last executing test programs: 9.268563379s ago: executing program 2 (id=3242): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x20000008000) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 8.368893627s ago: executing program 0 (id=3245): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 8.368280904s ago: executing program 1 (id=3246): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 7.443675049s ago: executing program 3 (id=3247): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 7.439602119s ago: executing program 2 (id=3255): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 6.785818786s ago: executing program 0 (id=3248): write$auto(0xffffffffffffffff, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x20000008000) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r2) write$auto(r0, 0x0, 0x100000a3d9) 6.348697929s ago: executing program 1 (id=3249): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 6.126252793s ago: executing program 3 (id=3250): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 5.410587252s ago: executing program 0 (id=3251): r0 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r1 = getpid() r2 = gettid() r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$auto_lowpan_enable_fops_(r3, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 5.407530399s ago: executing program 2 (id=3260): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x20042, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0x202, 0x0) mmap$auto(0x0, 0x7, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0xca, 0x0, 0x1ff) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv6/neigh/bond_slave_1/proxy_qlen\x00', 0x40001, 0x0) mmap$auto(0x9, 0x20007, 0xffffffffffff7fff, 0xeb1, 0xfffffffffffffffd, 0x40000007ffe) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/fs/xfs/panic_mask\x00', 0xa0202, 0x0) bpf$auto(0x0, &(0x7f00000001c0)=@bpf_attr_4={0x12, 0x1, 0xa6, r0}, 0x6f4) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8094}, 0x40000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) bind$auto(0x3, &(0x7f0000000140)=@in={0x2, 0x3, @empty}, 0x6a) fsconfig$auto_HIDEPID_OFF(0xffffffffffffffff, 0x3ff, &(0x7f0000000280)='/sys/devices/virtual/net/nr12/address\x00', &(0x7f0000000380)="d06dcecd5b21824cba9e7ba66a3bc2fb9a1edf72dd77bb162f6c2df60e4417e2a9d33deb35d03f15a78958adc02a2a57bda02db8f9e74d", 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, 0x0, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) open(&(0x7f0000000200)='./file0\x00', 0x274441, 0xc4) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) eventfd$auto(0x8e) openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x22a40, 0x0) socket(0x2, 0x801, 0x100) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/platform/vkms/drm/card1/card1-Virtual-1/status\x00', 0x20b42, 0x0) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x21f}, 0x800000007) lsm_set_self_attr$auto(0xb143, &(0x7f00000003c0)={0x1, 0x5, 0x8, 0x40, "f2ce3f6e0feb23d329c1a44c6022428afde1187129a829f8f25f2ba45ce7c1a942f3d722706c26f4585d0f3a95db554033b3cdbfc86b0abd30ce488dfa7e887a"}, 0xc, 0x3) ioperm$auto(0x7, 0x6, 0x2) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) syz_clone3(&(0x7f0000000300)={0x2d022000, 0x0, 0x0, 0x0, {0x23}, 0x0, 0x0, 0x0, 0x0}, 0x58) 5.100707546s ago: executing program 1 (id=3252): r0 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r1 = getpid() r2 = gettid() r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$auto_lowpan_enable_fops_(r3, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 5.100558373s ago: executing program 2 (id=3253): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 4.256243315s ago: executing program 3 (id=3254): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 4.255433123s ago: executing program 0 (id=3264): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, 0x0, 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x20000008000) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 2.366124819s ago: executing program 3 (id=3256): r0 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r1 = getpid() r2 = gettid() r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$auto_lowpan_enable_fops_(r3, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 2.341115044s ago: executing program 1 (id=3266): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 2.334271102s ago: executing program 2 (id=3267): r0 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r1 = getpid() r2 = gettid() r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$auto_lowpan_enable_fops_(r3, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) setsockopt$auto(0x3, 0x10000000084, 0x76, 0x0, 0x8) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 2.284178829s ago: executing program 0 (id=3257): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) ioctl$auto_USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x23, 0x3, 0x14, 0x5, 0x7fc, 0x7fb, &(0x7f00000002c0)}) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) 1.412832933s ago: executing program 3 (id=3258): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x20000008000) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 1.208777427s ago: executing program 0 (id=3259): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 1.208635172s ago: executing program 1 (id=3261): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x20000008000) fsopen$auto(0x0, 0x1) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 1.200403251s ago: executing program 2 (id=3272): r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) write$auto(r0, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) mmap$auto(0x0, 0x128009, 0xdf, 0xeb1, r0, 0x20000008000) socket(0x21, 0x2, 0x2) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x40000000000a5, 0x8000) mmap$auto(0x0, 0x7ffffffff000, 0x8004, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x2, 0x7f, 0xeb1, 0x401, 0x8000) socketpair$auto(0xa, 0x2, 0x8000000000000000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x2200, 0x0) r2 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd3e, 0x1, 0x948b, 0x3, 0x95f4da0a, 0xffffffffffffffff, 0x3, 0x62, 0x80000001, 0x4, 0x6d3f, 0x9, 0x2, 0xfffffffffffffffe]}, 0x0) write$auto(r2, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x400000000001ff, 0x7, 0xa, 0x1, 0x4, 0x3, 0x9, 0x5, 0x3, 0x48, 0x8002001f, 0x79d, 0x6d3e, 0x4, 0x6, 0x8]}, 0x0) select$auto(0xe, 0x0, 0x0, 0x0, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x45) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x80a86f3d, r3) write$auto(r1, 0x0, 0x100000a3d9) 551.438072ms ago: executing program 3 (id=3262): r0 = open(0x0, 0x22ac2, 0x5d745cb200ae4d7b) fchown$auto(r0, 0xe5a, 0x5) mmap$auto(0x0, 0x2a, 0xdf, 0x9b72, 0x1000, 0x28000) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket(0x26, 0x80805, 0x0) clone$auto(0x20003b46, 0x2, 0x0, 0x0, 0x2) openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, 0x0, 0x3c41, 0x0) r1 = getpid() r2 = gettid() r3 = open(0x0, 0x80400, 0xb5d1af1605322dd2) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$auto_lowpan_enable_fops_(r3, &(0x7f00000002c0)=""/120, 0x78) rt_tgsigqueueinfo$auto(r1, r2, 0x21, &(0x7f0000000400)={@siginfo_0_0={0x3, 0x1c51, 0xfffffffe, @_sigsys={0x0, 0x2, 0xffffffff}}}) mmap$auto(0x0, 0x20007, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x80000000000000a, 0x2, 0x0) syz_genetlink_get_family_id$auto_batadv(0x0, 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) write$auto(0x3, 0x0, 0x4) close_range$auto(0x2, 0x8, 0x0) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) 0s ago: executing program 1 (id=3263): r0 = openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/bus/usb/037/001\x00', 0x20882, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r1, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc3\xdd\xa7\xee$\xf5\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xe6\x06g\x1a\xfc\xa8\x02\vw\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) close_range$auto(0x0, r1, 0x2) io_uring_setup$auto(0x7, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x181902, 0x0) io_uring_setup$auto(0x6, 0x0) mkdir$auto(&(0x7f00000000c0)='./file1\x00', 0x9) rename$auto(&(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='./file1/file0\x00') io_uring_register$auto(0x2, 0x1e, &(0x7f00000001c0)="8138034e72ac", 0x1) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004814}, 0x8800) mmap$auto(0x0, 0x0, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) msync$auto(0x1ffff000, 0x1800000000000fe, 0x400000004) close_range$auto(0x2, r0, 0x2007f) r2 = openat$auto_mousedev_fops_mousedev(0xffffffffffffff9c, &(0x7f0000000080)='/dev/input/mouse0\x00', 0x0, 0x0) write$auto_mousedev_fops_mousedev(r2, &(0x7f0000001380)="22d2", 0x2) openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vcsa\x00', 0x108002, 0x0) r3 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) read$auto_nvram_misc_fops_nvram(r3, &(0x7f0000000280)=""/210, 0xd2) ioctl$auto_NVRAM_INIT(r3, 0x7040, 0x0) close_range$auto(0x0, 0xfffffffffffff000, 0x2) ioctl$auto_FIONREAD(0xffffffffffffffff, 0x541b, 0x5) setgroups$auto(0xe32, 0x0) kernel console output (not intermixed with test programs): 10 [ 251.525132][ T8163] __x64_sys_openat+0x174/0x210 [ 251.525179][ T8163] ? __pfx___x64_sys_openat+0x10/0x10 [ 251.525241][ T8163] do_syscall_64+0xcd/0x490 [ 251.525294][ T8163] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.525323][ T8163] RIP: 0033:0x7f83ed18ebe9 [ 251.525348][ T8163] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.525377][ T8163] RSP: 002b:00007f83ee0c4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 251.525406][ T8163] RAX: ffffffffffffffda RBX: 00007f83ed3c5fa0 RCX: 00007f83ed18ebe9 [ 251.525426][ T8163] RDX: 0000000000101e81 RSI: 0000200000000400 RDI: ffffffffffffff9c [ 251.525445][ T8163] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 251.525462][ T8163] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.525479][ T8163] R13: 00007f83ed3c6038 R14: 00007f83ed3c5fa0 R15: 00007ffd398c3128 [ 251.525519][ T8163] [ 251.561489][ T8156] veth0_macvtap: entered promiscuous mode [ 251.881888][ T8151] FAULT_INJECTION: forcing a failure. [ 251.881888][ T8151] name failslab, interval 1, probability 0, space 0, times 0 [ 251.897104][ T8151] CPU: 1 UID: 0 PID: 8151 Comm: syz.3.373 Not tainted syzkaller #0 PREEMPT(full) [ 251.897144][ T8151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 251.897161][ T8151] Call Trace: [ 251.897170][ T8151] [ 251.897182][ T8151] dump_stack_lvl+0x16c/0x1f0 [ 251.897224][ T8151] should_fail_ex+0x512/0x640 [ 251.897248][ T8151] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 251.897277][ T8151] should_failslab+0xc2/0x120 [ 251.897300][ T8151] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 251.897322][ T8151] ? kstrdup_const+0x63/0x80 [ 251.897346][ T8151] kstrdup+0x53/0x100 [ 251.897368][ T8151] kstrdup_const+0x63/0x80 [ 251.897388][ T8151] __kernfs_new_node+0x9b/0x8e0 [ 251.897414][ T8151] ? __pfx___kernfs_new_node+0x10/0x10 [ 251.897441][ T8151] ? find_held_lock+0x2b/0x80 [ 251.897458][ T8151] ? kernfs_root+0xee/0x2a0 [ 251.897483][ T8151] kernfs_new_node+0x13c/0x1e0 [ 251.897508][ T8151] ? net_ns_get_ownership+0xf8/0x1b0 [ 251.897533][ T8151] kernfs_create_dir_ns+0x4c/0x1a0 [ 251.897560][ T8151] sysfs_create_dir_ns+0x13a/0x2b0 [ 251.897580][ T8151] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 251.897599][ T8151] ? find_held_lock+0x2b/0x80 [ 251.897618][ T8151] ? net_namespace+0x12/0x50 [ 251.897642][ T8151] ? device_namespace+0x76/0xa0 [ 251.897668][ T8151] kobject_add_internal+0x2c4/0x9b0 [ 251.897698][ T8151] kobject_add+0x16e/0x240 [ 251.897722][ T8151] ? __pfx_kobject_add+0x10/0x10 [ 251.897747][ T8151] ? get_device_parent+0x1c5/0x4e0 [ 251.897772][ T8151] ? kobject_put+0xab/0x5a0 [ 251.897802][ T8151] device_add+0x288/0x1aa0 [ 251.897817][ T8151] ? __pfx_dev_set_name+0x10/0x10 [ 251.897836][ T8151] ? __pfx_device_add+0x10/0x10 [ 251.897851][ T8151] ? lockdep_init_map_type+0x5c/0x280 [ 251.897874][ T8151] ? __init_waitqueue_head+0xca/0x150 [ 251.897904][ T8151] netdev_register_kobject+0x1a9/0x3d0 [ 251.897934][ T8151] register_netdevice+0x13dc/0x2270 [ 251.897963][ T8151] ? __pfx_register_netdevice+0x10/0x10 [ 251.897995][ T8151] slip_open+0xb86/0x1150 [ 251.898032][ T8151] ? __pfx_slip_open+0x10/0x10 [ 251.898055][ T8151] ? down_write+0x14d/0x200 [ 251.898081][ T8151] ? __pfx_slip_open+0x10/0x10 [ 251.898106][ T8151] tty_ldisc_open+0x9f/0x120 [ 251.898133][ T8151] tty_set_ldisc+0x32b/0x780 [ 251.898157][ T8151] tty_ioctl+0xc2e/0x1680 [ 251.898181][ T8151] ? __pfx_tty_ioctl+0x10/0x10 [ 251.898211][ T8151] ? find_held_lock+0x2b/0x80 [ 251.898227][ T8151] ? hook_file_ioctl_common+0x145/0x410 [ 251.898254][ T8151] ? __fget_files+0x20e/0x3c0 [ 251.898277][ T8151] ? __pfx_tty_ioctl+0x10/0x10 [ 251.898300][ T8151] __x64_sys_ioctl+0x18e/0x210 [ 251.898328][ T8151] do_syscall_64+0xcd/0x490 [ 251.898353][ T8151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 251.898371][ T8151] RIP: 0033:0x7f50e718ebe9 [ 251.898389][ T8151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 251.898416][ T8151] RSP: 002b:00007f50e53d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 251.898438][ T8151] RAX: ffffffffffffffda RBX: 00007f50e73c6090 RCX: 00007f50e718ebe9 [ 251.898450][ T8151] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 251.898460][ T8151] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 251.898469][ T8151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 251.898479][ T8151] R13: 00007f50e73c6128 R14: 00007f50e73c6090 R15: 00007ffe8a88f4d8 [ 251.898502][ T8151] [ 251.900794][ T8151] kobject: kobject_add_internal failed for sl0 (error: -12 parent: net) [ 253.763445][ T8199] netlink: 25 bytes leftover after parsing attributes in process `syz.0.382'. [ 255.708230][ T8231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7fe00 [ 255.762525][ T8231] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 255.801427][ T8231] memcg:ffff888028c54001 [ 255.805811][ T8231] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 255.815963][ T8231] page_type: f5(slab) [ 255.820285][ T8231] raw: 00fff00000000040 ffff88801f6dadc0 0000000000000000 dead000000000001 [ 255.830967][ T8231] raw: 0000000000000000 0000000000150015 00000000f5000000 ffff888028c54001 [ 255.842123][ T8231] head: 00fff00000000040 ffff88801f6dadc0 0000000000000000 dead000000000001 [ 255.850879][ T8231] head: 0000000000000000 0000000000150015 00000000f5000000 ffff888028c54001 [ 255.860255][ T8231] head: 00fff00000000003 ffffea0001ff8001 00000000ffffffff 00000000ffffffff [ 255.874428][ T8230] FAULT_INJECTION: forcing a failure. [ 255.874428][ T8230] name failslab, interval 1, probability 0, space 0, times 0 [ 255.887226][ T8230] CPU: 0 UID: 0 PID: 8230 Comm: syz.1.387 Not tainted syzkaller #0 PREEMPT(full) [ 255.887262][ T8230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 255.887273][ T8230] Call Trace: [ 255.887279][ T8230] [ 255.887286][ T8230] dump_stack_lvl+0x16c/0x1f0 [ 255.887321][ T8230] should_fail_ex+0x512/0x640 [ 255.887344][ T8230] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 255.887371][ T8230] should_failslab+0xc2/0x120 [ 255.887394][ T8230] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 255.887417][ T8230] ? mark_held_locks+0x49/0x80 [ 255.887438][ T8230] ? kstrdup_const+0x63/0x80 [ 255.887463][ T8230] kstrdup+0x53/0x100 [ 255.887483][ T8230] kstrdup_const+0x63/0x80 [ 255.887504][ T8230] kvasprintf_const+0x10f/0x1a0 [ 255.887523][ T8230] kobject_set_name_vargs+0x5a/0x140 [ 255.887549][ T8230] dev_set_name+0xc7/0x100 [ 255.887567][ T8230] ? __pfx_dev_set_name+0x10/0x10 [ 255.887587][ T8230] ? lockdep_init_map_type+0x5c/0x280 [ 255.887610][ T8230] ? __init_waitqueue_head+0xca/0x150 [ 255.887641][ T8230] netdev_register_kobject+0xc5/0x3d0 [ 255.887672][ T8230] register_netdevice+0x13dc/0x2270 [ 255.887702][ T8230] ? __pfx_register_netdevice+0x10/0x10 [ 255.887733][ T8230] slip_open+0xb86/0x1150 [ 255.887763][ T8230] ? __pfx_slip_open+0x10/0x10 [ 255.887786][ T8230] ? down_write+0x14d/0x200 [ 255.887811][ T8230] ? __pfx_slip_open+0x10/0x10 [ 255.887834][ T8230] tty_ldisc_open+0x9f/0x120 [ 255.887856][ T8230] tty_set_ldisc+0x32b/0x780 [ 255.887878][ T8230] tty_ioctl+0xc2e/0x1680 [ 255.887902][ T8230] ? __pfx_tty_ioctl+0x10/0x10 [ 255.887931][ T8230] ? find_held_lock+0x2b/0x80 [ 255.887946][ T8230] ? hook_file_ioctl_common+0x145/0x410 [ 255.887973][ T8230] ? __fget_files+0x20e/0x3c0 [ 255.887996][ T8230] ? __pfx_tty_ioctl+0x10/0x10 [ 255.888019][ T8230] __x64_sys_ioctl+0x18e/0x210 [ 255.888047][ T8230] do_syscall_64+0xcd/0x490 [ 255.888071][ T8230] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 255.888089][ T8230] RIP: 0033:0x7f813e98ebe9 [ 255.888103][ T8230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 255.888119][ T8230] RSP: 002b:00007f813f756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 255.888136][ T8230] RAX: ffffffffffffffda RBX: 00007f813ebc6090 RCX: 00007f813e98ebe9 [ 255.888147][ T8230] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 255.888157][ T8230] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 255.888167][ T8230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 255.888176][ T8230] R13: 00007f813ebc6128 R14: 00007f813ebc6090 R15: 00007ffd1afbfa48 [ 255.888197][ T8230] [ 256.156088][ T8231] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 256.165712][ T8231] page dumped because: unmovable page [ 256.183191][ T8231] page_owner tracks the page as allocated [ 256.189260][ T8231] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5536, tgid 5536 (dhcpcd), ts 71228466528, free_ts 33015219590 [ 256.212851][ T8231] post_alloc_hook+0x1c0/0x230 [ 256.217750][ T8231] get_page_from_freelist+0x132b/0x38e0 [ 256.223828][ T8231] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 256.229900][ T8231] alloc_pages_mpol+0x1fb/0x550 [ 256.235011][ T8231] new_slab+0x247/0x330 [ 256.239177][ T8231] ___slab_alloc+0xcf2/0x1740 [ 256.244936][ T8231] __slab_alloc.constprop.0+0x56/0xb0 [ 256.250412][ T8231] kmem_cache_alloc_lru_noprof+0xf4/0x3b0 [ 256.256219][ T8231] sock_alloc_inode+0x25/0x1c0 [ 256.261129][ T8231] alloc_inode+0x61/0x240 [ 256.265591][ T8231] sock_alloc+0x40/0x280 [ 256.269879][ T8231] __sock_create+0xc1/0x8d0 [ 256.274486][ T8231] __sys_socketpair+0x25c/0x5a0 [ 256.279351][ T8231] __x64_sys_socketpair+0x96/0x100 [ 256.285630][ T8231] do_syscall_64+0xcd/0x490 [ 256.301465][ T8231] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.307880][ T8231] page last free pid 1 tgid 1 stack trace: [ 256.313932][ T8231] __free_frozen_pages+0x7d5/0x10f0 [ 256.321412][ T8231] free_contig_range+0x183/0x4b0 [ 256.326509][ T8231] destroy_args+0x794/0xc10 [ 256.331064][ T8231] debug_vm_pgtable+0x1a32/0x3640 [ 256.336151][ T8231] do_one_initcall+0x120/0x6e0 [ 256.340997][ T8231] kernel_init_freeable+0x5c2/0x910 [ 256.347152][ T8231] kernel_init+0x1c/0x2b0 [ 256.351598][ T8231] ret_from_fork+0x5d7/0x6f0 [ 256.356210][ T8231] ret_from_fork_asm+0x1a/0x30 [ 256.500004][ T8239] FAULT_INJECTION: forcing a failure. [ 256.500004][ T8239] name failslab, interval 1, probability 0, space 0, times 0 [ 256.523879][ T8239] CPU: 0 UID: 0 PID: 8239 Comm: syz.2.389 Not tainted syzkaller #0 PREEMPT(full) [ 256.523920][ T8239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 256.523937][ T8239] Call Trace: [ 256.523947][ T8239] [ 256.523959][ T8239] dump_stack_lvl+0x16c/0x1f0 [ 256.524016][ T8239] should_fail_ex+0x512/0x640 [ 256.524058][ T8239] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 256.524096][ T8239] should_failslab+0xc2/0x120 [ 256.524138][ T8239] __kmalloc_cache_noprof+0x6a/0x3e0 [ 256.524171][ T8239] ? device_add+0xccc/0x1aa0 [ 256.524206][ T8239] device_add+0xccc/0x1aa0 [ 256.524230][ T8239] ? dev_set_name+0xc7/0x100 [ 256.524259][ T8239] ? __pfx_dev_set_name+0x10/0x10 [ 256.524292][ T8239] ? __pfx_device_add+0x10/0x10 [ 256.524321][ T8239] ? lockdep_init_map_type+0x5c/0x280 [ 256.524365][ T8239] ? __init_waitqueue_head+0xca/0x150 [ 256.524424][ T8239] netdev_register_kobject+0x1a9/0x3d0 [ 256.524480][ T8239] register_netdevice+0x13dc/0x2270 [ 256.524534][ T8239] ? __pfx_register_netdevice+0x10/0x10 [ 256.524592][ T8239] slip_open+0xb86/0x1150 [ 256.524646][ T8239] ? __pfx_slip_open+0x10/0x10 [ 256.524690][ T8239] ? down_write+0x14d/0x200 [ 256.524738][ T8239] ? __pfx_slip_open+0x10/0x10 [ 256.524782][ T8239] tty_ldisc_open+0x9f/0x120 [ 256.524820][ T8239] tty_set_ldisc+0x32b/0x780 [ 256.524864][ T8239] tty_ioctl+0xc2e/0x1680 [ 256.524907][ T8239] ? __pfx_tty_ioctl+0x10/0x10 [ 256.524961][ T8239] ? find_held_lock+0x2b/0x80 [ 256.525000][ T8239] ? hook_file_ioctl_common+0x145/0x410 [ 256.525050][ T8239] ? __fget_files+0x20e/0x3c0 [ 256.525089][ T8239] ? __pfx_tty_ioctl+0x10/0x10 [ 256.525133][ T8239] __x64_sys_ioctl+0x18e/0x210 [ 256.525185][ T8239] do_syscall_64+0xcd/0x490 [ 256.525231][ T8239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 256.525261][ T8239] RIP: 0033:0x7f8a21d8ebe9 [ 256.525286][ T8239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 256.525315][ T8239] RSP: 002b:00007f8a22c3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 256.525343][ T8239] RAX: ffffffffffffffda RBX: 00007f8a21fc6090 RCX: 00007f8a21d8ebe9 [ 256.525363][ T8239] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 256.525380][ T8239] RBP: 00007f8a21e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 256.525397][ T8239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 256.525415][ T8239] R13: 00007f8a21fc6128 R14: 00007f8a21fc6090 R15: 00007ffff19d9918 [ 256.525456][ T8239] [ 257.875907][ T8250] FAULT_INJECTION: forcing a failure. [ 257.875907][ T8250] name failslab, interval 1, probability 0, space 0, times 0 [ 257.961480][ T8250] CPU: 0 UID: 0 PID: 8250 Comm: syz.3.390 Not tainted syzkaller #0 PREEMPT(full) [ 257.961519][ T8250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 257.961536][ T8250] Call Trace: [ 257.961545][ T8250] [ 257.961556][ T8250] dump_stack_lvl+0x16c/0x1f0 [ 257.961600][ T8250] should_fail_ex+0x512/0x640 [ 257.961636][ T8250] ? __kmalloc_cache_noprof+0x57/0x3e0 [ 257.961667][ T8250] should_failslab+0xc2/0x120 [ 257.961704][ T8250] __kmalloc_cache_noprof+0x6a/0x3e0 [ 257.961733][ T8250] ? slip_open+0x8cc/0x1150 [ 257.961775][ T8250] ? kasan_save_track+0x14/0x30 [ 257.961810][ T8250] slip_open+0x8cc/0x1150 [ 257.961854][ T8250] ? __pfx_n_tty_close+0x10/0x10 [ 257.961882][ T8250] ? __pfx_slip_open+0x10/0x10 [ 257.961933][ T8250] ? down_write+0x14d/0x200 [ 257.961980][ T8250] ? __pfx_slip_open+0x10/0x10 [ 257.962021][ T8250] tty_ldisc_open+0x9f/0x120 [ 257.962056][ T8250] tty_set_ldisc+0x32b/0x780 [ 257.962095][ T8250] tty_ioctl+0xc2e/0x1680 [ 257.962132][ T8250] ? __pfx_tty_ioctl+0x10/0x10 [ 257.962181][ T8250] ? find_held_lock+0x2b/0x80 [ 257.962210][ T8250] ? hook_file_ioctl_common+0x145/0x410 [ 257.962255][ T8250] ? __fget_files+0x20e/0x3c0 [ 257.962292][ T8250] ? __pfx_tty_ioctl+0x10/0x10 [ 257.962331][ T8250] __x64_sys_ioctl+0x18e/0x210 [ 257.962381][ T8250] do_syscall_64+0xcd/0x490 [ 257.962424][ T8250] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.962452][ T8250] RIP: 0033:0x7f50e718ebe9 [ 257.962474][ T8250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 257.962501][ T8250] RSP: 002b:00007f50e53b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 257.962527][ T8250] RAX: ffffffffffffffda RBX: 00007f50e73c6180 RCX: 00007f50e718ebe9 [ 257.962545][ T8250] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 257.962562][ T8250] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 257.962579][ T8250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.962595][ T8250] R13: 00007f50e73c6218 R14: 00007f50e73c6180 R15: 00007ffe8a88f4d8 [ 257.962634][ T8250] [ 258.436380][ T8280] Invalid ELF header magic: != ELF [ 259.102422][ T8287] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input14 [ 260.067000][ T8296] FAULT_INJECTION: forcing a failure. [ 260.067000][ T8296] name failslab, interval 1, probability 0, space 0, times 0 [ 260.079764][ T8296] CPU: 1 UID: 0 PID: 8296 Comm: syz.2.398 Not tainted syzkaller #0 PREEMPT(full) [ 260.079805][ T8296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 260.079824][ T8296] Call Trace: [ 260.079834][ T8296] [ 260.079846][ T8296] dump_stack_lvl+0x16c/0x1f0 [ 260.079893][ T8296] should_fail_ex+0x512/0x640 [ 260.079932][ T8296] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 260.079978][ T8296] should_failslab+0xc2/0x120 [ 260.080018][ T8296] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 260.080059][ T8296] ? mark_held_locks+0x49/0x80 [ 260.080096][ T8296] ? kstrdup_const+0x63/0x80 [ 260.080141][ T8296] kstrdup+0x53/0x100 [ 260.080188][ T8296] kstrdup_const+0x63/0x80 [ 260.080225][ T8296] kvasprintf_const+0x10f/0x1a0 [ 260.080259][ T8296] kobject_set_name_vargs+0x5a/0x140 [ 260.080307][ T8296] dev_set_name+0xc7/0x100 [ 260.080339][ T8296] ? __pfx_dev_set_name+0x10/0x10 [ 260.080376][ T8296] ? lockdep_init_map_type+0x5c/0x280 [ 260.080417][ T8296] ? __init_waitqueue_head+0xca/0x150 [ 260.080474][ T8296] netdev_register_kobject+0xc5/0x3d0 [ 260.080529][ T8296] register_netdevice+0x13dc/0x2270 [ 260.080584][ T8296] ? __pfx_register_netdevice+0x10/0x10 [ 260.080642][ T8296] slip_open+0xb86/0x1150 [ 260.080696][ T8296] ? __pfx_slip_open+0x10/0x10 [ 260.080739][ T8296] ? down_write+0x14d/0x200 [ 260.080787][ T8296] ? __pfx_slip_open+0x10/0x10 [ 260.080831][ T8296] tty_ldisc_open+0x9f/0x120 [ 260.080869][ T8296] tty_set_ldisc+0x32b/0x780 [ 260.080911][ T8296] tty_ioctl+0xc2e/0x1680 [ 260.080953][ T8296] ? __pfx_tty_ioctl+0x10/0x10 [ 260.081007][ T8296] ? find_held_lock+0x2b/0x80 [ 260.081036][ T8296] ? hook_file_ioctl_common+0x145/0x410 [ 260.081086][ T8296] ? __fget_files+0x20e/0x3c0 [ 260.081126][ T8296] ? __pfx_tty_ioctl+0x10/0x10 [ 260.081179][ T8296] __x64_sys_ioctl+0x18e/0x210 [ 260.081228][ T8296] do_syscall_64+0xcd/0x490 [ 260.081269][ T8296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 260.081297][ T8296] RIP: 0033:0x7f8a21d8ebe9 [ 260.081322][ T8296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 260.081351][ T8296] RSP: 002b:00007f8a22c3d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 260.081380][ T8296] RAX: ffffffffffffffda RBX: 00007f8a21fc6090 RCX: 00007f8a21d8ebe9 [ 260.081400][ T8296] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 260.081417][ T8296] RBP: 00007f8a21e11e19 R08: 0000000000000000 R09: 0000000000000000 [ 260.081434][ T8296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 260.081451][ T8296] R13: 00007f8a21fc6128 R14: 00007f8a21fc6090 R15: 00007ffff19d9918 [ 260.081493][ T8296] [ 261.281808][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 261.281880][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 261.418894][ T8321] HfR: entered promiscuous mode [ 261.843131][ T8321] netlink: 12 bytes leftover after parsing attributes in process `syz.1.403'. [ 261.843196][ T8321] HfR: left promiscuous mode [ 263.862076][ T8371] FAULT_INJECTION: forcing a failure. [ 263.862076][ T8371] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 263.862265][ T8371] CPU: 0 UID: 0 PID: 8371 Comm: syz.1.411 Not tainted syzkaller #0 PREEMPT(full) [ 263.862302][ T8371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 263.862319][ T8371] Call Trace: [ 263.862329][ T8371] [ 263.862341][ T8371] dump_stack_lvl+0x16c/0x1f0 [ 263.862384][ T8371] should_fail_ex+0x512/0x640 [ 263.862432][ T8371] should_fail_alloc_page+0xe7/0x130 [ 263.862476][ T8371] prepare_alloc_pages+0x3c2/0x610 [ 263.862520][ T8371] ? rcu_is_watching+0x12/0xc0 [ 263.862555][ T8371] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 263.862593][ T8371] ? kasan_save_stack+0x42/0x60 [ 263.862626][ T8371] ? kasan_save_stack+0x33/0x60 [ 263.862658][ T8371] ? kasan_save_track+0x14/0x30 [ 263.862688][ T8371] ? __kasan_kmalloc+0xaa/0xb0 [ 263.862717][ T8371] ? __kvmalloc_node_noprof+0x27b/0x620 [ 263.862748][ T8371] ? relay_open_buf.part.0+0x18f/0xc30 [ 263.862785][ T8371] ? relay_open+0x653/0xad0 [ 263.862819][ T8371] ? do_blk_trace_setup+0x4c5/0xb00 [ 263.862846][ T8371] ? blk_trace_setup+0xed/0x1b0 [ 263.862874][ T8371] ? blk_trace_ioctl+0x146/0x280 [ 263.862904][ T8371] ? blkdev_ioctl+0x108/0x6d0 [ 263.862944][ T8371] ? __x64_sys_ioctl+0x18e/0x210 [ 263.862988][ T8371] ? do_syscall_64+0xcd/0x490 [ 263.863024][ T8371] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.863062][ T8371] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 263.863123][ T8371] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 263.863161][ T8371] ? policy_nodemask+0xea/0x4e0 [ 263.863194][ T8371] alloc_pages_mpol+0x1fb/0x550 [ 263.863226][ T8371] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 263.863255][ T8371] ? trace_kmalloc+0x2b/0xd0 [ 263.863284][ T8371] ? __kvmalloc_node_noprof+0x298/0x620 [ 263.863309][ T8371] ? trace_kmalloc+0x2b/0xd0 [ 263.863338][ T8371] ? __kmalloc_noprof.cold+0x20/0x61 [ 263.863374][ T8371] alloc_pages_noprof+0x131/0x390 [ 263.863405][ T8371] relay_open_buf.part.0+0x25d/0xc30 [ 263.863445][ T8371] relay_open+0x653/0xad0 [ 263.863474][ T8371] ? debugfs_create_file_full+0x41/0x60 [ 263.863505][ T8371] do_blk_trace_setup+0x4c5/0xb00 [ 263.863533][ T8371] blk_trace_setup+0xed/0x1b0 [ 263.863559][ T8371] ? __pfx_blk_trace_setup+0x10/0x10 [ 263.863582][ T8371] ? __pfx_snprintf+0x10/0x10 [ 263.863618][ T8371] ? do_vfs_ioctl+0x128/0x14f0 [ 263.863657][ T8371] blk_trace_ioctl+0x146/0x280 [ 263.863689][ T8371] ? __pfx_blk_trace_ioctl+0x10/0x10 [ 263.863719][ T8371] ? find_held_lock+0x2b/0x80 [ 263.863741][ T8371] ? hook_file_ioctl_common+0x145/0x410 [ 263.863775][ T8371] blkdev_ioctl+0x108/0x6d0 [ 263.863800][ T8371] ? __pfx_blkdev_ioctl+0x10/0x10 [ 263.863829][ T8371] ? __pfx_blkdev_ioctl+0x10/0x10 [ 263.863855][ T8371] __x64_sys_ioctl+0x18e/0x210 [ 263.863892][ T8371] do_syscall_64+0xcd/0x490 [ 263.863925][ T8371] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 263.863954][ T8371] RIP: 0033:0x7f813e98ebe9 [ 263.863973][ T8371] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 263.863996][ T8371] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 263.864022][ T8371] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 263.864040][ T8371] RDX: 0000200000000140 RSI: 00000000c0481273 RDI: 0000000000000006 [ 263.864056][ T8371] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 263.864072][ T8371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 263.864089][ T8371] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 263.864123][ T8371] [ 263.931182][ T8371] vhci_hcd: invalid port number 23 [ 263.931288][ T8371] vhci_hcd: Wrong hub descriptor type for USB 3.0 roothub. [ 264.062001][ T30] audit: type=1804 audit(4294967355.360:4): pid=8371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.411" name="/newroot/107/file0" dev="tmpfs" ino=608 res=1 errno=0 [ 265.149913][ C1] vkms_vblank_simulate: vblank timer overrun [ 265.175369][ T8395] FAULT_INJECTION: forcing a failure. [ 265.175369][ T8395] name failslab, interval 1, probability 0, space 0, times 0 [ 265.175426][ T8395] CPU: 0 UID: 0 PID: 8395 Comm: syz.1.415 Not tainted syzkaller #0 PREEMPT(full) [ 265.175464][ T8395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 265.175483][ T8395] Call Trace: [ 265.175493][ T8395] [ 265.175505][ T8395] dump_stack_lvl+0x16c/0x1f0 [ 265.175551][ T8395] should_fail_ex+0x512/0x640 [ 265.175593][ T8395] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 265.175635][ T8395] should_failslab+0xc2/0x120 [ 265.175676][ T8395] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 265.175713][ T8395] ? __kernfs_new_node+0xd2/0x8e0 [ 265.175759][ T8395] __kernfs_new_node+0xd2/0x8e0 [ 265.175803][ T8395] ? __pfx___kernfs_new_node+0x10/0x10 [ 265.175853][ T8395] ? find_held_lock+0x2b/0x80 [ 265.175885][ T8395] ? kernfs_root+0xee/0x2a0 [ 265.175942][ T8395] kernfs_new_node+0x13c/0x1e0 [ 265.175986][ T8395] ? net_ns_get_ownership+0xf8/0x1b0 [ 265.176033][ T8395] kernfs_create_dir_ns+0x4c/0x1a0 [ 265.176084][ T8395] sysfs_create_dir_ns+0x13a/0x2b0 [ 265.176122][ T8395] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 265.176158][ T8395] ? find_held_lock+0x2b/0x80 [ 265.176192][ T8395] ? net_namespace+0x12/0x50 [ 265.176236][ T8395] ? device_namespace+0x76/0xa0 [ 265.176284][ T8395] kobject_add_internal+0x2c4/0x9b0 [ 265.176338][ T8395] kobject_add+0x16e/0x240 [ 265.176382][ T8395] ? __pfx_kobject_add+0x10/0x10 [ 265.176425][ T8395] ? get_device_parent+0x1c5/0x4e0 [ 265.176470][ T8395] ? kobject_put+0xab/0x5a0 [ 265.176525][ T8395] device_add+0x288/0x1aa0 [ 265.176553][ T8395] ? __pfx_dev_set_name+0x10/0x10 [ 265.176585][ T8395] ? __pfx_device_add+0x10/0x10 [ 265.176614][ T8395] ? lockdep_init_map_type+0x5c/0x280 [ 265.176656][ T8395] ? __init_waitqueue_head+0xca/0x150 [ 265.176714][ T8395] netdev_register_kobject+0x1a9/0x3d0 [ 265.176769][ T8395] register_netdevice+0x13dc/0x2270 [ 265.176823][ T8395] ? __pfx_register_netdevice+0x10/0x10 [ 265.176881][ T8395] slip_open+0xb86/0x1150 [ 265.176946][ T8395] ? __pfx_slip_open+0x10/0x10 [ 265.176989][ T8395] ? down_write+0x14d/0x200 [ 265.177038][ T8395] ? __pfx_slip_open+0x10/0x10 [ 265.177082][ T8395] tty_ldisc_open+0x9f/0x120 [ 265.177121][ T8395] tty_set_ldisc+0x32b/0x780 [ 265.177161][ T8395] tty_ioctl+0xc2e/0x1680 [ 265.177204][ T8395] ? __pfx_tty_ioctl+0x10/0x10 [ 265.177259][ T8395] ? find_held_lock+0x2b/0x80 [ 265.177287][ T8395] ? hook_file_ioctl_common+0x145/0x410 [ 265.177337][ T8395] ? __fget_files+0x20e/0x3c0 [ 265.177377][ T8395] ? __pfx_tty_ioctl+0x10/0x10 [ 265.177420][ T8395] __x64_sys_ioctl+0x18e/0x210 [ 265.177488][ T8395] do_syscall_64+0xcd/0x490 [ 265.177536][ T8395] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 265.177567][ T8395] RIP: 0033:0x7f813e98ebe9 [ 265.177593][ T8395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 265.177622][ T8395] RSP: 002b:00007f813f735038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 265.177651][ T8395] RAX: ffffffffffffffda RBX: 00007f813ebc6180 RCX: 00007f813e98ebe9 [ 265.177671][ T8395] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 265.177688][ T8395] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 265.177706][ T8395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 265.177723][ T8395] R13: 00007f813ebc6218 R14: 00007f813ebc6180 R15: 00007ffd1afbfa48 [ 265.177764][ T8395] [ 265.177864][ T8395] kobject: kobject_add_internal failed for sl1 (error: -12 parent: net) [ 266.325494][ T8409] ======================================================= [ 266.325494][ T8409] WARNING: The mand mount option has been deprecated and [ 266.325494][ T8409] and is ignored by this kernel. Remove the mand [ 266.325494][ T8409] option from the mount to silence this warning. [ 266.325494][ T8409] ======================================================= [ 267.006719][ T8440] random: crng reseeded on system resumption [ 267.359154][ T8446] sg_write: data in/out 2359516/108 bytes for SCSI command 0x0-- guessing data in; [ 267.359154][ T8446] program syz.2.420 not setting count and/or reply_len properly [ 267.464792][ T8447] vivid-003: ================= START STATUS ================= [ 267.482039][ T8447] vivid-003: Radio HW Seek Mode: Bounded [ 267.495268][ T8447] vivid-003: Radio Programmable HW Seek: false [ 267.518965][ T8447] vivid-003: RDS Rx I/O Mode: Block I/O [ 267.527459][ T8447] vivid-003: Generate RBDS Instead of RDS: false [ 267.534122][ T8447] vivid-003: RDS Reception: true [ 267.539144][ T8447] vivid-003: RDS Program Type: 0 inactive [ 267.545032][ T8447] vivid-003: RDS PS Name: inactive [ 267.550355][ T8447] vivid-003: RDS Radio Text: inactive [ 267.555964][ T8447] vivid-003: RDS Traffic Announcement: false inactive [ 267.562919][ T8447] vivid-003: RDS Traffic Program: false inactive [ 267.569369][ T8447] vivid-003: RDS Music: false inactive [ 267.575066][ T8447] vivid-003: ================== END STATUS ================== [ 268.428969][ T8437] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 268.620671][ T8461] netlink: 8 bytes leftover after parsing attributes in process `syz.1.424'. [ 273.023123][ T8543] FAULT_INJECTION: forcing a failure. [ 273.023123][ T8543] name failslab, interval 1, probability 0, space 0, times 0 [ 273.051428][ T8543] CPU: 0 UID: 0 PID: 8543 Comm: syz.0.434 Not tainted syzkaller #0 PREEMPT(full) [ 273.051471][ T8543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 273.051490][ T8543] Call Trace: [ 273.051499][ T8543] [ 273.051511][ T8543] dump_stack_lvl+0x16c/0x1f0 [ 273.051552][ T8543] should_fail_ex+0x512/0x640 [ 273.051578][ T8543] ? __kmalloc_noprof+0xbf/0x510 [ 273.051599][ T8543] ? slhc_init+0x3dd/0x570 [ 273.051622][ T8543] should_failslab+0xc2/0x120 [ 273.051646][ T8543] __kmalloc_noprof+0xd2/0x510 [ 273.051670][ T8543] slhc_init+0x3dd/0x570 [ 273.051693][ T8543] ? kasan_save_track+0x14/0x30 [ 273.051714][ T8543] slip_open+0x8ee/0x1150 [ 273.051739][ T8543] ? __pfx_n_tty_close+0x10/0x10 [ 273.051757][ T8543] ? __pfx_slip_open+0x10/0x10 [ 273.051780][ T8543] ? down_write+0x14d/0x200 [ 273.051806][ T8543] ? __pfx_slip_open+0x10/0x10 [ 273.051832][ T8543] tty_ldisc_open+0x9f/0x120 [ 273.051853][ T8543] tty_set_ldisc+0x32b/0x780 [ 273.051876][ T8543] tty_ioctl+0xc2e/0x1680 [ 273.051898][ T8543] ? __pfx_tty_ioctl+0x10/0x10 [ 273.051928][ T8543] ? find_held_lock+0x2b/0x80 [ 273.051945][ T8543] ? hook_file_ioctl_common+0x145/0x410 [ 273.051971][ T8543] ? __fget_files+0x20e/0x3c0 [ 273.051994][ T8543] ? __pfx_tty_ioctl+0x10/0x10 [ 273.052016][ T8543] __x64_sys_ioctl+0x18e/0x210 [ 273.052045][ T8543] do_syscall_64+0xcd/0x490 [ 273.052069][ T8543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 273.052094][ T8543] RIP: 0033:0x7f83ed18ebe9 [ 273.052109][ T8543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 273.052126][ T8543] RSP: 002b:00007f83ee0a3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 273.052143][ T8543] RAX: ffffffffffffffda RBX: 00007f83ed3c6090 RCX: 00007f83ed18ebe9 [ 273.052155][ T8543] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 273.052165][ T8543] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 273.052175][ T8543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 273.052185][ T8543] R13: 00007f83ed3c6128 R14: 00007f83ed3c6090 R15: 00007ffd398c3128 [ 273.052207][ T8543] [ 273.866501][ T8552] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 274.181481][ T8574] random: crng reseeded on system resumption [ 274.440939][ T8569] netlink: 4 bytes leftover after parsing attributes in process `syz.1.438'. [ 277.736199][ T8639] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input15 [ 278.004600][ T8629] FAULT_INJECTION: forcing a failure. [ 278.004600][ T8629] name failslab, interval 1, probability 0, space 0, times 0 [ 278.070809][ T8629] CPU: 1 UID: 0 PID: 8629 Comm: syz.0.447 Not tainted syzkaller #0 PREEMPT(full) [ 278.070852][ T8629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 278.070869][ T8629] Call Trace: [ 278.070878][ T8629] [ 278.070887][ T8629] dump_stack_lvl+0x16c/0x1f0 [ 278.070916][ T8629] should_fail_ex+0x512/0x640 [ 278.070941][ T8629] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 278.070964][ T8629] should_failslab+0xc2/0x120 [ 278.070987][ T8629] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 278.071007][ T8629] ? __kernfs_new_node+0xd2/0x8e0 [ 278.071033][ T8629] __kernfs_new_node+0xd2/0x8e0 [ 278.071058][ T8629] ? __pfx___kernfs_new_node+0x10/0x10 [ 278.071086][ T8629] ? find_held_lock+0x2b/0x80 [ 278.071103][ T8629] ? kernfs_root+0xee/0x2a0 [ 278.071129][ T8629] kernfs_new_node+0x13c/0x1e0 [ 278.071157][ T8629] __kernfs_create_file+0x53/0x350 [ 278.071177][ T8629] sysfs_add_file_mode_ns+0x207/0x3c0 [ 278.071210][ T8629] internal_create_group+0x578/0xf30 [ 278.071238][ T8629] ? __pfx_internal_create_group+0x10/0x10 [ 278.071264][ T8629] ? kernfs_create_link+0x1bd/0x240 [ 278.071285][ T8629] internal_create_groups+0x9d/0x150 [ 278.071309][ T8629] device_add+0x6d1/0x1aa0 [ 278.071329][ T8629] ? __pfx_device_add+0x10/0x10 [ 278.071344][ T8629] ? lockdep_init_map_type+0x5c/0x280 [ 278.071366][ T8629] ? __init_waitqueue_head+0xca/0x150 [ 278.071398][ T8629] netdev_register_kobject+0x1a9/0x3d0 [ 278.071428][ T8629] register_netdevice+0x13dc/0x2270 [ 278.071458][ T8629] ? __pfx_register_netdevice+0x10/0x10 [ 278.071490][ T8629] slip_open+0xb86/0x1150 [ 278.071519][ T8629] ? __pfx_slip_open+0x10/0x10 [ 278.071543][ T8629] ? down_write+0x14d/0x200 [ 278.071569][ T8629] ? __pfx_slip_open+0x10/0x10 [ 278.071593][ T8629] tty_ldisc_open+0x9f/0x120 [ 278.071614][ T8629] tty_set_ldisc+0x32b/0x780 [ 278.071642][ T8629] tty_ioctl+0xc2e/0x1680 [ 278.071666][ T8629] ? __pfx_tty_ioctl+0x10/0x10 [ 278.071695][ T8629] ? find_held_lock+0x2b/0x80 [ 278.071711][ T8629] ? hook_file_ioctl_common+0x145/0x410 [ 278.071739][ T8629] ? __fget_files+0x20e/0x3c0 [ 278.071760][ T8629] ? __pfx_tty_ioctl+0x10/0x10 [ 278.071783][ T8629] __x64_sys_ioctl+0x18e/0x210 [ 278.071818][ T8629] do_syscall_64+0xcd/0x490 [ 278.071842][ T8629] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.071860][ T8629] RIP: 0033:0x7f83ed18ebe9 [ 278.071875][ T8629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.071892][ T8629] RSP: 002b:00007f83ee082038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 278.071910][ T8629] RAX: ffffffffffffffda RBX: 00007f83ed3c6180 RCX: 00007f83ed18ebe9 [ 278.071921][ T8629] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 278.071931][ T8629] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 278.071941][ T8629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.071951][ T8629] R13: 00007f83ed3c6218 R14: 00007f83ed3c6180 R15: 00007ffd398c3128 [ 278.071972][ T8629] [ 278.456681][ T8629] Falling back ldisc for ptm2. [ 278.818837][ T8644] FAULT_INJECTION: forcing a failure. [ 278.818837][ T8644] name failslab, interval 1, probability 0, space 0, times 0 [ 278.845309][ T8644] CPU: 1 UID: 0 PID: 8644 Comm: syz.1.450 Not tainted syzkaller #0 PREEMPT(full) [ 278.845335][ T8644] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 278.845345][ T8644] Call Trace: [ 278.845352][ T8644] [ 278.845359][ T8644] dump_stack_lvl+0x16c/0x1f0 [ 278.845388][ T8644] should_fail_ex+0x512/0x640 [ 278.845412][ T8644] ? __kvmalloc_node_noprof+0x124/0x620 [ 278.845434][ T8644] should_failslab+0xc2/0x120 [ 278.845457][ T8644] __kvmalloc_node_noprof+0x137/0x620 [ 278.845477][ T8644] ? alloc_shrinker_info+0xea/0x470 [ 278.845504][ T8644] ? alloc_shrinker_info+0xea/0x470 [ 278.845524][ T8644] alloc_shrinker_info+0xea/0x470 [ 278.845552][ T8644] mem_cgroup_css_online+0x217/0x640 [ 278.845579][ T8644] ? __pfx_mem_cgroup_css_online+0x10/0x10 [ 278.845606][ T8644] online_css+0xaf/0x350 [ 278.845638][ T8644] cgroup_apply_control_enable+0x702/0xbb0 [ 278.845691][ T8644] cgroup_mkdir+0x5e7/0x11f0 [ 278.845730][ T8644] ? __pfx_cgroup_mkdir+0x10/0x10 [ 278.845756][ T8644] kernfs_iop_mkdir+0x111/0x190 [ 278.845783][ T8644] ? bpf_lsm_inode_mkdir+0x9/0x10 [ 278.845816][ T8644] vfs_mkdir+0x590/0x8c0 [ 278.845836][ T8644] do_mkdirat+0x304/0x3e0 [ 278.845859][ T8644] ? __pfx_do_mkdirat+0x10/0x10 [ 278.845882][ T8644] ? getname_flags.part.0+0x1c5/0x550 [ 278.845910][ T8644] __x64_sys_mkdir+0xef/0x140 [ 278.845931][ T8644] do_syscall_64+0xcd/0x490 [ 278.845955][ T8644] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 278.845973][ T8644] RIP: 0033:0x7f813e98ebe9 [ 278.845987][ T8644] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 278.846004][ T8644] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000053 [ 278.846030][ T8644] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 278.846041][ T8644] RDX: 0000000000000000 RSI: 00000000000008cd RDI: 0000200000000000 [ 278.846051][ T8644] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 278.846061][ T8644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 278.846072][ T8644] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 278.846096][ T8644] [ 280.756931][ T8684] Invalid ELF header magic: != ELF [ 280.776559][ T8676] random: crng reseeded on system resumption [ 280.785605][ T8676] FAULT_INJECTION: forcing a failure. [ 280.785605][ T8676] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 280.802685][ T8676] CPU: 0 UID: 0 PID: 8676 Comm: syz.1.462 Not tainted syzkaller #0 PREEMPT(full) [ 280.802712][ T8676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 280.802722][ T8676] Call Trace: [ 280.802728][ T8676] [ 280.802735][ T8676] dump_stack_lvl+0x16c/0x1f0 [ 280.802763][ T8676] should_fail_ex+0x512/0x640 [ 280.802790][ T8676] should_fail_alloc_page+0xe7/0x130 [ 280.802817][ T8676] prepare_alloc_pages+0x3c2/0x610 [ 280.802841][ T8676] ? __kernel_text_address+0xd/0x40 [ 280.802860][ T8676] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 280.802888][ T8676] ? stack_trace_save+0x8e/0xc0 [ 280.802907][ T8676] ? __pfx_stack_trace_save+0x10/0x10 [ 280.802927][ T8676] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 280.802951][ T8676] ? kasan_save_stack+0x42/0x60 [ 280.802969][ T8676] ? kasan_save_stack+0x33/0x60 [ 280.802989][ T8676] ? misc_open+0x35d/0x420 [ 280.803012][ T8676] ? chrdev_open+0x231/0x6a0 [ 280.803032][ T8676] ? do_dentry_open+0x97f/0x1530 [ 280.803051][ T8676] ? vfs_open+0x82/0x3f0 [ 280.803073][ T8676] ? path_openat+0x1de4/0x2cb0 [ 280.803090][ T8676] ? do_filp_open+0x20b/0x470 [ 280.803107][ T8676] ? do_sys_openat2+0x11b/0x1d0 [ 280.803130][ T8676] ? __x64_sys_openat+0x174/0x210 [ 280.803154][ T8676] ? do_syscall_64+0xcd/0x490 [ 280.803175][ T8676] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.803194][ T8676] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 280.803220][ T8676] ? policy_nodemask+0xea/0x4e0 [ 280.803244][ T8676] alloc_pages_mpol+0x1fb/0x550 [ 280.803266][ T8676] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 280.803295][ T8676] alloc_pages_noprof+0x131/0x390 [ 280.803317][ T8676] get_zeroed_page_noprof+0x18/0xb0 [ 280.803340][ T8676] get_image_page+0x18/0x190 [ 280.803358][ T8676] chain_alloc+0x8c/0xd0 [ 280.803375][ T8676] memory_bm_create+0x30f/0x810 [ 280.803400][ T8676] create_basic_memory_bitmaps+0x10b/0x320 [ 280.803423][ T8676] snapshot_open+0x235/0x2b0 [ 280.803442][ T8676] ? __pfx_snapshot_open+0x10/0x10 [ 280.803462][ T8676] misc_open+0x35d/0x420 [ 280.803480][ T8676] ? __pfx_misc_open+0x10/0x10 [ 280.803498][ T8676] chrdev_open+0x231/0x6a0 [ 280.803518][ T8676] ? __pfx_apparmor_file_open+0x10/0x10 [ 280.803537][ T8676] ? __pfx_chrdev_open+0x10/0x10 [ 280.803559][ T8676] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 280.803583][ T8676] do_dentry_open+0x97f/0x1530 [ 280.803603][ T8676] ? __pfx_chrdev_open+0x10/0x10 [ 280.803629][ T8676] vfs_open+0x82/0x3f0 [ 280.803656][ T8676] path_openat+0x1de4/0x2cb0 [ 280.803683][ T8676] ? __pfx_path_openat+0x10/0x10 [ 280.803709][ T8676] do_filp_open+0x20b/0x470 [ 280.803729][ T8676] ? __pfx_do_filp_open+0x10/0x10 [ 280.803765][ T8676] ? alloc_fd+0x471/0x7d0 [ 280.803790][ T8676] do_sys_openat2+0x11b/0x1d0 [ 280.803814][ T8676] ? __pfx_do_sys_openat2+0x10/0x10 [ 280.803848][ T8676] __x64_sys_openat+0x174/0x210 [ 280.803874][ T8676] ? __pfx___x64_sys_openat+0x10/0x10 [ 280.803908][ T8676] do_syscall_64+0xcd/0x490 [ 280.803933][ T8676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 280.803949][ T8676] RIP: 0033:0x7f813e98ebe9 [ 280.803963][ T8676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 280.803979][ T8676] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 280.803997][ T8676] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 280.804017][ T8676] RDX: 00000000001438bf RSI: 0000200000000000 RDI: ffffffffffffff9c [ 280.804027][ T8676] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 280.804037][ T8676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 280.804047][ T8676] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 280.804068][ T8676] [ 281.408844][ T8682] vivid-003: ================= START STATUS ================= [ 281.497682][ T8682] vivid-003: Radio HW Seek Mode: Bounded [ 281.503781][ T8682] vivid-003: Radio Programmable HW Seek: false [ 281.510113][ T8682] vivid-003: RDS Rx I/O Mode: Block I/O [ 281.515815][ T8682] vivid-003: Generate RBDS Instead of RDS: false [ 281.522243][ T8682] vivid-003: RDS Reception: true [ 281.527296][ T8682] vivid-003: RDS Program Type: 0 inactive [ 281.533097][ T8682] vivid-003: RDS PS Name: inactive [ 281.538481][ T8682] vivid-003: RDS Radio Text: inactive [ 281.544736][ T8682] vivid-003: RDS Traffic Announcement: false inactive [ 281.551582][ T8682] vivid-003: RDS Traffic Program: false inactive [ 281.558032][ T8682] vivid-003: RDS Music: false inactive [ 281.563537][ T8682] vivid-003: ================== END STATUS ================== [ 282.439264][ T8701] Format for deleting device is "id" (uint). [ 282.513700][ T8700] ICMPv6: process `syz.3.459' is using deprecated sysctl (syscall) net.ipv6.neigh.ipvlan1.retrans_time - use net.ipv6.neigh.ipvlan1.retrans_time_ms instead [ 283.942014][ T8714] HfR: entered promiscuous mode [ 284.219705][ T8719] netlink: 12 bytes leftover after parsing attributes in process `syz.3.461'. [ 284.271316][ T8719] HfR: left promiscuous mode [ 284.995429][ T8744] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input17 [ 285.663947][ T8754] Invalid ELF header magic: != ELF [ 286.103337][ T8759] netlink: 8 bytes leftover after parsing attributes in process `syz.0.471'. [ 289.087010][ T8807] netlink: 28 bytes leftover after parsing attributes in process `syz.2.477'. [ 290.176303][ T8830] input: jJǸ-9%vlQ J86 as /devices/virtual/input/input18 [ 290.365213][ T8793] netlink: 350 bytes leftover after parsing attributes in process `syz.1.476'. [ 294.618849][ T30] audit: type=1800 audit(4294969431.929:5): pid=8898 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.492" name="lu_gp_id" dev="configfs" ino=15974 res=0 errno=0 [ 294.682003][ T8878] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 296.834121][ T30] audit: type=1800 audit(4294969434.138:6): pid=8929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=16070 res=0 errno=0 [ 298.487567][ T8952] ubi0: attaching mtd0 [ 298.496084][ T8952] ubi0: scanning is finished [ 298.626585][ T8952] ubi0: empty MTD device detected [ 298.834497][ T30] audit: type=1800 audit(4294969436.137:7): pid=8946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.500" name="lu_gp_id" dev="configfs" ino=16916 res=0 errno=0 [ 299.541603][ T30] audit: type=1800 audit(4294969436.857:8): pid=8963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=16924 res=0 errno=0 [ 299.719378][ T8952] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 301.604065][ T30] audit: type=1800 audit(4294969438.916:9): pid=8991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=16266 res=0 errno=0 [ 303.323026][ T9023] input: f as /devices/virtual/input/input19 [ 306.418100][ T30] audit: type=1800 audit(4294969443.723:10): pid=9083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=17543 res=0 errno=0 [ 306.839056][ T9088] Invalid ELF header magic: != ELF [ 308.344701][ T9107] netlink: 28 bytes leftover after parsing attributes in process `syz.1.521'. [ 309.627694][ T9120] FAULT_INJECTION: forcing a failure. [ 309.627694][ T9120] name failslab, interval 1, probability 0, space 0, times 0 [ 309.691013][ T9120] CPU: 1 UID: 0 PID: 9120 Comm: syz.3.525 Not tainted syzkaller #0 PREEMPT(full) [ 309.691041][ T9120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 309.691052][ T9120] Call Trace: [ 309.691059][ T9120] [ 309.691066][ T9120] dump_stack_lvl+0x16c/0x1f0 [ 309.691094][ T9120] should_fail_ex+0x512/0x640 [ 309.691117][ T9120] ? __kmalloc_node_track_caller_noprof+0xc3/0x510 [ 309.691143][ T9120] should_failslab+0xc2/0x120 [ 309.691166][ T9120] __kmalloc_node_track_caller_noprof+0xd6/0x510 [ 309.691188][ T9120] ? mark_held_locks+0x49/0x80 [ 309.691215][ T9120] ? kstrdup_const+0x63/0x80 [ 309.691240][ T9120] kstrdup+0x53/0x100 [ 309.691261][ T9120] kstrdup_const+0x63/0x80 [ 309.691280][ T9120] kvasprintf_const+0x10f/0x1a0 [ 309.691298][ T9120] kobject_set_name_vargs+0x5a/0x140 [ 309.691325][ T9120] dev_set_name+0xc7/0x100 [ 309.691343][ T9120] ? __pfx_dev_set_name+0x10/0x10 [ 309.691363][ T9120] ? lockdep_init_map_type+0x5c/0x280 [ 309.691387][ T9120] ? __init_waitqueue_head+0xca/0x150 [ 309.691417][ T9120] netdev_register_kobject+0xc5/0x3d0 [ 309.691447][ T9120] register_netdevice+0x13dc/0x2270 [ 309.691477][ T9120] ? __pfx_register_netdevice+0x10/0x10 [ 309.691512][ T9120] slip_open+0xb86/0x1150 [ 309.691541][ T9120] ? __pfx_slip_open+0x10/0x10 [ 309.691564][ T9120] ? down_write+0x14d/0x200 [ 309.691590][ T9120] ? __pfx_slip_open+0x10/0x10 [ 309.691612][ T9120] tty_ldisc_open+0x9f/0x120 [ 309.691633][ T9120] tty_set_ldisc+0x32b/0x780 [ 309.691656][ T9120] tty_ioctl+0xc2e/0x1680 [ 309.691680][ T9120] ? __pfx_tty_ioctl+0x10/0x10 [ 309.691708][ T9120] ? find_held_lock+0x2b/0x80 [ 309.691724][ T9120] ? hook_file_ioctl_common+0x145/0x410 [ 309.691759][ T9120] ? __fget_files+0x20e/0x3c0 [ 309.691780][ T9120] ? __pfx_tty_ioctl+0x10/0x10 [ 309.691817][ T9120] __x64_sys_ioctl+0x18e/0x210 [ 309.691863][ T9120] do_syscall_64+0xcd/0x490 [ 309.691904][ T9120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.691932][ T9120] RIP: 0033:0x7f50e718ebe9 [ 309.691957][ T9120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.691985][ T9120] RSP: 002b:00007f50e53b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 309.692012][ T9120] RAX: ffffffffffffffda RBX: 00007f50e73c6180 RCX: 00007f50e718ebe9 [ 309.692031][ T9120] RDX: 0000000000000000 RSI: 0000000000005423 RDI: 000000000000000e [ 309.692047][ T9120] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 309.692063][ T9120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 309.692079][ T9120] R13: 00007f50e73c6218 R14: 00007f50e73c6180 R15: 00007ffe8a88f4d8 [ 309.692118][ T9120] [ 310.090141][ T9120] Falling back ldisc for ptm1. [ 312.338104][ T30] audit: type=1800 audit(4294969449.641:11): pid=9162 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=17340 res=0 errno=0 [ 313.828131][ T30] audit: type=1800 audit(4294969451.110:12): pid=9172 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=17792 res=0 errno=0 [ 315.155645][ T9192] zswap: compressor lY not available [ 316.392950][ T9207] ptp ptp0: only physical clock in use now [ 317.661323][ T9234] ubi0: attaching mtd0 [ 317.662608][ T9234] ubi0: scanning is finished [ 318.010007][ T9234] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 318.010046][ T9234] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 318.016136][ T9234] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 318.016171][ T9234] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 318.016196][ T9234] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 318.016219][ T9234] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 318.016241][ T9234] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1875102821 [ 318.016269][ T9234] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 318.017206][ T9238] ubi0: background thread "ubi_bgt0d" started, PID 9238 [ 318.034819][ T9236] ubi0: detaching mtd0 [ 318.049137][ T9236] ubi0: mtd0 is detached [ 318.718975][ T30] audit: type=1800 audit(4294969456.017:13): pid=9246 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=18537 res=0 errno=0 [ 320.689106][ T30] audit: type=1800 audit(4294969457.986:14): pid=9276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=18035 res=0 errno=0 [ 322.676088][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 322.683045][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 323.937720][ T9294] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 326.374144][ T30] audit: type=1800 audit(4294969463.664:15): pid=9355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=18830 res=0 errno=0 [ 329.060642][ T9372] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 329.877837][ T30] audit: type=1800 audit(4294969467.172:16): pid=9390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=18966 res=0 errno=0 [ 331.227615][ T30] audit: type=1800 audit(4294969468.521:17): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=18415 res=0 errno=0 [ 333.031425][ T30] audit: type=1800 audit(4294969470.320:18): pid=9428 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=19080 res=0 errno=0 [ 334.336826][ T30] audit: type=1800 audit(4294969471.620:19): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=19142 res=0 errno=0 [ 337.161655][ T30] audit: type=1800 audit(4294969474.448:20): pid=9488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=19242 res=0 errno=0 [ 344.081642][ T9550] netlink: 8 bytes leftover after parsing attributes in process `syz.3.597'. [ 345.178422][ T30] audit: type=1800 audit(4294969482.464:21): pid=9566 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=20555 res=0 errno=0 [ 348.339349][ T30] audit: type=1800 audit(4294969485.623:22): pid=9598 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.605" name="lu_gp_id" dev="configfs" ino=20193 res=0 errno=0 [ 349.102336][ T9609] netlink: 8 bytes leftover after parsing attributes in process `syz.0.608'. [ 349.456034][ T30] audit: type=1800 audit(4294969486.732:23): pid=9616 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=20750 res=0 errno=0 [ 350.913266][ T30] audit: type=1800 audit(4294969488.181:24): pid=9632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=20368 res=0 errno=0 [ 351.663611][ T30] audit: type=1800 audit(4294969488.941:25): pid=9638 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=20866 res=0 errno=0 [ 352.429728][ T30] audit: type=1800 audit(4294969489.710:26): pid=9647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.614" name="lu_gp_id" dev="configfs" ino=20882 res=0 errno=0 [ 355.088872][ T30] audit: type=1800 audit(4294969492.349:27): pid=9677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21616 res=0 errno=0 [ 355.845746][ T30] audit: type=1800 audit(4294969493.119:28): pid=9683 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21028 res=0 errno=0 [ 357.066622][ T30] audit: type=1800 audit(4294969494.338:29): pid=9708 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21061 res=0 errno=0 [ 358.925547][ T30] audit: type=1800 audit(4294969496.197:30): pid=9725 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21833 res=0 errno=0 [ 360.284078][ T9745] netlink: 8 bytes leftover after parsing attributes in process `syz.1.630'. [ 363.118782][ T30] audit: type=1800 audit(4294969500.395:31): pid=9771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21360 res=0 errno=0 [ 366.060306][ T30] audit: type=1800 audit(4294969503.334:32): pid=9803 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=21493 res=0 errno=0 [ 368.307220][ T30] audit: type=1800 audit(4294969505.583:33): pid=9824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=22372 res=0 errno=0 [ 371.406939][ T9852] netlink: 8 bytes leftover after parsing attributes in process `syz.0.647'. [ 374.768773][ T30] audit: type=1800 audit(4294969512.029:34): pid=9875 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=23816 res=0 errno=0 [ 377.367252][ T30] audit: type=1800 audit(4294969514.638:35): pid=9909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=22958 res=0 errno=0 [ 379.005659][ T30] audit: type=1800 audit(4294969516.267:36): pid=9934 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=23042 res=0 errno=0 [ 380.545540][ T30] audit: type=1800 audit(4294969517.816:37): pid=9946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24006 res=0 errno=0 [ 382.784096][ T30] audit: type=1800 audit(4294969520.045:38): pid=9969 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24147 res=0 errno=0 [ 383.717013][ T30] audit: type=1800 audit(4294969520.985:39): pid=9974 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24173 res=0 errno=0 [ 384.146180][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.152719][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 389.215639][ T30] audit: type=1800 audit(4294969526.482:40): pid=10036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24471 res=0 errno=0 [ 390.471253][ T30] audit: type=1800 audit(4294969527.731:41): pid=10042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24584 res=0 errno=0 [ 394.669296][ T30] audit: type=1800 audit(4294969531.919:42): pid=10100 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24754 res=0 errno=0 [ 396.805516][ T30] audit: type=1800 audit(4294969534.038:43): pid=10114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24868 res=0 errno=0 [ 398.017931][ T30] audit: type=1800 audit(4294969535.278:44): pid=10131 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=24924 res=0 errno=0 [ 405.029166][T10188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.702'. [ 406.522624][ T30] audit: type=1800 audit(4294969543.783:45): pid=10202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=25213 res=0 errno=0 [ 409.559248][ T30] audit: type=1800 audit(4294969546.802:46): pid=10231 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=26380 res=0 errno=0 [ 421.314367][ T30] audit: type=1800 audit(4294969558.566:47): pid=10338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=26890 res=0 errno=0 [ 422.439984][ T30] audit: type=1800 audit(4294969559.685:48): pid=10348 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=27769 res=0 errno=0 [ 437.291617][T10485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.752'. [ 445.615836][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.622417][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 450.046015][T10605] netlink: 8 bytes leftover after parsing attributes in process `syz.1.772'. [ 456.137115][ T30] audit: type=1800 audit(4294969593.369:49): pid=10674 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=29979 res=0 errno=0 [ 463.448968][ T30] audit: type=1800 audit(4294969600.675:50): pid=10728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=29607 res=0 errno=0 [ 465.640865][ T30] audit: type=1800 audit(4294969602.864:51): pid=10754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=29685 res=0 errno=0 [ 480.052135][ T30] audit: type=1800 audit(4294969617.277:52): pid=10897 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=31281 res=0 errno=0 [ 484.116962][ T30] audit: type=1800 audit(4294969621.335:53): pid=10933 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=31939 res=0 errno=0 [ 484.654706][T10931] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 484.890039][T10941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.824'. [ 488.519853][ T30] audit: type=1800 audit(4294969625.732:54): pid=10986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=31651 res=0 errno=0 [ 500.637380][T11098] netlink: 8 bytes leftover after parsing attributes in process `syz.1.849'. [ 502.227832][ T30] audit: type=1800 audit(4294969639.436:55): pid=11115 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=33135 res=0 errno=0 [ 503.754293][T11117] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 507.102500][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 507.108906][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 507.118199][ T30] audit: type=1800 audit(4294969644.323:56): pid=11159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=33264 res=0 errno=0 [ 516.911707][ T30] audit: type=1800 audit(4294969654.108:57): pid=11264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=34346 res=0 errno=0 [ 519.699552][ T30] audit: type=1800 audit(4294969656.907:58): pid=11283 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=34512 res=0 errno=0 [ 521.443658][ T30] audit: type=1800 audit(4294969658.646:59): pid=11307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=34592 res=0 errno=0 [ 521.847642][T11288] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 530.508045][ T30] audit: type=1800 audit(4294969667.701:60): pid=11391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=35981 res=0 errno=0 [ 531.640976][ T30] audit: type=1800 audit(4294969668.831:61): pid=11395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=36020 res=0 errno=0 [ 532.503978][ T30] audit: type=1800 audit(4294969669.680:62): pid=11408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.897" name="lu_gp_id" dev="configfs" ino=35179 res=0 errno=0 [ 539.164953][ T30] audit: type=1800 audit(4294969676.347:63): pid=11476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.907" name="lu_gp_id" dev="configfs" ino=36326 res=0 errno=0 [ 544.145946][ T30] audit: type=1800 audit(4294969681.335:64): pid=11523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=35564 res=0 errno=0 [ 546.612982][ T30] audit: type=1800 audit(4294969683.793:65): pid=11548 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.918" name="lu_gp_id" dev="configfs" ino=36701 res=0 errno=0 [ 551.658962][T11599] netlink: 8 bytes leftover after parsing attributes in process `syz.3.926'. [ 556.615369][ T30] audit: type=1800 audit(4294969693.778:66): pid=11651 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=37097 res=0 errno=0 [ 562.626145][ T30] audit: type=1800 audit(4294969699.795:67): pid=11716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.944" name="lu_gp_id" dev="configfs" ino=38297 res=0 errno=0 [ 568.557594][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 568.566118][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 572.508506][ T30] audit: type=1800 audit(4294969709.680:68): pid=11807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=37703 res=0 errno=0 [ 574.404600][ T30] audit: type=1800 audit(4294969711.580:69): pid=11831 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.961" name="lu_gp_id" dev="configfs" ino=38752 res=0 errno=0 [ 583.283366][ T30] audit: type=1800 audit(4294969720.455:70): pid=11917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=39191 res=0 errno=0 [ 584.103238][T11931] netlink: 8 bytes leftover after parsing attributes in process `syz.1.977'. [ 589.139093][ T30] audit: type=1800 audit(4294969726.302:71): pid=11979 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=40297 res=0 errno=0 [ 592.438461][ T30] audit: type=1800 audit(4294969729.601:72): pid=12008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=39604 res=0 errno=0 [ 594.728586][T12023] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 600.162113][ T30] audit: type=1800 audit(4294969737.327:73): pid=12078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=40677 res=0 errno=0 [ 607.393951][ T30] audit: type=1800 audit(4294969744.553:74): pid=12155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=40870 res=0 errno=0 [ 613.750339][T12215] FAULT_INJECTION: forcing a failure. [ 613.750339][T12215] name failslab, interval 1, probability 0, space 0, times 0 [ 613.820261][T12215] CPU: 1 UID: 0 PID: 12215 Comm: syz.1.1022 Not tainted syzkaller #0 PREEMPT(full) [ 613.820302][T12215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 613.820321][T12215] Call Trace: [ 613.820331][T12215] [ 613.820344][T12215] dump_stack_lvl+0x16c/0x1f0 [ 613.820393][T12215] should_fail_ex+0x512/0x640 [ 613.820528][T12215] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 613.820597][T12215] should_failslab+0xc2/0x120 [ 613.820676][T12215] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 613.820716][T12215] ? vm_area_alloc+0x1f/0x160 [ 613.820778][T12215] vm_area_alloc+0x1f/0x160 [ 613.820810][T12215] create_init_stack_vma+0x29/0x700 [ 613.820903][T12215] alloc_bprm+0x420/0x710 [ 613.820968][T12215] do_execveat_common.isra.0+0x1ce/0x610 [ 613.821015][T12215] __x64_sys_execve+0x8e/0xb0 [ 613.821053][T12215] do_syscall_64+0xcd/0x490 [ 613.821099][T12215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 613.821127][T12215] RIP: 0033:0x7f813e98ebe9 [ 613.821152][T12215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 613.821181][T12215] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 613.821210][T12215] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 613.821231][T12215] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 613.821248][T12215] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 613.821265][T12215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 613.821283][T12215] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 613.821322][T12215] [ 619.951915][T12288] FAULT_INJECTION: forcing a failure. [ 619.951915][T12288] name failslab, interval 1, probability 0, space 0, times 0 [ 620.037294][T12288] CPU: 0 UID: 0 PID: 12288 Comm: syz.1.1036 Not tainted syzkaller #0 PREEMPT(full) [ 620.037336][T12288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 620.037355][T12288] Call Trace: [ 620.037365][T12288] [ 620.037377][T12288] dump_stack_lvl+0x16c/0x1f0 [ 620.037424][T12288] should_fail_ex+0x512/0x640 [ 620.037471][T12288] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 620.037513][T12288] should_failslab+0xc2/0x120 [ 620.037553][T12288] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 620.037590][T12288] ? vm_area_alloc+0x1f/0x160 [ 620.037626][T12288] vm_area_alloc+0x1f/0x160 [ 620.037656][T12288] create_init_stack_vma+0x29/0x700 [ 620.037701][T12288] alloc_bprm+0x420/0x710 [ 620.037735][T12288] do_execveat_common.isra.0+0x1ce/0x610 [ 620.037776][T12288] __x64_sys_execve+0x8e/0xb0 [ 620.037812][T12288] do_syscall_64+0xcd/0x490 [ 620.037865][T12288] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 620.037895][T12288] RIP: 0033:0x7f813e98ebe9 [ 620.037920][T12288] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 620.037947][T12288] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 620.037976][T12288] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 620.037994][T12288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 620.038010][T12288] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 620.038027][T12288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 620.038044][T12288] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 620.038083][T12288] [ 620.301343][T12288] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1036'. [ 624.908756][ T30] audit: type=1800 audit(4294969762.044:75): pid=12339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=41869 res=0 errno=0 [ 629.446409][ T30] audit: type=1800 audit(4294969766.592:76): pid=12382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=42673 res=0 errno=0 [ 630.030662][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 630.037145][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 632.250745][T12410] FAULT_INJECTION: forcing a failure. [ 632.250745][T12410] name failslab, interval 1, probability 0, space 0, times 0 [ 632.290731][T12410] CPU: 1 UID: 0 PID: 12410 Comm: syz.1.1055 Not tainted syzkaller #0 PREEMPT(full) [ 632.290758][T12410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 632.290768][T12410] Call Trace: [ 632.290774][T12410] [ 632.290782][T12410] dump_stack_lvl+0x16c/0x1f0 [ 632.290816][T12410] should_fail_ex+0x512/0x640 [ 632.290840][T12410] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 632.290862][T12410] should_failslab+0xc2/0x120 [ 632.290885][T12410] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 632.290905][T12410] ? vm_area_alloc+0x1f/0x160 [ 632.290927][T12410] vm_area_alloc+0x1f/0x160 [ 632.290943][T12410] create_init_stack_vma+0x29/0x700 [ 632.290968][T12410] alloc_bprm+0x420/0x710 [ 632.290989][T12410] do_execveat_common.isra.0+0x1ce/0x610 [ 632.291012][T12410] __x64_sys_execve+0x8e/0xb0 [ 632.291032][T12410] do_syscall_64+0xcd/0x490 [ 632.291056][T12410] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 632.291074][T12410] RIP: 0033:0x7f813e98ebe9 [ 632.291087][T12410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 632.291104][T12410] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 632.291121][T12410] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 632.291132][T12410] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 632.291142][T12410] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 632.291152][T12410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 632.291162][T12410] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 632.291183][T12410] [ 632.771902][T12417] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1055'. [ 632.830902][ T30] audit: type=1800 audit(4294969769.970:77): pid=12416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=42788 res=0 errno=0 [ 633.619518][T12424] FAULT_INJECTION: forcing a failure. [ 633.619518][T12424] name failslab, interval 1, probability 0, space 0, times 0 [ 633.632649][T12424] CPU: 0 UID: 0 PID: 12424 Comm: syz.0.1058 Not tainted syzkaller #0 PREEMPT(full) [ 633.632692][T12424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 633.632711][T12424] Call Trace: [ 633.632721][T12424] [ 633.632732][T12424] dump_stack_lvl+0x16c/0x1f0 [ 633.632785][T12424] should_fail_ex+0x512/0x640 [ 633.632827][T12424] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 633.632867][T12424] should_failslab+0xc2/0x120 [ 633.632904][T12424] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 633.632940][T12424] ? vm_area_alloc+0x1f/0x160 [ 633.632976][T12424] vm_area_alloc+0x1f/0x160 [ 633.633006][T12424] create_init_stack_vma+0x29/0x700 [ 633.633050][T12424] alloc_bprm+0x420/0x710 [ 633.633085][T12424] do_execveat_common.isra.0+0x1ce/0x610 [ 633.633125][T12424] __x64_sys_execve+0x8e/0xb0 [ 633.633160][T12424] do_syscall_64+0xcd/0x490 [ 633.633197][T12424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 633.633225][T12424] RIP: 0033:0x7f83ed18ebe9 [ 633.633248][T12424] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 633.633275][T12424] RSP: 002b:00007f83ee0c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 633.633302][T12424] RAX: ffffffffffffffda RBX: 00007f83ed3c5fa0 RCX: 00007f83ed18ebe9 [ 633.633320][T12424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 633.633336][T12424] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 633.633351][T12424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 633.633368][T12424] R13: 00007f83ed3c6038 R14: 00007f83ed3c5fa0 R15: 00007ffd398c3128 [ 633.633405][T12424] [ 633.902434][T12429] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1058'. [ 638.232762][ T30] audit: type=1800 audit(4294969775.368:78): pid=12470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=43373 res=0 errno=0 [ 641.305204][T12502] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 642.543980][T12520] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 648.327075][T12581] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 648.711831][T12599] FAULT_INJECTION: forcing a failure. [ 648.711831][T12599] name failslab, interval 1, probability 0, space 0, times 0 [ 648.747424][T12599] CPU: 0 UID: 0 PID: 12599 Comm: syz.1.1086 Not tainted syzkaller #0 PREEMPT(full) [ 648.747467][T12599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 648.747484][T12599] Call Trace: [ 648.747494][T12599] [ 648.747507][T12599] dump_stack_lvl+0x16c/0x1f0 [ 648.747553][T12599] should_fail_ex+0x512/0x640 [ 648.747593][T12599] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 648.747634][T12599] should_failslab+0xc2/0x120 [ 648.747673][T12599] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 648.747709][T12599] ? vm_area_alloc+0x1f/0x160 [ 648.747745][T12599] vm_area_alloc+0x1f/0x160 [ 648.747774][T12599] create_init_stack_vma+0x29/0x700 [ 648.747818][T12599] alloc_bprm+0x420/0x710 [ 648.747854][T12599] do_execveat_common.isra.0+0x1ce/0x610 [ 648.747896][T12599] __x64_sys_execve+0x8e/0xb0 [ 648.747931][T12599] do_syscall_64+0xcd/0x490 [ 648.747974][T12599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 648.748003][T12599] RIP: 0033:0x7f813e98ebe9 [ 648.748026][T12599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 648.748055][T12599] RSP: 002b:00007f813f777038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 648.748085][T12599] RAX: ffffffffffffffda RBX: 00007f813ebc5fa0 RCX: 00007f813e98ebe9 [ 648.748104][T12599] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 648.748122][T12599] RBP: 00007f813ea11e19 R08: 0000000000000000 R09: 0000000000000000 [ 648.748139][T12599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 648.748154][T12599] R13: 00007f813ebc6038 R14: 00007f813ebc5fa0 R15: 00007ffd1afbfa48 [ 648.748177][T12599] [ 648.963124][T12603] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1086'. [ 651.250625][T12624] FAULT_INJECTION: forcing a failure. [ 651.250625][T12624] name failslab, interval 1, probability 0, space 0, times 0 [ 651.306002][T12626] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1090'. [ 651.384098][T12624] CPU: 0 UID: 0 PID: 12624 Comm: syz.0.1090 Not tainted syzkaller #0 PREEMPT(full) [ 651.384126][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 651.384136][T12624] Call Trace: [ 651.384142][T12624] [ 651.384150][T12624] dump_stack_lvl+0x16c/0x1f0 [ 651.384178][T12624] should_fail_ex+0x512/0x640 [ 651.384202][T12624] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 651.384226][T12624] should_failslab+0xc2/0x120 [ 651.384249][T12624] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 651.384269][T12624] ? vm_area_alloc+0x1f/0x160 [ 651.384289][T12624] vm_area_alloc+0x1f/0x160 [ 651.384306][T12624] create_init_stack_vma+0x29/0x700 [ 651.384338][T12624] alloc_bprm+0x420/0x710 [ 651.384359][T12624] do_execveat_common.isra.0+0x1ce/0x610 [ 651.384382][T12624] __x64_sys_execve+0x8e/0xb0 [ 651.384402][T12624] do_syscall_64+0xcd/0x490 [ 651.384427][T12624] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 651.384445][T12624] RIP: 0033:0x7f83ed18ebe9 [ 651.384460][T12624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 651.384476][T12624] RSP: 002b:00007f83ee0c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 651.384493][T12624] RAX: ffffffffffffffda RBX: 00007f83ed3c5fa0 RCX: 00007f83ed18ebe9 [ 651.384504][T12624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 651.384514][T12624] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 651.384524][T12624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 651.384534][T12624] R13: 00007f83ed3c6038 R14: 00007f83ed3c5fa0 R15: 00007ffd398c3128 [ 651.384554][T12624] [ 652.979625][ T30] audit: type=1800 audit(4294969790.100:79): pid=12645 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=43836 res=0 errno=0 [ 654.476338][T12650] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 655.238147][ T30] audit: type=1800 audit(4294969792.369:80): pid=12669 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=43927 res=0 errno=0 [ 655.748680][T12659] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 656.707546][ T30] audit: type=1800 audit(4294969793.838:81): pid=12682 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=44604 res=0 errno=0 [ 659.171247][T12705] FAULT_INJECTION: forcing a failure. [ 659.171247][T12705] name failslab, interval 1, probability 0, space 0, times 0 [ 659.219148][T12705] CPU: 1 UID: 0 PID: 12705 Comm: syz.0.1104 Not tainted syzkaller #0 PREEMPT(full) [ 659.219174][T12705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 659.219184][T12705] Call Trace: [ 659.219190][T12705] [ 659.219197][T12705] dump_stack_lvl+0x16c/0x1f0 [ 659.219225][T12705] should_fail_ex+0x512/0x640 [ 659.219249][T12705] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 659.219272][T12705] should_failslab+0xc2/0x120 [ 659.219301][T12705] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 659.219322][T12705] ? mas_alloc_nodes+0x18b/0x8b0 [ 659.219344][T12705] mas_alloc_nodes+0x18b/0x8b0 [ 659.219370][T12705] mas_node_count_gfp+0x105/0x130 [ 659.219392][T12705] mas_preallocate+0x7e0/0xde0 [ 659.219421][T12705] ? __pfx_mas_preallocate+0x10/0x10 [ 659.219455][T12705] ? __pfx_mt_find+0x10/0x10 [ 659.219483][T12705] vma_link+0x135/0x6a0 [ 659.219505][T12705] ? __pfx_vma_link+0x10/0x10 [ 659.219536][T12705] insert_vm_struct+0xf4/0x2d0 [ 659.219560][T12705] create_init_stack_vma+0x2da/0x700 [ 659.219584][T12705] alloc_bprm+0x420/0x710 [ 659.219604][T12705] do_execveat_common.isra.0+0x1ce/0x610 [ 659.219628][T12705] __x64_sys_execve+0x8e/0xb0 [ 659.219647][T12705] do_syscall_64+0xcd/0x490 [ 659.219671][T12705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 659.219689][T12705] RIP: 0033:0x7f83ed18ebe9 [ 659.219703][T12705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 659.219719][T12705] RSP: 002b:00007f83ee0c4038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 659.219735][T12705] RAX: ffffffffffffffda RBX: 00007f83ed3c5fa0 RCX: 00007f83ed18ebe9 [ 659.219747][T12705] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 659.219756][T12705] RBP: 00007f83ed211e19 R08: 0000000000000000 R09: 0000000000000000 [ 659.219766][T12705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 659.219775][T12705] R13: 00007f83ed3c6038 R14: 00007f83ed3c5fa0 R15: 00007ffd398c3128 [ 659.219796][T12705] [ 659.441077][T12709] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1104'. [ 659.959435][ T30] audit: type=1800 audit(4294969797.087:82): pid=12721 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=45090 res=0 errno=0 [ 661.322506][T12719] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 664.124673][ T30] audit: type=1800 audit(4294969801.255:83): pid=12769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=45232 res=0 errno=0 [ 673.358042][ T30] audit: type=1800 audit(4294969810.480:84): pid=12873 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=45620 res=0 errno=0 [ 675.813871][T12895] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1133'. [ 680.247083][ T30] audit: type=1800 audit(4294969817.347:85): pid=12942 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=45867 res=0 errno=0 [ 681.227777][T12950] FAULT_INJECTION: forcing a failure. [ 681.227777][T12950] name failslab, interval 1, probability 0, space 0, times 0 [ 681.287638][T12950] CPU: 0 UID: 0 PID: 12950 Comm: syz.3.1143 Not tainted syzkaller #0 PREEMPT(full) [ 681.287683][T12950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 681.287701][T12950] Call Trace: [ 681.287711][T12950] [ 681.287723][T12950] dump_stack_lvl+0x16c/0x1f0 [ 681.287771][T12950] should_fail_ex+0x512/0x640 [ 681.287814][T12950] ? kmem_cache_alloc_noprof+0x5a/0x3b0 [ 681.287856][T12950] should_failslab+0xc2/0x120 [ 681.287897][T12950] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 681.287935][T12950] ? vm_area_alloc+0x1f/0x160 [ 681.287973][T12950] vm_area_alloc+0x1f/0x160 [ 681.288004][T12950] create_init_stack_vma+0x29/0x700 [ 681.288049][T12950] alloc_bprm+0x420/0x710 [ 681.288086][T12950] do_execveat_common.isra.0+0x1ce/0x610 [ 681.288128][T12950] __x64_sys_execve+0x8e/0xb0 [ 681.288163][T12950] do_syscall_64+0xcd/0x490 [ 681.288207][T12950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 681.288238][T12950] RIP: 0033:0x7f50e718ebe9 [ 681.288262][T12950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 681.288291][T12950] RSP: 002b:00007f50e53f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 681.288320][T12950] RAX: ffffffffffffffda RBX: 00007f50e73c5fa0 RCX: 00007f50e718ebe9 [ 681.288338][T12950] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 681.288354][T12950] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 681.288376][T12950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 681.288393][T12950] R13: 00007f50e73c6038 R14: 00007f50e73c5fa0 R15: 00007ffe8a88f4d8 [ 681.288431][T12950] [ 683.578169][T12974] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1148'. [ 688.010197][ T30] audit: type=1800 audit(4294969825.123:86): pid=13029 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=47222 res=0 errno=0 [ 691.507057][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 691.513645][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 692.066464][T13064] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 692.806454][ T30] audit: type=1800 audit(4294969829.920:87): pid=13079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=47353 res=0 errno=0 [ 695.466874][T13107] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1170'. [ 700.626873][T13173] FAULT_INJECTION: forcing a failure. [ 700.626873][T13173] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 700.671870][T13173] CPU: 1 UID: 0 PID: 13173 Comm: syz.3.1182 Not tainted syzkaller #0 PREEMPT(full) [ 700.671922][T13173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 700.671939][T13173] Call Trace: [ 700.671949][T13173] [ 700.671960][T13173] dump_stack_lvl+0x16c/0x1f0 [ 700.672004][T13173] should_fail_ex+0x512/0x640 [ 700.672049][T13173] should_fail_alloc_page+0xe7/0x130 [ 700.672089][T13173] prepare_alloc_pages+0x3c2/0x610 [ 700.672139][T13173] __alloc_frozen_pages_noprof+0x18b/0x23f0 [ 700.672254][T13173] ? is_bpf_text_address+0x8a/0x1a0 [ 700.672293][T13173] ? bpf_ksym_find+0x124/0x1c0 [ 700.672323][T13173] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 700.672360][T13173] ? is_bpf_text_address+0x94/0x1a0 [ 700.672395][T13173] ? kernel_text_address+0x8d/0x100 [ 700.672420][T13173] ? __lock_acquire+0x62e/0x1ce0 [ 700.672454][T13173] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 700.672487][T13173] ? unwind_get_return_address+0x59/0xa0 [ 700.672540][T13173] ? stack_trace_save+0x8e/0xc0 [ 700.672581][T13173] ? __pfx_stack_trace_save+0x10/0x10 [ 700.672612][T13173] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 700.672657][T13173] ? policy_nodemask+0xea/0x4e0 [ 700.672729][T13173] alloc_pages_mpol+0x1fb/0x550 [ 700.672768][T13173] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 700.672818][T13173] alloc_pages_noprof+0x131/0x390 [ 700.672860][T13173] __pud_alloc+0x3b/0x750 [ 700.672937][T13173] __handle_mm_fault+0x13de/0x2a50 [ 700.672975][T13173] ? mt_find+0x3ef/0xa30 [ 700.673024][T13173] ? __pfx___handle_mm_fault+0x10/0x10 [ 700.673094][T13173] handle_mm_fault+0x589/0xd10 [ 700.673134][T13173] __get_user_pages+0x551/0x34a0 [ 700.673210][T13173] ? __pfx_validate_mm+0x10/0x10 [ 700.673248][T13173] ? __pfx___get_user_pages+0x10/0x10 [ 700.673305][T13173] get_user_pages_remote+0x243/0xab0 [ 700.673360][T13173] ? __pfx_get_user_pages_remote+0x10/0x10 [ 700.673404][T13173] ? __pfx_vma_link+0x10/0x10 [ 700.673453][T13173] get_arg_page+0xf4/0x310 [ 700.673487][T13173] ? __pfx_get_arg_page+0x10/0x10 [ 700.673518][T13173] ? up_write+0x1b2/0x520 [ 700.673570][T13173] copy_string_kernel+0x182/0x520 [ 700.673613][T13173] do_execveat_common.isra.0+0x2ed/0x610 [ 700.673656][T13173] __x64_sys_execve+0x8e/0xb0 [ 700.673692][T13173] do_syscall_64+0xcd/0x490 [ 700.673738][T13173] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 700.673768][T13173] RIP: 0033:0x7f50e718ebe9 [ 700.673794][T13173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 700.673823][T13173] RSP: 002b:00007f50e53f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b [ 700.673852][T13173] RAX: ffffffffffffffda RBX: 00007f50e73c5fa0 RCX: 00007f50e718ebe9 [ 700.673872][T13173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000 [ 700.673898][T13173] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 700.673916][T13173] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 700.673933][T13173] R13: 00007f50e73c6038 R14: 00007f50e73c5fa0 R15: 00007ffe8a88f4d8 [ 700.673974][T13173] [ 702.009756][ T30] audit: type=1800 audit(4294969839.106:88): pid=13191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=47627 res=0 errno=0 [ 711.209093][ T30] audit: type=1800 audit(4294969848.311:89): pid=13315 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=47892 res=0 errno=0 [ 712.670947][T13317] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 713.610557][ T30] audit: type=1800 audit(4294969850.710:90): pid=13347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=48901 res=0 errno=0 [ 717.180083][T13399] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1220'. [ 719.852806][ T30] audit: type=1800 audit(4294969856.957:91): pid=13434 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=49256 res=0 errno=0 [ 724.222051][ T30] audit: type=1800 audit(4294969861.325:92): pid=13484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=49374 res=0 errno=0 [ 736.175309][ T30] audit: type=1800 audit(4294969873.259:93): pid=13666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=50651 res=0 errno=0 [ 742.814639][T13745] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1277'. [ 743.987721][ T30] audit: type=1800 audit(4294969881.075:94): pid=13762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=50940 res=0 errno=0 [ 746.743157][T13775] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 748.775598][ T30] audit: type=1800 audit(4294969885.862:95): pid=13813 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=51077 res=0 errno=0 [ 749.088855][T13807] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 749.223731][ T30] audit: type=1800 audit(4294969886.312:96): pid=13826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=51107 res=0 errno=0 [ 752.421817][T13855] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 752.606971][T13865] FAULT_INJECTION: forcing a failure. [ 752.606971][T13865] name failslab, interval 1, probability 0, space 0, times 0 [ 752.656006][T13865] CPU: 0 UID: 0 PID: 13865 Comm: syz.3.1299 Not tainted syzkaller #0 PREEMPT(full) [ 752.656049][T13865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 752.656065][T13865] Call Trace: [ 752.656075][T13865] [ 752.656086][T13865] dump_stack_lvl+0x16c/0x1f0 [ 752.656130][T13865] should_fail_ex+0x512/0x640 [ 752.656179][T13865] should_failslab+0xc2/0x120 [ 752.656220][T13865] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 752.656257][T13865] ? skb_clone+0x190/0x3f0 [ 752.656301][T13865] skb_clone+0x190/0x3f0 [ 752.656342][T13865] netlink_deliver_tap+0xabd/0xd30 [ 752.656390][T13865] netlink_unicast+0x64c/0x870 [ 752.656440][T13865] ? __pfx_netlink_unicast+0x10/0x10 [ 752.656478][T13865] ? __asan_memset+0x23/0x50 [ 752.656508][T13865] ? __build_skb_around+0x278/0x3b0 [ 752.656543][T13865] ? is_vmalloc_addr+0x86/0xa0 [ 752.656585][T13865] netlink_sendmsg+0x8d1/0xdd0 [ 752.656648][T13865] ? __pfx_netlink_sendmsg+0x10/0x10 [ 752.656698][T13865] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 752.656822][T13865] ____sys_sendmsg+0xa98/0xc70 [ 752.656859][T13865] ? __pfx_____sys_sendmsg+0x10/0x10 [ 752.656910][T13865] ___sys_sendmsg+0x134/0x1d0 [ 752.656962][T13865] ? __pfx____sys_sendmsg+0x10/0x10 [ 752.657029][T13865] ? find_held_lock+0x2b/0x80 [ 752.657088][T13865] __sys_sendmmsg+0x200/0x420 [ 752.657136][T13865] ? __pfx___sys_sendmmsg+0x10/0x10 [ 752.657189][T13865] ? __pfx_do_futex+0x10/0x10 [ 752.657252][T13865] ? xfd_validate_state+0x61/0x180 [ 752.657307][T13865] __x64_sys_sendmmsg+0x9c/0x100 [ 752.657349][T13865] ? lockdep_hardirqs_on+0x7c/0x110 [ 752.657387][T13865] do_syscall_64+0xcd/0x490 [ 752.657433][T13865] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 752.657463][T13865] RIP: 0033:0x7f50e718ebe9 [ 752.657489][T13865] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 752.657518][T13865] RSP: 002b:00007f50e53f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 752.657548][T13865] RAX: ffffffffffffffda RBX: 00007f50e73c5fa0 RCX: 00007f50e718ebe9 [ 752.657568][T13865] RDX: 0000000000000007 RSI: 0000200000000200 RDI: 0000000000000006 [ 752.657586][T13865] RBP: 00007f50e7211e19 R08: 0000000000000000 R09: 0000000000000000 [ 752.657603][T13865] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000000 [ 752.657621][T13865] R13: 00007f50e73c6038 R14: 00007f50e73c5fa0 R15: 00007ffe8a88f4d8 [ 752.657673][T13865] [ 752.657972][T13865] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1299'. [ 752.979372][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 752.985802][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 757.992790][T13933] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 759.084116][T13964] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1316'. [ 761.227226][T13996] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1321'. [ 761.694348][ T30] audit: type=1800 audit(4294969898.776:97): pid=14004 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=52590 res=0 errno=0 [ 767.427406][T14081] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1336'. [ 767.566620][T14066] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 770.720300][T14110] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 772.838895][T14159] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1348'. [ 773.201349][T14145] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 777.168294][ T30] audit: type=1800 audit(4294969914.228:98): pid=14211 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=53282 res=0 errno=0 [ 777.926283][T14215] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1357'. [ 779.344289][T14238] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1361'. [ 779.383528][T14220] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 785.024210][ T30] audit: type=1800 audit(4294969922.094:99): pid=14317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=54405 res=0 errno=0 [ 786.760510][ T30] audit: type=1800 audit(4294969923.823:100): pid=14334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=54461 res=0 errno=0 [ 791.438722][ T30] audit: type=1800 audit(4294969928.501:101): pid=14408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=53866 res=0 errno=0 [ 792.797536][T14429] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1395'. [ 794.117737][ T30] audit: type=1800 audit(4294969931.180:102): pid=14446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=54771 res=0 errno=0 [ 798.135742][T14495] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1407'. [ 799.642385][ T30] audit: type=1800 audit(4294969936.707:103): pid=14517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=54939 res=0 errno=0 [ 804.547934][ T30] audit: type=1800 audit(4294969941.604:104): pid=14593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=55322 res=0 errno=0 [ 809.057818][ T30] audit: type=1800 audit(4294969946.112:105): pid=14657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=56326 res=0 errno=0 [ 810.713170][T14680] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1441'. [ 814.443009][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 814.452661][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 815.864950][ T30] audit: type=1800 audit(4294969952.889:106): pid=14748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=56517 res=0 errno=0 [ 821.522853][ T30] audit: type=1800 audit(4294969958.576:107): pid=14825 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=56784 res=0 errno=0 [ 832.547458][T14979] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1494'. [ 833.137246][T14989] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1496'. [ 836.278467][T15044] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1507'. [ 843.387990][ T30] audit: type=1800 audit(4294969980.425:108): pid=15153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=58443 res=0 errno=0 [ 846.774944][ T30] audit: type=1800 audit(4294969983.813:109): pid=15204 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=57682 res=0 errno=0 [ 854.113183][T15332] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1555'. [ 875.920234][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 875.927347][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 883.891878][ T30] audit: type=1800 audit(4294970020.915:110): pid=15762 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=60792 res=0 errno=0 [ 890.608910][T15867] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1649'. [ 894.226157][T15918] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1659'. [ 896.590519][ T30] audit: type=1800 audit(4294970033.598:111): pid=15950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=61229 res=0 errno=0 [ 913.653578][ T30] audit: type=1800 audit(4294970050.640:112): pid=16208 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=61742 res=0 errno=0 [ 913.836097][T16219] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1708'. [ 919.313430][T16293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1721'. [ 919.602499][ T30] audit: type=1800 audit(4294970056.607:113): pid=16288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=62922 res=0 errno=0 [ 922.382213][ T30] audit: type=1800 audit(4294970059.386:114): pid=16338 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=63025 res=0 errno=0 [ 929.188306][ T30] audit: type=1800 audit(4294970066.182:115): pid=16420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="" name="lu_gp_id" dev="configfs" ino=62144 res=0 errno=0 [ 936.466057][T16555] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1770'. [ 937.381485][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 937.388115][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 986.377457][T17485] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1943'. [ 989.574847][T17555] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1955'. [ 992.920300][T17624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1967'. [ 996.656304][T17711] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1984'. [ 998.852779][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 998.859339][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 999.980772][T17780] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1994'. [ 1003.931103][T17855] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2006'. [ 1060.325580][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1060.334469][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1089.858410][T19553] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 1104.619892][T19838] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 1104.630874][T19838] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 1104.640206][T19838] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 1104.648996][T19838] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 1104.656711][T19838] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 1105.053156][ T3613] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.324638][ T3613] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.572014][ T3613] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1105.997254][ T3613] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1106.022261][T19836] chnl_net:caif_netlink_parms(): no params data found [ 1106.514673][T19836] bridge0: port 1(bridge_slave_0) entered blocking state [ 1106.522320][T19836] bridge0: port 1(bridge_slave_0) entered disabled state [ 1106.530547][T19836] bridge_slave_0: entered allmulticast mode [ 1106.542767][T19836] bridge_slave_0: entered promiscuous mode [ 1106.593255][T19836] bridge0: port 2(bridge_slave_1) entered blocking state [ 1106.634053][T19836] bridge0: port 2(bridge_slave_1) entered disabled state [ 1106.665795][T19836] bridge_slave_1: entered allmulticast mode [ 1106.677066][T19836] bridge_slave_1: entered promiscuous mode [ 1106.741634][T19838] Bluetooth: hci0: command tx timeout [ 1106.779464][T19836] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1106.904475][T19836] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1106.969125][ T3613] bridge_slave_1: left allmulticast mode [ 1106.986440][ T3613] bridge_slave_1: left promiscuous mode [ 1107.005965][ T3613] bridge0: port 2(bridge_slave_1) entered disabled state [ 1107.056714][ T3613] bridge_slave_0: left allmulticast mode [ 1107.137835][ T3613] bridge_slave_0: left promiscuous mode [ 1107.189354][ T3613] bridge0: port 1(bridge_slave_0) entered disabled state [ 1108.821116][T19838] Bluetooth: hci0: command tx timeout [ 1108.919464][ T3613] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1108.945904][ T3613] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1108.958311][ T3613] bond0 (unregistering): Released all slaves [ 1109.078364][T19836] team0: Port device team_slave_0 added [ 1109.145643][T19836] team0: Port device team_slave_1 added [ 1109.346251][T19836] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1109.371506][T19836] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1109.399570][T19836] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1109.482786][T19836] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1109.512316][T19836] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1109.540908][T19836] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1109.978401][T19836] hsr_slave_0: entered promiscuous mode [ 1109.988430][T19836] hsr_slave_1: entered promiscuous mode [ 1110.000287][T19836] debugfs: 'hsr0' already exists in 'hsr' [ 1110.007263][T19836] Cannot create hsr debugfs directory [ 1110.905400][T19838] Bluetooth: hci0: command tx timeout [ 1111.350261][ T3613] hsr_slave_0: left promiscuous mode [ 1111.411768][ T3613] hsr_slave_1: left promiscuous mode [ 1111.459453][ T3613] veth1_macvtap: left promiscuous mode [ 1111.471717][ T3613] veth0_macvtap: left promiscuous mode [ 1111.494128][ T3613] veth1_vlan: left promiscuous mode [ 1111.509848][ T3613] veth0_vlan: left promiscuous mode [ 1112.645863][ T3613] team0 (unregistering): Port device team_slave_1 removed [ 1112.719508][ T3613] team0 (unregistering): Port device team_slave_0 removed [ 1112.983235][T19838] Bluetooth: hci0: command tx timeout [ 1114.461943][T19836] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 1114.567277][T19836] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 1114.631786][T19836] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 1115.014169][T19836] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 1115.497475][T19836] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1115.514326][T19836] 8021q: adding VLAN 0 to HW filter on device team0 [ 1115.553365][ T49] bridge0: port 1(bridge_slave_0) entered blocking state [ 1115.560537][ T49] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1115.654908][ T49] bridge0: port 2(bridge_slave_1) entered blocking state [ 1115.662118][ T49] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1116.461002][T19836] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1116.923473][T19836] veth0_vlan: entered promiscuous mode [ 1116.987612][T19836] veth1_vlan: entered promiscuous mode [ 1117.095025][T19836] veth0_macvtap: entered promiscuous mode [ 1117.185670][T19836] veth1_macvtap: entered promiscuous mode [ 1117.348422][T19836] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1117.418499][T19836] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1117.440451][ T3496] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.499915][ T3496] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1117.646948][ T3496] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1118.054545][ T3496] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1118.407598][ T3561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1118.415485][ T3561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1118.601888][ T3561] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1118.636607][ T3561] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1121.797926][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1121.804374][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1138.656569][ T5881] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 1138.667486][ T5881] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 1138.675328][ T5881] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 1138.684405][ T5881] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 1138.692091][ T5881] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 1139.909246][T20414] chnl_net:caif_netlink_parms(): no params data found [ 1140.284438][T20414] bridge0: port 1(bridge_slave_0) entered blocking state [ 1140.319736][T20414] bridge0: port 1(bridge_slave_0) entered disabled state [ 1140.330054][T20414] bridge_slave_0: entered allmulticast mode [ 1140.343425][T20414] bridge_slave_0: entered promiscuous mode [ 1140.441398][T20414] bridge0: port 2(bridge_slave_1) entered blocking state [ 1140.477324][T20414] bridge0: port 2(bridge_slave_1) entered disabled state [ 1140.517808][T20414] bridge_slave_1: entered allmulticast mode [ 1140.538209][T20414] bridge_slave_1: entered promiscuous mode [ 1140.745675][T20414] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1140.775506][T20414] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1140.824734][T20414] team0: Port device team_slave_0 added [ 1140.841593][T20414] team0: Port device team_slave_1 added [ 1140.917345][T19838] Bluetooth: hci4: command tx timeout [ 1141.087085][T20414] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1141.095733][T20414] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1141.124174][T20414] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1141.186262][T20414] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1141.194033][T20414] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1141.247929][T20414] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1141.446244][T20414] hsr_slave_0: entered promiscuous mode [ 1141.467194][T20414] hsr_slave_1: entered promiscuous mode [ 1141.477615][T20414] debugfs: 'hsr0' already exists in 'hsr' [ 1141.500939][T20414] Cannot create hsr debugfs directory [ 1142.250348][T20414] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.443691][T20414] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.657818][T20414] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1142.962516][T20414] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1143.008444][T19838] Bluetooth: hci4: command tx timeout [ 1143.302767][T20414] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 1143.338715][T20414] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 1143.398668][T20414] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 1143.490226][T20414] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 1143.864964][T20414] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1143.982101][T20414] 8021q: adding VLAN 0 to HW filter on device team0 [ 1144.068117][ T2972] bridge0: port 1(bridge_slave_0) entered blocking state [ 1144.075279][ T2972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1144.189520][ T2972] bridge0: port 2(bridge_slave_1) entered blocking state [ 1144.196674][ T2972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1145.079487][T19838] Bluetooth: hci4: command tx timeout [ 1145.268269][T20414] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1145.376785][T20414] veth0_vlan: entered promiscuous mode [ 1145.457565][T20414] veth1_vlan: entered promiscuous mode [ 1145.654008][T20414] veth0_macvtap: entered promiscuous mode [ 1145.674544][T20414] veth1_macvtap: entered promiscuous mode [ 1145.956048][T20414] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1146.023575][T20414] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1146.142067][ T3561] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1146.265651][ T3561] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1146.318616][ T3561] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1146.380756][ T3561] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1146.555779][ T3561] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1146.581430][ T3561] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1146.823928][T14521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1146.865728][T14521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1147.160735][T19838] Bluetooth: hci4: command tx timeout [ 1149.571724][T20491] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1149.584162][ T5881] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 1149.594187][ T5881] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 1149.602420][ T5881] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 1149.615003][ T5881] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 1149.624523][ T5881] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 1149.899233][T20491] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1150.141057][T20491] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1150.337752][T20491] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1151.723097][ T5881] Bluetooth: hci2: command tx timeout [ 1151.732807][T20491] bridge_slave_1: left allmulticast mode [ 1151.738600][T20491] bridge_slave_1: left promiscuous mode [ 1151.749195][T20491] bridge0: port 2(bridge_slave_1) entered disabled state [ 1151.804450][T20491] bridge_slave_0: left allmulticast mode [ 1151.855967][T20491] bridge_slave_0: left promiscuous mode [ 1151.863237][T20491] bridge0: port 1(bridge_slave_0) entered disabled state [ 1153.425395][T20491] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1153.498181][T20491] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1153.528609][T20491] bond0 (unregistering): Released all slaves [ 1153.682733][T20568] chnl_net:caif_netlink_parms(): no params data found [ 1153.803879][ T5881] Bluetooth: hci2: command tx timeout [ 1154.302870][T20491] hsr_slave_0: left promiscuous mode [ 1154.312317][T20491] hsr_slave_1: left promiscuous mode [ 1154.350236][T20491] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1154.392022][T20491] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1154.459171][T20491] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1154.466925][T20491] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1154.521938][T20491] veth1_macvtap: left promiscuous mode [ 1154.534178][T20491] veth0_macvtap: left promiscuous mode [ 1154.542683][T20491] veth1_vlan: left promiscuous mode [ 1154.548598][T20491] veth0_vlan: left promiscuous mode [ 1155.488687][T20491] team0 (unregistering): Port device team_slave_1 removed [ 1155.532511][T20491] team0 (unregistering): Port device team_slave_0 removed [ 1155.886766][ T5881] Bluetooth: hci2: command tx timeout [ 1156.089357][T20568] bridge0: port 1(bridge_slave_0) entered blocking state [ 1156.097136][T20568] bridge0: port 1(bridge_slave_0) entered disabled state [ 1156.105192][T20568] bridge_slave_0: entered allmulticast mode [ 1156.113330][T20568] bridge_slave_0: entered promiscuous mode [ 1156.144302][T20568] bridge0: port 2(bridge_slave_1) entered blocking state [ 1156.212803][T20568] bridge0: port 2(bridge_slave_1) entered disabled state [ 1156.234184][T20568] bridge_slave_1: entered allmulticast mode [ 1156.248470][T20568] bridge_slave_1: entered promiscuous mode [ 1156.691685][T20568] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1156.732930][T20568] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1156.994059][T20568] team0: Port device team_slave_0 added [ 1157.048659][T20568] team0: Port device team_slave_1 added [ 1157.336232][T20568] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1157.373300][T20568] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1157.587105][T20568] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1157.600511][T20568] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1157.608251][T20568] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1157.634500][T20568] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1157.888053][T20568] hsr_slave_0: entered promiscuous mode [ 1157.926501][T20568] hsr_slave_1: entered promiscuous mode [ 1157.976907][ T5881] Bluetooth: hci2: command tx timeout [ 1160.416360][T20568] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 1160.468896][T20568] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 1160.497796][T20568] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 1160.574142][T20568] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 1161.860866][T20568] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1161.975084][T20568] 8021q: adding VLAN 0 to HW filter on device team0 [ 1162.064626][ T2972] bridge0: port 1(bridge_slave_0) entered blocking state [ 1162.071795][ T2972] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1162.137167][ T2972] bridge0: port 2(bridge_slave_1) entered blocking state [ 1162.144441][ T2972] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1163.085536][T20568] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1163.129708][T20568] veth0_vlan: entered promiscuous mode [ 1163.164480][T20568] veth1_vlan: entered promiscuous mode [ 1163.213216][T20568] veth0_macvtap: entered promiscuous mode [ 1163.223727][T20568] veth1_macvtap: entered promiscuous mode [ 1163.242728][T20568] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1163.364050][T20568] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1163.518865][ T3613] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1163.600448][ T3613] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1163.640310][ T3613] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1163.702863][ T3613] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1164.050267][ T2972] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1164.094204][ T2972] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1164.544346][ T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1164.573004][ T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1167.068523][T19838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 1167.078280][T19838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 1167.088883][T19838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 1167.096889][T19838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 1167.106474][T19838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 1167.391392][ T13] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1167.649034][ T13] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.197763][ T13] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1168.485768][ T13] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 1169.173350][ T5881] Bluetooth: hci1: command tx timeout [ 1169.333101][ T13] bridge_slave_1: left allmulticast mode [ 1169.339297][ T13] bridge_slave_1: left promiscuous mode [ 1169.422686][ T13] bridge0: port 2(bridge_slave_1) entered disabled state [ 1169.490142][ T13] bridge_slave_0: left allmulticast mode [ 1169.515627][ T13] bridge_slave_0: left promiscuous mode [ 1169.544227][ T13] bridge0: port 1(bridge_slave_0) entered disabled state [ 1171.257574][ T5881] Bluetooth: hci1: command tx timeout [ 1171.730044][ T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 1171.885215][ T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 1171.941606][ T13] bond0 (unregistering): Released all slaves [ 1172.011205][T20856] chnl_net:caif_netlink_parms(): no params data found [ 1172.917167][T20856] bridge0: port 1(bridge_slave_0) entered blocking state [ 1172.945754][T20856] bridge0: port 1(bridge_slave_0) entered disabled state [ 1172.975926][T20856] bridge_slave_0: entered allmulticast mode [ 1173.029340][T20856] bridge_slave_0: entered promiscuous mode [ 1173.167696][T20856] bridge0: port 2(bridge_slave_1) entered blocking state [ 1173.237101][T20856] bridge0: port 2(bridge_slave_1) entered disabled state [ 1173.244963][T20856] bridge_slave_1: entered allmulticast mode [ 1173.258732][T20856] bridge_slave_1: entered promiscuous mode [ 1173.333336][ T5881] Bluetooth: hci1: command tx timeout [ 1173.526548][T20856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 1173.626808][T20856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 1174.338726][T20856] team0: Port device team_slave_0 added [ 1174.375089][T20856] team0: Port device team_slave_1 added [ 1174.828276][T20856] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 1174.877481][T20856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1174.904720][T20856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 1174.923563][ T13] hsr_slave_0: left promiscuous mode [ 1174.940902][ T13] hsr_slave_1: left promiscuous mode [ 1174.949097][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 1174.982087][ T13] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 1175.024886][ T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 1175.059551][ T13] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 1175.180141][ T13] veth1_macvtap: left promiscuous mode [ 1175.204422][ T13] veth0_macvtap: left promiscuous mode [ 1175.211205][ T13] veth1_vlan: left promiscuous mode [ 1175.225790][ T13] veth0_vlan: left promiscuous mode [ 1175.416331][ T5881] Bluetooth: hci1: command tx timeout [ 1176.986897][ T13] team0 (unregistering): Port device team_slave_1 removed [ 1177.090870][ T13] team0 (unregistering): Port device team_slave_0 removed [ 1179.094119][T20856] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 1179.112231][T20856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 1179.203702][T20856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 1179.511010][T20856] hsr_slave_0: entered promiscuous mode [ 1179.554924][T20856] hsr_slave_1: entered promiscuous mode [ 1179.583143][T20856] debugfs: 'hsr0' already exists in 'hsr' [ 1179.607350][T20856] Cannot create hsr debugfs directory [ 1181.002777][T20856] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 1181.065669][T20856] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 1181.150968][T20856] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 1181.235847][T20856] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 1181.803302][T20856] 8021q: adding VLAN 0 to HW filter on device bond0 [ 1181.894281][T20856] 8021q: adding VLAN 0 to HW filter on device team0 [ 1181.916486][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 1181.923725][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 1181.956348][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 1181.963539][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1183.057606][T20856] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 1183.267699][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1183.274515][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1183.276122][T20856] veth0_vlan: entered promiscuous mode [ 1183.405205][T20856] veth1_vlan: entered promiscuous mode [ 1183.682261][T20856] veth0_macvtap: entered promiscuous mode [ 1183.785124][T20856] veth1_macvtap: entered promiscuous mode [ 1183.827912][T20856] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 1183.877260][T20856] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 1184.032656][ T3613] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.072197][ T3613] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.152036][ T3613] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.244360][ T3613] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 1184.693832][ T3613] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.739853][ T3613] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1184.936499][ T2972] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 1184.962036][ T2972] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 1231.442422][ T5881] Bluetooth: hci0: command 0x0406 tx timeout [ 1244.769015][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1244.776657][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1262.177951][ T5881] Bluetooth: hci4: command 0x0406 tx timeout [ 1272.423039][ T5881] Bluetooth: hci2: command 0x0406 tx timeout [ 1292.915157][ T5881] Bluetooth: hci1: command 0x0406 tx timeout [ 1306.206111][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1306.212551][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1367.679107][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1367.685659][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1429.145837][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1429.153023][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1490.642418][ T1303] ieee802154 phy0 wpan0: encryption failed: -22 [ 1490.648945][ T1303] ieee802154 phy1 wpan1: encryption failed: -22 [ 1491.228328][T25388] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 1492.035327][T25378] ================================================================== [ 1492.043429][T25378] BUG: KASAN: slab-use-after-free in dvb_device_open+0x36a/0x3b0 [ 1492.051160][T25378] Read of size 8 at addr ffff8881404e8618 by task syz.2.3272/25378 [ 1492.059041][T25378] [ 1492.061363][T25378] CPU: 1 UID: 0 PID: 25378 Comm: syz.2.3272 Not tainted syzkaller #0 PREEMPT(full) [ 1492.061386][T25378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1492.061397][T25378] Call Trace: [ 1492.061404][T25378] [ 1492.061412][T25378] dump_stack_lvl+0x116/0x1f0 [ 1492.061436][T25378] print_report+0xcd/0x630 [ 1492.061511][T25378] ? __virt_addr_valid+0x81/0x610 [ 1492.061533][T25378] ? __phys_addr+0xe8/0x180 [ 1492.061554][T25378] ? dvb_device_open+0x36a/0x3b0 [ 1492.061578][T25378] kasan_report+0xe0/0x110 [ 1492.061599][T25378] ? dvb_device_open+0x36a/0x3b0 [ 1492.061629][T25378] ? __pfx_dvb_device_open+0x10/0x10 [ 1492.061653][T25378] dvb_device_open+0x36a/0x3b0 [ 1492.061677][T25378] ? __pfx_dvb_device_open+0x10/0x10 [ 1492.061701][T25378] chrdev_open+0x231/0x6a0 [ 1492.061739][T25378] ? __pfx_apparmor_file_open+0x10/0x10 [ 1492.061764][T25378] ? __pfx_chrdev_open+0x10/0x10 [ 1492.061785][T25378] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1492.061837][T25378] do_dentry_open+0x97f/0x1530 [ 1492.061872][T25378] ? __pfx_chrdev_open+0x10/0x10 [ 1492.061895][T25378] vfs_open+0x82/0x3f0 [ 1492.061920][T25378] path_openat+0x1de4/0x2cb0 [ 1492.061958][T25378] ? __pfx_path_openat+0x10/0x10 [ 1492.061979][T25378] do_filp_open+0x20b/0x470 [ 1492.061999][T25378] ? __pfx_do_filp_open+0x10/0x10 [ 1492.062025][T25378] ? alloc_fd+0x471/0x7d0 [ 1492.062059][T25378] do_sys_openat2+0x11b/0x1d0 [ 1492.062083][T25378] ? __pfx_do_sys_openat2+0x10/0x10 [ 1492.062109][T25378] ? __pfx___might_resched+0x10/0x10 [ 1492.062128][T25378] __x64_sys_openat+0x174/0x210 [ 1492.062153][T25378] ? __pfx___x64_sys_openat+0x10/0x10 [ 1492.062182][T25378] do_syscall_64+0xcd/0x490 [ 1492.062206][T25378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.062224][T25378] RIP: 0033:0x7f5ef638ebe9 [ 1492.062239][T25378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1492.062256][T25378] RSP: 002b:00007f5ef726d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1492.062272][T25378] RAX: ffffffffffffffda RBX: 00007f5ef65c6090 RCX: 00007f5ef638ebe9 [ 1492.062283][T25378] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1492.062294][T25378] RBP: 00007f5ef6411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1492.062304][T25378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1492.062314][T25378] R13: 00007f5ef65c6128 R14: 00007f5ef65c6090 R15: 00007ffd53332f58 [ 1492.062329][T25378] [ 1492.062334][T25378] [ 1492.308216][T25378] Allocated by task 1: [ 1492.312305][T25378] kasan_save_stack+0x33/0x60 [ 1492.317031][T25378] kasan_save_track+0x14/0x30 [ 1492.321919][T25378] __kasan_kmalloc+0xaa/0xb0 [ 1492.326544][T25378] dvb_register_device+0x1e4/0x2370 [ 1492.331776][T25378] dvb_register_frontend+0x5a6/0x880 [ 1492.337079][T25378] vidtv_bridge_probe+0x459/0xa90 [ 1492.342123][T25378] platform_probe+0x106/0x1d0 [ 1492.346880][T25378] really_probe+0x23e/0xa90 [ 1492.351429][T25378] __driver_probe_device+0x1de/0x440 [ 1492.356730][T25378] driver_probe_device+0x4c/0x1b0 [ 1492.361769][T25378] __driver_attach+0x283/0x580 [ 1492.366550][T25378] bus_for_each_dev+0x13b/0x1d0 [ 1492.371421][T25378] bus_add_driver+0x2e9/0x690 [ 1492.376107][T25378] driver_register+0x15c/0x4b0 [ 1492.380895][T25378] vidtv_bridge_init+0x45/0x80 [ 1492.385679][T25378] do_one_initcall+0x120/0x6e0 [ 1492.390459][T25378] kernel_init_freeable+0x5c2/0x910 [ 1492.395725][T25378] kernel_init+0x1c/0x2b0 [ 1492.400061][T25378] ret_from_fork+0x5d7/0x6f0 [ 1492.404682][T25378] ret_from_fork_asm+0x1a/0x30 [ 1492.409457][T25378] [ 1492.411780][T25378] Freed by task 25388: [ 1492.415853][T25378] kasan_save_stack+0x33/0x60 [ 1492.420546][T25378] kasan_save_track+0x14/0x30 [ 1492.425237][T25378] kasan_save_free_info+0x3b/0x60 [ 1492.430284][T25378] __kasan_slab_free+0x60/0x70 [ 1492.435057][T25378] kfree+0x2b4/0x4d0 [ 1492.438960][T25378] dvb_device_put.part.0+0x60/0x90 [ 1492.444108][T25378] dvb_device_open+0x2a4/0x3b0 [ 1492.448887][T25378] chrdev_open+0x231/0x6a0 [ 1492.453316][T25378] do_dentry_open+0x97f/0x1530 [ 1492.458089][T25378] vfs_open+0x82/0x3f0 [ 1492.462175][T25378] path_openat+0x1de4/0x2cb0 [ 1492.466773][T25378] do_filp_open+0x20b/0x470 [ 1492.471285][T25378] do_sys_openat2+0x11b/0x1d0 [ 1492.475977][T25378] __x64_sys_openat+0x174/0x210 [ 1492.480846][T25378] do_syscall_64+0xcd/0x490 [ 1492.485363][T25378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1492.491262][T25378] [ 1492.493588][T25378] The buggy address belongs to the object at ffff8881404e8600 [ 1492.493588][T25378] which belongs to the cache kmalloc-256 of size 256 [ 1492.507649][T25378] The buggy address is located 24 bytes inside of [ 1492.507649][T25378] freed 256-byte region [ffff8881404e8600, ffff8881404e8700) [ 1492.521371][T25378] [ 1492.523696][T25378] The buggy address belongs to the physical page: [ 1492.530104][T25378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1404e8 [ 1492.538954][T25378] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 1492.547456][T25378] flags: 0x57ff00000000040(head|node=1|zone=2|lastcpupid=0x7ff) [ 1492.555093][T25378] page_type: f5(slab) [ 1492.559341][T25378] raw: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1492.567929][T25378] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1492.576606][T25378] head: 057ff00000000040 ffff88801b841b40 dead000000000122 0000000000000000 [ 1492.585282][T25378] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 1492.593967][T25378] head: 057ff00000000001 ffffea0005013a01 00000000ffffffff 00000000ffffffff [ 1492.602743][T25378] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 1492.611436][T25378] page dumped because: kasan: bad access detected [ 1492.617858][T25378] page_owner tracks the page as allocated [ 1492.623589][T25378] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1, tgid 1 (swapper/0), ts 22764052946, free_ts 0 [ 1492.643318][T25378] post_alloc_hook+0x1c0/0x230 [ 1492.648104][T25378] get_page_from_freelist+0x132b/0x38e0 [ 1492.653663][T25378] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 1492.659568][T25378] alloc_pages_mpol+0x1fb/0x550 [ 1492.664457][T25378] new_slab+0x247/0x330 [ 1492.668616][T25378] ___slab_alloc+0xcf2/0x1740 [ 1492.673302][T25378] __slab_alloc.constprop.0+0x56/0xb0 [ 1492.678679][T25378] __kmalloc_cache_noprof+0xfb/0x3e0 [ 1492.683972][T25378] bus_add_driver+0x92/0x690 [ 1492.688572][T25378] driver_register+0x15c/0x4b0 [ 1492.693360][T25378] usb_register_driver+0x216/0x4d0 [ 1492.698494][T25378] do_one_initcall+0x120/0x6e0 [ 1492.703267][T25378] kernel_init_freeable+0x5c2/0x910 [ 1492.708480][T25378] kernel_init+0x1c/0x2b0 [ 1492.712819][T25378] ret_from_fork+0x5d7/0x6f0 [ 1492.717445][T25378] ret_from_fork_asm+0x1a/0x30 [ 1492.722224][T25378] page_owner free stack trace missing [ 1492.727596][T25378] [ 1492.729923][T25378] Memory state around the buggy address: [ 1492.735557][T25378] ffff8881404e8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1492.743629][T25378] ffff8881404e8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1492.751782][T25378] >ffff8881404e8600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1492.759844][T25378] ^ [ 1492.764691][T25378] ffff8881404e8680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 1492.772779][T25378] ffff8881404e8700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 1492.780846][T25378] ================================================================== [ 1492.811040][T25378] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 1492.818304][T25378] CPU: 0 UID: 0 PID: 25378 Comm: syz.2.3272 Not tainted syzkaller #0 PREEMPT(full) [ 1492.827696][T25378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 [ 1492.837759][T25378] Call Trace: [ 1492.841046][T25378] [ 1492.843982][T25378] dump_stack_lvl+0x3d/0x1f0 [ 1492.848597][T25378] vpanic+0x6e8/0x7a0 [ 1492.852603][T25378] ? __pfx_vpanic+0x10/0x10 [ 1492.857127][T25378] ? __pfx_vprintk_emit+0x10/0x10 [ 1492.862164][T25378] ? dvb_device_open+0x36a/0x3b0 [ 1492.867129][T25378] panic+0xca/0xd0 [ 1492.870891][T25378] ? __pfx_panic+0x10/0x10 [ 1492.875342][T25378] ? dvb_device_open+0x36a/0x3b0 [ 1492.880309][T25378] ? preempt_schedule_common+0x44/0xc0 [ 1492.885798][T25378] ? preempt_schedule_thunk+0x16/0x30 [ 1492.891205][T25378] check_panic_on_warn+0xab/0xb0 [ 1492.896165][T25378] end_report+0x107/0x170 [ 1492.900510][T25378] kasan_report+0xee/0x110 [ 1492.904940][T25378] ? dvb_device_open+0x36a/0x3b0 [ 1492.909903][T25378] ? __pfx_dvb_device_open+0x10/0x10 [ 1492.915213][T25378] dvb_device_open+0x36a/0x3b0 [ 1492.919998][T25378] ? __pfx_dvb_device_open+0x10/0x10 [ 1492.925304][T25378] chrdev_open+0x231/0x6a0 [ 1492.929735][T25378] ? __pfx_apparmor_file_open+0x10/0x10 [ 1492.935290][T25378] ? __pfx_chrdev_open+0x10/0x10 [ 1492.940242][T25378] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 1492.946587][T25378] do_dentry_open+0x97f/0x1530 [ 1492.951364][T25378] ? __pfx_chrdev_open+0x10/0x10 [ 1492.956322][T25378] vfs_open+0x82/0x3f0 [ 1492.960411][T25378] path_openat+0x1de4/0x2cb0 [ 1492.965018][T25378] ? __pfx_path_openat+0x10/0x10 [ 1492.969973][T25378] do_filp_open+0x20b/0x470 [ 1492.974487][T25378] ? __pfx_do_filp_open+0x10/0x10 [ 1492.979537][T25378] ? alloc_fd+0x471/0x7d0 [ 1492.983881][T25378] do_sys_openat2+0x11b/0x1d0 [ 1492.988577][T25378] ? __pfx_do_sys_openat2+0x10/0x10 [ 1492.993824][T25378] ? __pfx___might_resched+0x10/0x10 [ 1492.999133][T25378] __x64_sys_openat+0x174/0x210 [ 1493.004005][T25378] ? __pfx___x64_sys_openat+0x10/0x10 [ 1493.009404][T25378] do_syscall_64+0xcd/0x490 [ 1493.013931][T25378] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 1493.019850][T25378] RIP: 0033:0x7f5ef638ebe9 [ 1493.024359][T25378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1493.044068][T25378] RSP: 002b:00007f5ef726d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 1493.052493][T25378] RAX: ffffffffffffffda RBX: 00007f5ef65c6090 RCX: 00007f5ef638ebe9 [ 1493.060476][T25378] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 1493.068458][T25378] RBP: 00007f5ef6411e19 R08: 0000000000000000 R09: 0000000000000000 [ 1493.076433][T25378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1493.084411][T25378] R13: 00007f5ef65c6128 R14: 00007f5ef65c6090 R15: 00007ffd53332f58 [ 1493.092395][T25378] [ 1493.095711][T25378] Kernel Offset: disabled [ 1493.100048][T25378] Rebooting in 86400 seconds..