024522][ T6218] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 129.024552][ T6218] ____sys_sendmsg+0xa95/0xc70 [ 129.024576][ T6218] ? copy_msghdr_from_user+0x10a/0x160 [ 129.024614][ T6218] ? __pfx_____sys_sendmsg+0x10/0x10 [ 129.024650][ T6218] ___sys_sendmsg+0x134/0x1d0 [ 129.024680][ T6218] ? futex_private_hash_put+0x176/0x300 [ 129.024722][ T6218] ? __pfx____sys_sendmsg+0x10/0x10 [ 129.024753][ T6218] ? futex_private_hash_put+0x18a/0x300 [ 129.024820][ T6218] ? do_futex+0x122/0x350 [ 129.024852][ T6218] __sys_sendmsg+0x16d/0x220 [ 129.024882][ T6218] ? __pfx___sys_sendmsg+0x10/0x10 [ 129.024910][ T6218] ? __x64_sys_futex+0x1e0/0x4c0 [ 129.024953][ T6218] do_syscall_64+0xcd/0x490 [ 129.024985][ T6218] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 129.025007][ T6218] RIP: 0033:0x7f7e7b38ebe9 [ 129.025023][ T6218] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 129.025043][ T6218] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 129.025063][ T6218] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 129.025077][ T6218] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000004 [ 129.025090][ T6218] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 129.025103][ T6218] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 129.025115][ T6218] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 129.025142][ T6218] [ 129.353671][ C1] vkms_vblank_simulate: vblank timer overrun [ 132.472454][ T6267] netlink: 'syz.2.67': attribute type 28 has an invalid length. [ 132.504858][ T6267] netlink: 334 bytes leftover after parsing attributes in process `syz.2.67'. [ 133.420115][ T6283] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 133.447866][ T6275] FAULT_INJECTION: forcing a failure. [ 133.447866][ T6275] name failslab, interval 1, probability 0, space 0, times 0 [ 133.576815][ T6275] CPU: 1 UID: 0 PID: 6275 Comm: syz.2.68 Not tainted syzkaller #0 PREEMPT(full) [ 133.576847][ T6275] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 133.576866][ T6275] Call Trace: [ 133.576874][ T6275] [ 133.576883][ T6275] dump_stack_lvl+0x16c/0x1f0 [ 133.576919][ T6275] should_fail_ex+0x512/0x640 [ 133.576956][ T6275] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 133.576989][ T6275] should_failslab+0xc2/0x120 [ 133.577021][ T6275] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 133.577049][ T6275] ? alloc_vfsmnt+0x23/0x6b0 [ 133.577087][ T6275] alloc_vfsmnt+0x23/0x6b0 [ 133.577121][ T6275] clone_mnt+0x6d/0xbf0 [ 133.577140][ T6275] ? copy_mnt_ns+0x1a9/0xac0 [ 133.577174][ T6275] copy_tree+0x31d/0xbd0 [ 133.577211][ T6275] copy_mnt_ns+0x1a9/0xac0 [ 133.577239][ T6275] ? trace_kmem_cache_alloc+0x28/0xc0 [ 133.577277][ T6275] ? create_new_namespaces+0x30/0xa90 [ 133.577316][ T6275] create_new_namespaces+0xd3/0xa90 [ 133.577342][ T6275] ? bpf_lsm_capable+0x9/0x10 [ 133.577364][ T6275] ? security_capable+0x7e/0x260 [ 133.577392][ T6275] copy_namespaces+0x468/0x560 [ 133.577420][ T6275] copy_process+0x2822/0x7690 [ 133.577463][ T6275] ? __pfx_copy_process+0x10/0x10 [ 133.577493][ T6275] ? futex_private_hash_put+0x176/0x300 [ 133.577526][ T6275] ? futex_private_hash_put+0x18a/0x300 [ 133.577561][ T6275] kernel_clone+0xfc/0x930 [ 133.577593][ T6275] ? __pfx_kernel_clone+0x10/0x10 [ 133.577641][ T6275] __do_sys_clone+0xce/0x120 [ 133.577671][ T6275] ? __pfx___do_sys_clone+0x10/0x10 [ 133.577715][ T6275] ? xfd_validate_state+0x61/0x180 [ 133.577749][ T6275] ? __pfx_do_writev+0x10/0x10 [ 133.577783][ T6275] do_syscall_64+0xcd/0x490 [ 133.577819][ T6275] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 133.577842][ T6275] RIP: 0033:0x7f37b258ebe9 [ 133.577860][ T6275] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 133.577883][ T6275] RSP: 002b:00007f37b3367fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 133.577904][ T6275] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 133.577920][ T6275] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 133.577934][ T6275] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 133.577948][ T6275] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 133.577961][ T6275] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 133.577991][ T6275] [ 134.653060][ T6301] netlink: 28 bytes leftover after parsing attributes in process `syz.1.72'. [ 134.697965][ T6301] geneve1: entered promiscuous mode [ 134.732445][ T6301] geneve1: entered allmulticast mode [ 134.799458][ T6304] netlink: 28 bytes leftover after parsing attributes in process `syz.1.72'. [ 136.336319][ T6324] netlink: 186 bytes leftover after parsing attributes in process `syz.1.77'. [ 136.935568][ T6323] netlink: 342 bytes leftover after parsing attributes in process `syz.2.78'. [ 137.438236][ T6337] FAULT_INJECTION: forcing a failure. [ 137.438236][ T6337] name failslab, interval 1, probability 0, space 0, times 0 [ 137.597949][ T6337] CPU: 1 UID: 0 PID: 6337 Comm: syz.0.80 Not tainted syzkaller #0 PREEMPT(full) [ 137.597991][ T6337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 137.598004][ T6337] Call Trace: [ 137.598010][ T6337] [ 137.598018][ T6337] dump_stack_lvl+0x16c/0x1f0 [ 137.598056][ T6337] should_fail_ex+0x512/0x640 [ 137.598086][ T6337] ? __kvmalloc_node_noprof+0x124/0x620 [ 137.598113][ T6337] should_failslab+0xc2/0x120 [ 137.598142][ T6337] __kvmalloc_node_noprof+0x137/0x620 [ 137.598186][ T6337] ? io_uring_setup+0x377/0x2080 [ 137.598221][ T6337] ? io_uring_setup+0x377/0x2080 [ 137.598248][ T6337] io_uring_setup+0x377/0x2080 [ 137.598280][ T6337] ? __pfx_io_uring_setup+0x10/0x10 [ 137.598308][ T6337] ? do_futex+0x122/0x350 [ 137.598338][ T6337] ? __pfx_do_futex+0x10/0x10 [ 137.598368][ T6337] ? do_prlimit+0x351/0x6d0 [ 137.598401][ T6337] ? xfd_validate_state+0x61/0x180 [ 137.598442][ T6337] __x64_sys_io_uring_setup+0xc2/0x170 [ 137.598473][ T6337] do_syscall_64+0xcd/0x490 [ 137.598506][ T6337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.598529][ T6337] RIP: 0033:0x7f7e7b38ebe9 [ 137.598546][ T6337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.598567][ T6337] RSP: 002b:00007f7e7c123038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 137.598588][ T6337] RAX: ffffffffffffffda RBX: 00007f7e7b5b6180 RCX: 00007f7e7b38ebe9 [ 137.598602][ T6337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008 [ 137.598616][ T6337] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 137.598629][ T6337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 137.598642][ T6337] R13: 00007f7e7b5b6218 R14: 00007f7e7b5b6180 R15: 00007ffdada38168 [ 137.598670][ T6337] [ 138.382616][ T6352] ubi0: attaching mtd0 [ 138.397474][ T6352] ubi0 error: ubi_attach_mtd_dev: bad VID header (63) or data offsets (127) [ 139.948523][ T6369] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input6 [ 140.387256][ T6371] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input7 [ 143.262465][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 143.270443][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 143.565559][ T5870] Bluetooth: hci3: unexpected event 0x30 length: 47 > 3 [ 144.380438][ T6439] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.100: iget: checksum invalid [ 144.498501][ T6447] ubi0: attaching mtd0 [ 144.502604][ T6447] ubi0 error: ubi_attach_mtd_dev: bad VID header (536870975) or data offsets (536871039) [ 144.514432][ T6439] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 144.761011][ T6439] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.100: iget: checksum invalid [ 144.947537][ T6439] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 145.152531][ T6439] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.100: iget: checksum invalid [ 145.271249][ T6439] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 145.324765][ T6439] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.100: iget: checksum invalid [ 145.380843][ T6441] raw_sendmsg: syz.2.101 forgot to set AF_INET. Fix it! [ 145.398487][ T6439] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 145.429532][ T6439] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 145.488573][ T6439] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 145.954166][ T6465] netlink: 29 bytes leftover after parsing attributes in process `syz.1.107'. [ 145.967783][ T6462] FAULT_INJECTION: forcing a failure. [ 145.967783][ T6462] name failslab, interval 1, probability 0, space 0, times 0 [ 146.030340][ T6462] CPU: 1 UID: 0 PID: 6462 Comm: syz.3.106 Not tainted syzkaller #0 PREEMPT(full) [ 146.030387][ T6462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 146.030401][ T6462] Call Trace: [ 146.030408][ T6462] [ 146.030417][ T6462] dump_stack_lvl+0x16c/0x1f0 [ 146.030452][ T6462] should_fail_ex+0x512/0x640 [ 146.030486][ T6462] ? fs_reclaim_acquire+0xae/0x150 [ 146.030523][ T6462] ? security_inode_init_security+0x13f/0x390 [ 146.030562][ T6462] should_failslab+0xc2/0x120 [ 146.030593][ T6462] __kmalloc_noprof+0xd2/0x510 [ 146.030627][ T6462] security_inode_init_security+0x13f/0x390 [ 146.030667][ T6462] ? __pfx_shmem_initxattrs+0x10/0x10 [ 146.030702][ T6462] ? __pfx_security_inode_init_security+0x10/0x10 [ 146.030747][ T6462] ? shmem_get_inode+0x73a/0xfb0 [ 146.030789][ T6462] shmem_symlink+0x135/0x9f0 [ 146.030820][ T6462] ? __pfx_shmem_symlink+0x10/0x10 [ 146.030847][ T6462] ? bpf_lsm_inode_permission+0x9/0x10 [ 146.030877][ T6462] ? security_inode_permission+0xbf/0x260 [ 146.030907][ T6462] ? inode_permission+0x156/0x630 [ 146.030946][ T6462] vfs_symlink+0x403/0x680 [ 146.030970][ T6462] do_symlinkat+0x261/0x310 [ 146.031001][ T6462] ? __pfx_do_symlinkat+0x10/0x10 [ 146.031031][ T6462] ? getname_flags.part.0+0x1c5/0x550 [ 146.031072][ T6462] __x64_sys_symlink+0x75/0x90 [ 146.031103][ T6462] do_syscall_64+0xcd/0x490 [ 146.031137][ T6462] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.031160][ T6462] RIP: 0033:0x7f46af98ebe9 [ 146.031177][ T6462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.031199][ T6462] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058 [ 146.031220][ T6462] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 146.031235][ T6462] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180 [ 146.031248][ T6462] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 146.031262][ T6462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 146.031275][ T6462] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 146.031303][ T6462] [ 147.327133][ T6478] random: crng reseeded on system resumption [ 148.638216][ T6498] FAULT_INJECTION: forcing a failure. [ 148.638216][ T6498] name failslab, interval 1, probability 0, space 0, times 0 [ 148.708975][ T6498] CPU: 1 UID: 0 PID: 6498 Comm: syz.0.115 Not tainted syzkaller #0 PREEMPT(full) [ 148.709004][ T6498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 148.709015][ T6498] Call Trace: [ 148.709022][ T6498] [ 148.709030][ T6498] dump_stack_lvl+0x16c/0x1f0 [ 148.709061][ T6498] should_fail_ex+0x512/0x640 [ 148.709090][ T6498] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 148.709117][ T6498] should_failslab+0xc2/0x120 [ 148.709145][ T6498] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 148.709167][ T6498] ? __asan_memcpy+0x3c/0x60 [ 148.709187][ T6498] ? __kernfs_new_node+0xd2/0x8e0 [ 148.709217][ T6498] __kernfs_new_node+0xd2/0x8e0 [ 148.709246][ T6498] ? __pfx___kernfs_new_node+0x10/0x10 [ 148.709284][ T6498] ? find_held_lock+0x2b/0x80 [ 148.709305][ T6498] ? kernfs_root+0xee/0x2a0 [ 148.709336][ T6498] kernfs_new_node+0x13c/0x1e0 [ 148.709370][ T6498] __kernfs_create_file+0x53/0x350 [ 148.709393][ T6498] cgroup_addrm_files+0x546/0xc20 [ 148.709435][ T6498] ? __pfx_cgroup_addrm_files+0x10/0x10 [ 148.709475][ T6498] ? idr_replace+0xfa/0x170 [ 148.709499][ T6498] ? __pfx_idr_replace+0x10/0x10 [ 148.709526][ T6498] css_populate_dir+0x169/0x580 [ 148.709552][ T6498] cgroup_apply_control_enable+0x3f3/0xbb0 [ 148.709591][ T6498] cgroup_mkdir+0x5e7/0x11f0 [ 148.709626][ T6498] ? __pfx_cgroup_mkdir+0x10/0x10 [ 148.709659][ T6498] kernfs_iop_mkdir+0x10e/0x190 [ 148.709687][ T6498] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 148.709715][ T6498] vfs_mkdir+0x590/0x8c0 [ 148.709736][ T6498] do_mkdirat+0x304/0x3e0 [ 148.709763][ T6498] ? __pfx_do_mkdirat+0x10/0x10 [ 148.709790][ T6498] ? getname_flags.part.0+0x1c5/0x550 [ 148.709824][ T6498] __x64_sys_mkdir+0xef/0x140 [ 148.709849][ T6498] do_syscall_64+0xcd/0x490 [ 148.709878][ T6498] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.709898][ T6498] RIP: 0033:0x7f7e7b38ebe9 [ 148.709913][ T6498] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 148.709932][ T6498] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 148.709950][ T6498] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 148.709964][ T6498] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 148.709976][ T6498] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 148.709988][ T6498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 148.710000][ T6498] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 148.710025][ T6498] [ 148.710048][ T6498] cgroup: cgroup_addrm_files: failed to add usage_percpu_sys, err=-12 [ 149.645816][ T6512] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 149.722243][ T6510] FAULT_INJECTION: forcing a failure. [ 149.722243][ T6510] name failslab, interval 1, probability 0, space 0, times 0 [ 149.770775][ T6510] CPU: 1 UID: 2054 PID: 6510 Comm: syz.2.117 Not tainted syzkaller #0 PREEMPT(full) [ 149.770805][ T6510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 149.770818][ T6510] Call Trace: [ 149.770826][ T6510] [ 149.770834][ T6510] dump_stack_lvl+0x16c/0x1f0 [ 149.770870][ T6510] should_fail_ex+0x512/0x640 [ 149.770903][ T6510] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 149.770930][ T6510] should_failslab+0xc2/0x120 [ 149.770967][ T6510] __kmalloc_cache_noprof+0x6a/0x3e0 [ 149.770989][ T6510] ? key_user_lookup+0x169/0x560 [ 149.771020][ T6510] ? key_user_lookup+0x195/0x560 [ 149.771054][ T6510] key_user_lookup+0x195/0x560 [ 149.771089][ T6510] ? __pfx_key_user_lookup+0x10/0x10 [ 149.771120][ T6510] ? security_key_permission+0x79/0x240 [ 149.771154][ T6510] key_alloc+0x18b/0x1330 [ 149.771195][ T6510] ? __pfx_keyring_search+0x10/0x10 [ 149.771232][ T6510] ? __pfx_key_alloc+0x10/0x10 [ 149.771262][ T6510] ? __pfx_key_default_cmp+0x10/0x10 [ 149.771319][ T6510] ? __pfx_keyring_search_iterator+0x10/0x10 [ 149.771353][ T6510] keyring_alloc+0x44/0xc0 [ 149.771385][ T6510] look_up_user_keyrings+0x46d/0x760 [ 149.771414][ T6510] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 149.771447][ T6510] lookup_user_key+0x1a3/0x1300 [ 149.771475][ T6510] ? __pfx_lookup_user_key+0x10/0x10 [ 149.771497][ T6510] ? do_futex+0x122/0x350 [ 149.771529][ T6510] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 149.771559][ T6510] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 149.771589][ T6510] ? arch_syscall_is_vdso_sigreturn+0xb6/0x230 [ 149.771621][ T6510] keyctl_keyring_clear+0x24/0x1a0 [ 149.771642][ T6510] __do_sys_keyctl+0x355/0x590 [ 149.771666][ T6510] do_syscall_64+0xcd/0x490 [ 149.771696][ T6510] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.771716][ T6510] RIP: 0033:0x7f37b258ebe9 [ 149.771731][ T6510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 149.771750][ T6510] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 149.771769][ T6510] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 149.771781][ T6510] RDX: 0000000000000002 RSI: 00000000fffffffb RDI: 0000000000000007 [ 149.771793][ T6510] RBP: 00007f37b2611e19 R08: 0000000000000008 R09: 0000000000000000 [ 149.771805][ T6510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.771816][ T6510] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 149.771841][ T6510] [ 150.021282][ C1] vkms_vblank_simulate: vblank timer overrun [ 150.559016][ T6517] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 153.557757][ T6541] ubi0: attaching mtd0 [ 153.593676][ T6541] ubi0: scanning is finished [ 153.627807][ T6541] ubi0: empty MTD device detected [ 153.912028][ T6541] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 153.981367][ T6541] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 154.022899][ T6541] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 154.084982][ T6541] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 154.141517][ T6541] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 154.191183][ T6541] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 154.241825][ T6541] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4278467664 [ 154.320144][ T6541] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 154.465418][ T6544] ubi0: detaching mtd0 [ 154.471740][ T6549] ubi0: background thread "ubi_bgt0d" started, PID 6549 [ 154.528649][ T6544] ubi0: mtd0 is detached [ 154.922274][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.0.127'. [ 156.787775][ T6577] FAULT_INJECTION: forcing a failure. [ 156.787775][ T6577] name failslab, interval 1, probability 0, space 0, times 0 [ 156.865830][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.2.132 Not tainted syzkaller #0 PREEMPT(full) [ 156.865858][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 156.865870][ T6577] Call Trace: [ 156.865878][ T6577] [ 156.865886][ T6577] dump_stack_lvl+0x16c/0x1f0 [ 156.865917][ T6577] should_fail_ex+0x512/0x640 [ 156.865946][ T6577] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 156.865974][ T6577] should_failslab+0xc2/0x120 [ 156.866002][ T6577] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 156.866027][ T6577] ? acpi_ut_create_thread_state+0x63/0x170 [ 156.866055][ T6577] acpi_ut_create_thread_state+0x63/0x170 [ 156.866079][ T6577] acpi_ps_parse_aml+0x79/0xcb0 [ 156.866109][ T6577] acpi_ps_execute_method+0x55a/0xb30 [ 156.866140][ T6577] ? acpi_ut_acquire_mutex+0x125/0x1d0 [ 156.866193][ T6577] acpi_ns_evaluate+0x76c/0xca0 [ 156.866226][ T6577] ? kasan_save_track+0x14/0x30 [ 156.866253][ T6577] acpi_evaluate_object+0x1fa/0xa90 [ 156.866280][ T6577] ? do_syscall_64+0xcd/0x490 [ 156.866308][ T6577] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.866331][ T6577] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 156.866356][ T6577] ? __mutex_trylock_common+0xe9/0x250 [ 156.866391][ T6577] acpi_evaluate_integer+0xdd/0x200 [ 156.866413][ T6577] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 156.866446][ T6577] ? __pfx_status_show+0x10/0x10 [ 156.866471][ T6577] status_show+0xa0/0x120 [ 156.866497][ T6577] ? __pfx_status_show+0x10/0x10 [ 156.866530][ T6577] dev_attr_show+0x53/0xe0 [ 156.866565][ T6577] ? __pfx_dev_attr_show+0x10/0x10 [ 156.866597][ T6577] sysfs_kf_seq_show+0x216/0x3e0 [ 156.866626][ T6577] seq_read_iter+0x509/0x12c0 [ 156.866649][ T6577] ? __mutex_trylock_common+0xe9/0x250 [ 156.866686][ T6577] kernfs_fop_read_iter+0x40f/0x5a0 [ 156.866711][ T6577] ? rw_verify_area+0xcf/0x6c0 [ 156.866744][ T6577] vfs_read+0x8bc/0xcf0 [ 156.866772][ T6577] ? __pfx___mutex_lock+0x10/0x10 [ 156.866802][ T6577] ? __pfx_vfs_read+0x10/0x10 [ 156.866844][ T6577] ksys_read+0x12a/0x250 [ 156.866868][ T6577] ? __pfx_ksys_read+0x10/0x10 [ 156.866903][ T6577] do_syscall_64+0xcd/0x490 [ 156.866934][ T6577] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.866955][ T6577] RIP: 0033:0x7f37b258ebe9 [ 156.866972][ T6577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.866992][ T6577] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 156.867012][ T6577] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 156.867025][ T6577] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 156.867038][ T6577] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 156.867057][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.867070][ T6577] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 156.867097][ T6577] [ 157.149290][ C1] vkms_vblank_simulate: vblank timer overrun [ 157.200071][ T6567] kexec: Could not allocate control_code_buffer [ 158.456257][ T6578] netlink: zone id is out of range [ 158.510163][ T6578] netlink: zone id is out of range [ 158.538121][ T6578] netlink: zone id is out of range [ 158.581334][ T6578] netlink: zone id is out of range [ 158.586486][ T6578] netlink: zone id is out of range [ 158.676504][ T6578] netlink: zone id is out of range [ 158.716833][ T6578] netlink: zone id is out of range [ 158.721967][ T6578] netlink: zone id is out of range [ 158.802004][ T6578] netlink: zone id is out of range [ 158.832137][ T6578] netlink: zone id is out of range [ 158.896807][ T6577] ACPI Error: ffff888029359000 walk still has a scope list (20250404/dswstate-694) [ 159.401300][ T6600] FAULT_INJECTION: forcing a failure. [ 159.401300][ T6600] name failslab, interval 1, probability 0, space 0, times 0 [ 159.531589][ T6600] CPU: 1 UID: 0 PID: 6600 Comm: syz.3.137 Not tainted syzkaller #0 PREEMPT(full) [ 159.531618][ T6600] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 159.531631][ T6600] Call Trace: [ 159.531638][ T6600] [ 159.531645][ T6600] dump_stack_lvl+0x16c/0x1f0 [ 159.531678][ T6600] should_fail_ex+0x512/0x640 [ 159.531709][ T6600] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 159.531739][ T6600] should_failslab+0xc2/0x120 [ 159.531767][ T6600] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 159.531795][ T6600] ? __d_alloc+0x32/0xae0 [ 159.531826][ T6600] __d_alloc+0x32/0xae0 [ 159.531851][ T6600] ? do_raw_spin_lock+0x12c/0x2b0 [ 159.531887][ T6600] d_alloc+0x4a/0x1e0 [ 159.531915][ T6600] d_alloc_name+0x83/0xb0 [ 159.531942][ T6600] ? __pfx_d_alloc_name+0x10/0x10 [ 159.531968][ T6600] ? __d_add+0x403/0xa50 [ 159.532002][ T6600] simple_fill_super+0x2eb/0x720 [ 159.532030][ T6600] ? __pfx_nfsd_fill_super+0x10/0x10 [ 159.532056][ T6600] nfsd_fill_super+0x90/0x530 [ 159.532079][ T6600] ? __pfx_set_anon_super_fc+0x10/0x10 [ 159.532102][ T6600] ? __pfx_nfsd_fill_super+0x10/0x10 [ 159.532126][ T6600] get_tree_keyed+0x10e/0x1d0 [ 159.532162][ T6600] vfs_get_tree+0x8b/0x340 [ 159.532198][ T6600] path_mount+0x1513/0x2000 [ 159.532229][ T6600] ? __pfx_path_mount+0x10/0x10 [ 159.532258][ T6600] ? kmem_cache_free+0x2d1/0x4d0 [ 159.532281][ T6600] ? putname+0x154/0x1a0 [ 159.532314][ T6600] ? putname+0x154/0x1a0 [ 159.532346][ T6600] ? __x64_sys_mount+0x28d/0x310 [ 159.532371][ T6600] __x64_sys_mount+0x28d/0x310 [ 159.532399][ T6600] ? __pfx___x64_sys_mount+0x10/0x10 [ 159.532435][ T6600] do_syscall_64+0xcd/0x490 [ 159.532466][ T6600] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.532488][ T6600] RIP: 0033:0x7f46af98ebe9 [ 159.532504][ T6600] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 159.532524][ T6600] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 159.532552][ T6600] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 159.532566][ T6600] RDX: 0000200000000140 RSI: 0000200000000100 RDI: 0000000000000000 [ 159.532580][ T6600] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 159.532592][ T6600] R10: 0000000000010001 R11: 0000000000000246 R12: 0000000000000000 [ 159.532605][ T6600] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 159.532632][ T6600] [ 159.926186][ T6610] capability: warning: `syz.3.137' uses 32-bit capabilities (legacy support in use) [ 160.388291][ T6618] Console: switching to colour VGA+ 80x25 [ 160.639804][ T6619] Console: switching to colour frame buffer device 128x48 [ 161.276290][ T5870] Bluetooth: hci1: unexpected event 0x0f length: 440 > 4 [ 164.468651][ T6665] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 165.337582][ T6671] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 165.346852][ T6671] Bluetooth: hci1: Injecting HCI hardware error event [ 165.357707][ T6671] Bluetooth: hci1: hardware error 0x00 [ 167.186406][ T6702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 167.286814][ T6702] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 167.416283][ T6671] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 167.439241][ T6709] FAULT_INJECTION: forcing a failure. [ 167.439241][ T6709] name failslab, interval 1, probability 0, space 0, times 0 [ 167.455300][ T6702] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 167.503030][ T6702] page_type: f5(slab) [ 167.515385][ T6702] raw: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 167.589699][ T6702] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 167.603771][ T6709] CPU: 1 UID: 0 PID: 6709 Comm: syz.1.157 Not tainted syzkaller #0 PREEMPT(full) [ 167.603800][ T6709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 167.603815][ T6709] Call Trace: [ 167.603822][ T6709] [ 167.603831][ T6709] dump_stack_lvl+0x16c/0x1f0 [ 167.603867][ T6709] should_fail_ex+0x512/0x640 [ 167.603902][ T6709] ? __kmalloc_noprof+0xbf/0x510 [ 167.603932][ T6709] ? handler_new_ref+0x1b0/0xc60 [ 167.603965][ T6709] should_failslab+0xc2/0x120 [ 167.603998][ T6709] __kmalloc_noprof+0xd2/0x510 [ 167.604025][ T6709] ? __asan_memcpy+0x3c/0x60 [ 167.604055][ T6709] handler_new_ref+0x1b0/0xc60 [ 167.604098][ T6709] v4l2_ctrl_new+0x1963/0x2180 [ 167.604144][ T6709] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 167.604193][ T6709] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 167.604238][ T6709] v4l2_ctrl_new_std+0x1be/0x290 [ 167.604288][ T6709] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 167.604326][ T6709] ? rcu_is_watching+0x12/0xc0 [ 167.604351][ T6709] ? trace_kmalloc+0x2b/0xd0 [ 167.604383][ T6709] ? __kvmalloc_node_noprof+0x298/0x620 [ 167.604411][ T6709] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 167.604449][ T6709] ? media_request_object_init+0x100/0x180 [ 167.604492][ T6709] vicodec_open+0x1d0/0xf90 [ 167.604525][ T6709] v4l2_open+0x225/0x490 [ 167.604555][ T6709] ? __pfx_v4l2_open+0x10/0x10 [ 167.604583][ T6709] chrdev_open+0x234/0x6a0 [ 167.604614][ T6709] ? __pfx_apparmor_file_open+0x10/0x10 [ 167.604641][ T6709] ? __pfx_chrdev_open+0x10/0x10 [ 167.604686][ T6709] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 167.604729][ T6709] do_dentry_open+0x982/0x1530 [ 167.604756][ T6709] ? __pfx_chrdev_open+0x10/0x10 [ 167.604789][ T6709] vfs_open+0x82/0x3f0 [ 167.604824][ T6709] path_openat+0x1de4/0x2cb0 [ 167.604859][ T6709] ? __pfx_path_openat+0x10/0x10 [ 167.604891][ T6709] do_filp_open+0x20b/0x470 [ 167.604917][ T6709] ? __pfx_do_filp_open+0x10/0x10 [ 167.604962][ T6709] ? alloc_fd+0x471/0x7d0 [ 167.604991][ T6709] do_sys_openat2+0x11b/0x1d0 [ 167.605024][ T6709] ? __pfx_do_sys_openat2+0x10/0x10 [ 167.605068][ T6709] __x64_sys_openat+0x174/0x210 [ 167.605102][ T6709] ? __pfx___x64_sys_openat+0x10/0x10 [ 167.605147][ T6709] do_syscall_64+0xcd/0x490 [ 167.605178][ T6709] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.605200][ T6709] RIP: 0033:0x7f9c6d38ebe9 [ 167.605216][ T6709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.605242][ T6709] RSP: 002b:00007f9c6e191038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 167.605262][ T6709] RAX: ffffffffffffffda RBX: 00007f9c6d5b6180 RCX: 00007f9c6d38ebe9 [ 167.605276][ T6709] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 167.605290][ T6709] RBP: 00007f9c6d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 167.605303][ T6709] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 167.605315][ T6709] R13: 00007f9c6d5b6218 R14: 00007f9c6d5b6180 R15: 00007ffd24346de8 [ 167.605342][ T6709] [ 167.900390][ C1] vkms_vblank_simulate: vblank timer overrun [ 168.043889][ T6702] head: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 168.052917][ T6702] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 168.061752][ T6702] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 168.070490][ T6702] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 168.079294][ T6702] page dumped because: unmovable page [ 168.084714][ T6702] page_owner tracks the page as allocated [ 168.091292][ T6702] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5235, tgid 5235 (udevd), ts 61828685657, free_ts 61810115548 [ 168.188220][ T6702] post_alloc_hook+0x1c0/0x230 [ 168.193085][ T6702] get_page_from_freelist+0x132b/0x38e0 [ 168.198774][ T6702] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 168.205634][ T6702] alloc_pages_mpol+0x1fb/0x550 [ 168.213509][ T6702] new_slab+0x247/0x330 [ 168.218624][ T6702] ___slab_alloc+0xcf2/0x1740 [ 168.223378][ T6702] __slab_alloc.constprop.0+0x56/0xb0 [ 168.228898][ T6702] __kmalloc_cache_noprof+0xfb/0x3e0 [ 168.234271][ T6702] uevent_show+0x165/0x3a0 [ 168.238798][ T6702] dev_attr_show+0x53/0xe0 [ 168.243310][ T6702] sysfs_kf_seq_show+0x216/0x3e0 [ 168.248347][ T6702] seq_read_iter+0x509/0x12c0 [ 168.253069][ T6702] kernfs_fop_read_iter+0x40f/0x5a0 [ 168.258413][ T6702] vfs_read+0x8bc/0xcf0 [ 168.262641][ T6702] ksys_read+0x12a/0x250 [ 168.266990][ T6702] do_syscall_64+0xcd/0x490 [ 168.271577][ T6702] page last free pid 5247 tgid 5247 stack trace: [ 168.278060][ T6702] __free_frozen_pages+0x7d5/0x10f0 [ 168.283380][ T6702] __put_partials+0x165/0x1c0 [ 168.288217][ T6702] qlist_free_all+0x4d/0x120 [ 168.316814][ T6702] kasan_quarantine_reduce+0x195/0x1e0 [ 168.322342][ T6702] __kasan_slab_alloc+0x69/0x90 [ 168.359017][ T6702] __kmalloc_noprof+0x1d4/0x510 [ 168.376777][ T6702] tomoyo_encode2+0x100/0x3e0 [ 168.381544][ T6702] tomoyo_encode+0x29/0x50 [ 168.394189][ T6702] tomoyo_path_perm+0x3a5/0x460 [ 168.399261][ T6702] tomoyo_path_symlink+0x97/0xe0 [ 168.414207][ T6702] security_path_symlink+0x152/0x2e0 [ 168.421517][ T6702] do_symlinkat+0x10d/0x310 [ 168.433957][ T6702] __x64_sys_symlink+0x75/0x90 [ 168.444440][ T6702] do_syscall_64+0xcd/0x490 [ 168.454546][ T6702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 168.580133][ T6717] tipc: Started in network mode [ 168.601693][ T6717] tipc: Node identity ee00, cluster identity 4711 [ 168.626528][ T6717] tipc: Node number set to 60928 [ 168.685359][ T6720] Invalid ELF header magic: != ELF [ 168.742567][ T6717] Process accounting resumed [ 173.699571][ T6767] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 173.748942][ T6767] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.829356][ T6767] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 173.903834][ T6767] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 173.946961][ T6767] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 174.062493][ T6767] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 174.111701][ T6767] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 174.157018][ T6767] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 174.254132][ T6767] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 174.314790][ T6767] CPU0 is offline. [ 174.390181][ T5928] Process accounting resumed [ 175.089625][ T6671] Bluetooth: hci0: command 0x0c1a tx timeout [ 175.645589][ T6777] kexec: Could not allocate control_code_buffer [ 175.975739][ T6671] Bluetooth: hci2: command 0x0c1a tx timeout [ 176.136799][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout [ 177.169086][ T6671] Bluetooth: hci0: command 0x0c1a tx timeout [ 177.930702][ T6814] netlink: 28 bytes leftover after parsing attributes in process `syz.0.182'. [ 177.958235][ T6815] ptrace attach of "./syz-executor exec"[5868] was attempted by "./syz-executor exec"[6815] [ 178.047642][ T6671] Bluetooth: hci2: command 0x0c1a tx timeout [ 178.209503][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout [ 178.955746][ T6818] FAULT_INJECTION: forcing a failure. [ 178.955746][ T6818] name failslab, interval 1, probability 0, space 0, times 0 [ 179.018618][ T6818] CPU: 1 UID: 0 PID: 6818 Comm: syz.0.183 Not tainted syzkaller #0 PREEMPT(full) [ 179.018645][ T6818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 179.018657][ T6818] Call Trace: [ 179.018663][ T6818] [ 179.018671][ T6818] dump_stack_lvl+0x16c/0x1f0 [ 179.018702][ T6818] should_fail_ex+0x512/0x640 [ 179.018731][ T6818] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 179.018759][ T6818] should_failslab+0xc2/0x120 [ 179.018788][ T6818] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 179.018813][ T6818] ? do_epoll_ctl+0x1170/0x3790 [ 179.018840][ T6818] do_epoll_ctl+0x1170/0x3790 [ 179.018872][ T6818] ? __pfx_do_epoll_ctl+0x10/0x10 [ 179.018892][ T6818] ? find_held_lock+0x2b/0x80 [ 179.018911][ T6818] ? __might_fault+0xe3/0x190 [ 179.018934][ T6818] ? __might_fault+0xe3/0x190 [ 179.018966][ T6818] ? __x64_sys_epoll_ctl+0x15c/0x1e0 [ 179.018987][ T6818] __x64_sys_epoll_ctl+0x15c/0x1e0 [ 179.019010][ T6818] ? __pfx___x64_sys_epoll_ctl+0x10/0x10 [ 179.019041][ T6818] do_syscall_64+0xcd/0x490 [ 179.019070][ T6818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 179.019090][ T6818] RIP: 0033:0x7f7e7b38ebe9 [ 179.019105][ T6818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 179.019129][ T6818] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9 [ 179.019147][ T6818] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 179.019160][ T6818] RDX: 8000000000000000 RSI: 0000000000000001 RDI: 0000000000000006 [ 179.019171][ T6818] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 179.019183][ T6818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 179.019194][ T6818] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 179.019227][ T6818] [ 179.477061][ T6671] Bluetooth: hci0: command 0x0c1a tx timeout [ 180.126892][ T6671] Bluetooth: hci2: command 0x0c1a tx timeout [ 180.286776][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout [ 181.211888][ T6837] zero sized request [ 181.842273][ T6856] futex_wake_op: syz.3.190 tries to shift op by -2048; fix this program [ 181.958332][ T6856] futex_wake_op: syz.3.190 tries to shift op by -2048; fix this program [ 182.522235][ T6671] Bluetooth: hci3: unexpected subevent 0x01 length: 123 > 18 [ 184.232893][ T6882] netlink: 13832 bytes leftover after parsing attributes in process `syz.1.194'. [ 184.610535][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout [ 185.445120][ T6893] FAULT_INJECTION: forcing a failure. [ 185.445120][ T6893] name failslab, interval 1, probability 0, space 0, times 0 [ 185.691217][ T6893] CPU: 1 UID: 0 PID: 6893 Comm: syz.2.197 Not tainted syzkaller #0 PREEMPT(full) [ 185.691244][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 185.691256][ T6893] Call Trace: [ 185.691263][ T6893] [ 185.691271][ T6893] dump_stack_lvl+0x16c/0x1f0 [ 185.691302][ T6893] should_fail_ex+0x512/0x640 [ 185.691332][ T6893] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 185.691359][ T6893] should_failslab+0xc2/0x120 [ 185.691386][ T6893] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 185.691409][ T6893] ? __proc_create+0xc3/0x8e0 [ 185.691438][ T6893] ? __proc_create+0x2ce/0x8e0 [ 185.691470][ T6893] __proc_create+0x2ce/0x8e0 [ 185.691500][ T6893] ? __pfx___proc_create+0x10/0x10 [ 185.691533][ T6893] ? __pfx___netlink_kernel_create+0x10/0x10 [ 185.691561][ T6893] ? fib4_semantics_init+0x25/0x100 [ 185.691589][ T6893] proc_create_reg+0x7d/0x180 [ 185.691622][ T6893] proc_create_seq_private+0x8e/0x180 [ 185.691659][ T6893] ? __pfx_proc_create_seq_private+0x10/0x10 [ 185.691691][ T6893] ? __pfx_nl_fib_input+0x10/0x10 [ 185.691725][ T6893] ? __pfx_ip_rt_do_proc_init+0x10/0x10 [ 185.691758][ T6893] ip_rt_do_proc_init+0x57/0x1b0 [ 185.691797][ T6893] ops_init+0x1e2/0x5f0 [ 185.691829][ T6893] setup_net+0x10f/0x380 [ 185.691856][ T6893] ? lockdep_init_map_type+0x5c/0x280 [ 185.691885][ T6893] ? __pfx_setup_net+0x10/0x10 [ 185.691933][ T6893] ? debug_mutex_init+0x37/0x70 [ 185.691957][ T6893] copy_net_ns+0x2a6/0x5f0 [ 185.691993][ T6893] create_new_namespaces+0x3ea/0xa90 [ 185.692023][ T6893] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 185.692050][ T6893] ksys_unshare+0x45b/0xa40 [ 185.692091][ T6893] ? __pfx_ksys_unshare+0x10/0x10 [ 185.692119][ T6893] ? xfd_validate_state+0x61/0x180 [ 185.692157][ T6893] __x64_sys_unshare+0x31/0x40 [ 185.692184][ T6893] do_syscall_64+0xcd/0x490 [ 185.692213][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.692233][ T6893] RIP: 0033:0x7f37b258ebe9 [ 185.692248][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.692267][ T6893] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 185.692285][ T6893] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 185.692299][ T6893] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 185.692310][ T6893] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 185.692322][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.692334][ T6893] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 185.692359][ T6893] [ 187.087417][ T6909] netlink: 306 bytes leftover after parsing attributes in process `syz.3.199'. [ 190.525828][ T6947] netlink: 25 bytes leftover after parsing attributes in process `syz.3.208'. [ 191.238196][ T6962] netlink: 28 bytes leftover after parsing attributes in process `syz.3.211'. [ 191.285542][ T6962] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 191.319122][ T6962] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 191.372397][ T6962] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 191.479594][ T6962] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.562020][ T6973] FAULT_INJECTION: forcing a failure. [ 192.562020][ T6973] name failslab, interval 1, probability 0, space 0, times 0 [ 192.665642][ T6973] CPU: 1 UID: 0 PID: 6973 Comm: syz.2.213 Not tainted syzkaller #0 PREEMPT(full) [ 192.665669][ T6973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 192.665681][ T6973] Call Trace: [ 192.665688][ T6973] [ 192.665695][ T6973] dump_stack_lvl+0x16c/0x1f0 [ 192.665727][ T6973] should_fail_ex+0x512/0x640 [ 192.665756][ T6973] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 192.665780][ T6973] should_failslab+0xc2/0x120 [ 192.665807][ T6973] __kmalloc_cache_noprof+0x6a/0x3e0 [ 192.665829][ T6973] ? snd_seq_oss_open+0x55/0xa20 [ 192.665865][ T6973] snd_seq_oss_open+0x55/0xa20 [ 192.665902][ T6973] odev_open+0x6f/0x90 [ 192.665930][ T6973] ? __pfx_odev_open+0x10/0x10 [ 192.665958][ T6973] soundcore_open+0x40c/0x580 [ 192.665989][ T6973] ? __pfx_soundcore_open+0x10/0x10 [ 192.666018][ T6973] chrdev_open+0x234/0x6a0 [ 192.666043][ T6973] ? __pfx_apparmor_file_open+0x10/0x10 [ 192.666066][ T6973] ? __pfx_chrdev_open+0x10/0x10 [ 192.666093][ T6973] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 192.666121][ T6973] do_dentry_open+0x982/0x1530 [ 192.666147][ T6973] ? __pfx_chrdev_open+0x10/0x10 [ 192.666178][ T6973] vfs_open+0x82/0x3f0 [ 192.666211][ T6973] path_openat+0x1de4/0x2cb0 [ 192.666243][ T6973] ? __pfx_path_openat+0x10/0x10 [ 192.666277][ T6973] do_filp_open+0x20b/0x470 [ 192.666308][ T6973] ? __pfx_do_filp_open+0x10/0x10 [ 192.666350][ T6973] ? alloc_fd+0x471/0x7d0 [ 192.666379][ T6973] do_sys_openat2+0x11b/0x1d0 [ 192.666410][ T6973] ? __pfx_do_sys_openat2+0x10/0x10 [ 192.666442][ T6973] ? __pfx_sched_core_share_pid+0x10/0x10 [ 192.666472][ T6973] __x64_sys_openat+0x174/0x210 [ 192.666504][ T6973] ? __pfx___x64_sys_openat+0x10/0x10 [ 192.666538][ T6973] ? syscall_user_dispatch+0x78/0x140 [ 192.666577][ T6973] do_syscall_64+0xcd/0x490 [ 192.666607][ T6973] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 192.666627][ T6973] RIP: 0033:0x7f37b258ebe9 [ 192.666643][ T6973] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 192.666661][ T6973] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 192.666679][ T6973] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 192.666692][ T6973] RDX: 0000000000000042 RSI: 0000200000000140 RDI: ffffffffffffff9c [ 192.666705][ T6973] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 192.666717][ T6973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 192.666728][ T6973] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 192.666753][ T6973] [ 192.919937][ C1] vkms_vblank_simulate: vblank timer overrun [ 193.557613][ T6980] netlink: 266 bytes leftover after parsing attributes in process `syz.0.215'. [ 193.588876][ T6980] IPv6: NLM_F_CREATE should be specified when creating new route [ 195.746019][ T6671] Bluetooth: hci3: unexpected event 0x16 length: 440 > 6 [ 196.374598][ T30] audit: type=1326 audit(6051290702.255:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7038 comm="syz.0.225" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e7b38ebe9 code=0x0 [ 200.620823][ T7046] kexec: Could not allocate control_code_buffer [ 202.123286][ T7109] zswap: compressor not available [ 204.143199][ T7114] kexec: Could not allocate control_code_buffer [ 204.705370][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 204.711724][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.039094][ T7143] net_ratelimit: 1 callbacks suppressed [ 205.039121][ T7143] netlink: zone id is out of range [ 205.193761][ T7143] netlink: zone id is out of range [ 205.259488][ T7143] netlink: zone id is out of range [ 205.375720][ T7143] netlink: zone id is out of range [ 205.453050][ T7143] netlink: zone id is out of range [ 205.509106][ T7143] netlink: zone id is out of range [ 205.568463][ T7143] netlink: zone id is out of range [ 205.615578][ T7143] netlink: zone id is out of range [ 205.707364][ T7143] netlink: zone id is out of range [ 205.775841][ T7143] netlink: zone id is out of range [ 206.368306][ T7137] kexec: Could not allocate control_code_buffer [ 207.009251][ T7168] FAULT_INJECTION: forcing a failure. [ 207.009251][ T7168] name failslab, interval 1, probability 0, space 0, times 0 [ 207.127493][ T7168] CPU: 1 UID: 0 PID: 7168 Comm: syz.3.249 Not tainted syzkaller #0 PREEMPT(full) [ 207.127523][ T7168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 207.127536][ T7168] Call Trace: [ 207.127543][ T7168] [ 207.127551][ T7168] dump_stack_lvl+0x16c/0x1f0 [ 207.127586][ T7168] should_fail_ex+0x512/0x640 [ 207.127619][ T7168] ? fs_reclaim_acquire+0xae/0x150 [ 207.127656][ T7168] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 207.127691][ T7168] should_failslab+0xc2/0x120 [ 207.127733][ T7168] __kmalloc_noprof+0xd2/0x510 [ 207.127764][ T7168] tomoyo_realpath_from_path+0xc2/0x6e0 [ 207.127798][ T7168] ? tomoyo_profile+0x47/0x60 [ 207.127819][ T7168] tomoyo_path_number_perm+0x245/0x580 [ 207.127844][ T7168] ? tomoyo_path_number_perm+0x237/0x580 [ 207.127873][ T7168] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 207.127908][ T7168] ? __lock_acquire+0xb97/0x1ce0 [ 207.127952][ T7168] ? do_raw_spin_unlock+0x172/0x230 [ 207.127986][ T7168] ? _raw_spin_unlock+0x28/0x50 [ 207.128009][ T7168] ? current_check_access_path+0x33c/0x460 [ 207.128042][ T7168] ? __pfx_current_check_access_path+0x10/0x10 [ 207.128075][ T7168] ? simple_lookup+0x105/0x1d0 [ 207.128103][ T7168] tomoyo_path_mknod+0x10c/0x190 [ 207.128122][ T7168] ? __pfx_tomoyo_path_mknod+0x10/0x10 [ 207.128144][ T7168] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 207.128200][ T7168] security_path_mknod+0x161/0x310 [ 207.128231][ T7168] do_mknodat+0x239/0x5d0 [ 207.128261][ T7168] ? __pfx_do_mknodat+0x10/0x10 [ 207.128286][ T7168] ? getname_flags.part.0+0x1c5/0x550 [ 207.128336][ T7168] __x64_sys_mknod+0x87/0xb0 [ 207.128364][ T7168] do_syscall_64+0xcd/0x490 [ 207.128398][ T7168] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.128425][ T7168] RIP: 0033:0x7f46af98ebe9 [ 207.128442][ T7168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.128464][ T7168] RSP: 002b:00007f46b07b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 207.128485][ T7168] RAX: ffffffffffffffda RBX: 00007f46afbb6090 RCX: 00007f46af98ebe9 [ 207.128499][ T7168] RDX: 00000000fffffffa RSI: 00000000000000cb RDI: 0000200000000180 [ 207.128513][ T7168] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 207.128527][ T7168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.128540][ T7168] R13: 00007f46afbb6128 R14: 00007f46afbb6090 R15: 00007fff22d41fd8 [ 207.128569][ T7168] [ 207.128596][ T7168] ERROR: Out of memory at tomoyo_realpath_from_path. [ 208.156678][ T7178] netlink: 4 bytes leftover after parsing attributes in process `syz.0.250'. [ 209.300982][ T7200] FAULT_INJECTION: forcing a failure. [ 209.300982][ T7200] name failslab, interval 1, probability 0, space 0, times 0 [ 209.389925][ T7200] CPU: 1 UID: 0 PID: 7200 Comm: syz.1.255 Not tainted syzkaller #0 PREEMPT(full) [ 209.389953][ T7200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 209.389966][ T7200] Call Trace: [ 209.389973][ T7200] [ 209.389981][ T7200] dump_stack_lvl+0x16c/0x1f0 [ 209.390014][ T7200] should_fail_ex+0x512/0x640 [ 209.390044][ T7200] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 209.390070][ T7200] should_failslab+0xc2/0x120 [ 209.390099][ T7200] __kmalloc_cache_noprof+0x6a/0x3e0 [ 209.390121][ T7200] ? snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 209.390164][ T7200] snd_mixer_oss_get_volume1_sw.constprop.0.isra.0+0xa4/0x580 [ 209.390214][ T7200] snd_mixer_oss_get_recsrc1_sw+0x104/0x1d0 [ 209.390249][ T7200] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 209.390283][ T7200] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 209.390320][ T7200] snd_mixer_oss_ioctl1+0x18f4/0x1e40 [ 209.390350][ T7200] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 209.390384][ T7200] ? __pfx_snd_mixer_oss_get_recsrc1_sw+0x10/0x10 [ 209.390420][ T7200] ? __pfx_snd_mixer_oss_ioctl1+0x10/0x10 [ 209.390453][ T7200] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 209.390495][ T7200] ? find_held_lock+0x2b/0x80 [ 209.390516][ T7200] ? hook_file_ioctl_common+0x145/0x410 [ 209.390551][ T7200] ? __fget_files+0x20e/0x3c0 [ 209.390580][ T7200] snd_mixer_oss_ioctl+0x3e/0x50 [ 209.390609][ T7200] ? __pfx_snd_mixer_oss_ioctl+0x10/0x10 [ 209.390641][ T7200] __x64_sys_ioctl+0x18e/0x210 [ 209.390677][ T7200] do_syscall_64+0xcd/0x490 [ 209.390709][ T7200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.390730][ T7200] RIP: 0033:0x7f9c6d38ebe9 [ 209.390746][ T7200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.390767][ T7200] RSP: 002b:00007f9c6e1b2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 209.390786][ T7200] RAX: ffffffffffffffda RBX: 00007f9c6d5b6090 RCX: 00007f9c6d38ebe9 [ 209.390800][ T7200] RDX: 00002000000012c0 RSI: 0000000080044dff RDI: 000000000000000b [ 209.390812][ T7200] RBP: 00007f9c6d411e19 R08: 0000000000000000 R09: 0000000000000000 [ 209.390825][ T7200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 209.390837][ T7200] R13: 00007f9c6d5b6128 R14: 00007f9c6d5b6090 R15: 00007ffd24346de8 [ 209.390883][ T7200] [ 210.837785][ T7212] workqueue: name exceeds WQ_NAME_LEN. Truncating to: !PjE r҄y*"l-y– syzkaller syzkaller login: [ 213.134736][ T7229] FAULT_INJECTION: forcing a failure. [ 213.134736][ T7229] name failslab, interval 1, probability 0, space 0, times 0 [ 213.238498][ T7229] CPU: 1 UID: 0 PID: 7229 Comm: syz.3.261 Not tainted syzkaller #0 PREEMPT(full) [ 213.238533][ T7229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 213.238549][ T7229] Call Trace: [ 213.238558][ T7229] [ 213.238567][ T7229] dump_stack_lvl+0x16c/0x1f0 [ 213.238603][ T7229] should_fail_ex+0x512/0x640 [ 213.238631][ T7229] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 213.238659][ T7229] should_failslab+0xc2/0x120 [ 213.238686][ T7229] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 213.238711][ T7229] ? __kernfs_new_node+0xd2/0x8e0 [ 213.238740][ T7229] __kernfs_new_node+0xd2/0x8e0 [ 213.238769][ T7229] ? __pfx___kernfs_new_node+0x10/0x10 [ 213.238793][ T7229] ? __pfx_stack_trace_save+0x10/0x10 [ 213.238822][ T7229] ? find_held_lock+0x2b/0x80 [ 213.238842][ T7229] ? kernfs_root+0xee/0x2a0 [ 213.238876][ T7229] kernfs_new_node+0x13c/0x1e0 [ 213.238918][ T7229] __kernfs_create_file+0x53/0x350 [ 213.238942][ T7229] sysfs_add_file_mode_ns+0x207/0x3c0 [ 213.238973][ T7229] sysfs_create_file_ns+0x13d/0x1d0 [ 213.238998][ T7229] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 213.239021][ T7229] ? down_read+0x13d/0x480 [ 213.239051][ T7229] ? __pfx___up_read+0x10/0x10 [ 213.239081][ T7229] ? acpi_device_notify+0x351/0x480 [ 213.239105][ T7229] ? lockdep_init_map_type+0x5c/0x280 [ 213.239137][ T7229] device_create_file+0xf2/0x1e0 [ 213.239160][ T7229] device_add+0x2bf/0x1aa0 [ 213.239180][ T7229] ? __pfx_device_add+0x10/0x10 [ 213.239198][ T7229] ? mark_held_locks+0x49/0x80 [ 213.239231][ T7229] usb_set_configuration+0x1187/0x1e20 [ 213.239279][ T7229] bConfigurationValue_store+0x100/0x180 [ 213.239313][ T7229] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 213.239346][ T7229] ? find_held_lock+0x2b/0x80 [ 213.239366][ T7229] ? sysfs_file_kobj+0xe4/0x290 [ 213.239389][ T7229] ? __pfx_bConfigurationValue_store+0x10/0x10 [ 213.239421][ T7229] dev_attr_store+0x58/0x80 [ 213.239450][ T7229] ? __pfx_dev_attr_store+0x10/0x10 [ 213.239480][ T7229] sysfs_kf_write+0xf2/0x150 [ 213.239504][ T7229] kernfs_fop_write_iter+0x354/0x510 [ 213.239522][ T7229] ? __pfx_sysfs_kf_write+0x10/0x10 [ 213.239547][ T7229] iter_file_splice_write+0xa24/0x12e0 [ 213.239584][ T7229] ? __pfx_iter_file_splice_write+0x10/0x10 [ 213.239611][ T7229] ? __pfx_copy_splice_read+0x10/0x10 [ 213.239645][ T7229] ? __pfx_iter_file_splice_write+0x10/0x10 [ 213.239669][ T7229] direct_splice_actor+0x18f/0x6c0 [ 213.239693][ T7229] splice_direct_to_actor+0x345/0xa30 [ 213.239715][ T7229] ? __pfx_direct_splice_actor+0x10/0x10 [ 213.239741][ T7229] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 213.239770][ T7229] do_splice_direct+0x174/0x240 [ 213.239791][ T7229] ? __pfx_do_splice_direct+0x10/0x10 [ 213.239812][ T7229] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 213.239836][ T7229] ? rw_verify_area+0xcf/0x6c0 [ 213.239859][ T7229] do_sendfile+0xb06/0xe50 [ 213.239885][ T7229] ? __pfx_do_sendfile+0x10/0x10 [ 213.239917][ T7229] ? __x64_sys_futex+0x1e0/0x4c0 [ 213.239943][ T7229] ? __x64_sys_futex+0x1e9/0x4c0 [ 213.239971][ T7229] __x64_sys_sendfile64+0x1d8/0x220 [ 213.240001][ T7229] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 213.240038][ T7229] do_syscall_64+0xcd/0x490 [ 213.240068][ T7229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.240089][ T7229] RIP: 0033:0x7f46af98ebe9 [ 213.240104][ T7229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 213.240123][ T7229] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 213.240142][ T7229] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 213.240155][ T7229] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004 [ 213.240185][ T7229] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 213.240197][ T7229] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 213.240210][ T7229] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 213.240237][ T7229] [ 214.225329][ T7250] ptp ptp0: new virtual clock ptp1 [ 214.255847][ T7250] ptp ptp0: guarantee physical clock free running syzkaller syzkaller login: [ 214.493808][ T7261] FAULT_INJECTION: forcing a failure. [ 214.493808][ T7261] name failslab, interval 1, probability 0, space 0, times 0 [ 214.509339][ T7261] CPU: 1 UID: 0 PID: 7261 Comm: syz.2.267 Not tainted syzkaller #0 PREEMPT(full) [ 214.509366][ T7261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 214.509378][ T7261] Call Trace: [ 214.509385][ T7261] [ 214.509393][ T7261] dump_stack_lvl+0x16c/0x1f0 [ 214.509426][ T7261] should_fail_ex+0x512/0x640 [ 214.509456][ T7261] ? __kmalloc_noprof+0xbf/0x510 [ 214.509484][ T7261] ? __register_sysctl_table+0xea2/0x1900 [ 214.509515][ T7261] should_failslab+0xc2/0x120 [ 214.509544][ T7261] __kmalloc_noprof+0xd2/0x510 [ 214.509567][ T7261] ? __register_sysctl_table+0xe8e/0x1900 [ 214.509604][ T7261] __register_sysctl_table+0xea2/0x1900 [ 214.509642][ T7261] ? __pfx___register_sysctl_table+0x10/0x10 [ 214.509674][ T7261] ? is_module_address+0x69/0xf0 [ 214.509704][ T7261] ? register_net_sysctl_sz+0x228/0x3e0 [ 214.509742][ T7261] __addrconf_sysctl_register+0x1a2/0x360 [ 214.509781][ T7261] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 214.509832][ T7261] ? trace_kmalloc+0x2b/0xd0 [ 214.509865][ T7261] ? addrconf_init_net+0x1e9/0x8e0 [ 214.509886][ T7261] ? __asan_memcpy+0x3c/0x60 [ 214.509910][ T7261] addrconf_init_net+0x50c/0x8e0 [ 214.509932][ T7261] ? __pfx_addrconf_init_net+0x10/0x10 [ 214.509951][ T7261] ops_init+0x1e2/0x5f0 [ 214.509994][ T7261] setup_net+0x10f/0x380 [ 214.510021][ T7261] ? lockdep_init_map_type+0x5c/0x280 [ 214.510049][ T7261] ? __pfx_setup_net+0x10/0x10 [ 214.510079][ T7261] ? debug_mutex_init+0x37/0x70 [ 214.510101][ T7261] copy_net_ns+0x2a6/0x5f0 [ 214.510135][ T7261] create_new_namespaces+0x3ea/0xa90 [ 214.510166][ T7261] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 214.510192][ T7261] ksys_unshare+0x45b/0xa40 [ 214.510221][ T7261] ? __pfx_ksys_unshare+0x10/0x10 [ 214.510249][ T7261] ? xfd_validate_state+0x61/0x180 [ 214.510286][ T7261] __x64_sys_unshare+0x31/0x40 [ 214.510313][ T7261] do_syscall_64+0xcd/0x490 [ 214.510343][ T7261] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.510363][ T7261] RIP: 0033:0x7f37b258ebe9 [ 214.510378][ T7261] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.510397][ T7261] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 214.510416][ T7261] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 214.510429][ T7261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 214.510440][ T7261] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 214.510452][ T7261] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.510464][ T7261] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 214.510489][ T7261] [ 214.510514][ T7261] sysctl could not get directory: /net/ipv6/conf -12 [ 214.866994][ T7229] usb usb8: device_add(8-0:1.0) --> -12 [ 216.441281][ T7290] syz.2.272 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 218.271312][ T7313] ======================================================= [ 218.271312][ T7313] WARNING: The mand mount option has been deprecated and [ 218.271312][ T7313] and is ignored by this kernel. Remove the mand [ 218.271312][ T7313] option from the mount to silence this warning. [ 218.271312][ T7313] ======================================================= [ 220.729795][ T7341] random: crng reseeded on system resumption [ 220.896820][ T7344] misc userio: No port type given on /dev/userio [ 222.260139][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.287'. [ 224.366860][ T7390] FAULT_INJECTION: forcing a failure. [ 224.366860][ T7390] name failslab, interval 1, probability 0, space 0, times 0 [ 224.379869][ T7390] CPU: 1 UID: 0 PID: 7390 Comm: syz.0.295 Not tainted syzkaller #0 PREEMPT(full) [ 224.379894][ T7390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 224.379907][ T7390] Call Trace: [ 224.379914][ T7390] [ 224.379921][ T7390] dump_stack_lvl+0x16c/0x1f0 [ 224.379953][ T7390] should_fail_ex+0x512/0x640 [ 224.379989][ T7390] should_failslab+0xc2/0x120 [ 224.380018][ T7390] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 224.380045][ T7390] ? dst_alloc+0x99/0x1a0 [ 224.380075][ T7390] dst_alloc+0x99/0x1a0 [ 224.380102][ T7390] rt_dst_alloc+0x35/0x3a0 [ 224.380152][ T7390] ip_route_output_key_hash_rcu+0x880/0x28c0 [ 224.380183][ T7390] ip_route_output_key_hash+0x137/0x2e0 [ 224.380206][ T7390] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 224.380235][ T7390] ? icmp_route_lookup.constprop.0+0x389/0x1320 [ 224.380267][ T7390] icmp_route_lookup.constprop.0+0x3d4/0x1320 [ 224.380299][ T7390] ? __pfx_icmp_route_lookup.constprop.0+0x10/0x10 [ 224.380330][ T7390] ? __ip_options_echo+0x54c/0x1210 [ 224.380362][ T7390] ? lock_acquire+0x179/0x350 [ 224.380389][ T7390] ? __pfx___ip_options_echo+0x10/0x10 [ 224.380432][ T7390] ? find_held_lock+0x2b/0x80 [ 224.380457][ T7390] __icmp_send+0xad4/0x1960 [ 224.380494][ T7390] ? __pfx___icmp_send+0x10/0x10 [ 224.380519][ T7390] ? neigh_connected_output+0x3da/0x620 [ 224.380548][ T7390] ? ip_finish_output2+0x7f8/0x21a0 [ 224.380577][ T7390] ? __ip_finish_output.part.0+0x1b4/0x350 [ 224.380608][ T7390] ? ip_output+0x291/0xa10 [ 224.380636][ T7390] ? ip_send_skb+0x437/0x590 [ 224.380665][ T7390] ? udp_send_skb+0x71d/0x15b0 [ 224.380693][ T7390] ? udp_sendmsg+0x1813/0x2870 [ 224.380721][ T7390] ? ____sys_sendmsg+0x973/0xc70 [ 224.380739][ T7390] ? ___sys_sendmsg+0x134/0x1d0 [ 224.380766][ T7390] ? __sys_sendmmsg+0x200/0x420 [ 224.380829][ T7390] ? __pfx_xfrm_lookup_with_ifid+0x10/0x10 [ 224.380866][ T7390] ipv4_link_failure+0x424/0xbc0 [ 224.380889][ T7390] ? __pfx_ipv4_link_failure+0x10/0x10 [ 224.380914][ T7390] ? __pfx_ipv4_link_failure+0x10/0x10 [ 224.380935][ T7390] vti_tunnel_xmit+0x673/0x1e30 [ 224.380961][ T7390] ? __pfx_vti_tunnel_xmit+0x10/0x10 [ 224.380996][ T7390] dev_hard_start_xmit+0x97/0x740 [ 224.381024][ T7390] __dev_queue_xmit+0xa46/0x4490 [ 224.381057][ T7390] ? __pfx___dev_queue_xmit+0x10/0x10 [ 224.381081][ T7390] ? register_lock_class+0x41/0x4c0 [ 224.381115][ T7390] ? lockdep_unlock+0x64/0xe0 [ 224.381133][ T7390] ? __lock_acquire+0x107f/0x1ce0 [ 224.381169][ T7390] ? ___neigh_create+0x1945/0x28c0 [ 224.381195][ T7390] ? find_held_lock+0x2b/0x80 [ 224.381221][ T7390] neigh_connected_output+0x3da/0x620 [ 224.381259][ T7390] ip_finish_output2+0x7f8/0x21a0 [ 224.381290][ T7390] ? ip_skb_dst_mtu+0x5a7/0xc70 [ 224.381321][ T7390] ? __pfx_ip_finish_output2+0x10/0x10 [ 224.381350][ T7390] ? ip_skb_dst_mtu+0x5b6/0xc70 [ 224.381377][ T7390] ? skb_gso_transport_seglen+0x1a5/0x3b0 [ 224.381414][ T7390] __ip_finish_output.part.0+0x1b4/0x350 [ 224.381447][ T7390] ip_output+0x35e/0xa10 [ 224.381478][ T7390] ip_send_skb+0x437/0x590 [ 224.381511][ T7390] udp_send_skb+0x71d/0x15b0 [ 224.381547][ T7390] udp_sendmsg+0x1813/0x2870 [ 224.381578][ T7390] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 224.381610][ T7390] ? __pfx_udp_sendmsg+0x10/0x10 [ 224.381653][ T7390] ? __lock_acquire+0xb97/0x1ce0 [ 224.381698][ T7390] ? __pfx_udp_sendmsg+0x10/0x10 [ 224.381728][ T7390] inet_sendmsg+0x105/0x140 [ 224.381749][ T7390] ____sys_sendmsg+0x973/0xc70 [ 224.381769][ T7390] ? copy_msghdr_from_user+0x10a/0x160 [ 224.381795][ T7390] ? __pfx_____sys_sendmsg+0x10/0x10 [ 224.381827][ T7390] ___sys_sendmsg+0x134/0x1d0 [ 224.381855][ T7390] ? __pfx____sys_sendmsg+0x10/0x10 [ 224.381895][ T7390] ? find_held_lock+0x2b/0x80 [ 224.381930][ T7390] __sys_sendmmsg+0x200/0x420 [ 224.381960][ T7390] ? __pfx___sys_sendmmsg+0x10/0x10 [ 224.381995][ T7390] ? __pfx_do_futex+0x10/0x10 [ 224.382019][ T7390] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 224.382063][ T7390] ? xfd_validate_state+0x61/0x180 [ 224.382092][ T7390] ? __pfx_do_writev+0x10/0x10 [ 224.382118][ T7390] __x64_sys_sendmmsg+0x9c/0x100 [ 224.382151][ T7390] ? lockdep_hardirqs_on+0x7c/0x110 [ 224.382177][ T7390] do_syscall_64+0xcd/0x490 [ 224.382206][ T7390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.382227][ T7390] RIP: 0033:0x7f7e7b38ebe9 [ 224.382242][ T7390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.382261][ T7390] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 224.382279][ T7390] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 224.382292][ T7390] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 224.382304][ T7390] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 224.382316][ T7390] R10: 0000000060000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.382328][ T7390] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 224.382354][ T7390] [ 228.012339][ T7403] netlink: 25520 bytes leftover after parsing attributes in process `syz.1.298'. [ 228.069727][ T7403] net_ratelimit: 62 callbacks suppressed [ 228.069742][ T7403] netlink: zone id is out of range [ 228.106187][ T7403] netlink: zone id is out of range [ 228.138232][ T7403] netlink: zone id is out of range [ 228.177165][ T7403] netlink: zone id is out of range [ 228.207499][ T7403] netlink: zone id is out of range [ 228.255510][ T7403] netlink: zone id is out of range [ 233.445917][ T7456] syz.3.309 uses obsolete (PF_INET,SOCK_PACKET) [ 233.514422][ T7456] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 234.184959][ T7463] sysfs_service_op_store: Client not running :-5: [ 234.185822][ T7463] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 234.185843][ T7463] CIFS mount error: No usable UNC path provided in device string! [ 234.185843][ T7463] [ 234.185963][ T7463] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 235.666977][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.673313][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.681460][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.689519][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.731583][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.741477][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 235.773197][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 235.779686][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 238.468035][ T7476] kexec: Could not allocate control_code_buffer [ 239.510537][ T7515] zswap: compressor 000 not available [ 242.605576][ T7561] FAULT_INJECTION: forcing a failure. [ 242.605576][ T7561] name failslab, interval 1, probability 0, space 0, times 0 [ 242.886947][ T7561] CPU: 1 UID: 0 PID: 7561 Comm: syz.2.329 Not tainted syzkaller #0 PREEMPT(full) [ 242.886976][ T7561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 242.886992][ T7561] Call Trace: [ 242.887002][ T7561] [ 242.887010][ T7561] dump_stack_lvl+0x16c/0x1f0 [ 242.887044][ T7561] should_fail_ex+0x512/0x640 [ 242.887075][ T7561] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 242.887108][ T7561] should_failslab+0xc2/0x120 [ 242.887138][ T7561] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 242.887168][ T7561] ? bonding_sysfs_store_option+0x67/0x120 [ 242.887196][ T7561] kstrndup+0x6d/0x160 [ 242.887224][ T7561] ? __pfx_bonding_sysfs_store_option+0x10/0x10 [ 242.887246][ T7561] bonding_sysfs_store_option+0x67/0x120 [ 242.887270][ T7561] dev_attr_store+0x58/0x80 [ 242.887304][ T7561] ? __pfx_dev_attr_store+0x10/0x10 [ 242.887337][ T7561] sysfs_kf_write+0xf2/0x150 [ 242.887363][ T7561] kernfs_fop_write_iter+0x354/0x510 [ 242.887383][ T7561] ? __pfx_sysfs_kf_write+0x10/0x10 [ 242.887410][ T7561] vfs_write+0x7d0/0x11d0 [ 242.887436][ T7561] ? __pfx_kernfs_fop_write_iter+0x10/0x10 [ 242.887459][ T7561] ? __pfx___mutex_lock+0x10/0x10 [ 242.887489][ T7561] ? __pfx_vfs_write+0x10/0x10 [ 242.887532][ T7561] ksys_write+0x12a/0x250 [ 242.887557][ T7561] ? __pfx_ksys_write+0x10/0x10 [ 242.887591][ T7561] do_syscall_64+0xcd/0x490 [ 242.887623][ T7561] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.887655][ T7561] RIP: 0033:0x7f37b258ebe9 [ 242.887670][ T7561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 242.887689][ T7561] RSP: 002b:00007f37b3347038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 242.887707][ T7561] RAX: ffffffffffffffda RBX: 00007f37b27b6090 RCX: 00007f37b258ebe9 [ 242.887720][ T7561] RDX: 0000000000000081 RSI: 0000000000000000 RDI: 0000000000000004 [ 242.887732][ T7561] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 242.887743][ T7561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 242.887755][ T7561] R13: 00007f37b27b6128 R14: 00007f37b27b6090 R15: 00007ffcfb1d3938 [ 242.887797][ T7561] [ 243.506282][ T7570] netlink: 28 bytes leftover after parsing attributes in process `syz.3.330'. [ 244.163595][ T7570] team0: Port device team_slave_1 removed [ 246.844420][ T7594] zswap: compressor not available [ 246.877302][ T7598] Setting dangerous option i915.mitigations - tainting kernel [ 251.263447][ T7628] sd 0:0:1:0: PR command failed: 1026 [ 251.350513][ T7628] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 251.493348][ T7628] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 255.985692][ T7705] Invalid ELF header magic: != ELF [ 256.864661][ T7702] EXT4-fs error (device sda1): ext4_validate_block_bitmap:423: comm syz.2.354: bg 1: bad block bitmap checksum [ 256.947859][ T7702] EXT4-fs error (device sda1) in ext4_mb_clear_bb:6657: Filesystem failed CRC [ 259.221495][ T7745] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 261.646900][ T7793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.365: iget: checksum invalid [ 261.706957][ T7793] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 261.775898][ T7793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.365: iget: checksum invalid [ 261.917322][ T7793] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 262.063213][ T7798] nvme_fabrics: missing parameter 'transport=%s' [ 262.070088][ T7793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.365: iget: checksum invalid [ 262.125941][ T7798] nvme_fabrics: missing parameter 'nqn=%s' [ 262.135082][ T7793] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 262.183031][ T7793] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.2.365: iget: checksum invalid [ 262.229125][ T7793] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 262.267495][ T7793] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 262.302990][ T7793] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 262.429710][ T7801] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 262.478813][ T7801] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 262.505728][ T7801] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 262.530406][ T7801] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 262.559009][ T7801] CPU0 is offline. [ 263.740177][ T7830] netlink: 29 bytes leftover after parsing attributes in process `syz.3.372'. [ 264.414332][ T6671] Bluetooth: hci0: command 0x0c1a tx timeout [ 264.496306][ T6671] Bluetooth: hci2: command 0x0c1a tx timeout [ 264.576109][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout syzkaller syzkaller login: [ 265.621852][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 265.630814][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 266.652145][ T6671] Bluetooth: hci3: command 0x0c1a tx timeout [ 268.680946][ T7898] FAULT_INJECTION: forcing a failure. [ 268.680946][ T7898] name failslab, interval 1, probability 0, space 0, times 0 [ 268.747212][ T7898] CPU: 1 UID: 0 PID: 7898 Comm: syz.3.388 Tainted: G U syzkaller #0 PREEMPT(full) [ 268.747248][ T7898] Tainted: [U]=USER [ 268.747255][ T7898] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 268.747268][ T7898] Call Trace: [ 268.747275][ T7898] [ 268.747284][ T7898] dump_stack_lvl+0x16c/0x1f0 [ 268.747318][ T7898] should_fail_ex+0x512/0x640 [ 268.747362][ T7898] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 268.747388][ T7898] should_failslab+0xc2/0x120 [ 268.747416][ T7898] __kmalloc_cache_noprof+0x6a/0x3e0 [ 268.747438][ T7898] ? nd_alloc_stack+0x85/0x110 [ 268.747474][ T7898] nd_alloc_stack+0x85/0x110 [ 268.747505][ T7898] step_into+0x1ac7/0x2270 [ 268.747532][ T7898] ? __pfx_step_into+0x10/0x10 [ 268.747552][ T7898] ? __d_lookup+0x266/0x4a0 [ 268.747587][ T7898] ? lookup_fast+0x156/0x610 [ 268.747612][ T7898] walk_component+0xfc/0x5b0 [ 268.747635][ T7898] link_path_walk+0x627/0xe20 [ 268.747666][ T7898] path_lookupat+0x15a/0x6d0 [ 268.747688][ T7898] ? __lock_acquire+0xb97/0x1ce0 [ 268.747718][ T7898] filename_lookup+0x224/0x5f0 [ 268.747745][ T7898] ? __pfx_filename_lookup+0x10/0x10 [ 268.747791][ T7898] ? getname_flags.part.0+0x1c5/0x550 [ 268.747830][ T7898] user_path_at+0x3a/0x60 [ 268.747854][ T7898] vfs_open_tree+0x2ca/0x910 [ 268.747881][ T7898] ? __pfx_vfs_open_tree+0x10/0x10 [ 268.747907][ T7898] ? xfd_validate_state+0x61/0x180 [ 268.747975][ T7898] __x64_sys_open_tree+0x84/0x130 [ 268.748004][ T7898] do_syscall_64+0xcd/0x490 [ 268.748035][ T7898] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 268.748056][ T7898] RIP: 0033:0x7f46af98ebe9 [ 268.748073][ T7898] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 268.748093][ T7898] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ac [ 268.748113][ T7898] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 268.748126][ T7898] RDX: 0000000000000101 RSI: 0000200000000180 RDI: ffffffffffffff9c [ 268.748145][ T7898] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 268.748158][ T7898] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 268.748171][ T7898] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 268.748197][ T7898] [ 269.934014][ T7911] ima: policy update failed [ 269.962520][ T7911] netlink: 25 bytes leftover after parsing attributes in process `syz.3.389'. [ 269.980240][ T30] audit: type=1802 audit(6051290776.372:4): pid=7911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.389" res=0 errno=0 [ 270.304955][ T7914] netlink: 4 bytes leftover after parsing attributes in process `syz.0.390'. [ 273.196246][ T30] audit: type=1804 audit(6051290779.594:5): pid=7966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.401" name="/newroot/108/file0" dev="tmpfs" ino=586 res=1 errno=0 [ 273.617865][ T7966] dmxdev: DVB (dvb_dmxdev_filter_start): could not set feed [ 273.674961][ T7973] vxcan0: entered allmulticast mode [ 273.715634][ T7966] dvb_demux: dvb_demux_feed_del: feed not in list (type=1 state=0 pid=ffff) [ 278.197962][ T7997] kexec: Could not allocate control_code_buffer [ 279.687344][ T8038] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.415: iget: checksum invalid [ 279.768619][ T8038] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 279.838861][ T8038] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.415: iget: checksum invalid [ 279.958514][ T8038] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 280.102708][ T8038] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.415: iget: checksum invalid [ 280.199132][ T8038] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 280.209758][ T8053] netlink: zone id is out of range [ 280.214876][ T8053] netlink: zone id is out of range [ 280.290167][ T8038] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.0.415: iget: checksum invalid [ 280.311390][ T8053] netlink: zone id is out of range [ 280.377703][ T8038] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 280.396875][ T8053] netlink: zone id is out of range [ 280.402010][ T8053] netlink: zone id is out of range [ 280.444323][ T8038] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 280.509990][ T8038] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 280.584860][ T8053] netlink: zone id is out of range [ 280.641893][ T8053] netlink: zone id is out of range [ 280.692831][ T8053] netlink: zone id is out of range [ 280.761758][ T8053] netlink: zone id is out of range [ 280.804922][ T8053] netlink: zone id is out of range [ 283.598734][ T8087] ima: policy update failed [ 283.646612][ T30] audit: type=1802 audit(6051290790.059:6): pid=8087 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.434" res=0 errno=0 [ 286.272129][ T8133] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input9 [ 287.766761][ T8117] sd 0:0:1:0: PR command failed: 1026 [ 287.810632][ T8117] sd 0:0:1:0: Sense Key : Illegal Request [current] [ 287.899680][ T8117] sd 0:0:1:0: Add. Sense: Invalid command operation code [ 288.382372][ T8151] lo: entered allmulticast mode [ 288.591913][ T8155] lo: left allmulticast mode [ 289.880284][ T8165] svc: failed to register nfsdv3 RPC service (errno 111). [ 290.030822][ T8165] svc: failed to register nfsaclv3 RPC service (errno 111). [ 291.195754][ T8196] netlink: 4 bytes leftover after parsing attributes in process `syz.2.446'. [ 291.233006][ T8196] netlink: 354 bytes leftover after parsing attributes in process `syz.2.446'. [ 293.131279][ T8217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.452'. [ 293.511964][ T8227] Invalid ELF header magic: != ELF [ 295.373435][ T8246] random: crng reseeded on system resumption [ 295.759807][ T8248] netlink: 338 bytes leftover after parsing attributes in process `syz.2.457'. [ 298.082261][ T8289] FAULT_INJECTION: forcing a failure. [ 298.082261][ T8289] name failslab, interval 1, probability 0, space 0, times 0 [ 298.082311][ T8289] CPU: 1 UID: 0 PID: 8289 Comm: syz.3.464 Tainted: G U syzkaller #0 PREEMPT(full) [ 298.082343][ T8289] Tainted: [U]=USER [ 298.082350][ T8289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 298.082363][ T8289] Call Trace: [ 298.082370][ T8289] [ 298.082378][ T8289] dump_stack_lvl+0x16c/0x1f0 [ 298.082414][ T8289] should_fail_ex+0x512/0x640 [ 298.082446][ T8289] ? __kmalloc_noprof+0xbf/0x510 [ 298.082475][ T8289] ? handler_new_ref+0x1b0/0xc60 [ 298.082507][ T8289] should_failslab+0xc2/0x120 [ 298.082537][ T8289] __kmalloc_noprof+0xd2/0x510 [ 298.082562][ T8289] ? __asan_memcpy+0x3c/0x60 [ 298.082590][ T8289] handler_new_ref+0x1b0/0xc60 [ 298.082630][ T8289] v4l2_ctrl_new+0x1963/0x2180 [ 298.082673][ T8289] ? __pfx_v4l2_ctrl_new+0x10/0x10 [ 298.082726][ T8289] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 298.082762][ T8289] v4l2_ctrl_new_std+0x1be/0x290 [ 298.082801][ T8289] ? __pfx_v4l2_ctrl_new_std+0x10/0x10 [ 298.082836][ T8289] ? rcu_is_watching+0x12/0xc0 [ 298.082857][ T8289] ? trace_kmalloc+0x2b/0xd0 [ 298.082886][ T8289] ? __kvmalloc_node_noprof+0x298/0x620 [ 298.082911][ T8289] ? v4l2_ctrl_handler_init_class+0x1fc/0x340 [ 298.082945][ T8289] ? media_request_object_init+0x100/0x180 [ 298.082984][ T8289] vicodec_open+0x1d0/0xf90 [ 298.083014][ T8289] v4l2_open+0x225/0x490 [ 298.083040][ T8289] ? __pfx_v4l2_open+0x10/0x10 [ 298.083066][ T8289] chrdev_open+0x234/0x6a0 [ 298.083093][ T8289] ? __pfx_apparmor_file_open+0x10/0x10 [ 298.083117][ T8289] ? __pfx_chrdev_open+0x10/0x10 [ 298.083156][ T8289] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 298.083185][ T8289] do_dentry_open+0x982/0x1530 [ 298.083213][ T8289] ? __pfx_chrdev_open+0x10/0x10 [ 298.083246][ T8289] vfs_open+0x82/0x3f0 [ 298.083282][ T8289] path_openat+0x1de4/0x2cb0 [ 298.083316][ T8289] ? __pfx_path_openat+0x10/0x10 [ 298.083349][ T8289] do_filp_open+0x20b/0x470 [ 298.083374][ T8289] ? __pfx_do_filp_open+0x10/0x10 [ 298.083419][ T8289] ? alloc_fd+0x471/0x7d0 [ 298.083449][ T8289] do_sys_openat2+0x11b/0x1d0 [ 298.083482][ T8289] ? __pfx_do_sys_openat2+0x10/0x10 [ 298.083525][ T8289] __x64_sys_openat+0x174/0x210 [ 298.083563][ T8289] ? __pfx___x64_sys_openat+0x10/0x10 [ 298.083635][ T8289] do_syscall_64+0xcd/0x490 [ 298.083670][ T8289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 298.083694][ T8289] RIP: 0033:0x7f46af98ebe9 [ 298.083712][ T8289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 298.083735][ T8289] RSP: 002b:00007f46b0791038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 298.083756][ T8289] RAX: ffffffffffffffda RBX: 00007f46afbb6180 RCX: 00007f46af98ebe9 [ 298.083772][ T8289] RDX: 00000000000c0400 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 298.083787][ T8289] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 298.083800][ T8289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 298.083814][ T8289] R13: 00007f46afbb6218 R14: 00007f46afbb6180 R15: 00007fff22d41fd8 [ 298.083844][ T8289] [ 302.363774][ T8329] Invalid ELF header magic: != ELF [ 304.266780][ T8355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 304.349077][ T8355] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 304.425359][ T8355] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 304.534582][ T8355] page_type: f5(slab) [ 304.538612][ T8355] raw: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 304.709833][ T8355] raw: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 304.890545][ T8355] head: 00fff00000000040 ffff88801b842140 dead000000000100 dead000000000122 [ 304.958722][ T8355] head: 0000000000000000 0000000000040004 00000000f5000000 0000000000000000 [ 305.097322][ T8355] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 305.200820][ T8355] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 305.296021][ T8355] page dumped because: unmovable page [ 305.377883][ T8355] page_owner tracks the page as allocated [ 305.439424][ T8355] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6936, tgid 6934 (syz.2.206), ts 189272154822, free_ts 189174434330 [ 305.682264][ T8355] post_alloc_hook+0x1c0/0x230 [ 305.728383][ T8355] get_page_from_freelist+0x132b/0x38e0 [ 305.787143][ T8355] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 305.846918][ T8355] alloc_pages_mpol+0x1fb/0x550 [ 305.885024][ T8355] new_slab+0x247/0x330 [ 305.911170][ T8355] ___slab_alloc+0xcf2/0x1740 [ 305.953701][ T8355] __slab_alloc.constprop.0+0x56/0xb0 [ 306.032100][ T8355] __kvmalloc_node_noprof+0x3b1/0x620 [ 306.043960][ T8355] open_substream+0x30c/0x990 [ 306.079583][ T8355] rawmidi_open_priv+0x543/0x6e0 [ 306.101673][ T8355] snd_rawmidi_open+0x4cc/0xbf0 [ 306.117721][ T8355] snd_open+0x22d/0x4c0 [ 306.135939][ T8355] chrdev_open+0x234/0x6a0 [ 306.146030][ T8355] do_dentry_open+0x982/0x1530 [ 306.156123][ T8355] vfs_open+0x82/0x3f0 [ 306.160249][ T8355] path_openat+0x1de4/0x2cb0 [ 306.175318][ T8355] page last free pid 5876 tgid 5876 stack trace: [ 306.190673][ T8355] __free_frozen_pages+0x7d5/0x10f0 [ 306.225708][ T8355] __put_partials+0x165/0x1c0 [ 306.234911][ T8355] qlist_free_all+0x4d/0x120 [ 306.247698][ T8355] kasan_quarantine_reduce+0x195/0x1e0 [ 306.263524][ T8355] __kasan_slab_alloc+0x69/0x90 [ 306.273657][ T8355] kmem_cache_alloc_noprof+0x1cb/0x3b0 [ 306.292163][ T8355] vm_area_dup+0x27/0x8d0 [ 306.317854][ T8355] dup_mmap+0x877/0x21d0 [ 306.337908][ T8355] copy_process+0x4081/0x7690 [ 306.348711][ T8355] kernel_clone+0xfc/0x930 [ 306.360698][ T8355] __do_sys_clone+0xce/0x120 [ 306.372176][ T8355] do_syscall_64+0xcd/0x490 [ 306.381140][ T8355] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 308.217032][ T8406] random: crng reseeded on system resumption [ 308.444423][ T8401] can0: slcan on ttyS2. [ 308.992477][ T8399] can0 (unregistered): slcan off ttyS2. [ 309.202081][ T5197] Trying to write to read-only block-device sda1 [ 311.033285][ T8438] FAULT_INJECTION: forcing a failure. [ 311.033285][ T8438] name failslab, interval 1, probability 0, space 0, times 0 [ 311.121201][ T8438] CPU: 1 UID: 0 PID: 8438 Comm: syz.2.492 Tainted: G U syzkaller #0 PREEMPT(full) [ 311.121234][ T8438] Tainted: [U]=USER [ 311.121241][ T8438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 311.121257][ T8438] Call Trace: [ 311.121263][ T8438] [ 311.121271][ T8438] dump_stack_lvl+0x16c/0x1f0 [ 311.121302][ T8438] should_fail_ex+0x512/0x640 [ 311.121331][ T8438] ? kmem_cache_alloc_lru_noprof+0x5f/0x3b0 [ 311.121359][ T8438] should_failslab+0xc2/0x120 [ 311.121387][ T8438] kmem_cache_alloc_lru_noprof+0x72/0x3b0 [ 311.121412][ T8438] ? __d_alloc+0x32/0xae0 [ 311.121440][ T8438] __d_alloc+0x32/0xae0 [ 311.121468][ T8438] d_alloc_pseudo+0x1c/0xc0 [ 311.121498][ T8438] alloc_file_pseudo+0xcf/0x230 [ 311.121530][ T8438] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 311.121562][ T8438] ? _raw_spin_unlock+0x28/0x50 [ 311.121584][ T8438] ? alloc_fd+0x471/0x7d0 [ 311.121607][ T8438] __anon_inode_getfile+0xe8/0x280 [ 311.121634][ T8438] anon_inode_getfd+0x52/0xb0 [ 311.121660][ T8438] map_create+0xca1/0x1f80 [ 311.121697][ T8438] ? __pfx_map_create+0x10/0x10 [ 311.121723][ T8438] ? __might_fault+0xe3/0x190 [ 311.121746][ T8438] ? __might_fault+0xe3/0x190 [ 311.121767][ T8438] ? __might_fault+0x13b/0x190 [ 311.121799][ T8438] __sys_bpf+0x44d2/0x4de0 [ 311.121827][ T8438] ? __pfx_futex_wake+0x10/0x10 [ 311.121859][ T8438] ? __pfx___sys_bpf+0x10/0x10 [ 311.121896][ T8438] ? ksys_write+0x190/0x250 [ 311.121923][ T8438] ? do_futex+0x122/0x350 [ 311.121949][ T8438] ? __pfx_do_futex+0x10/0x10 [ 311.121984][ T8438] ? fput+0x9b/0xd0 [ 311.122013][ T8438] ? xfd_validate_state+0x61/0x180 [ 311.122042][ T8438] ? __pfx_ksys_write+0x10/0x10 [ 311.122070][ T8438] __x64_sys_bpf+0x78/0xc0 [ 311.122100][ T8438] ? lockdep_hardirqs_on+0x7c/0x110 [ 311.122126][ T8438] do_syscall_64+0xcd/0x490 [ 311.122173][ T8438] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 311.122195][ T8438] RIP: 0033:0x7f37b258ebe9 [ 311.122211][ T8438] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 311.122231][ T8438] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 311.122272][ T8438] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 311.122285][ T8438] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000000 [ 311.122297][ T8438] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 311.122310][ T8438] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 311.122321][ T8438] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 311.122346][ T8438] [ 312.495039][ T6671] Bluetooth: hci3: unexpected event 0x0f length: 440 > 4 [ 312.495838][ T6671] Bluetooth: hci3: unexpected event for opcode 0x0010 [ 313.469298][ T8454] bond0: option all_slaves_active: invalid value () [ 315.660869][ T30] audit: type=1800 audit(6051290822.085:7): pid=8495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.502" name="dbroot" dev="configfs" ino=20270 res=0 errno=0 [ 316.556553][ T6671] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 316.565869][ T6671] Bluetooth: hci3: Injecting HCI hardware error event [ 316.574173][ T6671] Bluetooth: hci3: hardware error 0x00 [ 318.625878][ T6671] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 318.636824][ T8549] Console: switching to colour VGA+ 80x25 [ 319.381577][ T8553] Console: switching to colour frame buffer device 128x48 syzkaller syzkaller login: [ 322.412305][ T8576] vivid-003: ================= START STATUS ================= [ 322.512765][ T8576] vivid-003: Radio HW Seek Mode: Bounded [ 322.569258][ T8576] vivid-003: Radio Programmable HW Seek: false [ 322.621737][ T8576] vivid-003: RDS Rx I/O Mode: Block I/O [ 322.709274][ T8576] vivid-003: Generate RBDS Instead of RDS: false [ 322.752702][ T8576] vivid-003: RDS Reception: true [ 322.786550][ T8576] vivid-003: RDS Program Type: 0 inactive [ 322.792341][ T8576] vivid-003: RDS PS Name: inactive [ 323.008927][ T8576] vivid-003: RDS Radio Text: inactive [ 323.171968][ T8576] vivid-003: RDS Traffic Announcement: false inactive [ 323.362038][ T8576] vivid-003: RDS Traffic Program: false inactive [ 323.508326][ T8576] vivid-003: RDS Music: false inactive [ 323.706366][ T8576] vivid-003: ================== END STATUS ================== [ 326.426126][ T30] audit: type=1800 audit(6051290832.860:8): pid=8625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.527" name="features" dev="configfs" ino=20665 res=0 errno=0 [ 327.029244][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 327.035938][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 327.342735][ T8633] FAULT_INJECTION: forcing a failure. [ 327.342735][ T8633] name failslab, interval 1, probability 0, space 0, times 0 [ 327.403725][ T8633] CPU: 1 UID: 0 PID: 8633 Comm: syz.3.530 Tainted: G U syzkaller #0 PREEMPT(full) [ 327.403762][ T8633] Tainted: [U]=USER [ 327.403770][ T8633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 327.403784][ T8633] Call Trace: [ 327.403792][ T8633] [ 327.403800][ T8633] dump_stack_lvl+0x16c/0x1f0 [ 327.403839][ T8633] should_fail_ex+0x512/0x640 [ 327.403872][ T8633] ? __kmalloc_noprof+0xbf/0x510 [ 327.403902][ T8633] ? tbl_mask_array_alloc+0x38/0x160 [ 327.403925][ T8633] should_failslab+0xc2/0x120 [ 327.403956][ T8633] __kmalloc_noprof+0xd2/0x510 [ 327.403990][ T8633] tbl_mask_array_alloc+0x38/0x160 [ 327.404018][ T8633] ovs_flow_tbl_init+0x40/0x600 [ 327.404044][ T8633] ? kasan_save_track+0x14/0x30 [ 327.404074][ T8633] ovs_dp_cmd_new+0x251/0xe60 [ 327.404109][ T8633] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 327.404149][ T8633] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 327.404192][ T8633] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 327.404239][ T8633] genl_family_rcv_msg_doit+0x206/0x2f0 [ 327.404281][ T8633] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 327.404330][ T8633] ? bpf_lsm_capable+0x9/0x10 [ 327.404352][ T8633] ? security_capable+0x7e/0x260 [ 327.404377][ T8633] ? ns_capable+0xd7/0x110 [ 327.404405][ T8633] genl_rcv_msg+0x55c/0x800 [ 327.404446][ T8633] ? __pfx_genl_rcv_msg+0x10/0x10 [ 327.404484][ T8633] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 327.404523][ T8633] netlink_rcv_skb+0x155/0x420 [ 327.404556][ T8633] ? __pfx_genl_rcv_msg+0x10/0x10 [ 327.404595][ T8633] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 327.404641][ T8633] ? netlink_deliver_tap+0x1ae/0xd30 [ 327.404676][ T8633] genl_rcv+0x28/0x40 [ 327.404710][ T8633] netlink_unicast+0x5aa/0x870 [ 327.404766][ T8633] ? __pfx_netlink_unicast+0x10/0x10 [ 327.404799][ T8633] ? __pfx_netlink_autobind.isra.0+0x10/0x10 [ 327.404844][ T8633] ? __lock_acquire+0xb97/0x1ce0 [ 327.404900][ T8633] netlink_sendmsg+0x8d1/0xdd0 [ 327.404936][ T8633] ? __pfx_netlink_sendmsg+0x10/0x10 [ 327.404972][ T8633] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 327.405002][ T8633] ____sys_sendmsg+0xa95/0xc70 [ 327.405024][ T8633] ? copy_msghdr_from_user+0x10a/0x160 [ 327.405055][ T8633] ? __pfx_____sys_sendmsg+0x10/0x10 [ 327.405090][ T8633] ___sys_sendmsg+0x134/0x1d0 [ 327.405119][ T8633] ? futex_private_hash_put+0x176/0x300 [ 327.405153][ T8633] ? __pfx____sys_sendmsg+0x10/0x10 [ 327.405184][ T8633] ? futex_private_hash_put+0x18a/0x300 [ 327.405235][ T8633] ? do_futex+0x122/0x350 [ 327.405269][ T8633] __sys_sendmsg+0x16d/0x220 [ 327.405301][ T8633] ? __pfx___sys_sendmsg+0x10/0x10 [ 327.405332][ T8633] ? __x64_sys_futex+0x1e0/0x4c0 [ 327.405378][ T8633] do_syscall_64+0xcd/0x490 [ 327.405411][ T8633] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 327.405434][ T8633] RIP: 0033:0x7f46af98ebe9 [ 327.405452][ T8633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 327.405474][ T8633] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 327.405495][ T8633] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 327.405510][ T8633] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000004 [ 327.405524][ T8633] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 327.405538][ T8633] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 327.405551][ T8633] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 327.405580][ T8633] [ 327.753032][ C1] vkms_vblank_simulate: vblank timer overrun [ 331.495369][ T8670] FAULT_INJECTION: forcing a failure. [ 331.495369][ T8670] name failslab, interval 1, probability 0, space 0, times 0 [ 331.495458][ T8670] CPU: 1 UID: 0 PID: 8670 Comm: syz.3.538 Tainted: G U syzkaller #0 PREEMPT(full) [ 331.495488][ T8670] Tainted: [U]=USER [ 331.495494][ T8670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 331.495507][ T8670] Call Trace: [ 331.495513][ T8670] [ 331.495521][ T8670] dump_stack_lvl+0x16c/0x1f0 [ 331.495553][ T8670] should_fail_ex+0x512/0x640 [ 331.495583][ T8670] ? kmem_cache_alloc_node_noprof+0x5e/0x3b0 [ 331.495632][ T8670] should_failslab+0xc2/0x120 [ 331.495663][ T8670] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 331.495691][ T8670] ? alloc_unbound_pwq+0x3ff/0xe10 [ 331.495720][ T8670] alloc_unbound_pwq+0x3ff/0xe10 [ 331.495752][ T8670] apply_wqattrs_prepare+0x3af/0xbd0 [ 331.495788][ T8670] apply_workqueue_attrs_locked+0x64/0xe0 [ 331.495815][ T8670] __alloc_workqueue+0xf41/0x1810 [ 331.495850][ T8670] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 331.495881][ T8670] alloc_workqueue_noprof+0xd2/0x200 [ 331.495911][ T8670] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 331.495950][ T8670] ? __pfx___debug_object_init+0x10/0x10 [ 331.495982][ T8670] nci_register_device+0x511/0xb80 [ 331.496010][ T8670] ? __pfx_nci_register_device+0x10/0x10 [ 331.496040][ T8670] ? lockdep_init_map_type+0x5c/0x280 [ 331.496077][ T8670] virtual_ncidev_open+0x141/0x220 [ 331.496104][ T8670] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 331.496129][ T8670] misc_open+0x35d/0x420 [ 331.496153][ T8670] ? __pfx_misc_open+0x10/0x10 [ 331.496185][ T8670] chrdev_open+0x234/0x6a0 [ 331.496215][ T8670] ? __pfx_apparmor_file_open+0x10/0x10 [ 331.496241][ T8670] ? __pfx_chrdev_open+0x10/0x10 [ 331.496272][ T8670] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 331.496305][ T8670] do_dentry_open+0x982/0x1530 [ 331.496334][ T8670] ? __pfx_chrdev_open+0x10/0x10 [ 331.496369][ T8670] vfs_open+0x82/0x3f0 [ 331.496407][ T8670] path_openat+0x1de4/0x2cb0 [ 331.496443][ T8670] ? __pfx_path_openat+0x10/0x10 [ 331.496478][ T8670] do_filp_open+0x20b/0x470 [ 331.496506][ T8670] ? __pfx_do_filp_open+0x10/0x10 [ 331.496554][ T8670] ? alloc_fd+0x471/0x7d0 [ 331.496586][ T8670] do_sys_openat2+0x11b/0x1d0 [ 331.496621][ T8670] ? __pfx_do_sys_openat2+0x10/0x10 [ 331.496668][ T8670] __x64_sys_openat+0x174/0x210 [ 331.496704][ T8670] ? __pfx___x64_sys_openat+0x10/0x10 [ 331.496753][ T8670] do_syscall_64+0xcd/0x490 [ 331.496787][ T8670] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 331.496809][ T8670] RIP: 0033:0x7f46af98ebe9 [ 331.496827][ T8670] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 331.496848][ T8670] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 331.496869][ T8670] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 331.496883][ T8670] RDX: 0000000000000002 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 331.496897][ T8670] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 331.496911][ T8670] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 331.496924][ T8670] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 331.496953][ T8670] [ 332.149563][ T8676] netlink: 186 bytes leftover after parsing attributes in process `syz.0.540'. [ 333.490128][ T8675] tty tty51: ldisc open failed (-12), clearing slot 50 [ 333.527182][ T8665] pty pty6: ldisc open failed (-12), clearing slot 6 [ 333.857488][ T8702] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 333.932198][ T8704] netlink: 146 bytes leftover after parsing attributes in process `syz.2.545'. [ 334.758046][ T8704] netlink: 186 bytes leftover after parsing attributes in process `syz.2.545'. [ 334.907498][ T8704] netlink: 146 bytes leftover after parsing attributes in process `syz.2.545'. [ 336.416091][ T8724] FAULT_INJECTION: forcing a failure. [ 336.416091][ T8724] name failslab, interval 1, probability 0, space 0, times 0 [ 336.482109][ T8724] CPU: 1 UID: 0 PID: 8724 Comm: syz.2.549 Tainted: G U syzkaller #0 PREEMPT(full) [ 336.482140][ T8724] Tainted: [U]=USER [ 336.482147][ T8724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 336.482159][ T8724] Call Trace: [ 336.482165][ T8724] [ 336.482172][ T8724] dump_stack_lvl+0x16c/0x1f0 [ 336.482205][ T8724] should_fail_ex+0x512/0x640 [ 336.482234][ T8724] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 336.482258][ T8724] should_failslab+0xc2/0x120 [ 336.482285][ T8724] __kmalloc_cache_noprof+0x6a/0x3e0 [ 336.482304][ T8724] ? __asan_memcpy+0x3c/0x60 [ 336.482325][ T8724] ? ip_vs_protocol_net_init+0xbe/0x300 [ 336.482360][ T8724] ip_vs_protocol_net_init+0xbe/0x300 [ 336.482394][ T8724] __ip_vs_init+0x239/0x520 [ 336.482418][ T8724] ? __pfx___ip_vs_init+0x10/0x10 [ 336.482440][ T8724] ops_init+0x1e2/0x5f0 [ 336.482472][ T8724] setup_net+0x10f/0x380 [ 336.482498][ T8724] ? lockdep_init_map_type+0x5c/0x280 [ 336.482527][ T8724] ? __pfx_setup_net+0x10/0x10 [ 336.482557][ T8724] ? debug_mutex_init+0x37/0x70 [ 336.482580][ T8724] copy_net_ns+0x2a6/0x5f0 [ 336.482613][ T8724] create_new_namespaces+0x3ea/0xa90 [ 336.482642][ T8724] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 336.482668][ T8724] ksys_unshare+0x45b/0xa40 [ 336.482696][ T8724] ? __pfx_ksys_unshare+0x10/0x10 [ 336.482725][ T8724] ? xfd_validate_state+0x61/0x180 [ 336.482762][ T8724] __x64_sys_unshare+0x31/0x40 [ 336.482797][ T8724] do_syscall_64+0xcd/0x490 [ 336.482827][ T8724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.482848][ T8724] RIP: 0033:0x7f37b258ebe9 [ 336.482864][ T8724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.482884][ T8724] RSP: 002b:00007f37b3368038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 336.482903][ T8724] RAX: ffffffffffffffda RBX: 00007f37b27b5fa0 RCX: 00007f37b258ebe9 [ 336.482917][ T8724] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 336.482928][ T8724] RBP: 00007f37b2611e19 R08: 0000000000000000 R09: 0000000000000000 [ 336.482941][ T8724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.482953][ T8724] R13: 00007f37b27b6038 R14: 00007f37b27b5fa0 R15: 00007ffcfb1d3938 [ 336.482978][ T8724] [ 337.182454][ T8731] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 337.234962][ T8733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 337.308071][ T8735] ecryptfs_miscdev_write: Invalid packet size [111] [ 337.348289][ T8733] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 338.136177][ T6680] Trying to write to read-only block-device sda [ 339.449586][ T8771] netlink: 4 bytes leftover after parsing attributes in process `syz.1.557'. [ 339.593240][ T8780] netlink: 354 bytes leftover after parsing attributes in process `syz.1.557'. [ 339.874254][ T8770] 0x000200000001-0xa29656a63616329 : "" [ 339.906992][ T8770] mtd: partition "" is out of reach -- disabled [ 339.972279][ T8770] ftl_cs: FTL header not found. [ 342.773118][ T8811] : Can't lookup blockdev [ 344.217694][ T30] audit: type=1326 audit(6051290850.659:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8828 comm="syz.0.569" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f7e7b38ebe9 code=0x0 [ 345.192888][ T8844] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 347.174310][ T8860] FAULT_INJECTION: forcing a failure. [ 347.174310][ T8860] name failslab, interval 1, probability 0, space 0, times 0 [ 347.251251][ T8860] CPU: 1 UID: 0 PID: 8860 Comm: syz.0.575 Tainted: G U syzkaller #0 PREEMPT(full) [ 347.251289][ T8860] Tainted: [U]=USER [ 347.251296][ T8860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 347.251309][ T8860] Call Trace: [ 347.251316][ T8860] [ 347.251324][ T8860] dump_stack_lvl+0x16c/0x1f0 [ 347.251358][ T8860] should_fail_ex+0x512/0x640 [ 347.251392][ T8860] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 347.251426][ T8860] should_failslab+0xc2/0x120 [ 347.251455][ T8860] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 347.251484][ T8860] ? rhashtable_init_noprof+0x4ed/0x7e0 [ 347.251515][ T8860] ? rhashtable_init_noprof+0x55e/0x7e0 [ 347.251546][ T8860] ? ipv6_frags_init_net+0x111/0x350 [ 347.251571][ T8860] kmemdup_noprof+0x29/0x60 [ 347.251599][ T8860] ipv6_frags_init_net+0x111/0x350 [ 347.251621][ T8860] ? __pfx_ipv6_frags_init_net+0x10/0x10 [ 347.251641][ T8860] ops_init+0x1e2/0x5f0 [ 347.251675][ T8860] setup_net+0x10f/0x380 [ 347.251704][ T8860] ? lockdep_init_map_type+0x5c/0x280 [ 347.251736][ T8860] ? __pfx_setup_net+0x10/0x10 [ 347.251769][ T8860] ? debug_mutex_init+0x37/0x70 [ 347.251793][ T8860] copy_net_ns+0x2a6/0x5f0 [ 347.251837][ T8860] create_new_namespaces+0x3ea/0xa90 [ 347.251868][ T8860] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 347.251896][ T8860] ksys_unshare+0x45b/0xa40 [ 347.251927][ T8860] ? __pfx_ksys_unshare+0x10/0x10 [ 347.251958][ T8860] ? xfd_validate_state+0x61/0x180 [ 347.251998][ T8860] __x64_sys_unshare+0x31/0x40 [ 347.252027][ T8860] do_syscall_64+0xcd/0x490 [ 347.252059][ T8860] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 347.252083][ T8860] RIP: 0033:0x7f7e7b38ebe9 [ 347.252100][ T8860] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 347.252121][ T8860] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 347.252141][ T8860] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 347.252156][ T8860] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 347.252169][ T8860] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 347.252182][ T8860] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 347.252196][ T8860] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 347.252223][ T8860] [ 348.296871][ T8865] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.576: iget: checksum invalid [ 348.342113][ T8865] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 348.402414][ T8865] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.576: iget: checksum invalid [ 348.444365][ T8865] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 348.482933][ T8865] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.576: iget: checksum invalid [ 348.539142][ T8865] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 348.604859][ T8865] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.3.576: iget: checksum invalid [ 348.658358][ T8865] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 348.734753][ T8865] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 348.789227][ T8865] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 354.513634][ T8943] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(1) [ 360.037717][ T9038] deleting an unspecified loop device is not supported. [ 360.614950][ T9042] input: f as /devices/virtual/input/input13 [ 365.821600][ T9121] input: f as /devices/virtual/input/input14 [ 366.717061][ T9137] netlink: 28 bytes leftover after parsing attributes in process `syz.3.616'. [ 368.762865][ T9137] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 368.988162][ T9137] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 369.181901][ T9137] bond0 (unregistering): Released all slaves [ 370.588275][ T9188] bridge0: port 3(team0) entered blocking state [ 370.680914][ T9168] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 370.687482][ T9168] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 370.712683][ T9188] bridge0: port 3(team0) entered disabled state [ 370.719155][ T9188] team0: entered allmulticast mode [ 370.739788][ T9168] CPU0 is offline. [ 370.789730][ T9188] team_slave_0: entered allmulticast mode [ 370.811887][ T9188] team_slave_1: entered allmulticast mode [ 370.852932][ T9188] team0: entered promiscuous mode [ 370.858081][ T9188] team_slave_0: entered promiscuous mode [ 370.918510][ T9188] team_slave_1: entered promiscuous mode [ 370.939844][ T9188] bridge0: port 3(team0) entered blocking state [ 370.946628][ T9188] bridge0: port 3(team0) entered forwarding state [ 371.316061][ T9200] usb usb28: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 371.384015][ T9200] FAULT_INJECTION: forcing a failure. [ 371.384015][ T9200] name failslab, interval 1, probability 0, space 0, times 0 [ 371.543727][ T9200] CPU: 1 UID: 0 PID: 9200 Comm: syz.3.622 Tainted: G U syzkaller #0 PREEMPT(full) [ 371.543765][ T9200] Tainted: [U]=USER [ 371.543772][ T9200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 371.543786][ T9200] Call Trace: [ 371.543795][ T9200] [ 371.543803][ T9200] dump_stack_lvl+0x16c/0x1f0 [ 371.543839][ T9200] should_fail_ex+0x512/0x640 [ 371.543873][ T9200] ? __kmalloc_noprof+0xbf/0x510 [ 371.543903][ T9200] ? __netlink_kernel_create+0x17f/0x750 [ 371.543936][ T9200] should_failslab+0xc2/0x120 [ 371.543968][ T9200] __kmalloc_noprof+0xd2/0x510 [ 371.544002][ T9200] __netlink_kernel_create+0x17f/0x750 [ 371.544038][ T9200] ? __pfx___netlink_kernel_create+0x10/0x10 [ 371.544080][ T9200] rtnetlink_net_init+0xb9/0x140 [ 371.544109][ T9200] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 371.544138][ T9200] ? lockdep_init_map_type+0x5c/0x280 [ 371.544178][ T9200] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 371.544205][ T9200] ? __pfx_rtnetlink_bind+0x10/0x10 [ 371.544233][ T9200] ? lockdep_init_map_type+0x5c/0x280 [ 371.544267][ T9200] ? debug_mutex_init+0x37/0x70 [ 371.544292][ T9200] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 371.544319][ T9200] ops_init+0x1e2/0x5f0 [ 371.544356][ T9200] setup_net+0x10f/0x380 [ 371.544387][ T9200] ? lockdep_init_map_type+0x5c/0x280 [ 371.544425][ T9200] ? __pfx_setup_net+0x10/0x10 [ 371.544463][ T9200] ? debug_mutex_init+0x37/0x70 [ 371.544490][ T9200] copy_net_ns+0x2a6/0x5f0 [ 371.544530][ T9200] create_new_namespaces+0x3ea/0xa90 [ 371.544564][ T9200] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 371.544595][ T9200] ksys_unshare+0x45b/0xa40 [ 371.544628][ T9200] ? __pfx_ksys_unshare+0x10/0x10 [ 371.544662][ T9200] ? xfd_validate_state+0x61/0x180 [ 371.544707][ T9200] __x64_sys_unshare+0x31/0x40 [ 371.544739][ T9200] do_syscall_64+0xcd/0x490 [ 371.544788][ T9200] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 371.544813][ T9200] RIP: 0033:0x7f46af98ebe9 [ 371.544831][ T9200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 371.544853][ T9200] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 371.544874][ T9200] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 371.544889][ T9200] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 371.544914][ T9200] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 371.544927][ T9200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 371.544940][ T9200] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 371.544967][ T9200] [ 372.703159][ T6678] Bluetooth: hci2: unexpected event 0x3e length: 508 > 260 [ 372.703190][ T6678] Bluetooth: hci2: unexpected subevent 0x02 length: 507 > 260 [ 372.720132][ T6678] Bluetooth: hci2: Dropping invalid advertising data [ 372.727317][ T6678] Bluetooth: hci2: unknown advertising packet type: 0xe9 [ 372.727344][ T6678] Bluetooth: hci2: Dropping invalid advertising data [ 372.743051][ T6678] Bluetooth: hci2: Malformed LE Event: 0x02 [ 372.759018][ T6671] Bluetooth: hci0: command 0x0c1a tx timeout [ 372.765092][ T6678] Bluetooth: hci2: command 0x0c1a tx timeout [ 372.862624][ T9212] usb usb23: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 373.002764][ T30] audit: type=1326 audit(6051290879.454:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9217 comm="syz.2.627" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f37b258ebe9 code=0x0 [ 373.287637][ T9229] netlink: 354 bytes leftover after parsing attributes in process `syz.1.628'. [ 373.811268][ T9237] netlink: 4 bytes leftover after parsing attributes in process `syz.1.630'. [ 378.304115][ T9297] FAULT_INJECTION: forcing a failure. [ 378.304115][ T9297] name failslab, interval 1, probability 0, space 0, times 0 [ 378.416085][ T9297] CPU: 1 UID: 0 PID: 9297 Comm: syz.0.642 Tainted: G U syzkaller #0 PREEMPT(full) [ 378.416124][ T9297] Tainted: [U]=USER [ 378.416132][ T9297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 378.416147][ T9297] Call Trace: [ 378.416154][ T9297] [ 378.416163][ T9297] dump_stack_lvl+0x16c/0x1f0 [ 378.416199][ T9297] should_fail_ex+0x512/0x640 [ 378.416234][ T9297] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 378.416263][ T9297] should_failslab+0xc2/0x120 [ 378.416295][ T9297] __kmalloc_cache_noprof+0x6a/0x3e0 [ 378.416321][ T9297] ? fib6_net_init+0x3f9/0xb20 [ 378.416375][ T9297] fib6_net_init+0x3f9/0xb20 [ 378.416413][ T9297] ? __pfx_fib6_net_init+0x10/0x10 [ 378.416449][ T9297] ops_init+0x1e2/0x5f0 [ 378.416497][ T9297] setup_net+0x10f/0x380 [ 378.416525][ T9297] ? lockdep_init_map_type+0x5c/0x280 [ 378.416556][ T9297] ? __pfx_setup_net+0x10/0x10 [ 378.416588][ T9297] ? debug_mutex_init+0x37/0x70 [ 378.416612][ T9297] copy_net_ns+0x2a6/0x5f0 [ 378.416648][ T9297] create_new_namespaces+0x3ea/0xa90 [ 378.416679][ T9297] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 378.416713][ T9297] ksys_unshare+0x45b/0xa40 [ 378.416744][ T9297] ? __pfx_ksys_unshare+0x10/0x10 [ 378.416775][ T9297] ? xfd_validate_state+0x61/0x180 [ 378.416816][ T9297] __x64_sys_unshare+0x31/0x40 [ 378.416845][ T9297] do_syscall_64+0xcd/0x490 [ 378.416877][ T9297] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.416901][ T9297] RIP: 0033:0x7f7e7b38ebe9 [ 378.416918][ T9297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 378.416940][ T9297] RSP: 002b:00007f7e7c165038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 378.416960][ T9297] RAX: ffffffffffffffda RBX: 00007f7e7b5b5fa0 RCX: 00007f7e7b38ebe9 [ 378.416974][ T9297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 378.416988][ T9297] RBP: 00007f7e7b411e19 R08: 0000000000000000 R09: 0000000000000000 [ 378.417002][ T9297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.417034][ T9297] R13: 00007f7e7b5b6038 R14: 00007f7e7b5b5fa0 R15: 00007ffdada38168 [ 378.417063][ T9297] [ 378.639310][ C1] vkms_vblank_simulate: vblank timer overrun [ 379.299104][ T9304] random: crng reseeded on system resumption [ 379.374703][ T9306] netlink: 4 bytes leftover after parsing attributes in process `syz.2.645'. [ 379.451855][ T9306] netlink: 354 bytes leftover after parsing attributes in process `syz.2.645'. [ 380.001221][ T30] audit: type=1800 audit(4294967301.729:11): pid=9313 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=23235 res=0 errno=0 [ 380.088828][ T9315] can: request_module (can-proto-3) failed. [ 383.741306][ T9376] netlink: 8 bytes leftover after parsing attributes in process `syz.0.659'. [ 383.765607][ T9365] vivid-003: ================= START STATUS ================= [ 383.805308][ T9365] vivid-003: Radio HW Seek Mode: Bounded [ 383.834829][ T9365] vivid-003: Radio Programmable HW Seek: false [ 383.868072][ T9365] vivid-003: RDS Rx I/O Mode: Block I/O [ 383.900902][ T9365] vivid-003: Generate RBDS Instead of RDS: false [ 383.972912][ T9365] vivid-003: RDS Reception: true [ 384.081074][ T9365] vivid-003: RDS Program Type: 0 inactive [ 384.213624][ T9365] vivid-003: RDS PS Name: inactive [ 384.345247][ T9365] vivid-003: RDS Radio Text: inactive [ 384.542806][ T9365] vivid-003: RDS Traffic Announcement: false inactive [ 384.748235][ T9365] vivid-003: RDS Traffic Program: false inactive [ 384.982016][ T9365] vivid-003: RDS Music: false inactive [ 385.086088][ T9365] vivid-003: ================== END STATUS ================== [ 385.929046][ T9411] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 386.370177][ T9413] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.664: iget: checksum invalid [ 386.532268][ T9413] faux_driver regulatory: loading /lib/firmware/updates/syzkaller/regulatory.db failed with error -74 [ 386.720418][ T9413] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.664: iget: checksum invalid [ 386.852458][ T9413] faux_driver regulatory: loading /lib/firmware/updates/regulatory.db failed with error -74 [ 386.863119][ T9432] ima: policy update failed [ 386.880249][ T30] audit: type=1802 audit(4294967308.595:12): pid=9432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.667" res=0 errno=0 [ 386.960971][ T9413] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.664: iget: checksum invalid [ 386.992556][ T9432] netlink: 25 bytes leftover after parsing attributes in process `syz.0.667'. [ 387.048580][ T9413] faux_driver regulatory: loading /lib/firmware/syzkaller/regulatory.db failed with error -74 [ 387.048756][ T9413] EXT4-fs error (device sda1): ext4_lookup:1787: inode #274: comm syz.1.664: iget: checksum invalid [ 387.048918][ T9413] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -74 [ 387.048950][ T9413] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -74 [ 387.048971][ T9413] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 388.450336][ T1305] ieee802154 phy0 wpan0: encryption failed: -22 [ 388.456778][ T1305] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.166620][ T9466] ================================================================== [ 389.166635][ T9466] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 389.166664][ T9466] Write of size 8 at addr ffffc90003769be0 by task syz.3.674/9466 [ 389.166683][ T9466] [ 389.166695][ T9466] CPU: 1 UID: 0 PID: 9466 Comm: syz.3.674 Tainted: G U syzkaller #0 PREEMPT(full) [ 389.166728][ T9466] Tainted: [U]=USER [ 389.166736][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 389.166750][ T9466] Call Trace: [ 389.166757][ T9466] [ 389.166766][ T9466] dump_stack_lvl+0x116/0x1f0 [ 389.166797][ T9466] print_report+0xcd/0x630 [ 389.166828][ T9466] ? __virt_addr_valid+0x81/0x610 [ 389.166859][ T9466] ? sys_imageblit+0x1a6f/0x1e60 [ 389.166880][ T9466] kasan_report+0xe0/0x110 [ 389.166911][ T9466] ? sys_imageblit+0x1a6f/0x1e60 [ 389.166936][ T9466] sys_imageblit+0x1a6f/0x1e60 [ 389.166968][ T9466] ? __bfs+0x148/0x290 [ 389.166993][ T9466] ? __pfx_sys_imageblit+0x10/0x10 [ 389.167016][ T9466] ? check_irq_usage+0xcb/0x920 [ 389.167052][ T9466] ? check_path.constprop.0+0x24/0x50 [ 389.167080][ T9466] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 389.167113][ T9466] bit_putcs+0x90f/0xde0 [ 389.167151][ T9466] ? __pfx_bit_putcs+0x10/0x10 [ 389.167185][ T9466] ? fb_get_color_depth+0x120/0x250 [ 389.167214][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.167251][ T9466] ? __pfx_bit_putcs+0x10/0x10 [ 389.167281][ T9466] fbcon_putcs+0x384/0x4a0 [ 389.167310][ T9466] do_update_region+0x2e6/0x3f0 [ 389.167334][ T9466] invert_screen+0x1e4/0x590 [ 389.167365][ T9466] ? __pfx_invert_screen+0x10/0x10 [ 389.167394][ T9466] ? __pfx_complement_pos+0x10/0x10 [ 389.167424][ T9466] ? mark_held_locks+0x49/0x80 [ 389.167457][ T9466] set_selection_kernel+0xd23/0x14a0 [ 389.167497][ T9466] ? bpf_lsm_capable+0x9/0x10 [ 389.167517][ T9466] ? security_capable+0x7e/0x260 [ 389.167558][ T9466] set_selection_user+0xe8/0x140 [ 389.167584][ T9466] ? __pfx_set_selection_user+0x10/0x10 [ 389.167612][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.167647][ T9466] tioclinux+0x2b1/0x640 [ 389.167679][ T9466] vt_ioctl+0x1fdf/0x30a0 [ 389.167699][ T9466] ? lockdep_hardirqs_on+0x7c/0x110 [ 389.167730][ T9466] ? __pfx_vt_ioctl+0x10/0x10 [ 389.167752][ T9466] ? tomoyo_path_number_perm+0x295/0x580 [ 389.167795][ T9466] ? tomoyo_path_number_perm+0x18d/0x580 [ 389.167824][ T9466] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 389.167853][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.167891][ T9466] ? tty_jobctrl_ioctl+0x152/0xe00 [ 389.167934][ T9466] ? __pfx_vt_ioctl+0x10/0x10 [ 389.167955][ T9466] tty_ioctl+0x661/0x1680 [ 389.168019][ T9466] ? __pfx_tty_ioctl+0x10/0x10 [ 389.168059][ T9466] ? find_held_lock+0x2b/0x80 [ 389.168081][ T9466] ? hook_file_ioctl_common+0x145/0x410 [ 389.168119][ T9466] ? __fget_files+0x20e/0x3c0 [ 389.168150][ T9466] ? __pfx_tty_ioctl+0x10/0x10 [ 389.168183][ T9466] __x64_sys_ioctl+0x18e/0x210 [ 389.168227][ T9466] do_syscall_64+0xcd/0x490 [ 389.168261][ T9466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.168285][ T9466] RIP: 0033:0x7f46af98ebe9 [ 389.168303][ T9466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.168327][ T9466] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.168349][ T9466] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 389.168365][ T9466] RDX: 0000000000000000 RSI: 000000000000541c RDI: 0000000000000001 [ 389.168380][ T9466] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 389.168395][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 389.168409][ T9466] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 389.168432][ T9466] [ 389.168440][ T9466] [ 389.168446][ T9466] The buggy address belongs to a vmalloc virtual mapping [ 389.168463][ T9466] Memory state around the buggy address: [ 389.168481][ T9466] ffffc90003769a80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 389.168499][ T9466] ffffc90003769b00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 389.168516][ T9466] >ffffc90003769b80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 389.168529][ T9466] ^ [ 389.168543][ T9466] ffffc90003769c00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 389.168559][ T9466] ffffc90003769c80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 389.168573][ T9466] ================================================================== [ 389.168585][ T9466] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 389.168602][ T9466] CPU: 1 UID: 0 PID: 9466 Comm: syz.3.674 Tainted: G U syzkaller #0 PREEMPT(full) [ 389.168635][ T9466] Tainted: [U]=USER [ 389.168644][ T9466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 389.168658][ T9466] Call Trace: [ 389.168665][ T9466] [ 389.168674][ T9466] dump_stack_lvl+0x3d/0x1f0 [ 389.168705][ T9466] vpanic+0x6e8/0x7a0 [ 389.168739][ T9466] ? __pfx_vpanic+0x10/0x10 [ 389.168773][ T9466] ? __pfx_vprintk_emit+0x10/0x10 [ 389.168801][ T9466] ? sys_imageblit+0x1a6f/0x1e60 [ 389.168822][ T9466] panic+0xca/0xd0 [ 389.168858][ T9466] ? __pfx_panic+0x10/0x10 [ 389.168901][ T9466] check_panic_on_warn+0xab/0xb0 [ 389.168938][ T9466] end_report+0x107/0x170 [ 389.168975][ T9466] kasan_report+0xee/0x110 [ 389.169007][ T9466] ? sys_imageblit+0x1a6f/0x1e60 [ 389.169033][ T9466] sys_imageblit+0x1a6f/0x1e60 [ 389.169059][ T9466] ? __bfs+0x148/0x290 [ 389.169083][ T9466] ? __pfx_sys_imageblit+0x10/0x10 [ 389.169108][ T9466] ? check_irq_usage+0xcb/0x920 [ 389.169143][ T9466] ? check_path.constprop.0+0x24/0x50 [ 389.169173][ T9466] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 389.169207][ T9466] bit_putcs+0x90f/0xde0 [ 389.169252][ T9466] ? __pfx_bit_putcs+0x10/0x10 [ 389.169300][ T9466] ? fb_get_color_depth+0x120/0x250 [ 389.169328][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.169376][ T9466] ? __pfx_bit_putcs+0x10/0x10 [ 389.169408][ T9466] fbcon_putcs+0x384/0x4a0 [ 389.169436][ T9466] do_update_region+0x2e6/0x3f0 [ 389.169458][ T9466] invert_screen+0x1e4/0x590 [ 389.169487][ T9466] ? __pfx_invert_screen+0x10/0x10 [ 389.169515][ T9466] ? __pfx_complement_pos+0x10/0x10 [ 389.169543][ T9466] ? mark_held_locks+0x49/0x80 [ 389.169574][ T9466] set_selection_kernel+0xd23/0x14a0 [ 389.169600][ T9466] ? bpf_lsm_capable+0x9/0x10 [ 389.169620][ T9466] ? security_capable+0x7e/0x260 [ 389.169643][ T9466] set_selection_user+0xe8/0x140 [ 389.169668][ T9466] ? __pfx_set_selection_user+0x10/0x10 [ 389.169695][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.169729][ T9466] tioclinux+0x2b1/0x640 [ 389.169766][ T9466] vt_ioctl+0x1fdf/0x30a0 [ 389.169786][ T9466] ? lockdep_hardirqs_on+0x7c/0x110 [ 389.169816][ T9466] ? __pfx_vt_ioctl+0x10/0x10 [ 389.169837][ T9466] ? tomoyo_path_number_perm+0x295/0x580 [ 389.169866][ T9466] ? tomoyo_path_number_perm+0x18d/0x580 [ 389.169894][ T9466] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 389.169923][ T9466] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 389.169956][ T9466] ? tty_jobctrl_ioctl+0x152/0xe00 [ 389.169984][ T9466] ? __pfx_vt_ioctl+0x10/0x10 [ 389.170004][ T9466] tty_ioctl+0x661/0x1680 [ 389.170033][ T9466] ? __pfx_tty_ioctl+0x10/0x10 [ 389.170066][ T9466] ? find_held_lock+0x2b/0x80 [ 389.170086][ T9466] ? hook_file_ioctl_common+0x145/0x410 [ 389.170117][ T9466] ? __fget_files+0x20e/0x3c0 [ 389.170152][ T9466] ? __pfx_tty_ioctl+0x10/0x10 [ 389.170182][ T9466] __x64_sys_ioctl+0x18e/0x210 [ 389.170217][ T9466] do_syscall_64+0xcd/0x490 [ 389.170248][ T9466] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 389.170270][ T9466] RIP: 0033:0x7f46af98ebe9 [ 389.170285][ T9466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 389.170307][ T9466] RSP: 002b:00007f46b07d3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 389.170327][ T9466] RAX: ffffffffffffffda RBX: 00007f46afbb5fa0 RCX: 00007f46af98ebe9 [ 389.170342][ T9466] RDX: 0000000000000000 RSI: 000000000000541c RDI: 0000000000000001 [ 389.170355][ T9466] RBP: 00007f46afa11e19 R08: 0000000000000000 R09: 0000000000000000 [ 389.170374][ T9466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 389.170387][ T9466] R13: 00007f46afbb6038 R14: 00007f46afbb5fa0 R15: 00007fff22d41fd8 [ 389.170412][ T9466] [ 389.170473][ T9466] Kernel Offset: disabled