last executing test programs: 6.118049206s ago: executing program 2 (id=580): close_range$auto(0x2, 0x8, 0x0) r0 = socket(0x11, 0x3, 0xfffff958) open(&(0x7f0000000000)='./file0\x00', 0x161342, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) r1 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x80040, 0x40, 0xe}, 0x18) fremovexattr$auto(r1, &(0x7f0000000000)='system.posix_acl_access\x00') truncate$auto(&(0x7f0000000040)='./file0\x00', 0xa5) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) 5.460384998s ago: executing program 2 (id=584): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x3fd, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) bind$auto(0x4, 0xfffffffffffffffe, 0x0) bind$auto(0x3, 0xfffffffffffffffd, 0x0) write$auto(0x3, 0x0, 0xfdef) 5.228191509s ago: executing program 2 (id=593): write$auto_dfs_global_fops_debug(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(r0, 0x8, 0x0) open(0x0, 0x1676c1, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r1 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) preadv2$auto(r1, &(0x7f00000000c0)={&(0x7f0000000000)="8699bb3d623314a9d7f08e462ce8ecbc7866368d20f29dfcfcc574064d5eefede296f119c472f198229c10222f0915570671e3aa20c23f9d6ec882462a1c2a597bb485d90c37f9c166ca8f532476e409936f7c42dd30545f9a59c83543f745fd9320008a7650fb4ad66f8c6b25d3a654926f8a25615f03ebb7e24bbed3c966058287872a50d14f4f928689b694ac4075988fd916ed09a8db793bb93e312a3fb467db6393b7a70b498efe213f964edc2dd877327ab5636d0a2d2bd3506c274a", 0x248}, 0x40000000, 0x400, 0x0, 0x7fffffff) pwritev$auto(r1, 0x0, 0x3, 0x1, 0x3ff) 4.29241125s ago: executing program 3 (id=590): prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x787b, 0x7000000) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/scsi\x00', 0x80002, 0x0) write$auto_proc_reg_file_ops_compat_inode(r0, &(0x7f00000024c0)="a458f4e5e5f4bcc7fad26fd67f02b7cd05e6589800c28ef8f8202c09b2638f3653c6ed3b849812627a484d93e7ca38bb6c75b1d0f95ba576d7f2aba7a6e17d8a748fa2c2b65445121fdb006e371bc9da60cdd2378cf6a100a75f14aee91714b49cf0714f88fa5e59aae9bcf9c237ad19523f31da1c288cdf62813dd7d4d35f4f653b02ee9be0d662a5b8c4b2abd40ce043cd48819ea9eaa38e675e316b30542f9931634b3a830a7b54d420ab67826dddb406fed3bed2b77ecb0a7d4e2af6b59bab4910255fc1c235940b6f7f253131c3cd2ac263c02923997e0d75105d0d2cf679ea39a73b46233a7ae8e3bbfb0d80046e233f9d8c5560fe1c960668ebcbe0f83692592c77c17cd13221d12f7101576ebed9672885ab88780d1e19fac43722706ec0ba321cbad1a4655b89cf162edf24d1fefcae46d1249c3454cec842f32115775e6874e5cd7ded5dd35826f4cd5305cb3ef22976a7038ab5b6c2f47ab885ca72fac9790238d313859fab15b48ac55d1f572eedc5696e7699164709ec83e685df236a03296471157171e45fc876d86da156922a730e921b1db59737aa99d3c340400112561338a371d1046b32398ad4d770d08435561793bb629ea9c546540c8f54fed75b9e2e96a93bbbe986a8f4979193d7542319a3420287a1ac0a39444fc1abbf0a42bcff5cfa283d15f6c6e299a21abb3a375b3e1ddbb02e6159c9457952209b24c1bf943c54670ae8c2e47f56c96fddee1f2e1632fabde9bcd0bf1ae29eaa6cd2eba33477d8c8731f44173d7c9f6671a951d3e53e696f8f9879f9a974f7e2966e75142cda07e655b6d2eabea316f895785acf3bc931bf224e07110af85ec024d81e326efd5d258d42f731858bb0cb93c93b9030cb34b2a95e7844c018230d92b285d8cbe8bee6a92fd4243e53fa90f4635ecfdb49081d198b4146014cfc4419497fb921b2f61e23ce527374349012778e08f814df03867fee8247ee26c549c0597f94afc17d785b61e1725fa64bc12f1affe87e9117e71290bce5f75ad394817234f97c49fbc63a4d811719871c0a2d5db42d5f8ec45959a8464af57cca0566f6bd41d693f1fb5c96e4c6a6f97f50f459f7793e6046d1b535de78802b9fd9953dafe263ab3d693c0fee0283e70c610e2cfc0e3cb3854dd9d02d700eb666d80dadef740e5f274c2a8ba5fafe1898378022c3d51249710e4f4081b3e2f53670250d3ad7a06eeb02ee94505f7fc8d2c5e9a984a6ab7c1b761f517919a2f44c6bfeaf840c359627be82c08c5769921720bbd883aa74003d8dafec23f539b6b26205d931dcbd381c61430e58954ccd8bef6e8ff18243d769b9139e86d83ee72e5a8c7ac6dc0c997faf9b347947a40e7ef33686c2ee0b49d7c58148e4c8f73fcab6c5597f71feef03fc47db06955299b166bff481c71499fe92fde4e754db5ac71e1c8471ecd1d15fc9c48ce2d01fcdec9b8a9c4cd5d591f590a521dd39d3354e7e2750f7260fe89c02bb3bddd30f11be772eb95752246632df16474832514493cb6c50e8fc6b37dbc263cf970f0ab0d1221245082e91e90f55ad8354eb735038335b42e2571267b07cf71225010aab65145e443b50099b2bd4bfbf546a411e733e97d54db91e84448f966469b796425bbd144f83694b9e05b756fbba36cc6075ad8f30edb0847be6934482d6e19950af47db60a96ca5eef83faf4a1f628daa8dafc78cc2607fa0fcf6fc0ad00c64efb2c223c70bf7a8414c290d13793a5fc81b10a5bb5e8dd7ca2f81f5556d231bf2cfbf1923285aba060c1c88882107e14fddcaaf3eaea37a0bb7216050585c886b6c3fad247d85ccd458dfb746d3d0f6e517adf50a31fc96530950f186943de01ff77d98273875b727cfaf927820d52ee3a63fea63b2d39b1f2c6c2d985e62b96e4ec129207e488a2f91356ba91a8d8bd5b63718d087dfc183e56ceb924afae5f3a12d8c53bb21b8593965b1d68aa52ca985fa510d279ffc470468e3aec2d7524d80826a94e48a6ca4d11e5fc3d5776efc1a696b04c391c872eb2f42fcf6b84e6498f5d0520600f9f68a36d3c535b9d7cfc1d45415374adb90f1e6d300a99f2b5f6f77594c336ddc9b171c4875247201b05ab171a7d4418dcfffcee9996be2cd77e9d7e92965d28e1458df6d184ba7d9cd55d5994a00e692d7674f2ae01d6dd56c3e4b5aa1c0f27ae4c4cbbfe7289743b7c5f9ba7300891f4c83f414318e77de74d84d33b7f83c456e198b99d64e8b7caad5bcd618993764bb24178a990d736edf4965346c2ac76c99b22a5114ec39bc818d6a469b0d4f1aeaf955c14d7a3a5b787141d465a55d71b6138a8dc8cb1d303371c97d8479cb09545bf4a08fa99ab7ea21b3b3a95f4b052e261baf2be0131ce619ecd352904fc2486735edf6d2df283f1e2dae7432557bd8c899b397e769088797f337b3aa1867a9728148f9c63f643ce41f19906640e50764b1a6286beabe9f9e074ca60552f1212aad80b22cbbb45c6e6f00f51020df928756caa3cf374342257807d6daea4e74a79c6144fae4f78915303542b7a5d48a17179a4a43ab18631b06d81c01409277dac0d58ff48c86f679e9c0c56aa8ca6c7591078d6bee3ff9857e099145cf0775ef0ee006f9697e4c69efe0ff72543d70d8ac9faba1eec24ba9f9a3e30fa5d324ba137aaa7175a529c13a8fc321d92472c9b19c941e701f7225664b05613cb07b0705112105ab3c28b00af1b6f930f3d903ee6cc164d77d5d2a0b16667cfb6b329b53b30d8d9a826ba7430d519b1b7f537ed2df08845eb5df7737fe3554f3d96144b42bfd92cc5daab42446f3d46272a00f2457d39ef3e9ea37362d402f6287ea6f485f68ffbe383e21089c313171f6c33f8a7055299ab7cfc5d974c487d992cac1ca53c05c1e9bdb38f6ca0ed6d4e0d8ab7b6197fdd1b4b95e6a466c8d9336c571ea1743e96e0b88da75520b8adddcaa932336fa02f63ce1a7eb909507f778ca3b5f2a736f396528d06ea86f63d3e45f545d262cadd337d321023ae0e5052ba4c0028dbd19765b0097039a64d58a8998ef7afba341b42d6b227cad8f4c4025a766dee22a0cfde5f8c0581d4442a7aac906a0db5fad825611e487228aed5eec17f08d887a34d2b7c6c25f77412ee9941d5dec68a0464a1b0fd6eede1aa1b50579a93f205943dfd626204b9ca493c5aaececd17df71ac200cf7331a8bfbeddb6cd95b0b3016e56de0a9eeadf8d8c3591ae061e743f7c1ca4522bf55b2d80f3ba5df92d81433552dad6fd744ea71903b15a6374613b2a64a533cf6fa974273e7e5359f47428d7620d98d877faadad739a9a761713832ea70da990271b575e7cff075714d563b5b752ab50a7e1a1b5e689ff210503faabb37b8aa1d845825ab2488cfcb6a22010a55c4c045745f186ba8f42bc5a4dd06831da770670209ba568016459c50aef30c8aba754e341183817ad9b386e6b4e194cf66b76c9ea6313491d99d7e7a6d5c92bcec000c58794de2acfc4c490392a68f61e60bf664287e7020e4f30d897d916eb73dd4965b100f3c528cf2a46d43fca6351fc8c6c50fee04340b1f2fdf382a257eab0d964e7a2f0b1b7b9bc017117d8ebb40816b5515c88f7682c02b92b01d9fe884c963846f64800463830d83605a2ea32510dfbaaa29af264f60e8f72f307880f595715637dd799de8d77b0c7131bc04d44ce06b82a0f355e09e3d580124167e62fb12c584dc9553f3f91c86afffe6d871784c56c687b48b14bc974c65f18468eb3806be71c563a8af3075e4d9ff2c55ebab74ac4d384bc7f012dd39e373f74bab4ec597caa798112958890c00de56da95293e578490fb0e1e8fa63e1db877e75c7da1e394e37f8a971f7fe1354a800fff0c23aa66d990acf8fc7524d52a0c4f7b66459cb1811719afec92b7bd88e43569559f7f5fd41196c8ead0c70e13cb05b1155aab093a58b0d4652ce5ca005f868cf38fbefd401ddc9a747447ca6ea90b277688ef780461d14c5186b5a724cf50e5e3a7453e7ac4e79f07851317ae57911529daaa03d6745df50c78b868cb60757828b00d5215b8d67733e2ab1366afacbec2fae934460a1e364275715fc2fe5b911240d59d94084b3386d130c9f52d844858bd36c866b2ca215c02aaff1c4be7a5d2329e00e5ad58de3e87c862402ff5d3632b1f871461f57f6194057ccde4d1d4adc08b0da2778896aa95ef376c53818fafa74872e2f99af03edfe5e8d8e030816a01fa193007f84a627991f24f9054d0347082c2c27294d8bea1422b5847a3bfd2684f5708013d6f3c4d41baca139ebab799b0f2d15eeb4a5fd195b892d331bd1db3f0ec4ddc225e52ef8a326ccd4b86995bf90ceffd0a18d37806ee49d09f072ddab15df82556c459daf45705ebfd358c4eb7547add41da3364d90fcdd36759ebfeda88080a7f6d24ebb0e29e3a1b830e773a2c6d312472375b0428a221e03e2a1810a1c3cc8cde61e5359eefbb7324f4a6b04a2da87bce311a319ae8a842a518135750779d022b1a5321eb779d318d17387a7b7a739620594b090a2e550442c3debdc07a7a5283acc99539834c47ccf7635557a3066b81b32135df2e34c509dbf66dc0276e1e57977b45d77d41db78981883cf8ce8a738c04753911e957bf044e0bdbb1e9a72a7b5f884b61293e2f2756a32f6ef292a95e8484e101194a8c7e90f1e41fddf7d6af09dff5e308a2fbf5f0158d45bc87341ce3414c4b26cbc47ba43b2c2ad9ce6068df85d30fa994bf55cca9c327501c5335711988d3b4b5552c4fb9e9b6601a63cbb0a72ecdac3848ca4870814e0b8dee48a0ab5b14224c71f12cd648a3a39cba8e68f1562c1ad4966b7099015039518de65178c6a5e409166cc49d53b0f053773535421dfe289bd7c7fc2172dd4c5820ea3d2bbfd5bfd056a4d249a803440eada02f46e6fb9db13c74dad1303ca88b0a5091e196837eedd6a1dcd00e95fee39f252e3fb3afcb28d1db702bec482f19f7a5a327a522354e7bdbb3619697cd5c6e5b098b9a3c11478ef2b6467d22d0409e43bcb6552aaf47890c30077e56e77bfc53bc77fba63a324586f3172014b98dfac4ad686c83e611b89b1591a88dc4402d5cb60366455174cf0b84d0685454265a4a7d023b588ae491e6dac119433b2610170a8dc52a0c9f60cec85fe7fea415bf61e50c315b00c70a240a56345e1030731c4144d128e8dab606b1bda54874452af20ed7d6f3350b477417857884a6a6972b9696e92464b762da5739e400850df7ad82c63efb359d3a96b5a4a2f385432b6fa54c54a37678013d1774107b168b32225172d1081aa093def6e5ed6c05767128a4ebd0913ab03d200de072e81dbbc7b0c947ee3e34f6795211e632651852cb9cd7c2de1ef54d20ef625a193ed13061030c9a2e7f8c5674cbde924e25c8f97b6add0f4f89ef2b16ff418581aebd9f962f671a6adff28acf04edd01a96f69e0671780bdf40a19e9a3a235289771738cd32d1ef14509d11781d17608251fb7fa1b9d3c8646497ba0ce8890a2f0bd6e485959ceb8edf74981ef1c0ad7fc4f67bc4c941daef39fefbbdfa39979cf0e6454d565e8e90f8f4ac565a42dde87e16d4ad0977e1e67f88f560131ddaacc8a1f9db08441e6a9ddabae4b19441ef451ae9d9a854b193eb337d68830637f3ae81738bcc1a016077efe7692e146018b417d1199a14a79eecdcb00b0477f83627be935cc3a16a90b59b501d02be6091623c94f0fcf3e74616da0bbd767384c47fbe393c08c896979eef4cf1f2c6", 0x1001) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x6) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x929, 0x4001, 0x7, 0x5, 0x100717e, 0x3, 0x7, 0x6, 0x7ff, 0xfffffffe, 0x80000001, 0x4, 0x200000000001, 0x1, 0xfffffffffffffffb, 0x8, 0x0, 0x2, 0x2, 0x864, 0xe, 0x22000, 0x200, 0x4, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, [0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0xfffffffffffffffc]}, 0xa, 0xd) r1 = openat$auto__ctl_fops_dm_ioctl(0xffffffffffffff9c, &(0x7f0000000180), 0x1541, 0x0) ioctl$auto__ctl_fops_dm_ioctl(r1, 0xfffffff7effffd01, &(0x7f00000001c0)) 2.979336434s ago: executing program 3 (id=594): r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x20009, 0xda, 0xeb1, 0x405, 0x0) sysfs$auto(0x2, 0x100000000000037, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xe, 0x0, 0x4) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x837, 0x8}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) 2.964992005s ago: executing program 2 (id=595): mmap$auto(0x6, 0x9, 0x6, 0x32d4, 0x10000, 0x80000001) open(0x0, 0x64842, 0x0) epoll_ctl$auto(0x5, 0x3, 0xffffffffffffffff, 0x0) ioctl$auto(0xc8, 0xffffffff800454dd, 0xffffffffffffffff) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mremap$auto(0x4000, 0xfee0, 0x3fd6, 0x3, 0xfffff000) set_mempolicy$auto(0x8003, &(0x7f0000000280)=0x7b, 0x4) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x19) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) mbind$auto(0x2000, 0x100000004, 0x100000000, 0x0, 0x6, 0x2) 2.457697458s ago: executing program 3 (id=598): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0x2, 0x801, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0x10, 0x2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@test={r0, 0x4, 0x10, 0x9, 0x133, 0x9, 0xf4, 0xec56, 0x1, 0x90, 0x2, 0x7, 0x5, 0x7, 0x714c}, 0x10) bpf$auto(0x1b, &(0x7f0000000040)=@link_detach, 0xc) 2.456615654s ago: executing program 0 (id=599): mmap$auto(0x0, 0x5, 0xdf, 0xeb1, 0x401, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x28, 0x5, 0x0) socket(0x1d, 0x2, 0x7) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1d, 0x2, 0x7) socketpair$auto(0x1e, 0x1, 0x0, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto_TIOCSTI2(r0, 0x5412, &(0x7f0000000000)="fe") 2.371520652s ago: executing program 1 (id=600): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x9) socket(0x2, 0x1, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000240)='/sys/devices/platform/dummy_hcd.7/usb8/ep_00/direction\x00', 0x20400, 0x0) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/vm/overcommit_memory\x00', 0xf22437c730143eb6, 0x0) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) open(0x0, 0x64842, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000011c0)='/dev/ptyq3\x00', 0x40001, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) ioctl$auto(0x3, 0x8926, 0x10000000000402) 2.25319386s ago: executing program 3 (id=601): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x1, 0x82400001, 0xb, 0x0, 0xd) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) 2.185752979s ago: executing program 2 (id=602): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$auto(r1, 0xae41, r0) ioctl$auto_KVM_GET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)={0x2, 0x0, [{0x4b564d04, 0x400, 0xfffffffffffffffd}]}) 2.031466261s ago: executing program 0 (id=603): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp1\x00', 0x20b42, 0x0) ioctl$auto_SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000100)="000004") mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x20942, 0x0) pipe2$auto(&(0x7f0000000040)=0x8, 0x4800) ppoll$auto(0x0, 0xc, 0x0, 0x0, 0x8) close_range$auto(0x2, 0xa, 0x0) 1.894190121s ago: executing program 3 (id=604): statmount$auto(0x0, &(0x7f0000000180)={0xa, 0xecc6, 0x4, 0x7352, 0x2d, 0x200000000045f, 0xa, 0x7, 0x3, 0x2, 0x9, 0x36e, 0x6, 0xfffffffffffffffe, 0x3000, 0x9, 0x8, 0x10003, 0x8, 0x1, 0x0, 0x5, 0x1ffb, 0x8, 0x20000400, 0x84, 0x0, 0x0, 0x0, 0x0, 0x4, [0x400000, 0x0, 0x0, 0x100000001, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x20000, 0x0, 0x3, 0x401, 0x0, 0x0, 0x3fffffffffffffd, 0x6, 0x0, 0x0, 0x0, 0x4, 0x38, 0x80, 0x0, 0x0, 0x0, 0x3ba0, 0x0, 0xe, 0x0, 0x0, 0x0, 0x5, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8, 0x0, 0x0, 0xffffffffffffffff]}, 0x9, 0x11) semtimedop$auto(0x9, 0x0, 0x2, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) r0 = openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) read$auto(r0, 0x0, 0x1f40) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x3) bpf$auto(0x80000000, 0x0, 0x6f3) io_uring_register$auto(0xffffffffffffffff, 0x23, 0x0, 0x1) openat$auto_snd_timer_f_ops_timer(0xffffffffffffff9c, &(0x7f0000000200), 0x101802, 0x0) 1.872094012s ago: executing program 2 (id=605): syz_genetlink_get_family_id$auto_ovs_packet(0x0, 0xffffffffffffffff) syz_genetlink_get_family_id$auto_wireguard(0x0, 0xffffffffffffffff) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x141900, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r0, 0x0, 0x0) ioctl$auto_VHOST_SET_BACKEND_FEATURES2(0xffffffffffffffff, 0x4008af25, &(0x7f0000000080)=0x2) unshare$auto(0x40000080) mmap$auto(0xfffffffffffffffe, 0x8, 0x4000000000db, 0x12, 0x400, 0x8001) setsockopt$auto_SO_TIMESTAMPNS_NEW(0xffffffffffffffff, 0x4, 0x40, &(0x7f0000000480)='/Eev\n\x0e\xcf^+\xf3\xc4Y\x84\xf4\xe4\x98/audio1\x00VI\xa3\xaa\xb1;\x9d\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9abN\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953\x01\x9f.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4re\x90\xc0\xbf\xcem\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\x12w\xd7\x99\x8c\xbe\x8f\x1dI\xe2\xae8\x83\xcf\xc5D\xcc\x00', 0x4) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_FLUSH(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001bc0)=ANY=[@ANYBLOB="002800048008003900640101011c001c8004001d800400ac8008006c00ac1414aa0800ac00ac1414bb08001a0081000000080010007f000000c4131480a64ada9e57e1f12778bd2998a21e018c75b03fe573f676fada761d7c8ded712188e7fbac2d3b503b40c0acaf370b3cd19bbd5e05db6623fa185911fbdb097cb705e02440952fd91724634f7135fed7ebd330fc15b8c0f768d0f576235e07a5cdf2759311f411b669586b09b61efc0000b5b06eb72a7c2050b6796a02d6eab7b86534b3a1c2a0f5f135e11a54355fae843d8055916ef3d5dd7cfab9720a48bc1b39770a04a6ec218dd385df3869cf52a2d781bd28a53ce9962521a646ad17c453856e50832a1b8b5f00a8b70800b625ec33d60ea6b14366a9e69f78bb4852704d4789e585ddc4761d6992121d1ee1a4267e8f0add069c7171abbfcde5f7ee3410c301f06aa735bd8ee501261a19e1d732c3c0bc4789fae77625ffb55439f473024ce7581782d1331fc1e3c87cdb294df218994e9221b28c206e44140caa5d3ff3cbf5faabc187ce53ed7e0c494b83c6158405618c243b2b231d0be37c95606db6b71ab8165261f4e795c676cdd539a4a3b76f067f08e950fc46012b1d1be157794a13d19135e521faf7f5c68c9bb202d348f74a83e1fe8d600283ec6bd6022715ab86ced8cd01cbc4a2c4f89011c55d2ea98caee236a6ca7cc625f16aa7109a40b63a3177c1f6dabb3744d4572c007805884861813c0892d1d49ada377f78aa6d47b2f21ccbdca10c58622cf25f9dd2394ad7c2463922f597a74b13efce79c29bbba51cd966a498019f57be8779e851b6d52bc3a56bd3e14b23df300f188ba12942797d8012a5399151e3039e3ddf01fa7b407f096ef3de85c89f4b9df8645526ecbf9d597308d49d495fec8e3566742dea88b9c2d62b9be58627fd6e4d1a8b6d605fa4b96e1662a3e046a4859b97ede266f6ffcbfec95ccf5eb24304bb465b2c8ab31b34ba582590bdf3b0632857b2f237a819acf858df3a5309f1a296186907b36d38dfb3bb15b2c351f42169aeedfa45a79c8799c46a9bba19e75798b6934fa33c9ea3f3ec0f23e8d0dc1067e5a04ff024f25bf4e2469034a147aa41e4b9dd3a3be9242231fac7b2eeef10962efde7ed9c44610fa1ba1d0711d4373a1bb90cb154dc68335ab0c91d87847dbf211c991c78cdc2154f3bbe22469d6c9e3d3bd62425aeeec1f733e2f3dbe731c63e77d40050202ec3794e2030c99f4cf0ae2c498461c55dcee4104818dbbd6a7e9d8ad3b6f69ca4f6e47a805d1744e47d6977372fdbf261f793b980e6ad42164f244cf65fd84f2e1ca62db4558c88a3969bdd7a0e993acabf0e819c32e81db2262f1f2d083973c6d9453de7477993d5d1ff5ac0683c255d2eee0d15f95c1bdede32bea7ce8982d764a4149dafeee88eacff6231e7bd913d5a4abfaabba68c44e9562513edf7f1be5eea63c1b6274115dd3e86fa2ee25d44b702d584bfca22af92fc4a9e59c512bd43a86dbb741163da665de1ffa2e6fd974962985f37120efed776ee0ff12c8e5a61d3d44df08fb9ef0b7203f79dca6c1642c41f86a6ebf71367aa70abbe86f36dec0b6585a7825dbbfeeac2e8762147a7ff7fc37cb8942bcb8ce340384679d3cf03488ee61ad71c9ebdccce1f4c63f2815e34d9dedd6017bd5aa1f04d8ec9ab9db9d2ede7de6ba734d9bd7c09147a4ac87c757bb7b1bdfdc42883822f25336332b845bbe4c2f2c26034c134963506a1f42a06cfac32f4b5cea056b1ca8e4eb1ce67727e81bf79622c692070bacb9b1468aeb7445d0ab2a635a203ec6ae5fddadf76ffb1d5a649d577164ea4b196937d6eaf80204f3148789dc4fac74c6b6f0d6472863862564e3fc0c374ffb8885009430ed6cd762176c9573b9d90e7ed9f36022bff1e21bf47ca1f58112ea952f8c6a9e47200803f144aa2dfae26f47d00089a29f5abc81df11b7bf56cdeaa96a758995bcb547d8dc6828db95694f619a3ce99cbfdb0db5a2f8c993f18a98bad00da54bf4796e553844c096075883dfa07a4437112e1425668bcd2b94849849919c54ddfe9da6132210d18a70bf32487e9c68e7540a7976185c3cf8d7b6742c50e56e61cd008289dc03b41da37a6dd9e386cc511f903ecbdc05093e036cc1ec4a200f8abf4df82bdff062555143fa777baaa858aa99605e0a0620f31e2c563aa3d6030be4317c6bd7845aa774930377f98229ac8e757a2752cee08919bb4c22228b55980686a8050646a20fd1dc9439bd8a4cd25fff82b9c82ccd9525d86e879f7dba6985add8e6fe87546d334c1101770190d14afedeafa4f3f073a422cff236628ca02bfd3ce78afee66194e31f167d950c555d0ddb758f423648c5c3c928e630667f80210bed931a67ba8304537e50fd3aea2afd650d55ef64f00fd3ff5543dccc3ca18fed8961f6f39a0ccaff3f544d74b404cd5e6c6b8c990756309dee76f60e7d51d40275add3d57fb58074b83fe54cfb9ecd351b784db135e78f573abbd84d0b8925837c69c9db0ab9d916e0f1131c9a449adb270a5dd72cc8aedfd2381cf24cf53260b809852200df50a49e6d9639394f1fc5d81a23b376dd77df26c15ce293cbd115e71215ee2be603b0b74ecb7030b4fd0ddffd223e3832a86e9b356a43fe18eadb070f98d7f7f87008ad4e3ddd88177d1dc3f448ebe1c4a4b0fb4c906ac8a825e6e0b4981877fd70727c76fd198d867315906db053da5da12a5f12061a0cf98deb384ce159a2de397da227551a59efa2d0fddfaf1ed45c88956668f61cb754c934950559e0a9aa3ddee1b48bbcccc75e01bcab29a64a57f76459b4dde331794c963ac494583e60a5a2381b6082ce585f99a57e7777d70a5e3b54b5e53131650d127d5048d3b89e6b6f07b5001f6e399d5afa0826e57f8f4212a87d45f10b37eaae0d47ebd857dbfaf75e6e90f456577ea87904368df9b7538d0583cc07f639d1a9a1ebde4156e14b41b2ad9dbdf233fa9ce1ec2b43f198a7f00ae75e563f8ead18edd06f779f8c3d1fea45ddb2fe977938e50d209be6145ebaac834139c1c993d8f5484ef05074d81caa8d763cf93e224d39af9511223349a29507dc9520042e782be70fc035a6e1dad7e95ed87a0c8c47a3551a867f8b4cb11d1fe1ce9007b889cf75241c42207d8a0c77f9c757a63368d99905cd84dc6a300544412bd8ca04359cbb818b4b3d770de1fec133303f44b2157d0add1df239ce887871e012ef544d2ccfe6220adb5ddc9c51e0cf5c3eda0a685cc538d39c8db0a2d4714cb0ee2726bce0fbb0e23a8e8166f5f209f5c896570989d0e32e9879e97e447d1e562a59e4564ce9b6338a2c0bccead0c796b37eed11ef9d1428e648760d9afa993717c77706abc725fdcabf98e12df3e89aca69d4233bb78c304e6c0f47f7382ab820f831326a3f216b46c8fd1842bc8a88d18f7bf3190bc5cdd853feee077"], 0x2bc4}, 0x1, 0x0, 0x0, 0x20008010}, 0x24000080) write$auto_console_fops_tty_io(r1, &(0x7f0000000440)="671d2647dd69b6440843b6e6688a2b5ad9df2669e6f9cd2365", 0xfdef) 1.808612763s ago: executing program 1 (id=606): write$auto(0xffffffffffffffff, &(0x7f0000000040)='//\xf2\x00', 0x80000000) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x5, 0x0, 0x1, 0x4d) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x4000000008000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x20) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r1, &(0x7f0000000200)={0x0, 0x7}, 0x400000003) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x18, r3, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@HWSIM_ATTR_MULTI_RADIO={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) 1.055295822s ago: executing program 1 (id=607): r0 = socket(0x10, 0x2, 0x4) mmap$auto(0x0, 0x20009, 0xda, 0xeb1, 0x405, 0x0) sysfs$auto(0x2, 0x100000000000037, 0x0) r1 = socket(0x11, 0x80003, 0x300) setsockopt$auto(r1, 0x107, 0xe, 0x0, 0x4) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x401, 0x8, 0xfe, 0x6fb3, 0x8a, 0x9, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3032, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b3}, {0x0, 0xfc, 0x6, 0x0, 0x0, 0xf89, 0x9, 0x837, 0x8}}) r2 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'dummy0\x00'}) syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/cgroup\x00') sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c0000001400"], 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x400c000) write$auto(r0, &(0x7f0000000000)='-\x00', 0x2fb) 1.055207141s ago: executing program 3 (id=608): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) syz_clone3(&(0x7f00000002c0)={0x224004900, &(0x7f0000000040)=0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000000c0), {0xe}, &(0x7f0000000100)=""/105, 0x69, &(0x7f0000000180)=""/242, &(0x7f0000000280)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x5}, 0x58) process_madvise$auto_MADV_GUARD_INSTALL(r0, 0x0, 0x0, 0x66, 0x2) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) getsockopt$auto(0xffffffffffffffff, 0x84, 0x7f, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, 0x0, 0x6b) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/devices/virtual/net/lapb4/ifalias\x00', 0x1a1842, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty51\x00', 0x40001, 0x0) write$auto(0x3, 0x0, 0xfdef) ioctl$auto(0x3, 0x540a, r1) 1.048820469s ago: executing program 0 (id=615): mmap$auto(0x0, 0x2000c, 0xfff, 0x20eb1, 0x40000000000a5, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x10, 0x2, 0xc) close_range$auto(0x0, 0xfffffffffffff000, 0x2) signalfd$auto(0xffffffffffffffff, 0x0, 0x8) epoll_create$auto(0x3e) r1 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000002cc0)={0x0, 0x0, &(0x7f0000002c80)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES16=0x0, @ANYBLOB="010027bd7000fcdbdf2535493a2c040002"], 0x18}, 0x1, 0x0, 0x0, 0x801}, 0x4044) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="18000000", @ANYRES8=r0, @ANYRES8=r1], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) 824.455639ms ago: executing program 0 (id=609): mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000080), 0x80080, 0x0) ioctl$auto_PPPIOCSMRU(r0, 0xc004743e, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7, 0x20020000) bpf$auto(0xfffff011, &(0x7f0000000000)=@test={0xffffffffffffffff, 0x4, 0xfab2, 0x468, 0x9, 0x2, 0x4, 0x2, 0x4, 0x200, 0x1fd, 0xb6, 0x4, 0x6, 0x3}, 0xa3) writev$auto(0xca, &(0x7f0000000080)={&(0x7f0000000040), 0x1}, 0x7e) r1 = gettid() kill$auto(r1, 0x11) ioctl$auto_PPPIOCSCOMPRESS(r0, 0x4010744d, &(0x7f00000001c0)={0x0, 0x8, 0x80}) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f0000000040)={0xd, &(0x7f0000000000)={0xfff7, 0x8, 0x6, @raw=0x3}}) 822.115797ms ago: executing program 1 (id=610): close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) bpf$auto(0x0, &(0x7f00000001c0)=@task_fd_query={0x9, 0x21eb, 0x7ff, 0x6, 0xa, 0x1000009, 0x5f, 0x0, 0x3}, 0x6f3) socket(0x2, 0x801, 0x100) socket$nl_generic(0x10, 0x3, 0x10) socket(0x10, 0x2, 0x0) socket(0xa, 0x5, 0x0) r0 = socket(0x10, 0x2, 0x15) close_range$auto(0x0, 0xfffffffffffff000, 0x0) bpf$auto(0x0, &(0x7f0000000300)=@test={r0, 0x4, 0x10, 0x9, 0x133, 0x9, 0xf4, 0xec56, 0x1, 0x90, 0x2, 0x7, 0x5, 0x7, 0x714c}, 0x10) bpf$auto(0x1b, &(0x7f0000000040)=@link_detach, 0xc) 613.906469ms ago: executing program 1 (id=611): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x2, 0x801, 0x106) io_uring_setup$auto(0x6, 0x0) getsockopt$auto(r0, 0x11c, 0x1, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x65, 0x2) socket(0x1d, 0x2, 0x2) connect$auto(0x3, 0x0, 0x55) socket(0x10, 0x3, 0x6) socketpair$auto(0x1e, 0x4, 0x8000000000000000, 0x0) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0x38}, 0x6, 0x0, 0x4, 0x9}, 0x9}, 0x3, 0x1f00) 359.430162ms ago: executing program 1 (id=612): r0 = socket(0x2, 0x1, 0x106) bind$auto(r0, &(0x7f0000000040)=@in={0x2, 0x3, @multicast2}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) mknod$auto(&(0x7f0000000040)='./file0\x00', 0x1001, 0x4) open$dir(&(0x7f00000001c0)='./file0\x00', 0x201, 0x14) open(&(0x7f00000002c0)='./file0\x00', 0x200, 0x1c7) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x109001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D2\x00', 0x1, 0x0) socket$nl_generic(0x10, 0x3, 0x10) select$auto(0x9, 0x0, 0x0, &(0x7f00000002c0)={[0x1ff, 0x7, 0xd, 0x1, 0x948b, 0x3, 0x15f4da07, 0x3, 0x3, 0x65, 0x8000001f, 0x1000, 0x6d3e, 0x9, 0x2, 0x8]}, 0x0) shutdown$auto(0x200000003, 0x2) 196.770393ms ago: executing program 0 (id=613): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x801, 0x84) io_uring_setup$auto(0x6, 0x0) mmap$auto(0x0, 0x9, 0xffb, 0x8000000008011, 0x3, 0x0) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_enter$auto(0x3, 0x1, 0x82400001, 0xb, 0x0, 0xd) r0 = getpid() process_vm_readv$auto(r0, &(0x7f0000000000)={0x0, 0xfff}, 0x1, &(0x7f0000000280)={&(0x7f00000000c0), 0xffffffff}, 0x6, 0x0) io_uring_enter$auto(0x3, 0x5, 0xffffffff, 0x3, 0x0, 0x2) 0s ago: executing program 0 (id=614): mmap$auto(0x0, 0x2020009, 0x7, 0xeb1, 0xfffffffffffffffa, 0x8000) personality$auto(0xfffffffc) socket(0x2, 0x1, 0x0) openat$dir(0xffffffffffffff9c, 0x0, 0x70080, 0x22) r0 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/net/ip6_tables_targets\x00', 0x2, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2101, 0x0) write$auto(r1, 0x0, 0x3) pread64$auto(r0, 0x0, 0xf42f, 0x7f) ioctl$auto_PPPIOCSNPMODE(0xffffffffffffffff, 0x4008744b, 0x0) openat$auto_ecryptfs_miscdev_fops_miscdev(0xffffffffffffff9c, 0x0, 0x101200, 0x0) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x800) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.1.111' (ED25519) to the list of known hosts. [ 111.974280][ T5817] cgroup: Unknown subsys name 'net' [ 112.077472][ T5817] cgroup: Unknown subsys name 'cpuset' [ 112.087729][ T5817] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 113.704956][ T24] cfg80211: failed to load regulatory.db [ 114.215125][ T5817] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 117.008772][ T5834] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 117.022796][ T5842] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 117.032366][ T5842] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 117.037790][ T5836] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 117.043227][ T5842] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 117.064847][ T5842] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 117.064907][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 117.073911][ T5842] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 117.093629][ T5836] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 117.095539][ T5842] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 117.104167][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 117.114714][ T5842] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 117.131390][ T5836] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 117.136243][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 117.143272][ T5836] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 117.157227][ T5842] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 117.163275][ T5836] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 117.172658][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 117.194563][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 117.204389][ T5836] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 117.868806][ T5831] chnl_net:caif_netlink_parms(): no params data found [ 118.027747][ T5827] chnl_net:caif_netlink_parms(): no params data found [ 118.056963][ T5828] chnl_net:caif_netlink_parms(): no params data found [ 118.147611][ T5829] chnl_net:caif_netlink_parms(): no params data found [ 118.276609][ T5831] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.286881][ T5831] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.295267][ T5831] bridge_slave_0: entered allmulticast mode [ 118.305352][ T5831] bridge_slave_0: entered promiscuous mode [ 118.346223][ T5831] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.354462][ T5831] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.364961][ T5831] bridge_slave_1: entered allmulticast mode [ 118.374766][ T5831] bridge_slave_1: entered promiscuous mode [ 118.475650][ T5827] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.484729][ T5827] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.495128][ T5827] bridge_slave_0: entered allmulticast mode [ 118.505276][ T5827] bridge_slave_0: entered promiscuous mode [ 118.531228][ T5828] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.540051][ T5828] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.548998][ T5828] bridge_slave_0: entered allmulticast mode [ 118.558645][ T5828] bridge_slave_0: entered promiscuous mode [ 118.600359][ T5827] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.610467][ T5827] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.622230][ T5827] bridge_slave_1: entered allmulticast mode [ 118.630596][ T5827] bridge_slave_1: entered promiscuous mode [ 118.642305][ T5831] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.655935][ T5831] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.668141][ T5828] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.678088][ T5828] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.686779][ T5828] bridge_slave_1: entered allmulticast mode [ 118.696046][ T5828] bridge_slave_1: entered promiscuous mode [ 118.719690][ T5829] bridge0: port 1(bridge_slave_0) entered blocking state [ 118.729313][ T5829] bridge0: port 1(bridge_slave_0) entered disabled state [ 118.738189][ T5829] bridge_slave_0: entered allmulticast mode [ 118.746951][ T5829] bridge_slave_0: entered promiscuous mode [ 118.802599][ T5829] bridge0: port 2(bridge_slave_1) entered blocking state [ 118.811762][ T5829] bridge0: port 2(bridge_slave_1) entered disabled state [ 118.821850][ T5829] bridge_slave_1: entered allmulticast mode [ 118.830570][ T5829] bridge_slave_1: entered promiscuous mode [ 118.872715][ T5828] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.907091][ T5827] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 118.923881][ T5831] team0: Port device team_slave_0 added [ 118.935522][ T5828] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.965793][ T5827] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 118.979970][ T5831] team0: Port device team_slave_1 added [ 119.007212][ T5829] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 119.076880][ T5829] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 119.125306][ T5828] team0: Port device team_slave_0 added [ 119.151920][ T5827] team0: Port device team_slave_0 added [ 119.162160][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.170399][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.208025][ T5831] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.222680][ T5842] Bluetooth: hci0: command tx timeout [ 119.225714][ T5831] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.232545][ T5842] Bluetooth: hci1: command tx timeout [ 119.237780][ T5831] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.282699][ T5831] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.299987][ T5828] team0: Port device team_slave_1 added [ 119.306697][ T5842] Bluetooth: hci2: command tx timeout [ 119.306707][ T5838] Bluetooth: hci3: command tx timeout [ 119.344458][ T5827] team0: Port device team_slave_1 added [ 119.380181][ T5829] team0: Port device team_slave_0 added [ 119.427838][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.438955][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.472048][ T5827] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.486266][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.496272][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.533674][ T5828] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.550523][ T5829] team0: Port device team_slave_1 added [ 119.577771][ T5827] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.587550][ T5827] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.623891][ T5827] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.641203][ T5828] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.649084][ T5828] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.680398][ T5828] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.752801][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 119.760427][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.789358][ T5829] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 119.804819][ T5829] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 119.813907][ T5829] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 119.846040][ T5829] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 119.868588][ T5831] hsr_slave_0: entered promiscuous mode [ 119.876635][ T5831] hsr_slave_1: entered promiscuous mode [ 119.973728][ T5828] hsr_slave_0: entered promiscuous mode [ 119.983751][ T5828] hsr_slave_1: entered promiscuous mode [ 119.991356][ T5828] debugfs: 'hsr0' already exists in 'hsr' [ 119.998859][ T5828] Cannot create hsr debugfs directory [ 120.046756][ T5827] hsr_slave_0: entered promiscuous mode [ 120.056731][ T5827] hsr_slave_1: entered promiscuous mode [ 120.064629][ T5827] debugfs: 'hsr0' already exists in 'hsr' [ 120.072697][ T5827] Cannot create hsr debugfs directory [ 120.143947][ T5829] hsr_slave_0: entered promiscuous mode [ 120.151556][ T5829] hsr_slave_1: entered promiscuous mode [ 120.160451][ T5829] debugfs: 'hsr0' already exists in 'hsr' [ 120.168574][ T5829] Cannot create hsr debugfs directory [ 120.720112][ T5828] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 120.739320][ T5828] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 120.756645][ T5828] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 120.780015][ T5828] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 120.864293][ T5827] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 120.878476][ T5827] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 120.894914][ T5827] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 120.929577][ T5827] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 121.033041][ T5831] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 121.061053][ T5831] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 121.092763][ T5831] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 121.109318][ T5831] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 121.218877][ T5829] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 121.233814][ T5829] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 121.262952][ T5829] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 121.279181][ T5829] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 121.302418][ T5842] Bluetooth: hci1: command tx timeout [ 121.302815][ T5838] Bluetooth: hci0: command tx timeout [ 121.339311][ T5828] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.382514][ T5838] Bluetooth: hci2: command tx timeout [ 121.383149][ T5842] Bluetooth: hci3: command tx timeout [ 121.437075][ T5828] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.485308][ T1045] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.494808][ T1045] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.527369][ T1045] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.535794][ T1045] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.573374][ T5827] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.619789][ T5827] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.676078][ T5831] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.706836][ T1045] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.714921][ T1045] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.743316][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.751677][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 121.793004][ T5831] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.807732][ T5829] 8021q: adding VLAN 0 to HW filter on device bond0 [ 121.858207][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 121.867120][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 121.936664][ T5829] 8021q: adding VLAN 0 to HW filter on device team0 [ 121.958061][ T3457] bridge0: port 2(bridge_slave_1) entered blocking state [ 121.967944][ T3457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.017609][ T3457] bridge0: port 1(bridge_slave_0) entered blocking state [ 122.026828][ T3457] bridge0: port 1(bridge_slave_0) entered forwarding state [ 122.122818][ T3457] bridge0: port 2(bridge_slave_1) entered blocking state [ 122.131012][ T3457] bridge0: port 2(bridge_slave_1) entered forwarding state [ 122.246742][ T5828] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.300015][ T5829] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 122.477326][ T5828] veth0_vlan: entered promiscuous mode [ 122.592707][ T5828] veth1_vlan: entered promiscuous mode [ 122.688188][ T5828] veth0_macvtap: entered promiscuous mode [ 122.715328][ T5828] veth1_macvtap: entered promiscuous mode [ 122.798733][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 122.857203][ T5827] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 122.884138][ T5828] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 122.951285][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.979468][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 122.992046][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.016115][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.035833][ T5831] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.061801][ T5829] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 123.124600][ T5827] veth0_vlan: entered promiscuous mode [ 123.174404][ T5827] veth1_vlan: entered promiscuous mode [ 123.295459][ T1045] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.309853][ T1045] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.352747][ T5829] veth0_vlan: entered promiscuous mode [ 123.382284][ T5842] Bluetooth: hci1: command tx timeout [ 123.383217][ T5838] Bluetooth: hci0: command tx timeout [ 123.399243][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 123.413686][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 123.454185][ T5829] veth1_vlan: entered promiscuous mode [ 123.463323][ T5838] Bluetooth: hci2: command tx timeout [ 123.471418][ T5831] veth0_vlan: entered promiscuous mode [ 123.480222][ T5838] Bluetooth: hci3: command tx timeout [ 123.486689][ T5827] veth0_macvtap: entered promiscuous mode [ 123.516278][ T5827] veth1_macvtap: entered promiscuous mode [ 123.530735][ T5831] veth1_vlan: entered promiscuous mode [ 123.559632][ T5828] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 123.584626][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.634675][ T5827] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 123.674234][ T5829] veth0_macvtap: entered promiscuous mode [ 123.743408][ T5829] veth1_macvtap: entered promiscuous mode [ 123.748032][ T5922] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 123.765354][ T5922] IPv6: NLM_F_CREATE should be specified when creating new route [ 123.768565][ T3440] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.776429][ T5922] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 123.795671][ T5922] IPv6: NLM_F_CREATE should be set when creating new route [ 123.805117][ T5922] IPv6: NLM_F_CREATE should be set when creating new route [ 123.831115][ T5922] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3'. [ 123.859384][ T3440] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.878299][ T3440] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.901884][ T5831] veth0_macvtap: entered promiscuous mode [ 123.915133][ T3440] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 123.937530][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 123.976901][ T5831] veth1_macvtap: entered promiscuous mode [ 123.996493][ T5829] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.082807][ T3457] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.096801][ T3457] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.135199][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 124.187585][ T3457] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.209307][ T3457] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.253567][ T5831] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 124.263490][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.286998][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.322331][ T3440] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.337424][ T3440] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.379775][ T3440] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.413158][ T3440] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 124.459473][ T3457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.480671][ T3457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.553549][ T3457] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.583788][ T3457] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.762297][ T3457] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.801519][ T3457] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.838943][ T3440] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 124.850145][ T5933] input: f as /devices/virtual/input/input5 [ 124.894686][ T3440] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 124.917529][ T5934] netlink: 342 bytes leftover after parsing attributes in process `syz.1.2'. [ 124.936659][ T5934] Zero length message leads to an empty skb [ 124.998703][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 125.034861][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 125.473710][ T5838] Bluetooth: hci0: command tx timeout [ 125.480018][ T5838] Bluetooth: hci1: command tx timeout [ 125.494642][ T5941] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 125.541817][ T5838] Bluetooth: hci3: command tx timeout [ 125.548971][ T5842] Bluetooth: hci2: command tx timeout [ 125.974271][ T5953] process 'syz.0.11' launched '/dev/fd/3' with NULL argv: empty string added [ 127.241346][ T5981] FAULT_INJECTION: forcing a failure. [ 127.241346][ T5981] name failslab, interval 1, probability 0, space 0, times 1 [ 127.287418][ T5981] CPU: 1 UID: 0 PID: 5981 Comm: syz.2.23 Not tainted syzkaller #0 PREEMPT(full) [ 127.287470][ T5981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 127.287507][ T5981] Call Trace: [ 127.287522][ T5981] [ 127.287540][ T5981] dump_stack_lvl+0x16c/0x1f0 [ 127.287595][ T5981] should_fail_ex+0x512/0x640 [ 127.287647][ T5981] ? __kmalloc_cache_noprof+0x5f/0x780 [ 127.287707][ T5981] should_failslab+0xc2/0x120 [ 127.287767][ T5981] __kmalloc_cache_noprof+0x72/0x780 [ 127.287823][ T5981] ? mptcp_subflow_create_socket+0x34f/0xa10 [ 127.287869][ T5981] ? subflow_create_ctx+0x9b/0x2c0 [ 127.287911][ T5981] ? subflow_create_ctx+0x9b/0x2c0 [ 127.287946][ T5981] subflow_create_ctx+0x9b/0x2c0 [ 127.287984][ T5981] subflow_ulp_init+0xc3/0x4d0 [ 127.288021][ T5981] tcp_set_ulp+0x329/0x7f0 [ 127.288065][ T5981] mptcp_subflow_create_socket+0x385/0xa10 [ 127.288113][ T5981] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 127.288170][ T5981] __mptcp_nmpc_sk+0x182/0x890 [ 127.288217][ T5981] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 127.288267][ T5981] ? __local_bh_enable_ip+0xa4/0x120 [ 127.288310][ T5981] mptcp_listen+0x135/0x4a0 [ 127.288340][ T5981] ? __pfx_mptcp_listen+0x10/0x10 [ 127.288368][ T5981] ? apparmor_socket_listen+0xf2/0x1b0 [ 127.288420][ T5981] __sys_listen_socket+0x117/0x160 [ 127.288467][ T5981] __sys_listen+0xa7/0x130 [ 127.288513][ T5981] __x64_sys_listen+0x53/0x80 [ 127.288557][ T5981] do_syscall_64+0xcd/0xfa0 [ 127.288595][ T5981] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 127.288629][ T5981] RIP: 0033:0x7f65f978efc9 [ 127.288662][ T5981] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 127.288694][ T5981] RSP: 002b:00007f65fa659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000032 [ 127.288734][ T5981] RAX: ffffffffffffffda RBX: 00007f65f99e5fa0 RCX: 00007f65f978efc9 [ 127.288755][ T5981] RDX: 0000000000000000 RSI: 00000000000000ff RDI: 0000000000000003 [ 127.288774][ T5981] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 127.288793][ T5981] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 127.288812][ T5981] R13: 00007f65f99e6038 R14: 00007f65f99e5fa0 R15: 00007fff1fd8b158 [ 127.288868][ T5981] [ 128.239697][ T5999] netlink: 330 bytes leftover after parsing attributes in process `syz.3.30'. [ 128.554137][ T6001] capability: warning: `syz.0.31' uses 32-bit capabilities (legacy support in use) [ 128.615960][ T6005] netlink: 28 bytes leftover after parsing attributes in process `syz.2.34'. [ 130.334273][ T6037] netlink: 330 bytes leftover after parsing attributes in process `syz.3.44'. [ 130.423127][ T6037] gretap0: refused to change device tx_queue_len [ 132.451686][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 132.982295][ T6082] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 134.663293][ T6096] scsi_strcpy_devinfo: vendor string '/&c~n] | [ 134.663293][ T6096] M' is too long [ 134.883016][ T6096] scsi_strcpy_devinfo: model string 'Dd5 K2b [ 134.883016][ T6096] W ' is too long [ 135.366201][ T6117] netlink: 17 bytes leftover after parsing attributes in process `syz.1.71'. [ 135.426488][ T6117] netlink: 4 bytes leftover after parsing attributes in process `syz.1.71'. [ 135.970350][ T6127] netlink: 'syz.1.73': attribute type 1 has an invalid length. [ 136.005341][ T6127] netlink: 'syz.1.73': attribute type 6 has an invalid length. [ 136.615845][ T6135] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 136.962458][ T6145] netlink: 330 bytes leftover after parsing attributes in process `syz.1.82'. [ 136.991881][ T6145] : renamed from bond_slave_1 (while UP) [ 137.292454][ T6151] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 137.631969][ T6155] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 138.470505][ T6166] FAULT_INJECTION: forcing a failure. [ 138.470505][ T6166] name failslab, interval 1, probability 0, space 0, times 0 [ 138.505236][ T6166] CPU: 0 UID: 0 PID: 6166 Comm: syz.2.91 Not tainted syzkaller #0 PREEMPT(full) [ 138.505284][ T6166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 138.505304][ T6166] Call Trace: [ 138.505316][ T6166] [ 138.505329][ T6166] dump_stack_lvl+0x16c/0x1f0 [ 138.505376][ T6166] should_fail_ex+0x512/0x640 [ 138.505426][ T6166] ? __kmalloc_cache_noprof+0x5f/0x780 [ 138.505487][ T6166] should_failslab+0xc2/0x120 [ 138.505532][ T6166] __kmalloc_cache_noprof+0x72/0x780 [ 138.505587][ T6166] ? drm_file_alloc+0x74/0xb40 [ 138.505638][ T6166] ? drm_file_alloc+0x74/0xb40 [ 138.505681][ T6166] drm_file_alloc+0x74/0xb40 [ 138.505731][ T6166] drm_open_helper+0x204/0x550 [ 138.505781][ T6166] drm_open+0x1a0/0x3e0 [ 138.505824][ T6166] ? __pfx_drm_open+0x10/0x10 [ 138.505877][ T6166] drm_stub_open+0x20f/0x380 [ 138.505923][ T6166] ? __pfx_drm_stub_open+0x10/0x10 [ 138.505966][ T6166] chrdev_open+0x234/0x6a0 [ 138.506007][ T6166] ? __pfx_chrdev_open+0x10/0x10 [ 138.506046][ T6166] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 138.506089][ T6166] do_dentry_open+0x982/0x1530 [ 138.506127][ T6166] ? __pfx_chrdev_open+0x10/0x10 [ 138.506174][ T6166] vfs_open+0x82/0x3f0 [ 138.506223][ T6166] path_openat+0x1de4/0x2cb0 [ 138.506273][ T6166] ? __pfx_path_openat+0x10/0x10 [ 138.506311][ T6166] ? __lock_acquire+0xb8a/0x1c90 [ 138.506360][ T6166] do_filp_open+0x20b/0x470 [ 138.506397][ T6166] ? __pfx_do_filp_open+0x10/0x10 [ 138.506463][ T6166] ? alloc_fd+0x471/0x7d0 [ 138.506524][ T6166] do_sys_openat2+0x11b/0x1d0 [ 138.506572][ T6166] ? __pfx_do_sys_openat2+0x10/0x10 [ 138.506636][ T6166] __x64_sys_openat+0x174/0x210 [ 138.506693][ T6166] ? __pfx___x64_sys_openat+0x10/0x10 [ 138.506775][ T6166] do_syscall_64+0xcd/0xfa0 [ 138.506816][ T6166] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.506859][ T6166] RIP: 0033:0x7f65f978efc9 [ 138.506885][ T6166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.506917][ T6166] RSP: 002b:00007f65fa659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 138.506949][ T6166] RAX: ffffffffffffffda RBX: 00007f65f99e5fa0 RCX: 00007f65f978efc9 [ 138.506971][ T6166] RDX: 0000000000129843 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 138.506993][ T6166] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 138.507012][ T6166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 138.507032][ T6166] R13: 00007f65f99e6038 R14: 00007f65f99e5fa0 R15: 00007fff1fd8b158 [ 138.507076][ T6166] [ 139.556934][ T6173] netlink: 28 bytes leftover after parsing attributes in process `syz.0.94'. [ 142.065295][ T6204] binder: 6203:6204 ioctl c00c620f 2000000000c0 returned -22 [ 142.882116][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 142.892327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 142.905904][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 144.429831][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 144.449843][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 146.421909][ T6232] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 146.430010][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 146.937863][ T6232] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 146.962663][ T6232] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 146.991384][ T6232] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 147.011648][ T6232] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 147.023428][ T6232] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 147.049058][ T6232] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 147.061739][ T6232] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 147.073936][ T6232] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 147.084658][ T6232] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 147.093689][ T6232] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 147.105314][ T6232] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 147.743577][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.847761][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.863975][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.875296][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 147.885558][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 148.502674][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 149.062198][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 149.070188][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 149.141785][ T5838] Bluetooth: hci3: command 0x0c1a tx timeout [ 149.670123][ T6284] hub 1-0:1.0: USB hub found [ 149.711923][ T6284] hub 1-0:1.0: 1 port detected [ 150.386021][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 150.582269][ T5838] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.094675][ T6308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.137'. [ 151.113983][ T6308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.137'. [ 151.136117][ T6308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.137'. [ 151.148066][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 151.155873][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 151.176113][ T6308] netlink: 342 bytes leftover after parsing attributes in process `syz.1.137'. [ 151.179942][ T6310] netlink: 'syz.1.137': attribute type 2 has an invalid length. [ 151.223196][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 151.271749][ T6310] netlink: 'syz.1.137': attribute type 3 has an invalid length. [ 151.313147][ T6310] netlink: 218 bytes leftover after parsing attributes in process `syz.1.137'. [ 151.525998][ T6313] netlink: 338 bytes leftover after parsing attributes in process `syz.3.138'. [ 151.563095][ T6313] netlink: 338 bytes leftover after parsing attributes in process `syz.3.138'. [ 152.146054][ T6334] netlink: 25 bytes leftover after parsing attributes in process `syz.3.147'. [ 152.258066][ T6336] 0x000200000001-0xa29656a63616329 : "" [ 152.291636][ T6336] mtd: partition "" is out of reach -- disabled [ 152.433019][ T6336] ftl_cs: FTL header not found. [ 153.232704][ T5842] Bluetooth: hci1: command 0x0c1a tx timeout [ 153.241387][ T5838] Bluetooth: hci2: command 0x0c1a tx timeout [ 153.301607][ T5842] Bluetooth: hci3: command 0x0c1a tx timeout [ 154.668313][ T6374] netlink: 25 bytes leftover after parsing attributes in process `syz.1.158'. [ 154.968823][ T6380] netlink: 28 bytes leftover after parsing attributes in process `syz.1.161'. [ 154.989850][ T6381] netlink: 'syz.0.160': attribute type 3 has an invalid length. [ 156.330272][ T6404] hub 1-0:1.0: USB hub found [ 156.361979][ T6404] hub 1-0:1.0: 1 port detected [ 156.972828][ T6423] __nla_validate_parse: 5 callbacks suppressed [ 156.972854][ T6423] netlink: 28 bytes leftover after parsing attributes in process `syz.2.175'. [ 157.138153][ T6427] FAULT_INJECTION: forcing a failure. [ 157.138153][ T6427] name failslab, interval 1, probability 0, space 0, times 0 [ 157.181626][ T6427] CPU: 0 UID: 0 PID: 6427 Comm: syz.1.176 Not tainted syzkaller #0 PREEMPT(full) [ 157.181672][ T6427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 157.181691][ T6427] Call Trace: [ 157.181702][ T6427] [ 157.181714][ T6427] dump_stack_lvl+0x16c/0x1f0 [ 157.181758][ T6427] should_fail_ex+0x512/0x640 [ 157.181805][ T6427] ? __kmalloc_cache_noprof+0x5f/0x780 [ 157.181876][ T6427] should_failslab+0xc2/0x120 [ 157.181921][ T6427] __kmalloc_cache_noprof+0x72/0x780 [ 157.181974][ T6427] ? __pfx_trace_seq_printf+0x10/0x10 [ 157.182013][ T6427] ? tracing_log_err+0x4bc/0x6d0 [ 157.182067][ T6427] ? tracing_log_err+0x4bc/0x6d0 [ 157.182115][ T6427] tracing_log_err+0x4bc/0x6d0 [ 157.182174][ T6427] append_filter_err+0x399/0x610 [ 157.182226][ T6427] apply_subsystem_event_filter+0x75a/0x17e0 [ 157.182285][ T6427] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 157.182339][ T6427] ? _copy_from_user+0x59/0xd0 [ 157.182392][ T6427] subsystem_filter_write+0x95/0x120 [ 157.182440][ T6427] ? __pfx_subsystem_filter_write+0x10/0x10 [ 157.182485][ T6427] vfs_write+0x2a0/0x11d0 [ 157.182527][ T6427] ? __pfx___mutex_lock+0x10/0x10 [ 157.182564][ T6427] ? __pfx_vfs_write+0x10/0x10 [ 157.182613][ T6427] ? __fget_files+0x20e/0x3c0 [ 157.182659][ T6427] ksys_write+0x12a/0x250 [ 157.182695][ T6427] ? __pfx_ksys_write+0x10/0x10 [ 157.182743][ T6427] do_syscall_64+0xcd/0xfa0 [ 157.182781][ T6427] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 157.182946][ T6427] RIP: 0033:0x7f1b0838efc9 [ 157.182978][ T6427] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 157.183009][ T6427] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 157.183037][ T6427] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 157.183057][ T6427] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 157.183076][ T6427] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 157.183094][ T6427] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 157.183112][ T6427] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 157.183156][ T6427] [ 159.532302][ T6462] netlink: 28 bytes leftover after parsing attributes in process `syz.3.192'. [ 160.832393][ T6480] netlink: 'syz.3.198': attribute type 16 has an invalid length. [ 160.862351][ T6480] netlink: 'syz.3.198': attribute type 17 has an invalid length. [ 160.871709][ T6480] netlink: 'syz.3.198': attribute type 19 has an invalid length. [ 160.885145][ T6480] netlink: 102 bytes leftover after parsing attributes in process `syz.3.198'. [ 161.080073][ T6486] 0x000200000001-0xa29656a63616329 : "" [ 161.091607][ T6486] mtd: partition "" is out of reach -- disabled [ 161.132046][ T6486] ftl_cs: FTL header not found. [ 161.553939][ T6498] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 161.692225][ T6502] netlink: 28 bytes leftover after parsing attributes in process `syz.2.205'. [ 162.996362][ T6521] FAULT_INJECTION: forcing a failure. [ 162.996362][ T6521] name failslab, interval 1, probability 0, space 0, times 0 [ 163.014156][ T6521] CPU: 1 UID: 0 PID: 6521 Comm: syz.1.211 Not tainted syzkaller #0 PREEMPT(full) [ 163.014199][ T6521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 163.014218][ T6521] Call Trace: [ 163.014229][ T6521] [ 163.014242][ T6521] dump_stack_lvl+0x16c/0x1f0 [ 163.014293][ T6521] should_fail_ex+0x512/0x640 [ 163.014338][ T6521] ? __kmalloc_noprof+0xca/0x880 [ 163.014389][ T6521] should_failslab+0xc2/0x120 [ 163.014428][ T6521] __kmalloc_noprof+0xdd/0x880 [ 163.014475][ T6521] ? kernfs_fop_write_iter+0x237/0x570 [ 163.014532][ T6521] ? kernfs_fop_write_iter+0x237/0x570 [ 163.014580][ T6521] kernfs_fop_write_iter+0x237/0x570 [ 163.014636][ T6521] do_iter_readv_writev+0x662/0x9e0 [ 163.014670][ T6521] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 163.014720][ T6521] vfs_writev+0x35f/0xde0 [ 163.014762][ T6521] ? __pfx_vfs_writev+0x10/0x10 [ 163.014797][ T6521] ? __mutex_lock+0x1c5/0x1060 [ 163.014847][ T6521] ? __pfx___mutex_lock+0x10/0x10 [ 163.014900][ T6521] ? __fget_files+0x20e/0x3c0 [ 163.014942][ T6521] ? do_writev+0x132/0x340 [ 163.014972][ T6521] do_writev+0x132/0x340 [ 163.015002][ T6521] ? __pfx_do_writev+0x10/0x10 [ 163.015045][ T6521] do_syscall_64+0xcd/0xfa0 [ 163.015081][ T6521] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.015112][ T6521] RIP: 0033:0x7f1b0838efc9 [ 163.015136][ T6521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.015165][ T6521] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 163.015196][ T6521] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 163.015217][ T6521] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 163.015238][ T6521] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 163.015258][ T6521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 163.015287][ T6521] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 163.015330][ T6521] [ 164.660948][ T6536] FAULT_INJECTION: forcing a failure. [ 164.660948][ T6536] name failslab, interval 1, probability 0, space 0, times 0 [ 164.702848][ T6536] CPU: 0 UID: 0 PID: 6536 Comm: syz.1.218 Not tainted syzkaller #0 PREEMPT(full) [ 164.702895][ T6536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 164.702915][ T6536] Call Trace: [ 164.702926][ T6536] [ 164.702939][ T6536] dump_stack_lvl+0x16c/0x1f0 [ 164.702990][ T6536] should_fail_ex+0x512/0x640 [ 164.703039][ T6536] ? __kmalloc_cache_noprof+0x5f/0x780 [ 164.703097][ T6536] should_failslab+0xc2/0x120 [ 164.703154][ T6536] __kmalloc_cache_noprof+0x72/0x780 [ 164.703210][ T6536] ? trace_parse_run_command+0x58/0x400 [ 164.703270][ T6536] ? __pfx_dyn_event_write+0x10/0x10 [ 164.703306][ T6536] ? trace_parse_run_command+0x58/0x400 [ 164.703359][ T6536] trace_parse_run_command+0x58/0x400 [ 164.703410][ T6536] ? __pfx_create_dyn_event+0x10/0x10 [ 164.703454][ T6536] ? __pfx_dyn_event_write+0x10/0x10 [ 164.703488][ T6536] vfs_writev+0x5df/0xde0 [ 164.703533][ T6536] ? __pfx_vfs_writev+0x10/0x10 [ 164.703563][ T6536] ? __mutex_lock+0x1c5/0x1060 [ 164.703614][ T6536] ? __pfx___mutex_lock+0x10/0x10 [ 164.703668][ T6536] ? __fget_files+0x20e/0x3c0 [ 164.703712][ T6536] ? do_writev+0x132/0x340 [ 164.703742][ T6536] do_writev+0x132/0x340 [ 164.703775][ T6536] ? __pfx_do_writev+0x10/0x10 [ 164.703818][ T6536] do_syscall_64+0xcd/0xfa0 [ 164.703855][ T6536] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 164.703885][ T6536] RIP: 0033:0x7f1b0838efc9 [ 164.703908][ T6536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 164.703940][ T6536] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 164.703971][ T6536] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 164.703992][ T6536] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 164.704012][ T6536] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 164.704031][ T6536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 164.704049][ T6536] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 164.704087][ T6536] [ 165.017435][ T6537] sp0: Synchronizing with TNC [ 165.179677][ T6537] sp0: Synchronizing with TNC [ 166.049232][ T6555] netlink: 25 bytes leftover after parsing attributes in process `syz.1.234'. [ 166.870481][ T6569] FAULT_INJECTION: forcing a failure. [ 166.870481][ T6569] name failslab, interval 1, probability 0, space 0, times 0 [ 166.914925][ T6569] CPU: 1 UID: 0 PID: 6569 Comm: syz.1.230 Not tainted syzkaller #0 PREEMPT(full) [ 166.914980][ T6569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 166.915003][ T6569] Call Trace: [ 166.915020][ T6569] [ 166.915037][ T6569] dump_stack_lvl+0x16c/0x1f0 [ 166.915087][ T6569] should_fail_ex+0x512/0x640 [ 166.915383][ T6569] should_failslab+0xc2/0x120 [ 166.915433][ T6569] __kmalloc_cache_noprof+0x72/0x780 [ 166.915494][ T6569] ? sctp_add_bind_addr+0xae/0x3f0 [ 166.915555][ T6569] ? sctp_add_bind_addr+0xae/0x3f0 [ 166.915586][ T6569] ? sctp_get_af_specific+0x62/0x70 [ 166.915627][ T6569] sctp_add_bind_addr+0xae/0x3f0 [ 166.915675][ T6569] sctp_copy_local_addr_list+0x349/0x550 [ 166.915785][ T6569] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 166.915843][ T6569] ? sctp_auth_asoc_copy_shkeys+0x2a5/0x360 [ 166.915889][ T6569] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.916121][ T6569] sctp_bind_addr_copy+0xe0/0x530 [ 166.916189][ T6569] sctp_connect_new_asoc+0x1c9/0x770 [ 166.916375][ T6569] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 166.916427][ T6569] ? sctp_endpoint_lookup_assoc+0x15c/0x2a0 [ 166.916479][ T6569] __sctp_connect+0x3f3/0xc60 [ 166.916665][ T6569] ? do_raw_spin_lock+0x12c/0x2b0 [ 166.916720][ T6569] ? __pfx___sctp_connect+0x10/0x10 [ 166.916772][ T6569] ? __pfx_sctp_inet_connect+0x10/0x10 [ 166.916821][ T6569] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 166.916889][ T6569] ? __pfx_sctp_inet_connect+0x10/0x10 [ 166.917239][ T6569] sctp_inet_connect+0x15f/0x200 [ 166.917296][ T6569] __sys_connect_file+0x141/0x1a0 [ 166.917356][ T6569] __sys_connect+0x13b/0x160 [ 166.917408][ T6569] ? __pfx___sys_connect+0x10/0x10 [ 166.917474][ T6569] ? xfd_validate_state+0x61/0x180 [ 166.917597][ T6569] ? __pfx_ksys_write+0x10/0x10 [ 166.917646][ T6569] __x64_sys_connect+0x72/0xb0 [ 166.917697][ T6569] ? lockdep_hardirqs_on+0x7c/0x110 [ 166.917731][ T6569] do_syscall_64+0xcd/0xfa0 [ 166.917770][ T6569] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.917805][ T6569] RIP: 0033:0x7f1b0838efc9 [ 166.917835][ T6569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.917866][ T6569] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 166.917899][ T6569] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 166.917918][ T6569] RDX: 0000000000000054 RSI: 0000200000000080 RDI: 0000000000000003 [ 166.917935][ T6569] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 166.917955][ T6569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 166.917974][ T6569] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 166.918019][ T6569] [ 168.219817][ T6594] netlink: 342 bytes leftover after parsing attributes in process `syz.1.239'. [ 168.232465][ T6594] netlink: 342 bytes leftover after parsing attributes in process `syz.1.239'. [ 168.246025][ T6594] netlink: 342 bytes leftover after parsing attributes in process `syz.1.239'. [ 168.292022][ T6594] netlink: 218 bytes leftover after parsing attributes in process `syz.1.239'. [ 171.062478][ T6631] zswap: compressor not available [ 171.976219][ T6653] FAULT_INJECTION: forcing a failure. [ 171.976219][ T6653] name failslab, interval 1, probability 0, space 0, times 0 [ 172.019151][ T6653] CPU: 0 UID: 0 PID: 6653 Comm: syz.0.259 Not tainted syzkaller #0 PREEMPT(full) [ 172.019200][ T6653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 172.019220][ T6653] Call Trace: [ 172.019231][ T6653] [ 172.019243][ T6653] dump_stack_lvl+0x16c/0x1f0 [ 172.019288][ T6653] should_fail_ex+0x512/0x640 [ 172.019337][ T6653] ? __kmalloc_cache_noprof+0x5f/0x780 [ 172.019393][ T6653] should_failslab+0xc2/0x120 [ 172.019438][ T6653] __kmalloc_cache_noprof+0x72/0x780 [ 172.019488][ T6653] ? append_filter_err+0x435/0x610 [ 172.019533][ T6653] ? apply_subsystem_event_filter+0x567/0x17e0 [ 172.019587][ T6653] ? apply_subsystem_event_filter+0x567/0x17e0 [ 172.019636][ T6653] apply_subsystem_event_filter+0x567/0x17e0 [ 172.019696][ T6653] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 172.019752][ T6653] ? _copy_from_user+0x59/0xd0 [ 172.019818][ T6653] subsystem_filter_write+0x95/0x120 [ 172.019868][ T6653] ? __pfx_subsystem_filter_write+0x10/0x10 [ 172.019912][ T6653] vfs_write+0x2a0/0x11d0 [ 172.019954][ T6653] ? __pfx___mutex_lock+0x10/0x10 [ 172.019993][ T6653] ? __pfx_vfs_write+0x10/0x10 [ 172.020041][ T6653] ? __fget_files+0x20e/0x3c0 [ 172.020085][ T6653] ksys_write+0x12a/0x250 [ 172.020119][ T6653] ? __pfx_ksys_write+0x10/0x10 [ 172.020167][ T6653] do_syscall_64+0xcd/0xfa0 [ 172.020206][ T6653] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 172.020240][ T6653] RIP: 0033:0x7faa9998efc9 [ 172.020266][ T6653] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 172.020304][ T6653] RSP: 002b:00007faa9a8a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 172.020340][ T6653] RAX: ffffffffffffffda RBX: 00007faa99be5fa0 RCX: 00007faa9998efc9 [ 172.020361][ T6653] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 172.020380][ T6653] RBP: 00007faa99a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 172.020400][ T6653] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 172.020419][ T6653] R13: 00007faa99be6038 R14: 00007faa99be5fa0 R15: 00007fffa31f0c68 [ 172.020465][ T6653] [ 180.161190][ T6784] sp0: Synchronizing with TNC [ 180.409713][ T6781] zswap: compressor not available [ 180.437940][ T6794] netlink: 342 bytes leftover after parsing attributes in process `syz.2.304'. [ 180.490958][ T6794] netlink: 342 bytes leftover after parsing attributes in process `syz.2.304'. [ 180.529081][ T6794] netlink: 342 bytes leftover after parsing attributes in process `syz.2.304'. [ 180.543128][ T6794] netlink: 342 bytes leftover after parsing attributes in process `syz.2.304'. [ 182.749872][ T6826] FAULT_INJECTION: forcing a failure. [ 182.749872][ T6826] name failslab, interval 1, probability 0, space 0, times 0 [ 182.808989][ T6826] CPU: 0 UID: 0 PID: 6826 Comm: syz.2.314 Not tainted syzkaller #0 PREEMPT(full) [ 182.809036][ T6826] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 182.809056][ T6826] Call Trace: [ 182.809067][ T6826] [ 182.809080][ T6826] dump_stack_lvl+0x16c/0x1f0 [ 182.809124][ T6826] should_fail_ex+0x512/0x640 [ 182.809180][ T6826] should_failslab+0xc2/0x120 [ 182.809225][ T6826] __kmalloc_cache_noprof+0x72/0x780 [ 182.809277][ T6826] ? __pfx___might_resched+0x10/0x10 [ 182.809311][ T6826] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 182.809362][ T6826] ? nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 182.809405][ T6826] nfc_genl_rcv_nl_event+0xc1/0x2e0 [ 182.809451][ T6826] notifier_call_chain+0xbc/0x410 [ 182.809492][ T6826] ? __pfx_nfc_genl_rcv_nl_event+0x10/0x10 [ 182.809554][ T6826] blocking_notifier_call_chain+0x69/0xa0 [ 182.809604][ T6826] netlink_release+0x16cf/0x2080 [ 182.809648][ T6826] ? netlink_release+0x1e4/0x2080 [ 182.809683][ T6826] ? __pfx_netlink_release+0x10/0x10 [ 182.809720][ T6826] ? __pfx_locks_remove_file+0x10/0x10 [ 182.809758][ T6826] __sock_release+0xb3/0x270 [ 182.809791][ T6826] ? __pfx_sock_close+0x10/0x10 [ 182.809820][ T6826] sock_close+0x1c/0x30 [ 182.809850][ T6826] __fput+0x402/0xb70 [ 182.809902][ T6826] task_work_run+0x150/0x240 [ 182.809954][ T6826] ? __pfx_task_work_run+0x10/0x10 [ 182.810004][ T6826] ? __pfx___do_sys_close_range+0x10/0x10 [ 182.810050][ T6826] exit_to_user_mode_loop+0xec/0x130 [ 182.810101][ T6826] do_syscall_64+0x426/0xfa0 [ 182.810141][ T6826] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 182.810173][ T6826] RIP: 0033:0x7f65f978efc9 [ 182.810199][ T6826] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 182.810229][ T6826] RSP: 002b:00007f65fa659038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4 [ 182.810270][ T6826] RAX: 0000000000000000 RBX: 00007f65f99e5fa0 RCX: 00007f65f978efc9 [ 182.810291][ T6826] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000002 [ 182.810310][ T6826] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 182.810331][ T6826] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 182.810350][ T6826] R13: 00007f65f99e6038 R14: 00007f65f99e5fa0 R15: 00007fff1fd8b158 [ 182.810397][ T6826] [ 183.305121][ T6834] netlink: 342 bytes leftover after parsing attributes in process `syz.3.316'. [ 185.027089][ T6862] FAULT_INJECTION: forcing a failure. [ 185.027089][ T6862] name failslab, interval 1, probability 0, space 0, times 0 [ 185.045283][ T6862] CPU: 0 UID: 0 PID: 6862 Comm: syz.0.326 Not tainted syzkaller #0 PREEMPT(full) [ 185.045328][ T6862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 185.045347][ T6862] Call Trace: [ 185.045358][ T6862] [ 185.045370][ T6862] dump_stack_lvl+0x16c/0x1f0 [ 185.045411][ T6862] should_fail_ex+0x512/0x640 [ 185.045458][ T6862] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 185.045498][ T6862] should_failslab+0xc2/0x120 [ 185.045542][ T6862] kmem_cache_alloc_noprof+0x75/0x6e0 [ 185.045575][ T6862] ? __kernfs_new_node+0xd2/0x8e0 [ 185.045725][ T6862] ? __kernfs_new_node+0xd2/0x8e0 [ 185.045765][ T6862] __kernfs_new_node+0xd2/0x8e0 [ 185.045813][ T6862] ? __pfx___kernfs_new_node+0x10/0x10 [ 185.045866][ T6862] ? find_held_lock+0x2b/0x80 [ 185.045900][ T6862] ? kernfs_root+0xee/0x2a0 [ 185.045951][ T6862] kernfs_new_node+0x13c/0x1e0 [ 185.046007][ T6862] __kernfs_create_file+0x53/0x350 [ 185.046053][ T6862] sysfs_add_file_mode_ns+0x207/0x3c0 [ 185.046104][ T6862] internal_create_group+0x578/0xf30 [ 185.046161][ T6862] ? __pfx_internal_create_group+0x10/0x10 [ 185.046214][ T6862] ? kernfs_create_link+0x1bd/0x240 [ 185.046254][ T6862] internal_create_groups+0x9d/0x150 [ 185.046303][ T6862] device_add+0x6d1/0x1aa0 [ 185.046368][ T6862] ? __pfx_device_add+0x10/0x10 [ 185.046421][ T6862] ? lockdep_init_map_type+0x5c/0x280 [ 185.046467][ T6862] ? __init_waitqueue_head+0xca/0x150 [ 185.046544][ T6862] netdev_register_kobject+0x1a9/0x3d0 [ 185.046593][ T6862] register_netdevice+0x13dc/0x2270 [ 185.046640][ T6862] ? __pfx_register_netdevice+0x10/0x10 [ 185.046710][ T6862] internal_dev_create+0x2d3/0x520 [ 185.046755][ T6862] ovs_vport_add+0x147/0x4d0 [ 185.046799][ T6862] new_vport+0x16/0x1d0 [ 185.046850][ T6862] ovs_dp_cmd_new+0x6ba/0xe60 [ 185.046915][ T6862] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 185.046978][ T6862] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 185.047023][ T6862] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 185.047094][ T6862] genl_family_rcv_msg_doit+0x209/0x2f0 [ 185.047140][ T6862] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 185.047195][ T6862] ? bpf_lsm_capable+0x9/0x10 [ 185.047239][ T6862] ? security_capable+0x7e/0x260 [ 185.047288][ T6862] ? ns_capable+0xd7/0x110 [ 185.047329][ T6862] genl_rcv_msg+0x55c/0x800 [ 185.047375][ T6862] ? __pfx_genl_rcv_msg+0x10/0x10 [ 185.047415][ T6862] ? __pfx_ovs_dp_cmd_new+0x10/0x10 [ 185.047483][ T6862] netlink_rcv_skb+0x158/0x420 [ 185.047578][ T6862] ? __pfx_genl_rcv_msg+0x10/0x10 [ 185.047621][ T6862] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 185.047676][ T6862] ? netlink_deliver_tap+0x1ae/0xd30 [ 185.047739][ T6862] genl_rcv+0x28/0x40 [ 185.047773][ T6862] netlink_unicast+0x5aa/0x870 [ 185.047810][ T6862] ? __pfx_netlink_unicast+0x10/0x10 [ 185.047860][ T6862] netlink_sendmsg+0x8c8/0xdd0 [ 185.047901][ T6862] ? __pfx_netlink_sendmsg+0x10/0x10 [ 185.047941][ T6862] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 185.047995][ T6862] ____sys_sendmsg+0xa98/0xc70 [ 185.048038][ T6862] ? copy_msghdr_from_user+0x10a/0x160 [ 185.048069][ T6862] ? __pfx_____sys_sendmsg+0x10/0x10 [ 185.048121][ T6862] ? __pfx_futex_wake_mark+0x10/0x10 [ 185.048183][ T6862] ___sys_sendmsg+0x134/0x1d0 [ 185.048209][ T6862] ? futex_private_hash_put+0x176/0x300 [ 185.048254][ T6862] ? __pfx____sys_sendmsg+0x10/0x10 [ 185.048282][ T6862] ? __lock_acquire+0x622/0x1c90 [ 185.048374][ T6862] __sys_sendmsg+0x16d/0x220 [ 185.048406][ T6862] ? __pfx___sys_sendmsg+0x10/0x10 [ 185.048438][ T6862] ? __x64_sys_futex+0x1e0/0x4c0 [ 185.048516][ T6862] do_syscall_64+0xcd/0xfa0 [ 185.048557][ T6862] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 185.048590][ T6862] RIP: 0033:0x7faa9998efc9 [ 185.048617][ T6862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 185.048646][ T6862] RSP: 002b:00007faa9a8a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 185.048676][ T6862] RAX: ffffffffffffffda RBX: 00007faa99be5fa0 RCX: 00007faa9998efc9 [ 185.048696][ T6862] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000006 [ 185.048714][ T6862] RBP: 00007faa99a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 185.048734][ T6862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 185.048754][ T6862] R13: 00007faa99be6038 R14: 00007faa99be5fa0 R15: 00007fffa31f0c68 [ 185.048800][ T6862] [ 186.436168][ T5842] Bluetooth: hci3: unexpected event 0x09 length: 435 > 3 [ 187.308639][ T6883] netlink: 4 bytes leftover after parsing attributes in process `syz.3.335'. [ 188.450670][ T6893] FAULT_INJECTION: forcing a failure. [ 188.450670][ T6893] name failslab, interval 1, probability 0, space 0, times 0 [ 188.485783][ T6893] CPU: 0 UID: 0 PID: 6893 Comm: syz.2.339 Not tainted syzkaller #0 PREEMPT(full) [ 188.485830][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 188.485851][ T6893] Call Trace: [ 188.485862][ T6893] [ 188.485876][ T6893] dump_stack_lvl+0x16c/0x1f0 [ 188.485922][ T6893] should_fail_ex+0x512/0x640 [ 188.485980][ T6893] ? __kmalloc_cache_noprof+0x5f/0x780 [ 188.486041][ T6893] should_failslab+0xc2/0x120 [ 188.486087][ T6893] __kmalloc_cache_noprof+0x72/0x780 [ 188.486143][ T6893] ? __pfx_trace_seq_printf+0x10/0x10 [ 188.486183][ T6893] ? tracing_log_err+0x4bc/0x6d0 [ 188.486239][ T6893] ? tracing_log_err+0x4bc/0x6d0 [ 188.486287][ T6893] tracing_log_err+0x4bc/0x6d0 [ 188.486345][ T6893] append_filter_err+0x399/0x610 [ 188.486399][ T6893] apply_subsystem_event_filter+0x75a/0x17e0 [ 188.486463][ T6893] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 188.486521][ T6893] ? _copy_from_user+0x59/0xd0 [ 188.486575][ T6893] subsystem_filter_write+0x95/0x120 [ 188.486626][ T6893] ? __pfx_subsystem_filter_write+0x10/0x10 [ 188.486673][ T6893] vfs_write+0x2a0/0x11d0 [ 188.486714][ T6893] ? __pfx___mutex_lock+0x10/0x10 [ 188.486753][ T6893] ? __pfx_vfs_write+0x10/0x10 [ 188.486799][ T6893] ? __fget_files+0x20e/0x3c0 [ 188.486845][ T6893] ksys_write+0x12a/0x250 [ 188.486880][ T6893] ? __pfx_ksys_write+0x10/0x10 [ 188.486929][ T6893] do_syscall_64+0xcd/0xfa0 [ 188.486968][ T6893] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.487012][ T6893] RIP: 0033:0x7f65f978efc9 [ 188.487039][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.487070][ T6893] RSP: 002b:00007f65fa659038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 188.487102][ T6893] RAX: ffffffffffffffda RBX: 00007f65f99e5fa0 RCX: 00007f65f978efc9 [ 188.487123][ T6893] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006 [ 188.487147][ T6893] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 188.487165][ T6893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 188.487182][ T6893] R13: 00007f65f99e6038 R14: 00007f65f99e5fa0 R15: 00007fff1fd8b158 [ 188.487228][ T6893] [ 189.097687][ T6899] mkiss: ax0: crc mode is auto. [ 191.961301][ T6928] syz.0.352 (6928): /proc/6927/oom_adj is deprecated, please use /proc/6927/oom_score_adj instead. [ 192.259521][ T6946] netlink: 28 bytes leftover after parsing attributes in process `syz.3.359'. [ 194.598205][ T5842] Bluetooth: hci0: unexpected event 0x09 length: 435 > 3 [ 198.111618][ T7047] FAULT_INJECTION: forcing a failure. [ 198.111618][ T7047] name failslab, interval 1, probability 0, space 0, times 0 [ 198.187004][ T7047] CPU: 0 UID: 7 PID: 7047 Comm: syz.2.387 Not tainted syzkaller #0 PREEMPT(full) [ 198.187051][ T7047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 198.187071][ T7047] Call Trace: [ 198.187081][ T7047] [ 198.187093][ T7047] dump_stack_lvl+0x16c/0x1f0 [ 198.187143][ T7047] should_fail_ex+0x512/0x640 [ 198.187192][ T7047] ? __kmalloc_cache_noprof+0x5f/0x780 [ 198.187248][ T7047] should_failslab+0xc2/0x120 [ 198.187293][ T7047] __kmalloc_cache_noprof+0x72/0x780 [ 198.187349][ T7047] ? alloc_ucounts+0x13d/0x440 [ 198.187397][ T7047] ? alloc_ucounts+0x13d/0x440 [ 198.187437][ T7047] alloc_ucounts+0x13d/0x440 [ 198.187480][ T7047] ? __pfx_alloc_ucounts+0x10/0x10 [ 198.187535][ T7047] inc_ucount+0x81/0x370 [ 198.187577][ T7047] ? lockdep_init_map_type+0x5c/0x280 [ 198.187625][ T7047] ? __pfx_inc_ucount+0x10/0x10 [ 198.187663][ T7047] ? lockdep_init_map_type+0x5c/0x280 [ 198.187709][ T7047] ? debug_mutex_init+0x37/0x70 [ 198.187748][ T7047] __do_sys_fanotify_init+0x317/0xc80 [ 198.187798][ T7047] ? rcu_is_watching+0x12/0xc0 [ 198.187838][ T7047] do_syscall_64+0xcd/0xfa0 [ 198.187878][ T7047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.187911][ T7047] RIP: 0033:0x7f65f978efc9 [ 198.187936][ T7047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.187968][ T7047] RSP: 002b:00007f65fa659038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 198.187998][ T7047] RAX: ffffffffffffffda RBX: 00007f65f99e5fa0 RCX: 00007f65f978efc9 [ 198.188019][ T7047] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000c00 [ 198.188039][ T7047] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 198.188059][ T7047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 198.188103][ T7047] R13: 00007f65f99e6038 R14: 00007f65f99e5fa0 R15: 00007fff1fd8b158 [ 198.188893][ T7047] [ 198.859700][ T7060] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 198.941920][ T7060] netlink: 'syz.3.391': attribute type 35 has an invalid length. [ 199.065325][ T7065] netlink: 98 bytes leftover after parsing attributes in process `syz.0.392'. [ 199.079130][ T7065] netlink: 2 bytes leftover after parsing attributes in process `syz.0.392'. [ 199.401232][ T7075] syz.2.395 uses obsolete (PF_INET,SOCK_PACKET) [ 203.881580][ T7150] netlink: 338 bytes leftover after parsing attributes in process `syz.2.416'. [ 203.946926][ T7152] netlink: 342 bytes leftover after parsing attributes in process `syz.1.417'. [ 204.013314][ T7152] netlink: 274 bytes leftover after parsing attributes in process `syz.1.417'. [ 204.294270][ T7157] netlink: 18 bytes leftover after parsing attributes in process `syz.2.419'. [ 205.665486][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 205.678089][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 205.725931][ T7182] netlink: 'syz.0.426': attribute type 1 has an invalid length. [ 205.740403][ T7178] sg_read: process 314 (syz.1.425) changed security contexts after opening file descriptor, this is not allowed. [ 207.722137][ T7227] FAULT_INJECTION: forcing a failure. [ 207.722137][ T7227] name failslab, interval 1, probability 0, space 0, times 0 [ 207.740719][ T7227] CPU: 1 UID: 0 PID: 7227 Comm: syz.3.443 Not tainted syzkaller #0 PREEMPT(full) [ 207.740767][ T7227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 207.740787][ T7227] Call Trace: [ 207.740799][ T7227] [ 207.740812][ T7227] dump_stack_lvl+0x16c/0x1f0 [ 207.740858][ T7227] should_fail_ex+0x512/0x640 [ 207.740906][ T7227] ? __kmalloc_noprof+0xca/0x880 [ 207.740961][ T7227] should_failslab+0xc2/0x120 [ 207.741005][ T7227] __kmalloc_noprof+0xdd/0x880 [ 207.741055][ T7227] ? __pfx___mutex_lock+0x10/0x10 [ 207.741093][ T7227] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 207.741142][ T7227] ? kvm_io_bus_register_dev+0x1cf/0x720 [ 207.741180][ T7227] kvm_io_bus_register_dev+0x1cf/0x720 [ 207.741242][ T7227] kvm_ioapic_init+0x429/0x590 [ 207.741285][ T7227] kvm_arch_vm_ioctl+0x912/0x18b0 [ 207.741325][ T7227] ? register_lock_class+0x41/0x4c0 [ 207.741368][ T7227] ? find_held_lock+0x2b/0x80 [ 207.741401][ T7227] ? __pfx_kvm_arch_vm_ioctl+0x10/0x10 [ 207.741440][ T7227] ? ima_match_policy+0x7f9/0x22e0 [ 207.741479][ T7227] ? __lock_acquire+0x622/0x1c90 [ 207.741531][ T7227] ? __lock_acquire+0x622/0x1c90 [ 207.741587][ T7227] ? __lock_acquire+0x622/0x1c90 [ 207.741640][ T7227] ? __lock_acquire+0x622/0x1c90 [ 207.741714][ T7227] ? bpf_ksym_find+0x124/0x1c0 [ 207.741750][ T7227] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 207.741792][ T7227] ? is_bpf_text_address+0x94/0x1a0 [ 207.741838][ T7227] ? kernel_text_address+0x8d/0x100 [ 207.741888][ T7227] ? widen_string+0xdc/0x2d0 [ 207.741932][ T7227] ? __kernel_text_address+0xd/0x40 [ 207.741960][ T7227] ? unwind_get_return_address+0x59/0xa0 [ 207.742015][ T7227] ? arch_stack_walk+0xa6/0x100 [ 207.742067][ T7227] ? stack_trace_save+0x8e/0xc0 [ 207.742105][ T7227] ? __pfx_stack_trace_save+0x10/0x10 [ 207.742144][ T7227] ? stack_depot_save_flags+0x29/0x9c0 [ 207.742203][ T7227] ? __lock_acquire+0xb8a/0x1c90 [ 207.742257][ T7227] ? kasan_save_stack+0x42/0x60 [ 207.742294][ T7227] ? kasan_save_stack+0x33/0x60 [ 207.742330][ T7227] ? kasan_save_track+0x14/0x30 [ 207.742366][ T7227] ? __kasan_save_free_info+0x3b/0x60 [ 207.742394][ T7227] ? __kasan_slab_free+0x5f/0x80 [ 207.742431][ T7227] ? kfree+0x2b8/0x6d0 [ 207.742455][ T7227] ? tomoyo_path_number_perm+0x470/0x580 [ 207.742517][ T7227] kvm_vm_ioctl+0x1a91/0x3fd0 [ 207.742571][ T7227] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.742634][ T7227] ? kasan_quarantine_put+0x10a/0x240 [ 207.742671][ T7227] ? lockdep_hardirqs_on+0x7c/0x110 [ 207.742711][ T7227] ? find_held_lock+0x2b/0x80 [ 207.742746][ T7227] ? tomoyo_path_number_perm+0x295/0x580 [ 207.742806][ T7227] ? tomoyo_path_number_perm+0x18d/0x580 [ 207.742861][ T7227] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 207.742931][ T7227] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 207.742990][ T7227] ? do_vfs_ioctl+0x128/0x14f0 [ 207.743038][ T7227] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 207.743099][ T7227] ? find_held_lock+0x2b/0x80 [ 207.743131][ T7227] ? hook_file_ioctl_common+0x145/0x410 [ 207.743174][ T7227] ? __fget_files+0x20e/0x3c0 [ 207.743212][ T7227] ? __pfx_kvm_vm_ioctl+0x10/0x10 [ 207.743334][ T7227] __x64_sys_ioctl+0x18e/0x210 [ 207.743393][ T7227] do_syscall_64+0xcd/0xfa0 [ 207.743441][ T7227] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 207.743476][ T7227] RIP: 0033:0x7fbf2898efc9 [ 207.743503][ T7227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 207.743536][ T7227] RSP: 002b:00007fbf26bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 207.743568][ T7227] RAX: ffffffffffffffda RBX: 00007fbf28be5fa0 RCX: 00007fbf2898efc9 [ 207.743589][ T7227] RDX: 0010000000000402 RSI: 000000000000ae60 RDI: 0000000000000003 [ 207.743610][ T7227] RBP: 00007fbf28a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 207.743631][ T7227] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 207.743650][ T7227] R13: 00007fbf28be6038 R14: 00007fbf28be5fa0 R15: 00007ffd7be9ee48 [ 207.743697][ T7227] [ 208.857525][ T7247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 208.869977][ T7247] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 208.893786][ T7247] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 208.903411][ T7247] page_type: f5(slab) [ 208.979968][ T7247] raw: 00fff00000000040 ffff8881404078c0 dead000000000122 0000000000000000 [ 209.040876][ T7247] raw: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 209.133739][ T7247] head: 00fff00000000040 ffff8881404078c0 dead000000000122 0000000000000000 [ 209.139033][ T7255] netlink: 28 bytes leftover after parsing attributes in process `syz.0.451'. [ 209.144071][ T7247] head: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 209.144164][ T7247] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 209.180057][ T7247] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 209.220491][ T7247] page dumped because: unmovable page [ 209.247634][ T7247] page_owner tracks the page as allocated [ 209.256518][ T7247] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5213, tgid 5213 (udevadm), ts 62128217176, free_ts 50143012861 [ 209.286403][ T7247] post_alloc_hook+0x1c0/0x230 [ 209.292172][ T7247] get_page_from_freelist+0x10a3/0x3a30 [ 209.300473][ T7247] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 209.352435][ T7247] alloc_pages_mpol+0x1fb/0x550 [ 209.358920][ T7247] new_slab+0x24a/0x360 [ 209.364699][ T7247] ___slab_alloc+0xdae/0x1a60 [ 209.370931][ T7247] __slab_alloc.constprop.0+0x63/0x110 [ 209.382106][ T7247] kmem_cache_alloc_lru_noprof+0x443/0x6e0 [ 209.392899][ T7247] alloc_inode+0xc3/0x240 [ 209.397718][ T7247] iget_locked+0x2fa/0x860 [ 209.408766][ T7247] kernfs_get_inode+0x48/0x460 [ 209.419994][ T7247] kernfs_iop_lookup+0x1a7/0x2d0 [ 209.459121][ T7247] __lookup_slow+0x251/0x460 [ 209.475505][ T7247] walk_component+0x353/0x5b0 [ 209.484439][ T7247] path_lookupat+0x142/0x6d0 [ 209.491479][ T7247] filename_lookup+0x224/0x5f0 [ 209.499008][ T7247] page last free pid 1 tgid 1 stack trace: [ 209.505718][ T7247] __free_frozen_pages+0x7df/0x1160 [ 209.511776][ T7247] free_contig_range+0x183/0x4b0 [ 209.517134][ T7247] destroy_args+0xb69/0x12e0 [ 209.525085][ T7247] debug_vm_pgtable+0x1a32/0x3640 [ 209.531311][ T7247] do_one_initcall+0x123/0x6e0 [ 209.537090][ T7247] kernel_init_freeable+0x5c8/0x920 [ 209.549115][ T7247] kernel_init+0x1c/0x2b0 [ 209.554949][ T7247] ret_from_fork+0x675/0x7d0 [ 209.560826][ T7247] ret_from_fork_asm+0x1a/0x30 [ 210.664215][ T7289] FAULT_INJECTION: forcing a failure. [ 210.664215][ T7289] name failslab, interval 1, probability 0, space 0, times 0 [ 210.683742][ T7289] CPU: 1 UID: 0 PID: 7289 Comm: syz.1.460 Not tainted syzkaller #0 PREEMPT(full) [ 210.683792][ T7289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 210.683819][ T7289] Call Trace: [ 210.683833][ T7289] [ 210.683850][ T7289] dump_stack_lvl+0x16c/0x1f0 [ 210.684270][ T7289] should_fail_ex+0x512/0x640 [ 210.684319][ T7289] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 210.684358][ T7289] should_failslab+0xc2/0x120 [ 210.684398][ T7289] kmem_cache_alloc_node_noprof+0x78/0x770 [ 210.684432][ T7289] ? __alloc_skb+0x2b2/0x380 [ 210.684489][ T7289] ? __alloc_skb+0x2b2/0x380 [ 210.684538][ T7289] __alloc_skb+0x2b2/0x380 [ 210.684589][ T7289] ? __pfx___alloc_skb+0x10/0x10 [ 210.684651][ T7289] ? find_held_lock+0x2b/0x80 [ 210.684691][ T7289] __ip6_append_data+0x2b74/0x4740 [ 210.684748][ T7289] ? __pfx_raw6_getfrag+0x10/0x10 [ 210.684806][ T7289] ? __pfx___ip6_append_data+0x10/0x10 [ 210.684854][ T7289] ? __pfx_ip6_mtu+0x10/0x10 [ 210.684891][ T7289] ? ip6_setup_cork+0xc51/0x1530 [ 210.684935][ T7289] ip6_append_data+0x1ba/0x4c0 [ 210.684981][ T7289] ? __pfx_raw6_getfrag+0x10/0x10 [ 210.685027][ T7289] rawv6_sendmsg+0x163e/0x4860 [ 210.685069][ T7289] ? aa_label_sk_perm+0x195/0x600 [ 210.685110][ T7289] ? aa_profile_af_perm+0x310/0x3a0 [ 210.685149][ T7289] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 210.685266][ T7289] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 210.685312][ T7289] ? inet_sendmsg+0x11c/0x140 [ 210.685357][ T7289] inet_sendmsg+0x11c/0x140 [ 210.685403][ T7289] sock_write_iter+0x509/0x610 [ 210.685446][ T7289] ? __pfx_sock_write_iter+0x10/0x10 [ 210.685503][ T7289] ? __futex_wait+0x24b/0x2f0 [ 210.685568][ T7289] ? copy_iovec_from_user+0x131/0x170 [ 210.685624][ T7289] do_iter_readv_writev+0x662/0x9e0 [ 210.685662][ T7289] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 210.685702][ T7289] ? bpf_lsm_file_permission+0x9/0x10 [ 210.685741][ T7289] ? security_file_permission+0x71/0x210 [ 210.685778][ T7289] ? rw_verify_area+0xcf/0x6c0 [ 210.685813][ T7289] vfs_writev+0x35f/0xde0 [ 210.685857][ T7289] ? __pfx_vfs_writev+0x10/0x10 [ 210.686024][ T7289] ? __fget_files+0x20e/0x3c0 [ 210.686072][ T7289] ? do_writev+0x28c/0x340 [ 210.686102][ T7289] do_writev+0x28c/0x340 [ 210.686136][ T7289] ? __pfx_do_writev+0x10/0x10 [ 210.686204][ T7289] do_syscall_64+0xcd/0xfa0 [ 210.686246][ T7289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 210.686279][ T7289] RIP: 0033:0x7f1b0838efc9 [ 210.686305][ T7289] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 210.686335][ T7289] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 210.686365][ T7289] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 210.686386][ T7289] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 210.686406][ T7289] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 210.686425][ T7289] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 210.686443][ T7289] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 210.686487][ T7289] [ 211.357876][ T7292] netlink: 'syz.1.463': attribute type 27 has an invalid length. [ 211.392986][ T7292] netlink: 146 bytes leftover after parsing attributes in process `syz.1.463'. [ 212.742357][ T7316] netlink: 62 bytes leftover after parsing attributes in process `syz.2.471'. [ 214.669302][ T7332] sp0: Synchronizing with TNC [ 215.579590][ T7355] netlink: 342 bytes leftover after parsing attributes in process `syz.3.484'. [ 215.654435][ T7355] netlink: 274 bytes leftover after parsing attributes in process `syz.3.484'. [ 219.184004][ T7397] FAULT_INJECTION: forcing a failure. [ 219.184004][ T7397] name failslab, interval 1, probability 0, space 0, times 0 [ 219.206107][ T7397] CPU: 0 UID: 0 PID: 7397 Comm: syz.0.496 Not tainted syzkaller #0 PREEMPT(full) [ 219.206158][ T7397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 219.206176][ T7397] Call Trace: [ 219.206185][ T7397] [ 219.206196][ T7397] dump_stack_lvl+0x16c/0x1f0 [ 219.206233][ T7397] should_fail_ex+0x512/0x640 [ 219.206277][ T7397] ? __kmalloc_noprof+0xca/0x880 [ 219.206325][ T7397] should_failslab+0xc2/0x120 [ 219.206369][ T7397] __kmalloc_noprof+0xdd/0x880 [ 219.206415][ T7397] ? ieee80211_txq_setup_flows+0x1a6/0xdf0 [ 219.206454][ T7397] ? ieee80211_txq_setup_flows+0x208/0xdf0 [ 219.206497][ T7397] ? ieee80211_txq_setup_flows+0x208/0xdf0 [ 219.206533][ T7397] ieee80211_txq_setup_flows+0x208/0xdf0 [ 219.206581][ T7397] ieee80211_register_hw+0x216d/0x4120 [ 219.206629][ T7397] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 219.206665][ T7397] ? __pfx___debug_object_init+0x10/0x10 [ 219.206706][ T7397] ? find_held_lock+0x2b/0x80 [ 219.206735][ T7397] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 219.206783][ T7397] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 219.206820][ T7397] ? __hrtimer_setup+0x176/0x280 [ 219.206865][ T7397] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 219.206914][ T7397] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 219.206953][ T7397] hwsim_new_radio_nl+0xba2/0x1330 [ 219.206984][ T7397] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 219.207022][ T7397] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 219.207060][ T7397] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 219.207103][ T7397] genl_family_rcv_msg_doit+0x209/0x2f0 [ 219.207164][ T7397] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 219.207210][ T7397] ? bpf_lsm_capable+0x9/0x10 [ 219.207247][ T7397] ? security_capable+0x7e/0x260 [ 219.207288][ T7397] ? ns_capable+0xd7/0x110 [ 219.207321][ T7397] genl_rcv_msg+0x55c/0x800 [ 219.207358][ T7397] ? __pfx_genl_rcv_msg+0x10/0x10 [ 219.207392][ T7397] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 219.207438][ T7397] netlink_rcv_skb+0x158/0x420 [ 219.207470][ T7397] ? __pfx_genl_rcv_msg+0x10/0x10 [ 219.207509][ T7397] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 219.207553][ T7397] ? netlink_deliver_tap+0x1ae/0xd30 [ 219.207605][ T7397] genl_rcv+0x28/0x40 [ 219.207633][ T7397] netlink_unicast+0x5aa/0x870 [ 219.207666][ T7397] ? __pfx_netlink_unicast+0x10/0x10 [ 219.207708][ T7397] netlink_sendmsg+0x8c8/0xdd0 [ 219.207742][ T7397] ? __pfx_netlink_sendmsg+0x10/0x10 [ 219.207775][ T7397] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 219.207821][ T7397] ____sys_sendmsg+0xa98/0xc70 [ 219.207857][ T7397] ? copy_msghdr_from_user+0x10a/0x160 [ 219.207882][ T7397] ? __pfx_____sys_sendmsg+0x10/0x10 [ 219.207932][ T7397] ___sys_sendmsg+0x134/0x1d0 [ 219.207955][ T7397] ? futex_private_hash_put+0x176/0x300 [ 219.207992][ T7397] ? __pfx____sys_sendmsg+0x10/0x10 [ 219.208015][ T7397] ? __lock_acquire+0x622/0x1c90 [ 219.208094][ T7397] __sys_sendmsg+0x16d/0x220 [ 219.208120][ T7397] ? __pfx___sys_sendmsg+0x10/0x10 [ 219.208172][ T7397] ? __x64_sys_futex+0x1e0/0x4c0 [ 219.208234][ T7397] do_syscall_64+0xcd/0xfa0 [ 219.208268][ T7397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 219.208296][ T7397] RIP: 0033:0x7faa9998efc9 [ 219.208319][ T7397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 219.208346][ T7397] RSP: 002b:00007faa9a8a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 219.208372][ T7397] RAX: ffffffffffffffda RBX: 00007faa99be5fa0 RCX: 00007faa9998efc9 [ 219.208390][ T7397] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000005 [ 219.208407][ T7397] RBP: 00007faa99a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 219.208423][ T7397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 219.208439][ T7397] R13: 00007faa99be6038 R14: 00007faa99be5fa0 R15: 00007fffa31f0c68 [ 219.208475][ T7397] [ 222.444243][ T7434] netlink: 28 bytes leftover after parsing attributes in process `syz.2.506'. [ 223.762367][ T7468] netlink: 138 bytes leftover after parsing attributes in process `syz.3.518'. [ 223.945680][ T7472] netlink: 28 bytes leftover after parsing attributes in process `syz.1.521'. [ 224.108199][ T7476] netlink: 342 bytes leftover after parsing attributes in process `syz.0.523'. [ 224.142522][ T7476] netlink: 274 bytes leftover after parsing attributes in process `syz.0.523'. [ 224.481834][ T7487] FAULT_INJECTION: forcing a failure. [ 224.481834][ T7487] name failslab, interval 1, probability 0, space 0, times 0 [ 224.507175][ T7487] CPU: 0 UID: 0 PID: 7487 Comm: syz.0.528 Not tainted syzkaller #0 PREEMPT(full) [ 224.507219][ T7487] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 224.507237][ T7487] Call Trace: [ 224.507247][ T7487] [ 224.507259][ T7487] dump_stack_lvl+0x16c/0x1f0 [ 224.507299][ T7487] should_fail_ex+0x512/0x640 [ 224.507347][ T7487] ? kmem_cache_alloc_node_noprof+0x65/0x770 [ 224.507389][ T7487] should_failslab+0xc2/0x120 [ 224.507432][ T7487] kmem_cache_alloc_node_noprof+0x78/0x770 [ 224.507467][ T7487] ? __alloc_skb+0x2b2/0x380 [ 224.507524][ T7487] ? __alloc_skb+0x2b2/0x380 [ 224.507570][ T7487] __alloc_skb+0x2b2/0x380 [ 224.507620][ T7487] ? __pfx___alloc_skb+0x10/0x10 [ 224.507676][ T7487] ? find_held_lock+0x2b/0x80 [ 224.507714][ T7487] __ip6_append_data+0x2b74/0x4740 [ 224.507772][ T7487] ? __pfx_raw6_getfrag+0x10/0x10 [ 224.507866][ T7487] ? __pfx___ip6_append_data+0x10/0x10 [ 224.507914][ T7487] ? __pfx_ip6_mtu+0x10/0x10 [ 224.507950][ T7487] ? ip6_setup_cork+0xc51/0x1530 [ 224.508001][ T7487] ip6_append_data+0x1ba/0x4c0 [ 224.508047][ T7487] ? __pfx_raw6_getfrag+0x10/0x10 [ 224.508094][ T7487] rawv6_sendmsg+0x163e/0x4860 [ 224.508136][ T7487] ? aa_label_sk_perm+0x195/0x600 [ 224.508176][ T7487] ? aa_profile_af_perm+0x310/0x3a0 [ 224.508215][ T7487] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 224.508320][ T7487] ? __pfx_rawv6_sendmsg+0x10/0x10 [ 224.508364][ T7487] ? inet_sendmsg+0x11c/0x140 [ 224.508408][ T7487] inet_sendmsg+0x11c/0x140 [ 224.508457][ T7487] sock_write_iter+0x509/0x610 [ 224.508499][ T7487] ? __pfx_sock_write_iter+0x10/0x10 [ 224.508555][ T7487] ? __futex_wait+0x24b/0x2f0 [ 224.508608][ T7487] ? copy_iovec_from_user+0x131/0x170 [ 224.508664][ T7487] do_iter_readv_writev+0x662/0x9e0 [ 224.508702][ T7487] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 224.508742][ T7487] ? bpf_lsm_file_permission+0x9/0x10 [ 224.508779][ T7487] ? security_file_permission+0x71/0x210 [ 224.508814][ T7487] ? rw_verify_area+0xcf/0x6c0 [ 224.508858][ T7487] vfs_writev+0x35f/0xde0 [ 224.508902][ T7487] ? __pfx_vfs_writev+0x10/0x10 [ 224.508966][ T7487] ? __fget_files+0x20e/0x3c0 [ 224.509010][ T7487] ? do_writev+0x28c/0x340 [ 224.509038][ T7487] do_writev+0x28c/0x340 [ 224.509071][ T7487] ? __pfx_do_writev+0x10/0x10 [ 224.509115][ T7487] do_syscall_64+0xcd/0xfa0 [ 224.509155][ T7487] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 224.509187][ T7487] RIP: 0033:0x7faa9998efc9 [ 224.509213][ T7487] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 224.509245][ T7487] RSP: 002b:00007faa9a8a4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 224.509277][ T7487] RAX: ffffffffffffffda RBX: 00007faa99be5fa0 RCX: 00007faa9998efc9 [ 224.509298][ T7487] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 224.509324][ T7487] RBP: 00007faa99a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 224.509344][ T7487] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 224.509364][ T7487] R13: 00007faa99be6038 R14: 00007faa99be5fa0 R15: 00007fffa31f0c68 [ 224.509409][ T7487] [ 225.208888][ T7503] netlink: 330 bytes leftover after parsing attributes in process `syz.1.535'. [ 226.234233][ T7523] sp0: Synchronizing with TNC [ 226.658991][ T7530] sp0: Synchronizing with TNC [ 226.927135][ T30] audit: type=1800 audit(1761393785.195:2): pid=7536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.546" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 228.783625][ T7578] FAULT_INJECTION: forcing a failure. [ 228.783625][ T7578] name failslab, interval 1, probability 0, space 0, times 0 [ 228.847947][ T7578] CPU: 0 UID: 0 PID: 7578 Comm: syz.3.559 Not tainted syzkaller #0 PREEMPT(full) [ 228.847987][ T7578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 228.848001][ T7578] Call Trace: [ 228.848009][ T7578] [ 228.848018][ T7578] dump_stack_lvl+0x16c/0x1f0 [ 228.848050][ T7578] should_fail_ex+0x512/0x640 [ 228.848257][ T7578] ? kmem_cache_alloc_lru_noprof+0x66/0x6e0 [ 228.848287][ T7578] should_failslab+0xc2/0x120 [ 228.848320][ T7578] kmem_cache_alloc_lru_noprof+0x79/0x6e0 [ 228.848344][ T7578] ? d_lookup+0xe7/0x190 [ 228.848378][ T7578] ? alloc_inode+0x64/0x240 [ 228.848416][ T7578] ? __pfx_debugfs_alloc_inode+0x10/0x10 [ 228.848459][ T7578] ? alloc_inode+0x64/0x240 [ 228.848498][ T7578] alloc_inode+0x64/0x240 [ 228.848530][ T7578] new_inode+0x22/0x1c0 [ 228.848566][ T7578] __debugfs_create_file+0x11c/0x6b0 [ 228.848596][ T7578] debugfs_create_file_unsafe+0x3c/0x50 [ 228.848642][ T7578] ptp_open+0x3ee/0x550 [ 228.848707][ T7578] ? __pfx_ptp_open+0x10/0x10 [ 228.848769][ T7578] ? __pfx_ptp_open+0x10/0x10 [ 228.848818][ T7578] posix_clock_open+0x17b/0x290 [ 228.848862][ T7578] ? __pfx_posix_clock_open+0x10/0x10 [ 228.848903][ T7578] chrdev_open+0x234/0x6a0 [ 228.848940][ T7578] ? __pfx_apparmor_file_open+0x10/0x10 [ 228.848990][ T7578] ? __pfx_chrdev_open+0x10/0x10 [ 228.849032][ T7578] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 228.849076][ T7578] do_dentry_open+0x982/0x1530 [ 228.849112][ T7578] ? __pfx_chrdev_open+0x10/0x10 [ 228.849168][ T7578] vfs_open+0x82/0x3f0 [ 228.849218][ T7578] path_openat+0x1de4/0x2cb0 [ 228.849265][ T7578] ? __pfx_path_openat+0x10/0x10 [ 228.849301][ T7578] ? __lock_acquire+0xb8a/0x1c90 [ 228.849351][ T7578] do_filp_open+0x20b/0x470 [ 228.849384][ T7578] ? __pfx_do_filp_open+0x10/0x10 [ 228.849445][ T7578] ? alloc_fd+0x471/0x7d0 [ 228.849486][ T7578] do_sys_openat2+0x11b/0x1d0 [ 228.849529][ T7578] ? __pfx_do_sys_openat2+0x10/0x10 [ 228.849587][ T7578] __x64_sys_openat+0x174/0x210 [ 228.849632][ T7578] ? __pfx___x64_sys_openat+0x10/0x10 [ 228.849691][ T7578] do_syscall_64+0xcd/0xfa0 [ 228.849727][ T7578] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.849757][ T7578] RIP: 0033:0x7fbf2898efc9 [ 228.849781][ T7578] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.849812][ T7578] RSP: 002b:00007fbf26bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 228.849842][ T7578] RAX: ffffffffffffffda RBX: 00007fbf28be5fa0 RCX: 00007fbf2898efc9 [ 228.849862][ T7578] RDX: 0000000000000080 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 228.849881][ T7578] RBP: 00007fbf28a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 228.849900][ T7578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 228.849918][ T7578] R13: 00007fbf28be6038 R14: 00007fbf28be5fa0 R15: 00007ffd7be9ee48 [ 228.849960][ T7578] [ 228.850115][ T7578] debugfs: out of free dentries, can not create file 'mask' [ 229.952644][ T7589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x78000 [ 229.993102][ T7589] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 230.061071][ T7589] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 230.113052][ T7589] page_type: f5(slab) [ 230.130675][ T7589] raw: 00fff00000000040 ffff8881404078c0 dead000000000122 0000000000000000 [ 230.160572][ T7589] raw: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 230.200474][ T7589] head: 00fff00000000040 ffff8881404078c0 dead000000000122 0000000000000000 [ 230.230325][ T7589] head: 0000000000000000 0000000000190019 00000000f5000000 0000000000000000 [ 230.257166][ T7589] head: 00fff00000000003 ffffea0001e00001 00000000ffffffff 00000000ffffffff [ 230.296141][ T7589] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 230.310612][ T7589] page dumped because: unmovable page [ 230.318323][ T7589] page_owner tracks the page as allocated [ 230.328651][ T7589] page last allocated via order 3, migratetype Reclaimable, gfp_mask 0xd20d0(__GFP_RECLAIMABLE|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5213, tgid 5213 (udevadm), ts 62128217176, free_ts 50143012861 [ 230.355190][ T7589] post_alloc_hook+0x1c0/0x230 [ 230.361203][ T7589] get_page_from_freelist+0x10a3/0x3a30 [ 230.368380][ T7589] __alloc_frozen_pages_noprof+0x25f/0x2470 [ 230.375470][ T7589] alloc_pages_mpol+0x1fb/0x550 [ 230.384283][ T7589] new_slab+0x24a/0x360 [ 230.390254][ T7589] ___slab_alloc+0xdae/0x1a60 [ 230.396153][ T7589] __slab_alloc.constprop.0+0x63/0x110 [ 230.399679][ T7602] FAULT_INJECTION: forcing a failure. [ 230.399679][ T7602] name failslab, interval 1, probability 0, space 0, times 0 [ 230.405383][ T7589] kmem_cache_alloc_lru_noprof+0x443/0x6e0 [ 230.424923][ T7589] alloc_inode+0xc3/0x240 [ 230.431850][ T7602] CPU: 0 UID: 0 PID: 7602 Comm: syz.3.565 Not tainted syzkaller #0 PREEMPT(full) [ 230.431892][ T7602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 230.431911][ T7602] Call Trace: [ 230.431921][ T7602] [ 230.431932][ T7602] dump_stack_lvl+0x16c/0x1f0 [ 230.431973][ T7602] should_fail_ex+0x512/0x640 [ 230.432020][ T7602] ? kmem_cache_alloc_noprof+0x62/0x6e0 [ 230.432067][ T7602] should_failslab+0xc2/0x120 [ 230.432114][ T7602] kmem_cache_alloc_noprof+0x75/0x6e0 [ 230.432146][ T7602] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 230.432177][ T7602] ? acpi_ut_create_generic_state+0x61/0xc0 [ 230.432234][ T7602] ? acpi_ut_create_generic_state+0x61/0xc0 [ 230.432281][ T7602] acpi_ut_create_generic_state+0x61/0xc0 [ 230.432329][ T7602] acpi_ps_push_scope+0x42/0x280 [ 230.432388][ T7602] acpi_ps_parse_loop+0x334/0x2470 [ 230.432450][ T7602] ? __pfx_acpi_ps_parse_loop+0x10/0x10 [ 230.432497][ T7602] ? kmem_cache_alloc_noprof+0x2a1/0x6e0 [ 230.432535][ T7602] ? __pfx_acpi_ut_track_stack_ptr+0x10/0x10 [ 230.432706][ T7602] ? acpi_ut_create_thread_state+0x6d/0x170 [ 230.432772][ T7602] acpi_ps_parse_aml+0x817/0x1170 [ 230.432829][ T7602] acpi_ps_execute_method+0x5c4/0xe90 [ 230.432874][ T7602] acpi_ns_evaluate+0x98c/0x16d0 [ 230.432930][ T7602] acpi_evaluate_object+0x4ca/0xdf0 [ 230.432989][ T7602] ? __pfx_acpi_evaluate_object+0x10/0x10 [ 230.433063][ T7602] ? __mutex_trylock_common+0xe9/0x250 [ 230.433120][ T7602] acpi_evaluate_integer+0xdd/0x200 [ 230.433160][ T7602] ? __pfx_acpi_evaluate_integer+0x10/0x10 [ 230.433520][ T7602] ? __pfx_status_show+0x10/0x10 [ 230.433585][ T7602] status_show+0xa0/0x120 [ 230.433633][ T7602] ? __pfx_status_show+0x10/0x10 [ 230.433694][ T7602] dev_attr_show+0x56/0xe0 [ 230.433749][ T7602] ? __pfx_dev_attr_show+0x10/0x10 [ 230.433796][ T7602] sysfs_kf_seq_show+0x216/0x3e0 [ 230.433855][ T7602] seq_read_iter+0x50e/0x12d0 [ 230.433927][ T7602] kernfs_fop_read_iter+0x46c/0x610 [ 230.434008][ T7602] ? rw_verify_area+0xcf/0x6c0 [ 230.434046][ T7602] vfs_read+0x8bf/0xcf0 [ 230.434086][ T7602] ? __pfx___mutex_lock+0x10/0x10 [ 230.434129][ T7602] ? __pfx_vfs_read+0x10/0x10 [ 230.434196][ T7602] ksys_read+0x12a/0x250 [ 230.434228][ T7602] ? __pfx_ksys_read+0x10/0x10 [ 230.434273][ T7602] do_syscall_64+0xcd/0xfa0 [ 230.434315][ T7602] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.434349][ T7602] RIP: 0033:0x7fbf2898efc9 [ 230.434378][ T7602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.434409][ T7602] RSP: 002b:00007fbf26bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 230.434445][ T7602] RAX: ffffffffffffffda RBX: 00007fbf28be6090 RCX: 00007fbf2898efc9 [ 230.434468][ T7602] RDX: 000000000000007a RSI: 0000200000000140 RDI: 0000000000000005 [ 230.434490][ T7602] RBP: 00007fbf28a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 230.434512][ T7602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 230.434533][ T7602] R13: 00007fbf28be6128 R14: 00007fbf28be6090 R15: 00007ffd7be9ee48 [ 230.434578][ T7602] [ 230.434865][ T7602] ACPI Error: [ 230.455946][ T7589] iget_locked+0x2fa/0x860 [ 230.457328][ T7602] Aborting method [ 230.469117][ T7589] kernfs_get_inode+0x48/0x460 [ 230.481318][ T7602] \_SB.LNKA._STA [ 230.494631][ T7589] kernfs_iop_lookup+0x1a7/0x2d0 [ 230.523906][ T7602] due to previous error (AE_NO_MEMORY) [ 230.540388][ T7589] __lookup_slow+0x251/0x460 [ 230.576909][ T7602] (20250807/psparse-529) [ 230.596221][ T7589] walk_component+0x353/0x5b0 [ 230.884087][ T7589] path_lookupat+0x142/0x6d0 [ 230.889842][ T7589] filename_lookup+0x224/0x5f0 [ 230.896181][ T7589] page last free pid 1 tgid 1 stack trace: [ 230.904544][ T7589] __free_frozen_pages+0x7df/0x1160 [ 230.910673][ T7589] free_contig_range+0x183/0x4b0 [ 230.919399][ T7589] destroy_args+0xb69/0x12e0 [ 230.924361][ T7589] debug_vm_pgtable+0x1a32/0x3640 [ 230.935161][ T7589] do_one_initcall+0x123/0x6e0 [ 230.940583][ T7589] kernel_init_freeable+0x5c8/0x920 [ 230.951004][ T7589] kernel_init+0x1c/0x2b0 [ 230.957365][ T7589] ret_from_fork+0x675/0x7d0 [ 230.962929][ T7589] ret_from_fork_asm+0x1a/0x30 [ 232.007531][ T7625] netlink: 28 bytes leftover after parsing attributes in process `syz.3.572'. [ 234.373495][ T7664] netlink: 28 bytes leftover after parsing attributes in process `syz.0.585'. [ 235.238424][ T7673] mkiss: ax0: crc mode is auto. [ 235.458683][ T7681] FAULT_INJECTION: forcing a failure. [ 235.458683][ T7681] name failslab, interval 1, probability 0, space 0, times 0 [ 235.504902][ T7681] CPU: 1 UID: 0 PID: 7681 Comm: syz.0.591 Not tainted syzkaller #0 PREEMPT(full) [ 235.504948][ T7681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 235.504977][ T7681] Call Trace: [ 235.504987][ T7681] [ 235.505001][ T7681] dump_stack_lvl+0x16c/0x1f0 [ 235.505043][ T7681] should_fail_ex+0x512/0x640 [ 235.505091][ T7681] ? fs_reclaim_acquire+0xae/0x150 [ 235.505134][ T7681] should_failslab+0xc2/0x120 [ 235.505171][ T7681] kmem_cache_alloc_noprof+0x75/0x6e0 [ 235.505201][ T7681] ? jbd2__journal_start+0x193/0x6a0 [ 235.505235][ T7681] ? jbd2__journal_start+0x193/0x6a0 [ 235.505259][ T7681] jbd2__journal_start+0x193/0x6a0 [ 235.505289][ T7681] __ext4_journal_start_sb+0x195/0x690 [ 235.505326][ T7681] ? ext4_dirty_inode+0xa1/0x130 [ 235.505367][ T7681] ? __pfx_ext4_dirty_inode+0x10/0x10 [ 235.505407][ T7681] ext4_dirty_inode+0xa1/0x130 [ 235.505445][ T7681] ? rcu_is_watching+0x12/0xc0 [ 235.505475][ T7681] __mark_inode_dirty+0x1ee/0xe40 [ 235.505520][ T7681] generic_update_time+0xcf/0xf0 [ 235.505557][ T7681] file_modified+0x207/0x240 [ 235.505593][ T7681] ext4_fallocate+0x24a/0x37a0 [ 235.505648][ T7681] ? __pfx_ext4_fallocate+0x10/0x10 [ 235.505690][ T7681] vfs_fallocate+0x5b4/0x10e0 [ 235.505726][ T7681] ? __pfx_vfs_fallocate+0x10/0x10 [ 235.505758][ T7681] ? madvise_vma_behavior+0x2b12/0x2d50 [ 235.505816][ T7681] madvise_vma_behavior+0x2ac9/0x2d50 [ 235.505888][ T7681] ? mas_prev_setup.constprop.0+0xb6/0x9d0 [ 235.505920][ T7681] ? __pfx_madvise_vma_behavior+0x10/0x10 [ 235.505965][ T7681] ? mas_prev+0x9b/0xf0 [ 235.505999][ T7681] ? __pfx_mas_prev+0x10/0x10 [ 235.506040][ T7681] ? find_vma_prev+0xd3/0x150 [ 235.506075][ T7681] ? find_held_lock+0x2b/0x80 [ 235.506103][ T7681] ? __pfx_find_vma_prev+0x10/0x10 [ 235.506150][ T7681] ? __futex_wait+0x24b/0x2f0 [ 235.506200][ T7681] madvise_walk_vmas+0x31f/0x9c0 [ 235.506246][ T7681] ? __pfx_madvise_walk_vmas+0x10/0x10 [ 235.506297][ T7681] madvise_do_behavior+0x1e2/0x530 [ 235.506336][ T7681] ? futex_private_hash_put+0x18a/0x300 [ 235.506373][ T7681] ? __pfx_madvise_do_behavior+0x10/0x10 [ 235.506415][ T7681] ? down_read+0x13d/0x480 [ 235.506467][ T7681] do_madvise+0x176/0x240 [ 235.506505][ T7681] ? __pfx_do_madvise+0x10/0x10 [ 235.506543][ T7681] ? do_futex+0x122/0x350 [ 235.506604][ T7681] ? __pfx_ksys_write+0x10/0x10 [ 235.506642][ T7681] __x64_sys_madvise+0xa9/0x110 [ 235.506698][ T7681] ? lockdep_hardirqs_on+0x7c/0x110 [ 235.506729][ T7681] do_syscall_64+0xcd/0xfa0 [ 235.506765][ T7681] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.506794][ T7681] RIP: 0033:0x7faa9998efc9 [ 235.506817][ T7681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.506844][ T7681] RSP: 002b:00007faa9a8a4038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c [ 235.506879][ T7681] RAX: ffffffffffffffda RBX: 00007faa99be5fa0 RCX: 00007faa9998efc9 [ 235.506898][ T7681] RDX: 0000000000000009 RSI: 0000000000000001 RDI: 000000110c230000 [ 235.506915][ T7681] RBP: 00007faa99a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 235.506931][ T7681] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.506947][ T7681] R13: 00007faa99be6038 R14: 00007faa99be5fa0 R15: 00007fffa31f0c68 [ 235.506983][ T7681] [ 236.905657][ T7701] netlink: 28 bytes leftover after parsing attributes in process `syz.1.596'. [ 237.161263][ T7705] sp0: Synchronizing with TNC [ 237.322646][ T7707] sp0: Synchronizing with TNC [ 237.765925][ T7721] FAULT_INJECTION: forcing a failure. [ 237.765925][ T7721] name failslab, interval 1, probability 0, space 0, times 0 [ 237.801042][ T7721] CPU: 0 UID: 0 PID: 7721 Comm: syz.3.604 Not tainted syzkaller #0 PREEMPT(full) [ 237.801084][ T7721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 237.801102][ T7721] Call Trace: [ 237.801112][ T7721] [ 237.801124][ T7721] dump_stack_lvl+0x16c/0x1f0 [ 237.801164][ T7721] should_fail_ex+0x512/0x640 [ 237.801216][ T7721] ? __kmalloc_noprof+0xca/0x880 [ 237.801272][ T7721] should_failslab+0xc2/0x120 [ 237.801317][ T7721] __kmalloc_noprof+0xdd/0x880 [ 237.801370][ T7721] ? realloc_user_queue+0x288/0x320 [ 237.801423][ T7721] ? realloc_user_queue+0x288/0x320 [ 237.801467][ T7721] realloc_user_queue+0x288/0x320 [ 237.801515][ T7721] ? __pfx_snd_timer_user_open+0x10/0x10 [ 237.801562][ T7721] snd_timer_user_open+0xfc/0x180 [ 237.801605][ T7721] snd_open+0x22d/0x4c0 [ 237.801642][ T7721] ? __pfx_snd_open+0x10/0x10 [ 237.801678][ T7721] chrdev_open+0x234/0x6a0 [ 237.801727][ T7721] ? __pfx_apparmor_file_open+0x10/0x10 [ 237.801777][ T7721] ? __pfx_chrdev_open+0x10/0x10 [ 237.801819][ T7721] ? fsnotify_open_perm_and_set_mode+0x17c/0xa60 [ 237.801865][ T7721] do_dentry_open+0x982/0x1530 [ 237.801905][ T7721] ? __pfx_chrdev_open+0x10/0x10 [ 237.801950][ T7721] vfs_open+0x82/0x3f0 [ 237.802002][ T7721] path_openat+0x1de4/0x2cb0 [ 237.802049][ T7721] ? __pfx_path_openat+0x10/0x10 [ 237.802087][ T7721] ? __lock_acquire+0xb8a/0x1c90 [ 237.802138][ T7721] do_filp_open+0x20b/0x470 [ 237.802175][ T7721] ? __pfx_do_filp_open+0x10/0x10 [ 237.802238][ T7721] ? alloc_fd+0x471/0x7d0 [ 237.802277][ T7721] do_sys_openat2+0x11b/0x1d0 [ 237.802332][ T7721] ? __pfx_do_sys_openat2+0x10/0x10 [ 237.802402][ T7721] __x64_sys_openat+0x174/0x210 [ 237.802460][ T7721] ? __pfx___x64_sys_openat+0x10/0x10 [ 237.802533][ T7721] do_syscall_64+0xcd/0xfa0 [ 237.802577][ T7721] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 237.802615][ T7721] RIP: 0033:0x7fbf2898efc9 [ 237.802643][ T7721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 237.802679][ T7721] RSP: 002b:00007fbf26bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 237.802724][ T7721] RAX: ffffffffffffffda RBX: 00007fbf28be6090 RCX: 00007fbf2898efc9 [ 237.802748][ T7721] RDX: 0000000000101802 RSI: 0000200000000200 RDI: ffffffffffffff9c [ 237.802773][ T7721] RBP: 00007fbf28a11f91 R08: 0000000000000000 R09: 0000000000000000 [ 237.802794][ T7721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 237.802817][ T7721] R13: 00007fbf28be6128 R14: 00007fbf28be6090 R15: 00007ffd7be9ee48 [ 237.802866][ T7721] [ 238.170988][ T7724] FAULT_INJECTION: forcing a failure. [ 238.170988][ T7724] name failslab, interval 1, probability 0, space 0, times 0 [ 238.171060][ T7724] CPU: 0 UID: 0 PID: 7724 Comm: syz.1.606 Not tainted syzkaller #0 PREEMPT(full) [ 238.171099][ T7724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 238.171119][ T7724] Call Trace: [ 238.171129][ T7724] [ 238.171141][ T7724] dump_stack_lvl+0x16c/0x1f0 [ 238.171183][ T7724] should_fail_ex+0x512/0x640 [ 238.171233][ T7724] ? __kmalloc_cache_node_noprof+0x62/0x7a0 [ 238.171278][ T7724] should_failslab+0xc2/0x120 [ 238.171322][ T7724] __kmalloc_cache_node_noprof+0x75/0x7a0 [ 238.171371][ T7724] ? __alloc_workqueue+0x670/0x1810 [ 238.171418][ T7724] ? lockdep_init_map_type+0x5c/0x280 [ 238.171471][ T7724] ? __alloc_workqueue+0x670/0x1810 [ 238.171513][ T7724] __alloc_workqueue+0x670/0x1810 [ 238.171570][ T7724] alloc_workqueue_noprof+0xd2/0x200 [ 238.171614][ T7724] ? __pfx_alloc_workqueue_noprof+0x10/0x10 [ 238.171662][ T7724] ? rcu_is_watching+0x12/0xc0 [ 238.171696][ T7724] ? trace_kmalloc+0x2b/0xd0 [ 238.171735][ T7724] ? __kmalloc_noprof+0x34f/0x880 [ 238.171787][ T7724] ? ieee80211_register_hw+0x15c9/0x4120 [ 238.171839][ T7724] ieee80211_register_hw+0x1f1a/0x4120 [ 238.171896][ T7724] ? __pfx_ieee80211_register_hw+0x10/0x10 [ 238.171938][ T7724] ? __pfx___debug_object_init+0x10/0x10 [ 238.171984][ T7724] ? find_held_lock+0x2b/0x80 [ 238.172019][ T7724] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 238.172074][ T7724] ? __pfx_mac80211_hwsim_beacon+0x10/0x10 [ 238.172118][ T7724] ? __hrtimer_setup+0x176/0x280 [ 238.172172][ T7724] mac80211_hwsim_new_radio+0x32d8/0x50b0 [ 238.172232][ T7724] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 238.172280][ T7724] hwsim_new_radio_nl+0xba2/0x1330 [ 238.172335][ T7724] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 238.172547][ T7724] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290 [ 238.172593][ T7724] ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290 [ 238.172775][ T7724] genl_family_rcv_msg_doit+0x209/0x2f0 [ 238.172823][ T7724] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 238.172878][ T7724] ? bpf_lsm_capable+0x9/0x10 [ 238.172920][ T7724] ? security_capable+0x7e/0x260 [ 238.172967][ T7724] ? ns_capable+0xd7/0x110 [ 238.173007][ T7724] genl_rcv_msg+0x55c/0x800 [ 238.173053][ T7724] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.173093][ T7724] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 238.173143][ T7724] netlink_rcv_skb+0x158/0x420 [ 238.173178][ T7724] ? __pfx_genl_rcv_msg+0x10/0x10 [ 238.173219][ T7724] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 238.173276][ T7724] ? netlink_deliver_tap+0x1ae/0xd30 [ 238.173337][ T7724] genl_rcv+0x28/0x40 [ 238.173369][ T7724] netlink_unicast+0x5aa/0x870 [ 238.173408][ T7724] ? __pfx_netlink_unicast+0x10/0x10 [ 238.173458][ T7724] netlink_sendmsg+0x8c8/0xdd0 [ 238.173499][ T7724] ? __pfx_netlink_sendmsg+0x10/0x10 [ 238.173539][ T7724] ? aa_sock_msg_perm.constprop.0+0x100/0x1d0 [ 238.173592][ T7724] ____sys_sendmsg+0xa98/0xc70 [ 238.173635][ T7724] ? copy_msghdr_from_user+0x10a/0x160 [ 238.173693][ T7724] ? __pfx_____sys_sendmsg+0x10/0x10 [ 238.173745][ T7724] ? __pfx_futex_wake_mark+0x10/0x10 [ 238.173803][ T7724] ___sys_sendmsg+0x134/0x1d0 [ 238.173830][ T7724] ? futex_private_hash_put+0x176/0x300 [ 238.173869][ T7724] ? __pfx____sys_sendmsg+0x10/0x10 [ 238.173895][ T7724] ? __lock_acquire+0x622/0x1c90 [ 238.173985][ T7724] __sys_sendmsg+0x16d/0x220 [ 238.174015][ T7724] ? __pfx___sys_sendmsg+0x10/0x10 [ 238.174042][ T7724] ? __x64_sys_futex+0x1e0/0x4c0 [ 238.174112][ T7724] do_syscall_64+0xcd/0xfa0 [ 238.174150][ T7724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 238.174181][ T7724] RIP: 0033:0x7f1b0838efc9 [ 238.174206][ T7724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 238.174236][ T7724] RSP: 002b:00007f1b09146038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 238.174265][ T7724] RAX: ffffffffffffffda RBX: 00007f1b085e5fa0 RCX: 00007f1b0838efc9 [ 238.174284][ T7724] RDX: 0000000000008000 RSI: 0000200000000200 RDI: 0000000000000005 [ 238.174302][ T7724] RBP: 00007f1b08411f91 R08: 0000000000000000 R09: 0000000000000000 [ 238.174322][ T7724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 238.174340][ T7724] R13: 00007f1b085e6038 R14: 00007f1b085e5fa0 R15: 00007fff23993348 [ 238.174383][ T7724] [ 239.090971][ T5842] Bluetooth: hci3: unexpected event 0x04 length: 64 > 10 [ 239.091303][ T5842] Bluetooth: hci3: connection err: -111 [ 239.485731][ T7723] ================================================================== [ 239.485752][ T7723] BUG: KASAN: vmalloc-out-of-bounds in sys_imageblit+0x1a6f/0x1e60 [ 239.485797][ T7723] Write of size 8 at addr ffffc900037b9320 by task syz.2.605/7723 [ 239.485824][ T7723] [ 239.485842][ T7723] CPU: 0 UID: 0 PID: 7723 Comm: syz.2.605 Not tainted syzkaller #0 PREEMPT(full) [ 239.485878][ T7723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 239.485897][ T7723] Call Trace: [ 239.485907][ T7723] [ 239.485920][ T7723] dump_stack_lvl+0x116/0x1f0 [ 239.485955][ T7723] print_report+0xcd/0x630 [ 239.485998][ T7723] ? __virt_addr_valid+0x81/0x610 [ 239.486044][ T7723] ? sys_imageblit+0x1a6f/0x1e60 [ 239.486078][ T7723] kasan_report+0xe0/0x110 [ 239.486121][ T7723] ? sys_imageblit+0x1a6f/0x1e60 [ 239.486162][ T7723] sys_imageblit+0x1a6f/0x1e60 [ 239.486215][ T7723] ? __pfx_sys_imageblit+0x10/0x10 [ 239.486269][ T7723] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 239.486312][ T7723] soft_cursor+0x524/0xa10 [ 239.486371][ T7723] bit_cursor+0xe8c/0x17e0 [ 239.486425][ T7723] ? __pfx_bit_cursor+0x10/0x10 [ 239.486481][ T7723] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 239.486537][ T7723] ? get_color+0x1da/0x450 [ 239.486580][ T7723] ? __pfx_bit_cursor+0x10/0x10 [ 239.486626][ T7723] fbcon_cursor+0x40c/0x5a0 [ 239.486670][ T7723] ? add_softcursor+0x41/0x290 [ 239.486724][ T7723] set_cursor+0x1db/0x250 [ 239.486776][ T7723] con_write+0x89/0xb0 [ 239.486811][ T7723] n_tty_write+0x41e/0x11e0 [ 239.486865][ T7723] ? __pfx_n_tty_write+0x10/0x10 [ 239.486908][ T7723] ? trace_kmalloc+0x2b/0xd0 [ 239.486950][ T7723] ? __pfx_woken_wake_function+0x10/0x10 [ 239.487006][ T7723] ? kfree+0x252/0x6d0 [ 239.487033][ T7723] ? __pfx_n_tty_write+0x10/0x10 [ 239.487077][ T7723] file_tty_write.constprop.0+0x503/0x9b0 [ 239.487118][ T7723] redirected_tty_write+0xd4/0x150 [ 239.487153][ T7723] vfs_write+0x7d3/0x11d0 [ 239.487188][ T7723] ? __pfx_redirected_tty_write+0x10/0x10 [ 239.487234][ T7723] ? __pfx_vfs_write+0x10/0x10 [ 239.487266][ T7723] ? find_held_lock+0x2b/0x80 [ 239.487311][ T7723] ksys_write+0x12a/0x250 [ 239.487344][ T7723] ? __pfx_ksys_write+0x10/0x10 [ 239.487386][ T7723] do_syscall_64+0xcd/0xfa0 [ 239.487422][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.487454][ T7723] RIP: 0033:0x7f65f978efc9 [ 239.487479][ T7723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.487505][ T7723] RSP: 002b:00007f65fa638038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 239.487531][ T7723] RAX: ffffffffffffffda RBX: 00007f65f99e6090 RCX: 00007f65f978efc9 [ 239.487549][ T7723] RDX: 000000000000fdef RSI: 0000200000000440 RDI: 0000000000000005 [ 239.487566][ T7723] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 239.487583][ T7723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.487599][ T7723] R13: 00007f65f99e6128 R14: 00007f65f99e6090 R15: 00007fff1fd8b158 [ 239.487626][ T7723] [ 239.487635][ T7723] [ 239.487642][ T7723] The buggy address belongs to a vmalloc virtual mapping [ 239.487669][ T7723] Memory state around the buggy address: [ 239.487684][ T7723] ffffc900037b9200: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 239.487703][ T7723] ffffc900037b9280: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 239.487722][ T7723] >ffffc900037b9300: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 239.487737][ T7723] ^ [ 239.487751][ T7723] ffffc900037b9380: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 239.487770][ T7723] ffffc900037b9400: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 239.487785][ T7723] ================================================================== [ 239.488367][ T7731] tty tty51: ldisc open failed (-12), clearing slot 50 [ 239.488451][ T7723] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 239.488474][ T7723] CPU: 0 UID: 0 PID: 7723 Comm: syz.2.605 Not tainted syzkaller #0 PREEMPT(full) [ 239.488512][ T7723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025 [ 239.488532][ T7723] Call Trace: [ 239.488542][ T7723] [ 239.488555][ T7723] dump_stack_lvl+0x3d/0x1f0 [ 239.488593][ T7723] vpanic+0x640/0x6f0 [ 239.488639][ T7723] panic+0xca/0xd0 [ 239.488682][ T7723] ? __pfx_panic+0x10/0x10 [ 239.488728][ T7723] ? sys_imageblit+0x1a6f/0x1e60 [ 239.488764][ T7723] ? preempt_schedule_common+0x44/0xc0 [ 239.488799][ T7723] ? preempt_schedule_thunk+0x16/0x30 [ 239.488854][ T7723] check_panic_on_warn+0xab/0xb0 [ 239.488903][ T7723] end_report+0x107/0x170 [ 239.488944][ T7723] kasan_report+0xee/0x110 [ 239.488987][ T7723] ? sys_imageblit+0x1a6f/0x1e60 [ 239.489028][ T7723] sys_imageblit+0x1a6f/0x1e60 [ 239.489069][ T7723] ? __pfx_sys_imageblit+0x10/0x10 [ 239.489121][ T7723] drm_fbdev_shmem_defio_imageblit+0x20/0x130 [ 239.489158][ T7723] soft_cursor+0x524/0xa10 [ 239.489228][ T7723] bit_cursor+0xe8c/0x17e0 [ 239.489282][ T7723] ? __pfx_bit_cursor+0x10/0x10 [ 239.489337][ T7723] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 239.489392][ T7723] ? get_color+0x1da/0x450 [ 239.489434][ T7723] ? __pfx_bit_cursor+0x10/0x10 [ 239.489487][ T7723] fbcon_cursor+0x40c/0x5a0 [ 239.489531][ T7723] ? add_softcursor+0x41/0x290 [ 239.489585][ T7723] set_cursor+0x1db/0x250 [ 239.489635][ T7723] con_write+0x89/0xb0 [ 239.489670][ T7723] n_tty_write+0x41e/0x11e0 [ 239.489728][ T7723] ? __pfx_n_tty_write+0x10/0x10 [ 239.489770][ T7723] ? trace_kmalloc+0x2b/0xd0 [ 239.489810][ T7723] ? __pfx_woken_wake_function+0x10/0x10 [ 239.489863][ T7723] ? kfree+0x252/0x6d0 [ 239.489891][ T7723] ? __pfx_n_tty_write+0x10/0x10 [ 239.489933][ T7723] file_tty_write.constprop.0+0x503/0x9b0 [ 239.489975][ T7723] redirected_tty_write+0xd4/0x150 [ 239.490009][ T7723] vfs_write+0x7d3/0x11d0 [ 239.490043][ T7723] ? __pfx_redirected_tty_write+0x10/0x10 [ 239.490082][ T7723] ? __pfx_vfs_write+0x10/0x10 [ 239.490114][ T7723] ? find_held_lock+0x2b/0x80 [ 239.490159][ T7723] ksys_write+0x12a/0x250 [ 239.490205][ T7723] ? __pfx_ksys_write+0x10/0x10 [ 239.490246][ T7723] do_syscall_64+0xcd/0xfa0 [ 239.490282][ T7723] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 239.490314][ T7723] RIP: 0033:0x7f65f978efc9 [ 239.490339][ T7723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 239.490369][ T7723] RSP: 002b:00007f65fa638038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 239.490402][ T7723] RAX: ffffffffffffffda RBX: 00007f65f99e6090 RCX: 00007f65f978efc9 [ 239.490424][ T7723] RDX: 000000000000fdef RSI: 0000200000000440 RDI: 0000000000000005 [ 239.490444][ T7723] RBP: 00007f65f9811f91 R08: 0000000000000000 R09: 0000000000000000 [ 239.490464][ T7723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 239.490484][ T7723] R13: 00007f65f99e6128 R14: 00007f65f99e6090 R15: 00007fff1fd8b158 [ 239.490517][ T7723] [ 239.490919][ T7723] Kernel Offset: disabled