last executing test programs: 9.869562891s ago: executing program 1 (id=1167): r0 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon28\x00', 0x101000, 0x0) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x38, 0x0, 0x1, 0x70bd29, 0x25dfdbf9, {}, [@OVS_FLOW_ATTR_PROBE={0x4}, @OVS_FLOW_ATTR_KEY={0x20, 0x1, 0x0, 0x1, [@typed={0x8, 0xf, 0x0, 0x0, @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}}, @typed={0x14, 0xf, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fb3d89cb809172a332000300800040008800"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}, 0x1, 0x0, 0x0, 0x4000804}, 0x40000) r1 = socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x44814}, 0x2004c0c4) sendmmsg$auto(r1, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080), 0x800}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0xa788}, 0x7, 0x8) ioctl$auto_MON_IOCQ_RING_SIZE(r0, 0x9205, 0x0) 9.281809044s ago: executing program 3 (id=1168): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 9.183131125s ago: executing program 2 (id=1169): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) 8.005498332s ago: executing program 3 (id=1170): r0 = openat$auto_nvmf_dev_fops_fabrics(0xffffffffffffff9c, &(0x7f00000004c0), 0x101202, 0x0) ioctl$auto(r0, 0xab07, r0) fsconfig$auto_FSCONFIG_SET_PATH_EMPTY(r0, 0x4, &(0x7f0000000080)='/sys/kernel/debug/sync/sw_sync\x00', 0x0, 0x8) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/ptp/ptp0/max_vclocks\x00', 0x103841, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) write$auto(0xffffffffffffffff, 0x0, 0x0) mmap$auto(0x0, 0x10005, 0x1, 0xeb1, 0x40000000000a5, 0x8000) r2 = openat$auto_ubi_ctrl_cdev_operations_ubi(0xffffffffffffff9c, &(0x7f0000000180), 0x40900, 0x0) ioctl$auto_UBI_IOCATT(r2, 0x40186f40, 0x0) ioctl$auto_UBI_IOCDET(r2, 0x40046f41, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) open(0x0, 0x76bd, 0x12) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/apparmor/parameters/audit\x00', 0xb02, 0x0) sendfile$auto(r3, r3, 0x0, 0xb2d) kexec_load$auto(0x9, 0x0, 0x0, 0x1003e0000) mmap$auto(0x0, 0x200, 0x3, 0xf8, r1, 0x8000) madvise$auto(0x0, 0x2000040080000000, 0xe) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) unshare$auto(0x40000080) bind$auto(0x3, 0x0, 0x6a) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0x8, 0x0) r4 = openat$auto_binder_fops_binder_internal(0xffffffffffffff9c, &(0x7f0000000400)='/dev/binderfs/binder0\x00', 0x40, 0x0) ioctl$auto_BINDER_GET_EXTENDED_ERROR(r4, 0xc00c6211, 0x0) ioctl$auto_BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000000)) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) 8.004266585s ago: executing program 1 (id=1179): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 7.692564002s ago: executing program 2 (id=1172): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_vport(&(0x7f0000004580), 0xffffffffffffffff) sendmsg$auto_OVS_VPORT_CMD_DEL(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x28, r1, 0x601, 0x70bd29, 0x25dfdbfe, {}, [@OVS_VPORT_ATTR_UPCALL_STATS={0x4}, @OVS_VPORT_ATTR_NAME={0xe, 0x3, 'ovs_vport\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0xb2df5ba0f4fc64d9}, 0x44000) 7.321745737s ago: executing program 2 (id=1173): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 6.504200302s ago: executing program 1 (id=1174): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x5b) r0 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0xa00005, 0x9, 0x40abe, r0, 0x7) io_uring_setup$auto(0x6, 0x0) close_range$auto(0x2, 0xa, 0x0) openat$auto_tracing_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/per_cpu/cpu1/trace\x00', 0x40200, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x74c) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x280, 0x0) mmap$auto(0x0, 0x400008, 0xe4, 0x9b72, 0x2, 0x400) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) ptrace$auto(0x10, 0x0, 0x4, 0x7ff) sendmsg$auto_NL802154_CMD_TRIGGER_SCAN(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000001680)=ANY=[@ANYBLOB="84130000", @ANYRES16=0x0, @ANYBLOB="000427bd7000fcdbdf252300000008002700000001000c000600090000000000000020121880e5254bd36d5c001180f623e9fcb48297598cc751819aa3fb2e0ca0a3040028800400cd800400038008002400ac1e000114583edb2fe0819c5b2c566ea1cc80d950a559a46fbf2ace844cf4c5d91299763a86ed06764ef5fb89f5d8e9e60400b6800800fb000400000008003700060000000c008b00070000000000000057e0998d24c38d69d884c845cb44f6e88ac1f309193072b2f1d60f4b6aba4492108badbcd0b6a9dfcf02c63a211460ec7c4e6bc6b8b5766747037de3681537e9b62037bb177a9d77c73876257311e44c7dd1100f5c46b72d09c7f4f6f9687e64cc695a3c01dcba8020e20866c27a3edfe24c1676e5ded2acf8a720ce6398c9ee02561a282d6cd9c6156530934294fc5e89607d10f07bcad8898cf9a263dbda44389c411cba2fed50b061019057b595f2a28db038af10eb076461f4b5a164aa157a7f565ea23acfebce9ba29dfa37d00b2a3c334bee3fc044355506876d8aacc40a99547038bfb51f2271eee486b4b207221ddddc3a349aff9ab4560019adcf6f05a8ae6b40b0f51592de7d5161710f153795f573b0a2cb3eb05779309d612a3d828a794966bb408d6024ebbaa68d421fb956bf53f79f2d6e753fc09e2da25fda367f293cb2491a37f6f58ea9a78742b840edb2d19101e2192a47bded946ef2a563605535e7412e8115e505e32a1be11572b0bc786bbf0c1342dd923825e75030bf998652f7606f4a8e806f2ab389e49c5b91f653730b00333f2226120c402e44919f56a1faec2f4d6fe218c1f4e5757d3f66a9e2bfe8af72ee55d76bb3173cfbb81fee87a2b13c8b3217b2d3ee7ee2bbf627fa6426aab62489d8099c72c36289a2880f8845aaa317b1e12303b482e3eb9f397ad60d94ec0b8dc43d6ebed6590cac91dd08aabf818ec573c7f0765334bc757cf7a466caa6ceff78b955e71a46f15514c44c3920202a4f2eb69a9e491981fa5c58ddcde6ebf7d8be3f2132111d2c2bd41517276f2f8f84327a5b3d83fbc8f2de8878e4751addad8bbebfebaab99a98da7bd6951f6bbb9ef38c89318b577d66566a6e6559f4205824316f9d6faef1a11f6c8d2e149fdc150918b34d86d3cc7e2b5f3e076ec8b64d0c64d83feb739abc924c0dce1183c86bb5489924f08cac16a2aeb2e7b11a391464d91229724941e79aa3aabe7a68d055f7bc99e5f2f71f47ce96d466745d353253e6166bb76ce411104f27d1ff70cb89ba6b4b306e22ece92098000410832da3ab8387de8fc61b88e1553406fae59c6d8e54952453c9fb995dca8d1895c6e6efb92968552169ae3bccda9ade36b6756aa115b38db725702d8960b38bfa64568055b524254b0e241a4fcd919d82050e68c6a2c5d5e419404909b14f4cc16ec944da3293090cf30171a149c929da8aacbc2add2031fabff12f8e4d2b79605d1c1217242aeb5cc8d908dfa0d12aa6e7544443dfd7fde08e67476072632c5b83151bd6a74656ac600a4ba767128822a5beacdcb60b5f82a3b3886f63de0fb02aad1029a2dd081796f00c6cd795f416332f1f1947032d0a88bbf2a4130f6acb8dabade730e1813622b7b8cd218e35d6beecb6a27d9aa04f53c7760864c333d232b0eeafcc788c5eb3b38b3fc193ec345df20fbc6c786c530d068231c3151db56cd3f144fa08ad614e811b88e46c3e5520f9fea28c17e637dc5fd536300044945a404e733d8777f041c8f93d11a55d2f111637a3596aa60836ae5d9526da258a8e93d2a635609c2ff0c5d127115b0ecd4f333d0bcba9e63dc9687d6945b093cfa889247580c43a78eb1505f4da874c9a8aad4ac9b2c27404ddc33660bd6eb7169ec013846411e91b0cba3c5d789ad35bea07479632e4ca517553e8d4204c87a200524a6a9ca1b6191c3c8e0345f9fd7b6cc9a09db3d4686094fd4777db3defe9368c545089e472dcfc29db5e3141230aa8a3b4c69b7d675502a0e2180c29fcfd8d0cf91b7abd8513ea1059c31632d5b69a9e653649f169180bc9563af2a945076d7257e9ce96ebb695f5a125dc828f8685c2cbaddee0faa5809650b15d4be09c8a534ce4b8f8cf531cee70255d0100b560e4fababe6ef69add2ae8923d16b6e05cb5c1bb2a37f96d23be8fb2c92cd50a26fb21273b59b4662a8a229cb42af0d5b33fec667420cb50ec0534580324e64945122b3a290e7c60e9199e65a76681b0f00b0200edd70d8228f81303f15bf0bd250687b64a3af6025b55c3edacc45b41252ee27a293cf1bd53e6f4329d4927124fbc7d278bce9b750a4ccbdc2fbf595b987ee1c4c79e30303a9cdde84805e3d63e7bcf332886c40143448a4ec25e9da71fc3795c0df12ac85f4e484a2a954ba1bc39e9af26da3f29c7737fbda126e30063aac708135208000917352dd0e7bf78368d8c9eedfca173718899b434464e1c3133a9fb8f60161c5c3964714092219f8941f5ca7f5848231a92f6d4e990d332664e94c7324acda94d696aa9252a4a13d36c712e33978b0773a6f053c7e7e241de18401b2fe9bb03e745130708f37f11ceb1e2787e5b58a8afc23b655948b8418a938669c2a0febd28e356b00b049592c728ae5b6a94df4430868d39de17e57f50f7adbc16e769e6c82d7cd548bb92ab75623aae241079ba25d04f3ae33019cf9c7431fdecc646878a0f40a5637b59e408e34893873ba30ef370fd9b56001c81975100334511a1d0bb80a102e896ba88ae675aac40d743a01b48226897b2384bf406a48550dcf35c665676c5b69fa24fc904477bdc7bb39cfd508e106ac0d0f5058bde158260d89d9d4de7cbf65850f6bfe6fa4579f7b518bd3f51719a3d90aeac825c7087046c323474560c06bf466ed1cb85deb89c63d872a4a35d526a31b8862a5540c51f4d21fc15cbccd6576d6803a9c61ffb2a8e3b9938f77052e9900a641a969b714dae75961fe8996759fe1926844d44d7b83adce8117593c6c1e5f14788e3d99364020302c0395766b3210c7b721ee816cb4d9471ebc931ff399045eb61c8aeceef6066bf5a28535eca7a5ee2c7ae5a0c692630a02974e80be52c4aef0be3356b94becc060674eef747bd41881e074a6e3b14fc267f6e4ec744d7dfb791e184e8329496860f7bbfb1bec48707712e2f53ec52fda93132a68410fb3acdabc90f190daced39da38d7164e970e71d4be069b47611ce1279ba92993ff70ba39420737a4bf1566068a7c06e6de4de79532824ac72e33a5b431f833e9bfaa1999d49931c19c6cf0a8d1744412e3674512c8423c6692bfa996c9001224739e9cada5567f1147eb74fea938037389194b5ae415f3b970c9088cf4d12a3a8c6468ba4b7f8fa561884553bb9bbd10d5b85eb9b717711f6b76aaf213013e49f50025bb8e4ed2d1ce35da84f2d1247f4a5ff7cdda460a27971028fbc0819c160b04f1683070fb0a274f13f6d980eca177f3729e674eca4bd8ef5293405306dcc60e3935db1e32d722dc29a254b70a59ef4d42f13f059562ecba67d64a5ef0cb8e60fb396f1bf59a73dd0cead69621def5041d163e514bbc1b9f5e36768ed733d02e60710704183d171d9d832a843fe41baed714e583de7a44da5d896e212e3e31d2548b1b835f3e2494891c79e898d53989af6114b015e45e99bd7fb93c341407e8f223274ba31503300c9061bf58631b338496f31e4d342a042bc66f44759322359ca8ca6c1a60eba43d5e99fb9071a95d30ed99041cf37dd42ce8b00e06eec95be2b3f97c36be40688b76beea58abb1f9aaecdb8978610d686ed2f445bab58aaf798e684b94b89c2d30109427db9a3031893ead082936e60f60898aa042d192bf7c5678fbb2cc4edbaf8beba70727e94180581ef2ea806c93c7f3d454f09b9fdaae0aa00df5f6c8ac158f29a8286a297027aa947b841cca130681d2e27b4e28e510004ba9e6098822a6d3256dd59574584d68bc763f2c3a3d9c0bd2f2c817c4d33fb999cdb57311cbead84820dff3c5394482bb6f6fb23bcdc5bcc2fef9940f073479702dbec1d29774f556d08acb2379bcb12ac3920431e557a83a8b5358d4d66cc79e2ac20d49910ab542752a54e009cbcf2b1533489391596f56cde5501cc2f60487cac5b8606e7cfe5df420ea560e6dabf636e2c97ee9fe5476d10fcb4a4da74f425a9bbf4c8266170af7b944ced5095ea35c050482a4ba24e2be6267fe98ecd4be3dad8abf2c621b2448b1178af179336de91a1e43f9cec38c29f0fc280ffd0ea6f0c3b8b54617bac4f8d43bfa96a88951ab358c06f1a7d511c6bf346f1ad9581b9086ab6bdd0ae002bf83f3419a84784e16f4bff8dbb6e6262b4a9ca3ad8e2887ee4e620964e0f1c2dc4bb76406c47ebe2e2fa12d78a1343739eb6d53c172b39eb009e28f48b79c53e4dcef982d1d72cabcead96130ceeb842d035af983eac4b64300aa21ce69822c79706f06abeb514a7da507e8a71a79d671b45c273495e7528a5357dd1daed258efa21ed9cb230ab59cae24521ded363a910928d2493295f6994be6f98a796014cf352afecfe49a6d908fc6c47748d65c808bdb796b7ed4cabebcf1a9bf02542073300bc42f8585d9da312b5fec1513292a377a736ca573afa4a85a86ce6f8dade5d5a2f6d2fbd8981f52d12023180bff7fae5eea732510d5e563d1ba37023cfced60ef65f959866144c66dbbcc669580449016b3bdf0fc7301e3439aa866a18d2d5334dd2405ac1a716fbaf5d057b446b377ea921310658cb324f84e4208cbdd60a315de7b6c072e22ccd4f696ca8a7ecf3204d4a92e691cb0c673fc0703f3585ac377b246eba73af66f3be8beda3b74f49134424664841f00f0b7d2d380639ab6647a956bb75056c13d8f24a2da70d15283b2250d459438735e80bcc7134406c55d2ca18ffb5d58899e7dcc5133b4eb682709006b9682c5309ed957cf2d8b4c87d46ce5453aa9e9fd075082032f592105c44cceba330c4f9f93919adcea72074a148e88e1189ba9926e26448523e55ebcb01fef9e213e3334de9e53873b2303b9c37d34f4d2c86ddaeae676755ce4fb5f545f8752cd17c40fcf86991ee78bdd315b1a072df15ee68d1f263d696bf3ca7d2a7b43da33ac9dde2925000c8b1bad1aee71813a9c6210c2402be9f5171a919d94132fb7d48797b5ce38b20077cc4902c2739f59217d7f116fbf4eb2ee2a1fa2f66625416f72968858789fc9b09c17c0acf63a07c523b24fa11e2f7408b79c8624b83c081f560160a4cdd7dc3f2d54ae411cdf42801051234dbfb18ab29772091f56af8c54b1a05934c04c35d35f2e5cd72eb5ecbde1006b388680724804fd00e3fba17b2c8d333d55e46e30d68749c4249d18f2c5e8a9fec3e5af871225041172e7d7bb760e35f57867b1bee538b593e7afefd4388fcec2faa2169c5d98a38e943de8b2c89c872acb94a579c97c582b6b188e0dd7a7f2f53b2e72ae3111b615abcf87aca0a0038ee8a6f5acf618d89f20214e3fb3cbcbefaf494919188b9b5c79d9e5a74b72477493fa62eb311407f28cfa0c883e35cc5e228a041996f810da1976319055947e63550a67b5537b5773d6d48a2aed8ae305434d49f67ef64f8eab3e094b6c51d7d747ef60383fe517409b0333a80f4d79ce349a63a267bdfc87b316c50dab9dc1179649c7b47e0af23580d29d9b338fa710941c7e26714853bf9019741a70dde1f1220a5900d5e3bb617a796658cb834e71cc798748a1a7d9cc7649aa5d87fd5c087f7facc3cc18ea613d1477d318cf98d47245b9e472d1a0dd9ce71b8557fec06d9b51714327a91f77fa7a83235bb29a8e7b4e97d5d2eb811c7739d3c21a27468587d50a5d20395ccba334b09f484a3371b52c2c189154d489bf0fbf6f7de6ffaa8e03d1843d393a3e2baf791b445fd9aeceb76fb94d325a096fbed02c745b51144cdaa002449be4bba8eca4742a6cf520a322ef3c229e899273d2a81df982ee1aaebdd78b680d2a445ad5122b0101c1807852d182ac54caba0730a7034706e79bdb6eb0c0bffb526fe68a2bae30d6e5fbb5de9dade89ba6130d0ec918008933e62ec38808ffb5ca21393d232c830f517e62b87169df1ab78185aecde3f33ea456c676f6551be8568c2a6ed821a9c8300a5f5a3e210ab8eda0cb84b929cc94bf7b8d43a02d770b52d4d8675769f8f31bc3ba4825a903739bf5afb08fefef73e97f6d5c1cafa5b9902c98abc325096a375d1c82244aceb27aef27ae7e3facd966ea115147e8bb38aee4f8ff4ca8fa4ca59f2e1de1aad99dc1609754f7e319c70082393a2958df74e021238292f87fca5669dafe5b89d6040090800400d78008003700390a00009000118004001a800000000800c9004b7221b6ac720d6708fc268aca86b536506147c3f358d80134af79fd0922ce6261ff6d2462638b323b2fa065c945727755bf7262066fef4e6c3d34e73e4e09af632df0a39396492a20b7fa21ba952dcedd1cba03d7fe1f1eb2184536c022f7ef", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="ce00508004002880040040806beac727da61360f5ddece75af1b585ecbd0f472478e1805b55b88876641fb42dc8c2f963c5c082b70fdb266f4ddda624dca904c99e723c463628da8e827b953bc1504a205b27ed289ee24f8f64b625bb56ea580dd5a9595e3c4d32bbbc2c835401adf1e5dd00c0da86d009b74fe2c4fc4dbd56b92956c50446564e598ab677dcca2d3a8e0f1817ca53aed0f48cee38e3b8c665780dc0139125386bda672c84d252a014af2c1282a2e446971ed11270e6c8559c6993f81d30c514b785061683bffd2000014000e000000000000000000000000000000000118000200287b402f26245e7d2c2e7b245b2f23285d2d2d0014002d8008007500ac1414bb080023800400518005002600fb00000005001f000f00000008000c00000000000500070005000000"], 0x1384}, 0x1, 0x0, 0x0, 0x1}, 0x0) bpf$auto(0x9, &(0x7f00000000c0)=@batch={0xffffffffffff3c77, 0x37, 0x2, 0x5, 0x9, 0x1, 0x6, 0x5852}, 0x18) msgctl$auto_IPC_RMID(0x4, 0x0, &(0x7f0000000240)={{0x0, 0xffffffffffffffff, 0xee00, 0x9, 0x5, 0x8, 0x5}, 0x0, 0x0, 0x1, 0xfff, 0x0, 0x4, 0x9, 0x4, 0x9, 0xf, @raw=0x9}) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000053c0), 0x41, 0x0) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r1, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0xffd8) 6.502982865s ago: executing program 0 (id=1176): mmap$auto(0x0, 0x2020005, 0x203, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r0, 0x0, 0xe8) r1 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000001240)='/proc/thread-self/fail-nth\x00', 0xa0302, 0x0) writev$auto(r1, 0x0, 0x3) r2 = openat$auto_random_fops_random(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) sendfile$auto(r2, r2, 0x0, 0x1) poll$auto(&(0x7f0000000480)={0xffffffffffffffff, 0xffff, 0x29}, 0x3, 0x8) sendmsg$auto_NL802154_CMD_SET_PAN_ID(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x0) write$auto_ocfs2_control_fops_stack_user(0xffffffffffffffff, 0x0, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0xc2902, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) unshare$auto(0x40000080) 6.372521542s ago: executing program 3 (id=1177): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 5.591981503s ago: executing program 0 (id=1178): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x1, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x43, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) ioctl$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x101000, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r3, 0x40045702, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x18, r3, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC2\x00', 0x8080, 0x0) personality$auto(0xb7) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\f\r\a\x00\xf6OL\xc8\xbe\x94\xf2\xa2\x00\xfbr(\x83\";\xa8\xd7\x05uXR\xa3\xb3@T\x89\x8e\xd4Q\xdd\xb80\xc7\xad\\\xf7C\xb3\x8f\r?\xb3>r\xdf\x99%\xd6S\xe3\x8b*\xe2\xbc\xc9\x8bV\xf0\xb7\xec.\xae\xe1\\s^\x96\xaa', 0x2db) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc4c85513, 0x0) openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_tun_fops_tun(0xffffffffffffff9c, &(0x7f0000000040), 0x2000, 0x0) 5.506889102s ago: executing program 2 (id=1180): mmap$auto(0x401040000004, 0x40000004020009, 0x6, 0x14, 0x401, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1e, 0x4, 0x0) r0 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r0, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xc00009}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) socket(0x2b, 0x1, 0xffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x7) r1 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_IMADDTIMER(r1, 0x80044940, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x80) prctl$auto(0x400, 0x4000000870, 0x0, 0x4, 0x100000000000007) bpf$auto_BPF_PROG_LOAD(0x5, 0x0, 0x7ff) r2 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r4], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) 4.072590477s ago: executing program 1 (id=1181): socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty17\x00', 0x1, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram6\x00', 0x4040, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/config/target/dbroot\x00', 0xc2183, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) io_uring_setup$auto(0x1, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x2000, 0x0) ioctl$auto(r0, 0x4b4e, r0) sendmsg$auto_NL80211_CMD_ASSOCIATE(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x24, 0x0, 0x400, 0x70bd27, 0x25dfdbff, {}, [@NL80211_ATTR_MLD_ADDR={0x10, 0x13a, "9bd0253fe0a85f6df369d6bd"}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = socket(0x10, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000003b40)={'veth0_to_hsr\x00', 0x0}) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0a00050000000000000000000a00010000000000000000000a000500000000000000000008000200", @ANYRES32], 0x68}, 0x1, 0x0, 0x0, 0x40080}, 0x4048800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYRES16=r3], 0x1ac}}, 0x40001) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x40}, 0x40000) sendmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080), 0xfc2}, 0x2, &(0x7f00000001c0), 0x7, 0xa505}, 0x800}, 0x7, 0x4008) sigaltstack$auto(0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0xa, 0x1, 0x84) openat$auto_trace_clock_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/trace_clock\x00', 0xc0002, 0x0) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snd/controlC1\x00', 0x40000, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ttyS3\x00', 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) 4.07182258s ago: executing program 3 (id=1189): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 3.669295195s ago: executing program 1 (id=1182): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 3.420811439s ago: executing program 0 (id=1183): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a80)=ANY=[@ANYBLOB="60000000357ecfe3baa91965e9e78b739d694997109c7efbd7b2c7dec650fd0900dcecbfa8a350a594ee1575bb11cb86d2f122e9c25b82d0db5082f311fc9798a8abc6c92d069e813027c5a1dee1075353428fc8819dac119da2877ee1aef6e1714827a1ccb6b16d01153b67b7dfdc527987509284fbadbf848477de5f9fe5f176b07b1867e82e34e46dd6037e00496254346b7d80870600de9c7526dde5", @ANYRES16=0x0, @ANYBLOB="000225bd7000fcdbdf250300000006000700fe7f0000060006000100000008000300000400000a000500aaaaaaaaaa3600000a000500aa3eaaaaaabb00000a00050000000000000000000600070008000007000800008100000013e0378557eca9d5c704a994bb1ebddfb7fd6728723f4783c466b6601cb870fee0bcee6c092e4baae4a581a4232206ff5729595a745c27ed1090133a15a3497e47e88d639ca98e81e9d7310b94e999728ececd13a5b78b60f1471930474b702d85f84de596676a1bdf55a3cd2aa3b5596d8cbdab45a743f55729a29d6d9652ca77e470d6b6900ad8bb6a0c2d8675c54bd5146c7ff4c5760c1a9455dde29a961f3931cb8e019176d4cf11a1c30cff0e2db74102e609b0eb2b92977dc2c9f03a8b3b53afc8afe9d63e44ecc66ccd26a5603d832affb1988370677e1e6ba39564d05da4b3b7ec8b688433e52994c742770bbd6ed9b34615a594dbb04b02168b420182d63d5042f29019e7c9f36f8b1507b890cf4696d2a1203abe1cc77ad5a380bb04404b32ae22894c91a357ab2cf680d2c79b4d2500b710fc3573daa3d0d25c3134ffc1f212a68aadb9e45898eea8984f0df7548e36e710296e3fc72c32a1d94ebfc59f0ac0e315f5b638cb9955"], 0x60}, 0x1, 0x0, 0x0, 0x40080}, 0x80) socket(0x2, 0x3, 0x100) (async) r0 = socket(0x2, 0x3, 0x100) sendmsg$auto_NL80211_CMD_SET_STATION(r0, &(0x7f00000001c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="ac000000", @ANYRES16=0x0, @ANYBLOB="20002abd7000fcdbdf251200000008004b004a03000068003601272ef1e2269e4103b2a9004cfd63e01c34bc8bfd2dabd95a94a822607ec5328804712e40ccdf1378d0e921309163b5361e1739acd43cc9cda5729d5b77c573b947d24bd1e5a50a4da086bc7c48a66d9a83324429d7fb6e67b62156338209a4c5d1704e5921004e014f0f2238eeb2a5933a6c553a189f5606208da23574fa839b6ad853436b00000004002101"], 0xac}, 0x1, 0x0, 0x0, 0x20040004}, 0x40000) socket(0x10, 0x2, 0x0) (async) r1 = socket(0x10, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) (async) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_ovs_packet(&(0x7f0000001940), 0xffffffffffffffff) sendmsg$auto_OVS_PACKET_CMD_EXECUTE(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000700)={0x40, r3, 0x1b, 0x70bd26, 0x25dfdc02, {}, [@OVS_PACKET_ATTR_KEY={0xc, 0x2, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @uid}]}, @OVS_PACKET_ATTR_MRU={0x6, 0x9, 0xffff}, @OVS_PACKET_ATTR_PACKET={0x12, 0x1, "898771f1c19f1779048590822ad9"}, @OVS_PACKET_ATTR_KEY={0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4004c18}, 0x48880) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}}, 0x4040000) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0xfff, 0xeb1, 0x401, 0x8000) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00'}) (async) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="2f212cbd7010ca705d845526cc0008000380", @ANYRES32=r4], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x8810) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000500)={'bridge_slave_0\x00', 0x0}) socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000300), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_JOIN_OCB(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000d00)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r7, @ANYBLOB="010029bd7000fbdbdf250c00000008000300", @ANYRES32=r9], 0x1c}, 0x1, 0x0, 0x0, 0x37c60ad6183ba5b}, 0x810) sendmsg$auto_ETHTOOL_MSG_MODULE_SET(r2, &(0x7f00000006c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000680)={&(0x7f0000000740)={0x120, 0x0, 0x4, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_MODULE_HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}]}, @ETHTOOL_A_MODULE_HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'nicvf0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x5, 0x2, 0x40}, @ETHTOOL_A_MODULE_HEADER={0x84, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r5}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gre0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pimreg1\x00'}]}, @ETHTOOL_A_MODULE_POWER_MODE_POLICY={0x4, 0x2, 0x1}, @ETHTOOL_A_MODULE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x7}, @ETHTOOL_A_HEADER_DEV_NAME={0x0, 0x2, 'bond_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x0, 0x3, 0x9}]}]}, 0x120}, 0x1, 0x0, 0x0, 0x24000000}, 0x20000044) io_uring_setup$auto(0x9, 0x0) (async) r10 = io_uring_setup$auto(0x9, 0x0) readv$auto(0x3, &(0x7f00000001c0)={0x0, 0xf7}, 0x7) close_range$auto(0x2, r10, 0x0) (async) close_range$auto(0x2, r10, 0x0) socket(0xa, 0x2, 0x3a) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, 0x0, 0x101040, 0x0) (async) openat$auto_tracing_stats_fops_trace(0xffffffffffffff9c, 0x0, 0x101040, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYBLOB='h'], 0x1ac}, 0x1, 0x0, 0x0, 0x40814}, 0x2004c0c4) close_range$auto(r2, r1, 0xffffff81) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 3.126075329s ago: executing program 2 (id=1184): mmap$auto(0x401040000004, 0x40000004020009, 0x6, 0x14, 0x401, 0x8000) socket(0x10, 0x2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x2000c000}, 0x4004) close_range$auto(0x2, 0x8, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1e, 0x4, 0x0) r2 = socket(0x1e, 0x4, 0x0) get_robust_list$auto(0x0, 0x0, 0x0) setsockopt$auto(r2, 0x10f, 0x87, 0x0, 0x14) setsockopt$auto(0x3, 0x10f, 0x87, 0x0, 0x14) recvmmsg$auto(r2, &(0x7f0000000200)={{0x0, 0x2, &(0x7f0000000140)={0x0, 0x4da}, 0x6, 0x0, 0x8, 0x7ff}, 0x1000}, 0xffffffff, 0x4, 0x0) sendmmsg$auto(0x3, &(0x7f00000000c0)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0xc00009}, 0x7}, 0x3, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) sendmmsg$auto(0x4, 0x0, 0x9a6, 0x230) socket(0x2b, 0x1, 0xffffffff) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) lsm_list_modules$auto(0x0, 0x0, 0x7) r3 = openat$auto_mISDN_fops_timerdev(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$auto_IMADDTIMER(r3, 0x80044940, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x80) bpf$auto_BPF_PROG_LOAD(0x5, &(0x7f0000000440)=@bpf_attr_0={0x9a, 0x4, 0x2, 0x3, 0x5, r0, 0x5, "e03f43000b26d5ea743998fb57339a75", 0x0, r1, 0x9, 0x7, 0x6, 0xfffffffffffffff3, r1, r1}, 0x7ff) r5 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000180), r4) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) sendmsg$auto_NL80211_CMD_SET_WIPHY(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002dbd7000fddbdf250800030008000300", @ANYRES32=r7], 0x24}, 0x1, 0x0, 0x0, 0x5c5fd097d751f33e}, 0x80) 3.124718584s ago: executing program 0 (id=1193): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) prctl$auto_PR_SET_MM(0x23, 0x7, 0xffffffffffffffff, 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) write$auto(r1, &(0x7f0000000000)='//\xf2\x00', 0x80000000) mmap$auto(0x0, 0x810006, 0xffb, 0x8000000008011, 0x3, 0x0) adjtimex$auto(&(0x7f00000004c0)={0xf332b6e, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffd, 0x1, 0x1, 0x6, 0x0, 0xffffffffffffff7f, 0x368e, 0x2, {0xffffffff, 0x20000000010000}, 0x5, 0x6, 0xfffffffffffffffd, 0x43, 0x0, 0x9, 0x81, 0xffffffffffff628e, 0xa747, 0xdead, 0x804}) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/snd/midiC2D1\x00', 0x581402, 0x0) ioctl$auto(0xffffffffffffffff, 0x4, 0xffffffffffffffff) r2 = openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000080), 0xc0402, 0x0) ioctl$auto_posix_clock_file_operations_posix_clock(r2, 0xc0403d11, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0x401, 0x8000) r3 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/admmidi2\x00', 0x101000, 0x0) ioctl$auto_SNDRV_RAWMIDI_IOCTL_USER_PVERSION(r3, 0x40045702, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0x18, r3, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) r4 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r4, &(0x7f0000000200)={0x0, 0x7}, 0x3) r5 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000640)='/dev/snd/controlC2\x00', 0x8080, 0x0) personality$auto(0xb7) write$auto(0xca, &(0x7f0000000140)='\x04>\x01\f\r\a\x00\xf6OL\xc8\xbe\x94\xf2\xa2\x00\xfbr(\x83\";\xa8\xd7\x05uXR\xa3\xb3@T\x89\x8e\xd4Q\xdd\xb80\xc7\xad\\\xf7C\xb3\x8f\r?\xb3>r\xdf\x99%\xd6S\xe3\x8b*\xe2\xbc\xc9\x8bV\xf0\xb7\xec.\xae\xe1\\s^\x96\xaa', 0x2db) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_WRITE(r5, 0xc4c85513, 0x0) openat$auto_regulator_summary_fops_(0xffffffffffffff9c, 0x0, 0x40000, 0x0) openat$auto_snapshot_fops_user(0xffffffffffffff9c, 0x0, 0x80002, 0x0) 1.944771139s ago: executing program 3 (id=1185): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x15, 0x3, 0x8000) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 1.582994768s ago: executing program 1 (id=1186): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) futex$auto(0x0, 0x3, 0x2, 0x0, &(0x7f0000002440)=0x8, 0x71a8dce0) mmap$auto(0x0, 0x5, 0x4000000000e2, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) mmap$auto(0x0, 0x7, 0x20000000df, 0x19, 0x40000000000a5, 0x5) close_range$auto(0x2, 0x8, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000180)='/proc/interrupts\x00', 0x18b202, 0x0) pread64$auto(r1, 0x0, 0x6, 0x1ff) readv$auto(0x3, 0x0, 0x4) unshare$auto(0x40000080) open(0x0, 0x161342, 0x130) write$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffffff, 0x0, 0x0) fallocate$auto(0x8000000000000003, 0x0, 0x9, 0x4cbd5d) writev$auto(0x3, &(0x7f0000004100)={0x0, 0x2000000b}, 0x3ff) mmap$auto(0x0, 0x40000a, 0xdf, 0x9b74, 0x2, 0x8004) 1.090226079s ago: executing program 0 (id=1187): unshare$auto(0x40000080) mmap$auto(0x0, 0x2020009, 0xa0e2, 0xeb2, 0xfffffffffffffffb, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket(0x1, 0x80805, 0x0) fchownat$auto(0x2, 0x0, 0x0, 0x0, 0x1000) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/debug/usb/usbmon/9t\x00', 0xa00, 0x0) mmap$auto(0x0, 0xffffffffffffff00, 0xdc, 0xebd, r0, 0x1f) r1 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) r2 = epoll_create$auto(0x8800001) fcntl$auto_F_SETSIG(r1, 0xa, 0x8) epoll_ctl$auto(r2, 0x1, r1, 0x0) migrate_pages$auto(0x0, 0x99, 0x0, 0x0) openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000000)='/dev/adsp1\x00', 0x711142, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) prctl$auto(0xfffffffe, 0x8000000000000004, 0x0, 0x9, 0xfffffffffffffffe) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28001) close_range$auto(0x2, 0x8, 0x0) sysfs$auto(0x2, 0x23, 0x0) r3 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r3, 0x0, 0x4) openat$auto_tun_fops_tun(0xffffffffffffff9c, 0x0, 0x2002, 0x0) socket(0x10, 0x2, 0x4) socket(0xa, 0x1, 0x84) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000080), 0x840, 0x0) openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000000040), 0x80240, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000340)={[0x1ff, 0x7, 0xd, 0xec51, 0x9487, 0x445f, 0x15f4da06, 0x1, 0xfffffffffffffff8, 0xf8bd, 0x100, 0x4, 0x392, 0x2000000, 0x2, 0x2]}, 0x0) close_range$auto(0x2, 0x8, 0x0) 448.036519ms ago: executing program 2 (id=1188): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) setsockopt$auto(0x400000000000003, 0x29, 0xc8, 0x0, 0x567) sendmsg$auto_TIPC_NL_MON_SET(0xffffffffffffffff, 0x0, 0xc050) r0 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f00000000c0), 0xffffffffffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/block/zram0/mem_limit\x00', 0x183841, 0x0) write$auto(r1, 0x0, 0x4) close_range$auto(0x2, 0xa, 0x0) r2 = socket(0x18, 0xa, 0x1) socket(0xa, 0x2, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0x80000000000eb1, 0x401, 0x8000) statmount$auto(0x0, &(0x7f0000000180)={0xa, 0x1, 0x401bf, 0x7352, 0x3f, 0x800000000006, 0x1ffde, 0x7, 0x3, 0x2, 0xc, 0x3, 0x5, 0x4, 0x3000, 0x200, 0x6, 0x10003, 0x83, 0x4, 0x0, 0x7, 0x1ffc, 0x203, 0x400, 0x84, 0x0, 0x0, 0xffffffff, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000001, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3]}, 0x0, 0xd) r3 = socket(0x1d, 0x2, 0x7) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24040840}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0xb, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='*'], 0x1ac}}, 0x40000) sendmmsg$auto(r3, &(0x7f0000000200)={{0x0, 0x1, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa509}, 0x800}, 0x7, 0x4008) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = socket(0xa, 0x2, 0x88) r6 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000280)={'wg0\x00', 0x0}) bpf$auto(0x0, &(0x7f00000000c0)=@bpf_attr_5={@target_fd, r6, 0x4, 0x401, r5, @relative_id=0x10, 0xe600}, 0x5) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'dummy0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'batadv_slave_1\x00', 0x0}) sendmsg$auto_NL80211_CMD_VENDOR(r2, &(0x7f0000000480)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="00012abd7000fedbdf256700000005005900cb000000040047013000328008000400d5f1e971119584c2955b119c1855c591850d6decf5c7e9b8c003bef52ac80594d1d756d2df184f4c3e2a29c5d5ebfbfcb3b9b1864711178529bdd14d9617cf9a2c0ff7288fe4ef16803d04b15773284f9df2f1fdf52cfff735660e91c9aab3078293bd02319584e13ea8af11400021ccacac", @ANYRES32=r7, @ANYBLOB="0400050008000400", @ANYRES32=r8, @ANYBLOB="050001006c000000050003000800000008000400", @ANYRES32=r9, @ANYBLOB="11002501885739c05d707af1e7d7d502cd00000004008e00"], 0x68}, 0x1, 0x0, 0x0, 0x800}, 0x4004094) connect$auto(0x3, &(0x7f00000018c0)=@generic={0xa, "ab06fdffff00fff5f5ffffff00"}, 0x55) getsockopt$auto_SO_INCOMING_NAPI_ID(0xffffffffffffffff, 0x101, 0x38, &(0x7f0000000000)='nl80211\x00', &(0x7f0000000080)=0x401) setsockopt$auto_SO_MARK(0xffffffffffffffff, 0xdd, 0x24, &(0x7f0000000140)='/dev/snd/midiC2D0\x00', 0x401) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 264.340287ms ago: executing program 3 (id=1190): mmap$auto(0x0, 0x2020009, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/block/loop14/queue/dma_alignment\x00', 0x80000, 0x0) read$auto(r1, 0x0, 0x20) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000200)={0x0, 0x7}, 0x3) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, 0x0, 0x2, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty12\x00', 0x800, 0x0) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, 0x0, 0x40000, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x2, 0x8, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_SMC_NETLINK_GET_DEV_SMCD(r3, &(0x7f0000004380)={0x0, 0x0, &(0x7f0000004340)={&(0x7f0000004300)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB='\v'], 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x810) syz_genetlink_get_family_id$auto_nl80211(0x0, r3) read$auto(r3, &(0x7f0000000000)='\x00', 0x91e2) openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, 0x0, 0x0, 0x0) write$auto(0xffffffffffffffff, 0x0, 0xfffe) pivot_root$auto(0x0, 0x0) unshare$auto(0x40000080) mprotect$auto(0x110c230000, 0x1, 0x2) io_uring_setup$auto(0x8, 0x0) mremap$auto(0x110c230000, 0x0, 0x101, 0x3, 0x0) read$auto_rng_chrdev_ops_core(0xffffffffffffffff, 0x0, 0x0) timer_create$auto(0x3, 0x0, 0x0) timer_settime$auto(0x0, 0x8, &(0x7f00000000c0)={{0x8}, {0x0, 0x87}}, 0x0) mmap$auto(0xfffffffffffffffd, 0x5, 0xfff, 0x44eb2, 0xffffffffffffffff, 0x300000000000) 0s ago: executing program 0 (id=1191): mmap$auto(0x0, 0x2020009, 0x100003, 0x9000000eb1, 0xfffffffffffffffa, 0xfffffffffffffffe) close_range$auto(0x2, 0x8, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x30b140, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0x3b, r0, 0x9) close_range$auto(0x2, 0x8, 0x0) r2 = socket(0x2, 0x80802, 0x0) r3 = socket(0x2b, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x4e22, @loopback}, 0x6a) select$auto(0x8, &(0x7f0000000240)={[0x9, 0xa, 0x3, 0x4, 0xffffffffffff7fff, 0x1007ffe, 0x401, 0x5, 0xd3b, 0x34, 0x6, 0x800000000000, 0x8, 0x4, 0x3, 0x5]}, 0x0, 0x0, 0x0) sendmmsg$auto(r3, &(0x7f0000000180)={{&(0x7f0000000040), 0xf, 0x0, 0x1, 0x0, 0x8, 0xb}, 0x800009}, 0x3, 0x20000000) r4 = inotify_init1$auto(0xf) open(&(0x7f0000000140)='./file0\x00', 0x28000, 0x12) read$auto_proc_sessionid_operations_base(r4, &(0x7f00000002c0)=""/180, 0xb4) socket(0x2c, 0x3, 0x8) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0xffffffffffffff79, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000326bd7000fedbdf250200000800130001"], 0x24}, 0x1, 0x0, 0x0, 0x4c894}, 0x4) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)=ANY=[@ANYRESOCT=r3, @ANYRESHEX=r1, @ANYBLOB='1'], 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x20008810) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x42800, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB], 0x1ac}, 0x1, 0x0, 0x0, 0x20000820}, 0x40000) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1c03, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) r5 = openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/maps\x00', 0x40302, 0x0) ioctl$auto_PROCMAP_QUERY(r5, 0xc0686611, &(0x7f0000000080)={0x68, 0x34, 0x7fff, 0x5, 0x80000000009, 0x1, 0x9, 0x5, 0x5, 0x7f93, 0xfffffffe, 0x7ffffffd, 0x7ff, 0x7, 0x9}) close_range$auto(0x2, 0x8, 0x0) r6 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe2180, 0x0) ioctl$auto_KVM_CREATE_VM(r6, 0xae01, 0x0) socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(0x3, 0xae41, r6) kernel console output (not intermixed with test programs): [ 390.307174][T10662] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 390.307197][T10662] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 390.307238][T10662] [ 390.683797][T10676] FAULT_INJECTION: forcing a failure. [ 390.683797][T10676] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 390.697569][T10676] CPU: 1 UID: 0 PID: 10676 Comm: syz.1.816 Not tainted syzkaller #0 PREEMPT(full) [ 390.697610][T10676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 390.697628][T10676] Call Trace: [ 390.697638][T10676] [ 390.697650][T10676] dump_stack_lvl+0x16c/0x1f0 [ 390.697693][T10676] should_fail_ex+0x512/0x640 [ 390.697745][T10676] _copy_from_user+0x2e/0xd0 [ 390.697814][T10676] do_sock_getsockopt+0x3a1/0x410 [ 390.697852][T10676] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 390.697886][T10676] ? __fget_files+0x204/0x3c0 [ 390.697945][T10676] __sys_getsockopt+0x123/0x1b0 [ 390.697980][T10676] __x64_sys_getsockopt+0xbd/0x160 [ 390.698006][T10676] ? do_syscall_64+0x91/0xf80 [ 390.698038][T10676] ? lockdep_hardirqs_on+0x7c/0x110 [ 390.698072][T10676] do_syscall_64+0xcd/0xf80 [ 390.698117][T10676] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 390.698146][T10676] RIP: 0033:0x7f1cd138f7c9 [ 390.698167][T10676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 390.698195][T10676] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 390.698222][T10676] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 390.698240][T10676] RDX: 000000000000000b RSI: 0000000000000006 RDI: 0000000000000003 [ 390.698256][T10676] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 390.698273][T10676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 390.698289][T10676] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 390.698327][T10676] [ 390.924875][T10678] kAFS: unparsable volume name [ 391.246234][T10687] FAULT_INJECTION: forcing a failure. [ 391.246234][T10687] name failslab, interval 1, probability 0, space 0, times 0 [ 391.295943][T10688] Invalid ELF header magic: != ELF [ 391.318692][T10687] CPU: 1 UID: 0 PID: 10687 Comm: syz.1.821 Not tainted syzkaller #0 PREEMPT(full) [ 391.318732][T10687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 391.318748][T10687] Call Trace: [ 391.318758][T10687] [ 391.318768][T10687] dump_stack_lvl+0x16c/0x1f0 [ 391.318808][T10687] should_fail_ex+0x512/0x640 [ 391.318849][T10687] ? __kmalloc_cache_noprof+0x5f/0x800 [ 391.318883][T10687] should_failslab+0xc2/0x120 [ 391.318926][T10687] __kmalloc_cache_noprof+0x80/0x800 [ 391.318958][T10687] ? alloc_pipe_info+0x10e/0x590 [ 391.319007][T10687] ? alloc_pipe_info+0x10e/0x590 [ 391.319048][T10687] alloc_pipe_info+0x10e/0x590 [ 391.319094][T10687] splice_direct_to_actor+0x77d/0xa30 [ 391.319145][T10687] ? __lock_acquire+0x436/0x2890 [ 391.319169][T10687] ? __pfx_direct_splice_actor+0x10/0x10 [ 391.319211][T10687] ? __pfx_aa_file_perm+0x10/0x10 [ 391.319251][T10687] ? find_held_lock+0x2b/0x80 [ 391.319287][T10687] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 391.319326][T10687] ? get_pid_task+0xfc/0x250 [ 391.319361][T10687] do_splice_direct+0x174/0x240 [ 391.319402][T10687] ? __pfx_do_splice_direct+0x10/0x10 [ 391.319444][T10687] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 391.319491][T10687] ? rw_verify_area+0xcf/0x6c0 [ 391.319530][T10687] do_sendfile+0xb06/0xe50 [ 391.319574][T10687] ? __pfx_do_sendfile+0x10/0x10 [ 391.319613][T10687] ? __fget_files+0x20e/0x3c0 [ 391.319661][T10687] __x64_sys_sendfile64+0x1d8/0x220 [ 391.319686][T10687] ? ksys_write+0x1ac/0x250 [ 391.319725][T10687] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 391.319760][T10687] do_syscall_64+0xcd/0xf80 [ 391.319799][T10687] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.319829][T10687] RIP: 0033:0x7f1cd138f7c9 [ 391.319854][T10687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.319882][T10687] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 391.319911][T10687] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 391.319930][T10687] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 391.319946][T10687] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 391.319963][T10687] R10: 000000007fffe000 R11: 0000000000000246 R12: 0000000000000001 [ 391.319980][T10687] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 391.320019][T10687] [ 391.886917][T10697] FAULT_INJECTION: forcing a failure. [ 391.886917][T10697] name failslab, interval 1, probability 0, space 0, times 0 [ 391.926545][T10697] CPU: 1 UID: 0 PID: 10697 Comm: syz.0.825 Not tainted syzkaller #0 PREEMPT(full) [ 391.926584][T10697] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 391.926601][T10697] Call Trace: [ 391.926610][T10697] [ 391.926621][T10697] dump_stack_lvl+0x16c/0x1f0 [ 391.926661][T10697] should_fail_ex+0x512/0x640 [ 391.926704][T10697] ? fs_reclaim_acquire+0xae/0x150 [ 391.926752][T10697] should_failslab+0xc2/0x120 [ 391.926796][T10697] __kmalloc_noprof+0xeb/0x910 [ 391.926827][T10697] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 391.926877][T10697] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 391.926909][T10697] tomoyo_realpath_from_path+0xc2/0x6e0 [ 391.926946][T10697] ? tomoyo_profile+0x47/0x60 [ 391.926987][T10697] tomoyo_path_number_perm+0x245/0x580 [ 391.927032][T10697] ? tomoyo_path_number_perm+0x237/0x580 [ 391.927082][T10697] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 391.927130][T10697] ? find_held_lock+0x2b/0x80 [ 391.927212][T10697] ? find_held_lock+0x2b/0x80 [ 391.927248][T10697] ? hook_file_ioctl_common+0x144/0x410 [ 391.927294][T10697] ? __fget_files+0x20e/0x3c0 [ 391.927342][T10697] security_file_ioctl+0x9b/0x240 [ 391.927373][T10697] __x64_sys_ioctl+0xb7/0x210 [ 391.927412][T10697] do_syscall_64+0xcd/0xf80 [ 391.927450][T10697] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 391.927479][T10697] RIP: 0033:0x7fe23598f7c9 [ 391.927502][T10697] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 391.927530][T10697] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 391.927557][T10697] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 391.927576][T10697] RDX: 0000000000000003 RSI: 00000000000089ee RDI: 0000000000000003 [ 391.927593][T10697] RBP: 00007fe236755090 R08: 0000000000000000 R09: 0000000000000000 [ 391.927610][T10697] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 391.927626][T10697] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 391.927666][T10697] [ 392.227562][T10697] ERROR: Out of memory at tomoyo_realpath_from_path. [ 392.645126][T10710] FAULT_INJECTION: forcing a failure. [ 392.645126][T10710] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 392.658651][T10710] CPU: 0 UID: 0 PID: 10710 Comm: syz.1.830 Not tainted syzkaller #0 PREEMPT(full) [ 392.658689][T10710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 392.658707][T10710] Call Trace: [ 392.658716][T10710] [ 392.658726][T10710] dump_stack_lvl+0x16c/0x1f0 [ 392.658766][T10710] should_fail_ex+0x512/0x640 [ 392.658817][T10710] _copy_from_user+0x2e/0xd0 [ 392.658860][T10710] copy_msghdr_from_user+0x98/0x160 [ 392.658891][T10710] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 392.658940][T10710] ___sys_sendmsg+0xfe/0x1d0 [ 392.658970][T10710] ? __pfx____sys_sendmsg+0x10/0x10 [ 392.659047][T10710] __sys_sendmsg+0x16d/0x220 [ 392.659076][T10710] ? __pfx___sys_sendmsg+0x10/0x10 [ 392.659139][T10710] do_syscall_64+0xcd/0xf80 [ 392.659176][T10710] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 392.659205][T10710] RIP: 0033:0x7f1cd138f7c9 [ 392.659228][T10710] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 392.659256][T10710] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 392.659283][T10710] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 392.659301][T10710] RDX: 0000000020000000 RSI: 0000200000000e00 RDI: 0000000000000003 [ 392.659319][T10710] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 392.659336][T10710] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 392.659353][T10710] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 392.659392][T10710] [ 393.192980][T10724] FAULT_INJECTION: forcing a failure. [ 393.192980][T10724] name failslab, interval 1, probability 0, space 0, times 0 [ 393.264190][T10724] CPU: 0 UID: 0 PID: 10724 Comm: syz.1.834 Not tainted syzkaller #0 PREEMPT(full) [ 393.264218][T10724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 393.264229][T10724] Call Trace: [ 393.264235][T10724] [ 393.264243][T10724] dump_stack_lvl+0x16c/0x1f0 [ 393.264271][T10724] should_fail_ex+0x512/0x640 [ 393.264300][T10724] ? fs_reclaim_acquire+0xae/0x150 [ 393.264331][T10724] should_failslab+0xc2/0x120 [ 393.264358][T10724] __kmalloc_noprof+0xeb/0x910 [ 393.264378][T10724] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 393.264403][T10724] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 393.264423][T10724] tomoyo_realpath_from_path+0xc2/0x6e0 [ 393.264446][T10724] ? tomoyo_profile+0x47/0x60 [ 393.264471][T10724] tomoyo_path_number_perm+0x245/0x580 [ 393.264499][T10724] ? tomoyo_path_number_perm+0x237/0x580 [ 393.264530][T10724] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 393.264560][T10724] ? __schedule+0x10b9/0x6150 [ 393.264598][T10724] ? find_held_lock+0x2b/0x80 [ 393.264621][T10724] ? hook_file_ioctl_common+0x144/0x410 [ 393.264643][T10724] ? __fget_files+0x20e/0x3c0 [ 393.264672][T10724] security_file_ioctl+0x9b/0x240 [ 393.264691][T10724] __x64_sys_ioctl+0xb7/0x210 [ 393.264714][T10724] do_syscall_64+0xcd/0xf80 [ 393.264738][T10724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.264756][T10724] RIP: 0033:0x7f1cd138f7c9 [ 393.264771][T10724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 393.264789][T10724] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 393.264810][T10724] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 393.264826][T10724] RDX: 0000000000000000 RSI: 0000000040103d0b RDI: 0000000000000003 [ 393.264837][T10724] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 393.264847][T10724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 393.264858][T10724] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 393.264880][T10724] [ 393.264888][T10724] ERROR: Out of memory at tomoyo_realpath_from_path. [ 393.998314][T10743] FAULT_INJECTION: forcing a failure. [ 393.998314][T10743] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 394.057769][T10743] CPU: 0 UID: 0 PID: 10743 Comm: syz.2.838 Not tainted syzkaller #0 PREEMPT(full) [ 394.057815][T10743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 394.057832][T10743] Call Trace: [ 394.057842][T10743] [ 394.057854][T10743] dump_stack_lvl+0x16c/0x1f0 [ 394.057904][T10743] should_fail_ex+0x512/0x640 [ 394.057955][T10743] _copy_from_user+0x2e/0xd0 [ 394.058002][T10743] move_addr_to_kernel+0x65/0x170 [ 394.058045][T10743] __sys_bind+0x11b/0x260 [ 394.058098][T10743] ? __pfx___sys_bind+0x10/0x10 [ 394.058136][T10743] ? __fget_files+0x20e/0x3c0 [ 394.058189][T10743] ? __pfx_ksys_write+0x10/0x10 [ 394.058239][T10743] __x64_sys_bind+0x72/0xb0 [ 394.058276][T10743] ? lockdep_hardirqs_on+0x7c/0x110 [ 394.058312][T10743] do_syscall_64+0xcd/0xf80 [ 394.058349][T10743] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 394.058379][T10743] RIP: 0033:0x7f7f4258f7c9 [ 394.058403][T10743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 394.058431][T10743] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031 [ 394.058460][T10743] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 394.058478][T10743] RDX: 0000000000000066 RSI: 0000200000000040 RDI: 0000000000000003 [ 394.058495][T10743] RBP: 00007f7f4346d090 R08: 0000000000000000 R09: 0000000000000000 [ 394.058513][T10743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 394.058530][T10743] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 394.058570][T10743] [ 394.914847][T10749] mkiss: ax0: crc mode is auto. [ 395.801037][T10772] FAULT_INJECTION: forcing a failure. [ 395.801037][T10772] name failslab, interval 1, probability 0, space 0, times 0 [ 395.817330][T10772] CPU: 1 UID: 0 PID: 10772 Comm: syz.1.848 Not tainted syzkaller #0 PREEMPT(full) [ 395.817379][T10772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 395.817390][T10772] Call Trace: [ 395.817396][T10772] [ 395.817404][T10772] dump_stack_lvl+0x16c/0x1f0 [ 395.817431][T10772] should_fail_ex+0x512/0x640 [ 395.817459][T10772] ? fs_reclaim_acquire+0xae/0x150 [ 395.817489][T10772] should_failslab+0xc2/0x120 [ 395.817517][T10772] __kmalloc_noprof+0xeb/0x910 [ 395.817537][T10772] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 395.817563][T10772] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 395.817583][T10772] tomoyo_realpath_from_path+0xc2/0x6e0 [ 395.817606][T10772] ? tomoyo_profile+0x47/0x60 [ 395.817630][T10772] tomoyo_path_number_perm+0x245/0x580 [ 395.817659][T10772] ? tomoyo_path_number_perm+0x237/0x580 [ 395.817690][T10772] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 395.817720][T10772] ? find_held_lock+0x2b/0x80 [ 395.817783][T10772] ? find_held_lock+0x2b/0x80 [ 395.817813][T10772] ? hook_file_ioctl_common+0x144/0x410 [ 395.817835][T10772] ? __fget_files+0x20e/0x3c0 [ 395.817864][T10772] security_file_ioctl+0x9b/0x240 [ 395.817883][T10772] __x64_sys_ioctl+0xb7/0x210 [ 395.817907][T10772] do_syscall_64+0xcd/0xf80 [ 395.817931][T10772] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.817950][T10772] RIP: 0033:0x7f1cd138f7c9 [ 395.817965][T10772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.817983][T10772] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 395.818001][T10772] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 395.818012][T10772] RDX: 0000000000000003 RSI: 000000000000560e RDI: 0000000000000003 [ 395.818023][T10772] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 395.818034][T10772] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.818044][T10772] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 395.818067][T10772] [ 395.818482][T10772] ERROR: Out of memory at tomoyo_realpath_from_path. [ 396.484515][T10784] FAULT_INJECTION: forcing a failure. [ 396.484515][T10784] name failslab, interval 1, probability 0, space 0, times 0 [ 396.497953][T10784] CPU: 1 UID: 0 PID: 10784 Comm: syz.3.850 Not tainted syzkaller #0 PREEMPT(full) [ 396.497974][T10784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 396.497984][T10784] Call Trace: [ 396.497990][T10784] [ 396.497996][T10784] dump_stack_lvl+0x16c/0x1f0 [ 396.498018][T10784] should_fail_ex+0x512/0x640 [ 396.498041][T10784] ? __kvmalloc_node_noprof+0x129/0xa40 [ 396.498063][T10784] should_failslab+0xc2/0x120 [ 396.498086][T10784] __kvmalloc_node_noprof+0x14a/0xa40 [ 396.498106][T10784] ? pidlist_array_load+0x12e/0xb10 [ 396.498122][T10784] ? mark_held_locks+0x49/0x80 [ 396.498147][T10784] ? pidlist_array_load+0x12e/0xb10 [ 396.498163][T10784] pidlist_array_load+0x12e/0xb10 [ 396.498181][T10784] ? __pfx_pidlist_array_load+0x10/0x10 [ 396.498203][T10784] ? kernfs_root+0xf8/0x2a0 [ 396.498223][T10784] cgroup_pidlist_start+0x3a3/0x4f0 [ 396.498240][T10784] ? __pfx_cgroup_seqfile_start+0x10/0x10 [ 396.498258][T10784] kernfs_seq_start+0x133/0x2a0 [ 396.498280][T10784] seq_read_iter+0x2c1/0x12d0 [ 396.498307][T10784] kernfs_fop_read_iter+0x46c/0x610 [ 396.498329][T10784] ? rw_verify_area+0xcf/0x6c0 [ 396.498348][T10784] vfs_read+0x8bf/0xcf0 [ 396.498375][T10784] ? __pfx_vfs_read+0x10/0x10 [ 396.498415][T10784] ksys_read+0x12a/0x250 [ 396.498439][T10784] ? __pfx_ksys_read+0x10/0x10 [ 396.498471][T10784] do_syscall_64+0xcd/0xf80 [ 396.498495][T10784] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.498513][T10784] RIP: 0033:0x7f5937b8f7c9 [ 396.498530][T10784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.498547][T10784] RSP: 002b:00007f5938966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 396.498566][T10784] RAX: ffffffffffffffda RBX: 00007f5937de6090 RCX: 00007f5937b8f7c9 [ 396.498578][T10784] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000008 [ 396.498588][T10784] RBP: 00007f5937c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 396.498598][T10784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 396.498609][T10784] R13: 00007f5937de6128 R14: 00007f5937de6090 R15: 00007ffdf0090618 [ 396.498632][T10784] [ 396.806788][T10791] FAULT_INJECTION: forcing a failure. [ 396.806788][T10791] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 396.890882][T10791] CPU: 0 UID: 0 PID: 10791 Comm: syz.1.851 Not tainted syzkaller #0 PREEMPT(full) [ 396.890904][T10791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 396.890912][T10791] Call Trace: [ 396.890917][T10791] [ 396.890923][T10791] dump_stack_lvl+0x16c/0x1f0 [ 396.890945][T10791] should_fail_ex+0x512/0x640 [ 396.890978][T10791] _copy_from_user+0x2e/0xd0 [ 396.891000][T10791] copy_msghdr_from_user+0x98/0x160 [ 396.891017][T10791] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 396.891037][T10791] ? __pfx__kstrtoull+0x10/0x10 [ 396.891056][T10791] ___sys_sendmsg+0xfe/0x1d0 [ 396.891071][T10791] ? __pfx____sys_sendmsg+0x10/0x10 [ 396.891093][T10791] ? find_held_lock+0x2b/0x80 [ 396.891121][T10791] __sys_sendmmsg+0x200/0x420 [ 396.891137][T10791] ? __pfx___sys_sendmmsg+0x10/0x10 [ 396.891156][T10791] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 396.891182][T10791] ? fput+0x70/0xf0 [ 396.891195][T10791] ? ksys_write+0x1ac/0x250 [ 396.891214][T10791] ? __pfx_ksys_write+0x10/0x10 [ 396.891236][T10791] __x64_sys_sendmmsg+0x9c/0x100 [ 396.891250][T10791] ? lockdep_hardirqs_on+0x7c/0x110 [ 396.891267][T10791] do_syscall_64+0xcd/0xf80 [ 396.891286][T10791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 396.891300][T10791] RIP: 0033:0x7f1cd138f7c9 [ 396.891312][T10791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 396.891326][T10791] RSP: 002b:00007f1cd22ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 396.891341][T10791] RAX: ffffffffffffffda RBX: 00007f1cd15e6090 RCX: 00007f1cd138f7c9 [ 396.891350][T10791] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003 [ 396.891358][T10791] RBP: 00007f1cd22ca090 R08: 0000000000000000 R09: 0000000000000000 [ 396.891366][T10791] R10: 0000000000000b00 R11: 0000000000000246 R12: 0000000000000001 [ 396.891374][T10791] R13: 00007f1cd15e6128 R14: 00007f1cd15e6090 R15: 00007fff1660a488 [ 396.891391][T10791] [ 397.852431][T10802] mkiss: ax0: crc mode is auto. [ 398.137825][T10808] aoe: could not set interface list: too many interfaces [ 398.324024][T10818] FAULT_INJECTION: forcing a failure. [ 398.324024][T10818] name failslab, interval 1, probability 0, space 0, times 0 [ 398.386048][T10818] CPU: 1 UID: 0 PID: 10818 Comm: syz.3.860 Not tainted syzkaller #0 PREEMPT(full) [ 398.386076][T10818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 398.386087][T10818] Call Trace: [ 398.386093][T10818] [ 398.386101][T10818] dump_stack_lvl+0x16c/0x1f0 [ 398.386128][T10818] should_fail_ex+0x512/0x640 [ 398.386156][T10818] ? kmem_cache_alloc_noprof+0x62/0x770 [ 398.386180][T10818] should_failslab+0xc2/0x120 [ 398.386207][T10818] kmem_cache_alloc_noprof+0x83/0x770 [ 398.386229][T10818] ? getname_flags.part.0+0x4c/0x550 [ 398.386254][T10818] ? getname_flags.part.0+0x4c/0x550 [ 398.386272][T10818] getname_flags.part.0+0x4c/0x550 [ 398.386294][T10818] getname_flags+0x93/0xf0 [ 398.386317][T10818] do_sys_openat2+0xb8/0x280 [ 398.386337][T10818] ? __pfx_do_sys_openat2+0x10/0x10 [ 398.386359][T10818] ? __fget_files+0x20e/0x3c0 [ 398.386389][T10818] __x64_sys_openat+0x174/0x210 [ 398.386409][T10818] ? __pfx___x64_sys_openat+0x10/0x10 [ 398.386429][T10818] ? ksys_write+0x1ac/0x250 [ 398.386461][T10818] do_syscall_64+0xcd/0xf80 [ 398.386484][T10818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.386503][T10818] RIP: 0033:0x7f5937b8f7c9 [ 398.386518][T10818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.386535][T10818] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 398.386554][T10818] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 398.386565][T10818] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c [ 398.386576][T10818] RBP: 00007f5938988090 R08: 0000000000000000 R09: 0000000000000000 [ 398.386587][T10818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 398.386597][T10818] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 398.386620][T10818] [ 398.745676][T10821] Invalid ELF header magic: != ELF [ 398.960403][T10825] FAULT_INJECTION: forcing a failure. [ 398.960403][T10825] name failslab, interval 1, probability 0, space 0, times 0 [ 398.997351][T10825] CPU: 0 UID: 0 PID: 10825 Comm: syz.1.862 Not tainted syzkaller #0 PREEMPT(full) [ 398.997395][T10825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 398.997413][T10825] Call Trace: [ 398.997424][T10825] [ 398.997435][T10825] dump_stack_lvl+0x16c/0x1f0 [ 398.997477][T10825] should_fail_ex+0x512/0x640 [ 398.997526][T10825] ? __kmalloc_cache_noprof+0x5f/0x800 [ 398.997566][T10825] should_failslab+0xc2/0x120 [ 398.997612][T10825] __kmalloc_cache_noprof+0x80/0x800 [ 398.997647][T10825] ? ip6addrlbl_add+0xc0/0xd90 [ 398.997701][T10825] ? ip6addrlbl_add+0xc0/0xd90 [ 398.997765][T10825] ip6addrlbl_add+0xc0/0xd90 [ 398.997833][T10825] ip6addrlbl_net_init+0x10a/0x380 [ 398.997886][T10825] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 398.997932][T10825] ops_init+0x1e2/0x5f0 [ 398.997968][T10825] setup_net+0x11d/0x3a0 [ 398.998001][T10825] ? __pfx_setup_net+0x10/0x10 [ 398.998032][T10825] ? lockdep_init_map_type+0x5c/0x270 [ 398.998062][T10825] ? mutex_init_lockep+0x110/0x150 [ 398.998099][T10825] copy_net_ns+0x351/0x7c0 [ 398.998140][T10825] create_new_namespaces+0x3ea/0xab0 [ 398.998191][T10825] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 398.998237][T10825] ksys_unshare+0x45b/0xa40 [ 398.998285][T10825] ? __pfx_ksys_unshare+0x10/0x10 [ 398.998335][T10825] ? xfd_validate_state+0x61/0x180 [ 398.998374][T10825] __x64_sys_unshare+0x31/0x40 [ 398.998401][T10825] do_syscall_64+0xcd/0xf80 [ 398.998441][T10825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 398.998471][T10825] RIP: 0033:0x7f1cd138f7c9 [ 398.998495][T10825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 398.998524][T10825] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 398.998553][T10825] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 398.998573][T10825] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 398.998591][T10825] RBP: 00007f1cd1413f91 R08: 0000000000000000 R09: 0000000000000000 [ 398.998609][T10825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 398.998627][T10825] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 398.998668][T10825] [ 399.665848][T10835] FAULT_INJECTION: forcing a failure. [ 399.665848][T10835] name failslab, interval 1, probability 0, space 0, times 0 [ 399.689780][T10835] CPU: 0 UID: 0 PID: 10835 Comm: syz.3.865 Not tainted syzkaller #0 PREEMPT(full) [ 399.689830][T10835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 399.689857][T10835] Call Trace: [ 399.689868][T10835] [ 399.689881][T10835] dump_stack_lvl+0x16c/0x1f0 [ 399.689926][T10835] should_fail_ex+0x512/0x640 [ 399.689973][T10835] ? __kmalloc_cache_noprof+0x5f/0x800 [ 399.690011][T10835] should_failslab+0xc2/0x120 [ 399.690057][T10835] __kmalloc_cache_noprof+0x80/0x800 [ 399.690092][T10835] ? ip6addrlbl_add+0xc0/0xd90 [ 399.690146][T10835] ? ip6addrlbl_add+0xc0/0xd90 [ 399.690191][T10835] ip6addrlbl_add+0xc0/0xd90 [ 399.690251][T10835] ip6addrlbl_net_init+0x10a/0x380 [ 399.690302][T10835] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 399.690351][T10835] ops_init+0x1e2/0x5f0 [ 399.690389][T10835] setup_net+0x11d/0x3a0 [ 399.690422][T10835] ? __pfx_setup_net+0x10/0x10 [ 399.690453][T10835] ? lockdep_init_map_type+0x5c/0x270 [ 399.690484][T10835] ? mutex_init_lockep+0x110/0x150 [ 399.690520][T10835] copy_net_ns+0x351/0x7c0 [ 399.690561][T10835] create_new_namespaces+0x3ea/0xab0 [ 399.690612][T10835] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 399.690658][T10835] ksys_unshare+0x45b/0xa40 [ 399.690705][T10835] ? __pfx_ksys_unshare+0x10/0x10 [ 399.690753][T10835] ? xfd_validate_state+0x61/0x180 [ 399.690792][T10835] __x64_sys_unshare+0x31/0x40 [ 399.690818][T10835] do_syscall_64+0xcd/0xf80 [ 399.690868][T10835] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 399.690899][T10835] RIP: 0033:0x7f5937b8f7c9 [ 399.690924][T10835] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 399.690953][T10835] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 399.690982][T10835] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 399.691002][T10835] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 399.691020][T10835] RBP: 00007f5937c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 399.691039][T10835] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 399.691057][T10835] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 399.691098][T10835] [ 401.562068][T10847] zswap: compressor not available [ 401.833427][T10867] FAULT_INJECTION: forcing a failure. [ 401.833427][T10867] name failslab, interval 1, probability 0, space 0, times 0 [ 401.851639][T10870] FAULT_INJECTION: forcing a failure. [ 401.851639][T10870] name failslab, interval 1, probability 0, space 0, times 0 [ 401.891601][T10870] CPU: 0 UID: 0 PID: 10870 Comm: syz.3.872 Not tainted syzkaller #0 PREEMPT(full) [ 401.891645][T10870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 401.891664][T10870] Call Trace: [ 401.891674][T10870] [ 401.891686][T10870] dump_stack_lvl+0x16c/0x1f0 [ 401.891731][T10870] should_fail_ex+0x512/0x640 [ 401.891777][T10870] ? __kmalloc_cache_noprof+0x5f/0x800 [ 401.891817][T10870] should_failslab+0xc2/0x120 [ 401.891863][T10870] __kmalloc_cache_noprof+0x80/0x800 [ 401.891896][T10870] ? ip6addrlbl_add+0x847/0xd90 [ 401.891944][T10870] ? addrconf_init_net+0x17c/0x8e0 [ 401.891988][T10870] ? addrconf_init_net+0x17c/0x8e0 [ 401.892036][T10870] ? __pfx_addrconf_init_net+0x10/0x10 [ 401.892073][T10870] addrconf_init_net+0x17c/0x8e0 [ 401.892109][T10870] ? ip6addrlbl_net_init+0x142/0x380 [ 401.892162][T10870] ? __pfx_addrconf_init_net+0x10/0x10 [ 401.892200][T10870] ops_init+0x1e2/0x5f0 [ 401.892238][T10870] setup_net+0x11d/0x3a0 [ 401.892274][T10870] ? __pfx_setup_net+0x10/0x10 [ 401.892305][T10870] ? lockdep_init_map_type+0x5c/0x270 [ 401.892338][T10870] ? mutex_init_lockep+0x110/0x150 [ 401.892376][T10870] copy_net_ns+0x351/0x7c0 [ 401.892418][T10870] create_new_namespaces+0x3ea/0xab0 [ 401.892471][T10870] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 401.892518][T10870] ksys_unshare+0x45b/0xa40 [ 401.892567][T10870] ? __pfx_ksys_unshare+0x10/0x10 [ 401.892619][T10870] ? xfd_validate_state+0x61/0x180 [ 401.892660][T10870] __x64_sys_unshare+0x31/0x40 [ 401.892686][T10870] do_syscall_64+0xcd/0xf80 [ 401.892728][T10870] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 401.892758][T10870] RIP: 0033:0x7f5937b8f7c9 [ 401.892782][T10870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 401.892812][T10870] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 401.892842][T10870] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 401.892862][T10870] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 401.892880][T10870] RBP: 00007f5937c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 401.892898][T10870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 401.892916][T10870] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 401.892958][T10870] [ 402.137265][T10867] CPU: 1 UID: 0 PID: 10867 Comm: syz.2.871 Not tainted syzkaller #0 PREEMPT(full) [ 402.137309][T10867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 402.137328][T10867] Call Trace: [ 402.137339][T10867] [ 402.137351][T10867] dump_stack_lvl+0x16c/0x1f0 [ 402.137395][T10867] should_fail_ex+0x512/0x640 [ 402.137443][T10867] ? kmem_cache_alloc_node_noprof+0x65/0x800 [ 402.137486][T10867] should_failslab+0xc2/0x120 [ 402.137531][T10867] kmem_cache_alloc_node_noprof+0x86/0x800 [ 402.137569][T10867] ? __alloc_skb+0x156/0x410 [ 402.137626][T10867] ? __alloc_skb+0x156/0x410 [ 402.137672][T10867] __alloc_skb+0x156/0x410 [ 402.137717][T10867] ? __alloc_skb+0x35d/0x410 [ 402.137789][T10867] ? __pfx___alloc_skb+0x10/0x10 [ 402.137845][T10867] ? __pfx___register_sysctl_table+0x10/0x10 [ 402.137887][T10867] ? is_module_address+0x69/0xf0 [ 402.137929][T10867] inet6_netconf_notify_devconf+0x87/0x180 [ 402.137976][T10867] __addrconf_sysctl_register+0x22b/0x360 [ 402.138019][T10867] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 402.138066][T10867] ? __asan_memcpy+0x3c/0x60 [ 402.138106][T10867] addrconf_init_net+0x50c/0x8e0 [ 402.138148][T10867] ? __pfx_addrconf_init_net+0x10/0x10 [ 402.138186][T10867] ops_init+0x1e2/0x5f0 [ 402.138225][T10867] setup_net+0x11d/0x3a0 [ 402.138258][T10867] ? __pfx_setup_net+0x10/0x10 [ 402.138289][T10867] ? lockdep_init_map_type+0x5c/0x270 [ 402.138321][T10867] ? mutex_init_lockep+0x110/0x150 [ 402.138358][T10867] copy_net_ns+0x351/0x7c0 [ 402.138400][T10867] create_new_namespaces+0x3ea/0xab0 [ 402.138452][T10867] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 402.138499][T10867] ksys_unshare+0x45b/0xa40 [ 402.138550][T10867] ? __pfx_ksys_unshare+0x10/0x10 [ 402.138601][T10867] ? xfd_validate_state+0x61/0x180 [ 402.138641][T10867] __x64_sys_unshare+0x31/0x40 [ 402.138668][T10867] do_syscall_64+0xcd/0xf80 [ 402.138709][T10867] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.138741][T10867] RIP: 0033:0x7f7f4258f7c9 [ 402.138767][T10867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.138806][T10867] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 402.138835][T10867] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 402.138855][T10867] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 402.138874][T10867] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 402.138892][T10867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.138911][T10867] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 402.138954][T10867] [ 402.733971][T10877] FAULT_INJECTION: forcing a failure. [ 402.733971][T10877] name failslab, interval 1, probability 0, space 0, times 0 [ 402.748835][T10877] CPU: 1 UID: 0 PID: 10877 Comm: syz.0.873 Not tainted syzkaller #0 PREEMPT(full) [ 402.748876][T10877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 402.748887][T10877] Call Trace: [ 402.748894][T10877] [ 402.748901][T10877] dump_stack_lvl+0x16c/0x1f0 [ 402.748930][T10877] should_fail_ex+0x512/0x640 [ 402.748959][T10877] ? __kmalloc_noprof+0xca/0x910 [ 402.748981][T10877] should_failslab+0xc2/0x120 [ 402.749009][T10877] __kmalloc_noprof+0xeb/0x910 [ 402.749028][T10877] ? __register_sysctl_table+0xb3/0x1900 [ 402.749058][T10877] ? __register_sysctl_table+0xb3/0x1900 [ 402.749082][T10877] __register_sysctl_table+0xb3/0x1900 [ 402.749107][T10877] ? is_module_address+0x5f/0xf0 [ 402.749131][T10877] ? __pfx___register_sysctl_table+0x10/0x10 [ 402.749156][T10877] ? is_module_address+0x69/0xf0 [ 402.749177][T10877] ? register_net_sysctl_sz+0x222/0x450 [ 402.749208][T10877] __addrconf_sysctl_register+0x1a2/0x360 [ 402.749235][T10877] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 402.749263][T10877] ? __asan_memcpy+0x3c/0x60 [ 402.749287][T10877] addrconf_init_net+0x50c/0x8e0 [ 402.749312][T10877] ? __pfx_addrconf_init_net+0x10/0x10 [ 402.749334][T10877] ops_init+0x1e2/0x5f0 [ 402.749356][T10877] setup_net+0x11d/0x3a0 [ 402.749376][T10877] ? __pfx_setup_net+0x10/0x10 [ 402.749395][T10877] ? lockdep_init_map_type+0x5c/0x270 [ 402.749414][T10877] ? mutex_init_lockep+0x110/0x150 [ 402.749435][T10877] copy_net_ns+0x351/0x7c0 [ 402.749459][T10877] create_new_namespaces+0x3ea/0xab0 [ 402.749489][T10877] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 402.749516][T10877] ksys_unshare+0x45b/0xa40 [ 402.749545][T10877] ? __pfx_ksys_unshare+0x10/0x10 [ 402.749575][T10877] ? xfd_validate_state+0x61/0x180 [ 402.749598][T10877] __x64_sys_unshare+0x31/0x40 [ 402.749614][T10877] do_syscall_64+0xcd/0xf80 [ 402.749638][T10877] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 402.749656][T10877] RIP: 0033:0x7fe23598f7c9 [ 402.749671][T10877] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 402.749689][T10877] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 402.749707][T10877] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 402.749718][T10877] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 402.749729][T10877] RBP: 00007fe235a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 402.749740][T10877] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 402.749750][T10877] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 402.749773][T10877] [ 403.609613][T10888] aoe: could not set interface list: too many interfaces [ 407.144182][T10945] netlink: 'syz.2.884': attribute type 15 has an invalid length. [ 407.152109][T10945] netlink: 186 bytes leftover after parsing attributes in process `syz.2.884'. [ 411.402538][T11001] lo: entered allmulticast mode [ 411.434165][T11001] lo: left allmulticast mode [ 411.552966][T11002] zswap: compressor û not available [ 411.585334][T11006] Setting dangerous option i915.mitigations - tainting kernel [ 413.757365][T11046] FAULT_INJECTION: forcing a failure. [ 413.757365][T11046] name failslab, interval 1, probability 0, space 0, times 0 [ 413.832440][T11046] CPU: 1 UID: 0 PID: 11046 Comm: syz.0.907 Tainted: G U syzkaller #0 PREEMPT(full) [ 413.832473][T11046] Tainted: [U]=USER [ 413.832479][T11046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 413.832489][T11046] Call Trace: [ 413.832495][T11046] [ 413.832502][T11046] dump_stack_lvl+0x16c/0x1f0 [ 413.832537][T11046] should_fail_ex+0x512/0x640 [ 413.832567][T11046] ? kmem_cache_alloc_noprof+0x62/0x770 [ 413.832597][T11046] should_failslab+0xc2/0x120 [ 413.832625][T11046] kmem_cache_alloc_noprof+0x83/0x770 [ 413.832646][T11046] ? vm_area_alloc+0x1f/0x160 [ 413.832668][T11046] ? vm_area_alloc+0x1f/0x160 [ 413.832684][T11046] vm_area_alloc+0x1f/0x160 [ 413.832702][T11046] __mmap_region+0x107a/0x2a00 [ 413.832725][T11046] ? __lock_acquire+0x436/0x2890 [ 413.832747][T11046] ? __pfx___mmap_region+0x10/0x10 [ 413.832783][T11046] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 413.832813][T11046] ? is_bpf_text_address+0x94/0x1a0 [ 413.832883][T11046] ? rcu_is_watching+0x12/0xc0 [ 413.832914][T11046] mmap_region+0x1ab/0x3f0 [ 413.832935][T11046] ? __get_unmapped_area+0x267/0x3f0 [ 413.832964][T11046] do_mmap+0xa3e/0x1210 [ 413.832994][T11046] ? __pfx_do_mmap+0x10/0x10 [ 413.833020][T11046] ? __pfx_down_write_killable+0x10/0x10 [ 413.833051][T11046] vm_mmap_pgoff+0x29e/0x470 [ 413.833080][T11046] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 413.833107][T11046] ? __fget_files+0x20e/0x3c0 [ 413.833139][T11046] ksys_mmap_pgoff+0x7d/0x5c0 [ 413.833172][T11046] ? __pfx_ksys_write+0x10/0x10 [ 413.833201][T11046] __x64_sys_mmap+0x125/0x190 [ 413.833225][T11046] do_syscall_64+0xcd/0xf80 [ 413.833251][T11046] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.833270][T11046] RIP: 0033:0x7fe23598f7c9 [ 413.833285][T11046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.833310][T11046] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 413.833329][T11046] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 413.833340][T11046] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 413.833351][T11046] RBP: 00007fe236755090 R08: ffffffffffffffff R09: 0000000000000000 [ 413.833362][T11046] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 413.833373][T11046] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 413.833395][T11046] [ 414.361885][T11048] FAULT_INJECTION: forcing a failure. [ 414.361885][T11048] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 414.547360][T11048] CPU: 0 UID: 0 PID: 11048 Comm: syz.1.906 Tainted: G U syzkaller #0 PREEMPT(full) [ 414.547407][T11048] Tainted: [U]=USER [ 414.547416][T11048] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 414.547432][T11048] Call Trace: [ 414.547442][T11048] [ 414.547452][T11048] dump_stack_lvl+0x16c/0x1f0 [ 414.547486][T11048] should_fail_ex+0x512/0x640 [ 414.547529][T11048] _copy_from_user+0x2e/0xd0 [ 414.547567][T11048] io_uring_setup+0xc1/0x1f60 [ 414.547596][T11048] ? __pfx_io_uring_setup+0x10/0x10 [ 414.547623][T11048] ? __mutex_unlock_slowpath+0x161/0x790 [ 414.547660][T11048] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 414.547704][T11048] ? fput+0x70/0xf0 [ 414.547736][T11048] ? ksys_write+0x1ac/0x250 [ 414.547769][T11048] ? __pfx_ksys_write+0x10/0x10 [ 414.547808][T11048] __x64_sys_io_uring_setup+0xc2/0x170 [ 414.547836][T11048] do_syscall_64+0xcd/0xf80 [ 414.547868][T11048] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 414.547892][T11048] RIP: 0033:0x7f1cd138f7c9 [ 414.547912][T11048] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 414.547935][T11048] RSP: 002b:00007f1cd22a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 414.547959][T11048] RAX: ffffffffffffffda RBX: 00007f1cd15e6180 RCX: 00007f1cd138f7c9 [ 414.547975][T11048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 414.547989][T11048] RBP: 00007f1cd22a9090 R08: 0000000000000000 R09: 0000000000000000 [ 414.548003][T11048] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 414.548018][T11048] R13: 00007f1cd15e6218 R14: 00007f1cd15e6180 R15: 00007fff1660a488 [ 414.548050][T11048] [ 418.905715][T11101] FAULT_INJECTION: forcing a failure. [ 418.905715][T11101] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 418.920396][T11101] CPU: 1 UID: 0 PID: 11101 Comm: syz.1.912 Tainted: G U syzkaller #0 PREEMPT(full) [ 418.920446][T11101] Tainted: [U]=USER [ 418.920456][T11101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 418.920473][T11101] Call Trace: [ 418.920483][T11101] [ 418.920496][T11101] dump_stack_lvl+0x16c/0x1f0 [ 418.920540][T11101] should_fail_ex+0x512/0x640 [ 418.920592][T11101] _copy_to_user+0x32/0xd0 [ 418.920642][T11101] simple_read_from_buffer+0xcb/0x170 [ 418.920688][T11101] proc_fail_nth_read+0x197/0x240 [ 418.920738][T11101] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 418.920791][T11101] ? rw_verify_area+0xcf/0x6c0 [ 418.920828][T11101] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 418.920877][T11101] vfs_read+0x1e4/0xcf0 [ 418.920920][T11101] ? __pfx___mutex_lock+0x10/0x10 [ 418.920972][T11101] ? __pfx_vfs_read+0x10/0x10 [ 418.921026][T11101] ? __fget_files+0x20e/0x3c0 [ 418.921080][T11101] ksys_read+0x12a/0x250 [ 418.921122][T11101] ? __pfx_ksys_read+0x10/0x10 [ 418.921175][T11101] do_syscall_64+0xcd/0xf80 [ 418.921216][T11101] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 418.921246][T11101] RIP: 0033:0x7f1cd138e1dc [ 418.921312][T11101] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 418.921342][T11101] RSP: 002b:00007f1cd22ca030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 418.921371][T11101] RAX: ffffffffffffffda RBX: 00007f1cd15e6090 RCX: 00007f1cd138e1dc [ 418.921392][T11101] RDX: 000000000000000f RSI: 00007f1cd22ca0a0 RDI: 0000000000000006 [ 418.921410][T11101] RBP: 00007f1cd22ca090 R08: 0000000000000000 R09: 0000000000000000 [ 418.921429][T11101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 418.921447][T11101] R13: 00007f1cd15e6128 R14: 00007f1cd15e6090 R15: 00007fff1660a488 [ 418.921488][T11101] [ 420.559182][T11134] FAULT_INJECTION: forcing a failure. [ 420.559182][T11134] name failslab, interval 1, probability 0, space 0, times 0 [ 420.575623][T11134] CPU: 1 UID: 0 PID: 11134 Comm: syz.2.920 Tainted: G U syzkaller #0 PREEMPT(full) [ 420.575660][T11134] Tainted: [U]=USER [ 420.575667][T11134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 420.575678][T11134] Call Trace: [ 420.575692][T11134] [ 420.575701][T11134] dump_stack_lvl+0x16c/0x1f0 [ 420.575729][T11134] should_fail_ex+0x512/0x640 [ 420.575759][T11134] ? __kmalloc_noprof+0xca/0x910 [ 420.575782][T11134] should_failslab+0xc2/0x120 [ 420.575809][T11134] __kmalloc_noprof+0xeb/0x910 [ 420.575829][T11134] ? __register_sysctl_table+0xea2/0x1900 [ 420.575859][T11134] ? __register_sysctl_table+0xea2/0x1900 [ 420.575883][T11134] __register_sysctl_table+0xea2/0x1900 [ 420.575906][T11134] ? __pfx___register_sysctl_table+0x10/0x10 [ 420.575925][T11134] ? is_module_address+0x69/0xf0 [ 420.575944][T11134] ? register_net_sysctl_sz+0x222/0x450 [ 420.575965][T11134] ? __asan_memcpy+0x3c/0x60 [ 420.575983][T11134] xfrm6_net_init+0xf0/0x1c0 [ 420.576000][T11134] ? __pfx_xfrm6_net_init+0x10/0x10 [ 420.576014][T11134] ops_init+0x1e2/0x5f0 [ 420.576032][T11134] setup_net+0x11d/0x3a0 [ 420.576048][T11134] ? __pfx_setup_net+0x10/0x10 [ 420.576064][T11134] ? lockdep_init_map_type+0x5c/0x270 [ 420.576079][T11134] ? mutex_init_lockep+0x110/0x150 [ 420.576096][T11134] copy_net_ns+0x351/0x7c0 [ 420.576115][T11134] create_new_namespaces+0x3ea/0xab0 [ 420.576139][T11134] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 420.576160][T11134] ksys_unshare+0x45b/0xa40 [ 420.576182][T11134] ? __pfx_ksys_unshare+0x10/0x10 [ 420.576205][T11134] ? xfd_validate_state+0x61/0x180 [ 420.576223][T11134] __x64_sys_unshare+0x31/0x40 [ 420.576235][T11134] do_syscall_64+0xcd/0xf80 [ 420.576255][T11134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 420.576270][T11134] RIP: 0033:0x7f7f4258f7c9 [ 420.576282][T11134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 420.576296][T11134] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 420.576310][T11134] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 420.576319][T11134] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 420.576327][T11134] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 420.576336][T11134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 420.576344][T11134] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 420.576361][T11134] [ 420.576368][T11134] sysctl could not get directory: /net/ipv6 -12 [ 421.521691][T11144] ubi0: attaching mtd0 [ 421.527537][T11144] ubi0: scanning is finished [ 421.753528][T11144] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 421.809808][T11147] FAULT_INJECTION: forcing a failure. [ 421.809808][T11147] name failslab, interval 1, probability 0, space 0, times 0 [ 421.825632][T11144] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 421.867325][T11144] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 421.874475][T11147] CPU: 1 UID: 0 PID: 11147 Comm: syz.3.923 Tainted: G U syzkaller #0 PREEMPT(full) [ 421.874507][T11147] Tainted: [U]=USER [ 421.874513][T11147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 421.874524][T11147] Call Trace: [ 421.874533][T11147] [ 421.874541][T11147] dump_stack_lvl+0x16c/0x1f0 [ 421.874568][T11147] should_fail_ex+0x512/0x640 [ 421.874597][T11147] ? __kmalloc_cache_noprof+0x5f/0x800 [ 421.874621][T11147] should_failslab+0xc2/0x120 [ 421.874649][T11147] __kmalloc_cache_noprof+0x80/0x800 [ 421.874670][T11147] ? ip6addrlbl_add+0xc0/0xd90 [ 421.874702][T11147] ? ip6addrlbl_add+0xc0/0xd90 [ 421.874732][T11147] ip6addrlbl_add+0xc0/0xd90 [ 421.874768][T11147] ip6addrlbl_net_init+0x10a/0x380 [ 421.874799][T11147] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 421.874829][T11147] ops_init+0x1e2/0x5f0 [ 421.874852][T11147] setup_net+0x11d/0x3a0 [ 421.874873][T11147] ? __pfx_setup_net+0x10/0x10 [ 421.874892][T11147] ? lockdep_init_map_type+0x5c/0x270 [ 421.874911][T11147] ? mutex_init_lockep+0x110/0x150 [ 421.874932][T11147] copy_net_ns+0x351/0x7c0 [ 421.874957][T11147] create_new_namespaces+0x3ea/0xab0 [ 421.874996][T11147] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 421.875023][T11147] ksys_unshare+0x45b/0xa40 [ 421.875053][T11147] ? __pfx_ksys_unshare+0x10/0x10 [ 421.875084][T11147] ? xfd_validate_state+0x61/0x180 [ 421.875107][T11147] __x64_sys_unshare+0x31/0x40 [ 421.875123][T11147] do_syscall_64+0xcd/0xf80 [ 421.875149][T11147] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 421.875167][T11147] RIP: 0033:0x7f5937b8f7c9 [ 421.875183][T11147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 421.875201][T11147] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 421.875219][T11147] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 421.875231][T11147] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 421.875242][T11147] RBP: 00007f5937c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 421.875253][T11147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 421.875263][T11147] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 421.875286][T11147] [ 422.118135][T11144] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 422.125658][T11144] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 422.132668][T11144] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 422.141217][T11144] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 422.151884][T11144] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 422.162377][T11151] ubi0: background thread "ubi_bgt0d" started, PID 11151 [ 422.169801][T11145] ubi0: detaching mtd0 [ 422.348916][T11145] ubi0: mtd0 is detached [ 423.000370][T11157] FAULT_INJECTION: forcing a failure. [ 423.000370][T11157] name failslab, interval 1, probability 0, space 0, times 0 [ 423.047320][T11157] CPU: 0 UID: 0 PID: 11157 Comm: syz.2.924 Tainted: G U syzkaller #0 PREEMPT(full) [ 423.047369][T11157] Tainted: [U]=USER [ 423.047378][T11157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 423.047389][T11157] Call Trace: [ 423.047396][T11157] [ 423.047403][T11157] dump_stack_lvl+0x16c/0x1f0 [ 423.047432][T11157] should_fail_ex+0x512/0x640 [ 423.047460][T11157] ? __kmalloc_cache_noprof+0x5f/0x800 [ 423.047483][T11157] should_failslab+0xc2/0x120 [ 423.047506][T11157] __kmalloc_cache_noprof+0x80/0x800 [ 423.047523][T11157] ? ip6addrlbl_add+0xc0/0xd90 [ 423.047548][T11157] ? ip6addrlbl_add+0xc0/0xd90 [ 423.047569][T11157] ip6addrlbl_add+0xc0/0xd90 [ 423.047597][T11157] ip6addrlbl_net_init+0x10a/0x380 [ 423.047620][T11157] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 423.047643][T11157] ops_init+0x1e2/0x5f0 [ 423.047660][T11157] setup_net+0x11d/0x3a0 [ 423.047675][T11157] ? __pfx_setup_net+0x10/0x10 [ 423.047690][T11157] ? lockdep_init_map_type+0x5c/0x270 [ 423.047705][T11157] ? mutex_init_lockep+0x110/0x150 [ 423.047729][T11157] copy_net_ns+0x351/0x7c0 [ 423.047748][T11157] create_new_namespaces+0x3ea/0xab0 [ 423.047772][T11157] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 423.047794][T11157] ksys_unshare+0x45b/0xa40 [ 423.047817][T11157] ? __pfx_ksys_unshare+0x10/0x10 [ 423.047841][T11157] ? xfd_validate_state+0x61/0x180 [ 423.047859][T11157] __x64_sys_unshare+0x31/0x40 [ 423.047873][T11157] do_syscall_64+0xcd/0xf80 [ 423.047891][T11157] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 423.047906][T11157] RIP: 0033:0x7f7f4258f7c9 [ 423.047918][T11157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 423.047932][T11157] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 423.047946][T11157] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 423.047955][T11157] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 423.047966][T11157] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 423.047974][T11157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 423.047982][T11157] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 423.048000][T11157] [ 423.646547][T11164] ubi0: attaching mtd0 [ 423.655555][T11164] ubi0: scanning is finished [ 423.883647][T11164] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 423.993295][T11164] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 424.093075][T11164] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 424.200866][T11164] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 424.236072][T11164] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 424.335786][T11164] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 424.466732][T11164] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 424.566056][T11164] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 424.662616][T11174] ubi0: background thread "ubi_bgt0d" started, PID 11174 [ 424.672654][T11170] ubi0: detaching mtd0 [ 424.766709][T11170] ubi0: mtd0 is detached [ 425.052427][T11186] FAULT_INJECTION: forcing a failure. [ 425.052427][T11186] name failslab, interval 1, probability 0, space 0, times 0 [ 425.116443][T11186] CPU: 0 UID: 0 PID: 11186 Comm: syz.2.930 Tainted: G U syzkaller #0 PREEMPT(full) [ 425.116486][T11186] Tainted: [U]=USER [ 425.116492][T11186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 425.116503][T11186] Call Trace: [ 425.116510][T11186] [ 425.116518][T11186] dump_stack_lvl+0x16c/0x1f0 [ 425.116545][T11186] should_fail_ex+0x512/0x640 [ 425.116575][T11186] ? __kmalloc_noprof+0xca/0x910 [ 425.116598][T11186] should_failslab+0xc2/0x120 [ 425.116626][T11186] __kmalloc_noprof+0xeb/0x910 [ 425.116645][T11186] ? __register_sysctl_table+0xe8e/0x1900 [ 425.116670][T11186] ? __register_sysctl_table+0xea2/0x1900 [ 425.116707][T11186] ? __register_sysctl_table+0xea2/0x1900 [ 425.116731][T11186] __register_sysctl_table+0xea2/0x1900 [ 425.116760][T11186] ? __pfx___register_sysctl_table+0x10/0x10 [ 425.116784][T11186] ? is_module_address+0x69/0xf0 [ 425.116805][T11186] ? register_net_sysctl_sz+0x222/0x450 [ 425.116837][T11186] __addrconf_sysctl_register+0x1a2/0x360 [ 425.116865][T11186] ? __pfx___addrconf_sysctl_register+0x10/0x10 [ 425.116893][T11186] ? __asan_memcpy+0x3c/0x60 [ 425.116916][T11186] addrconf_init_net+0x50c/0x8e0 [ 425.116942][T11186] ? __pfx_addrconf_init_net+0x10/0x10 [ 425.116966][T11186] ops_init+0x1e2/0x5f0 [ 425.116993][T11186] setup_net+0x11d/0x3a0 [ 425.117008][T11186] ? __pfx_setup_net+0x10/0x10 [ 425.117023][T11186] ? lockdep_init_map_type+0x5c/0x270 [ 425.117037][T11186] ? mutex_init_lockep+0x110/0x150 [ 425.117054][T11186] copy_net_ns+0x351/0x7c0 [ 425.117073][T11186] create_new_namespaces+0x3ea/0xab0 [ 425.117096][T11186] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 425.117117][T11186] ksys_unshare+0x45b/0xa40 [ 425.117139][T11186] ? __pfx_ksys_unshare+0x10/0x10 [ 425.117168][T11186] ? xfd_validate_state+0x61/0x180 [ 425.117197][T11186] __x64_sys_unshare+0x31/0x40 [ 425.117216][T11186] do_syscall_64+0xcd/0xf80 [ 425.117245][T11186] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.117268][T11186] RIP: 0033:0x7f7f4258f7c9 [ 425.117288][T11186] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.117310][T11186] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 425.117333][T11186] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 425.117347][T11186] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 425.117359][T11186] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 425.117367][T11186] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 425.117376][T11186] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 425.117396][T11186] [ 425.498788][T11186] sysctl could not get directory: /net/ipv6/conf/all -12 [ 425.833851][T11193] FAULT_INJECTION: forcing a failure. [ 425.833851][T11193] name failslab, interval 1, probability 0, space 0, times 0 [ 425.854673][T11193] CPU: 0 UID: 0 PID: 11193 Comm: syz.0.941 Tainted: G U syzkaller #0 PREEMPT(full) [ 425.854734][T11193] Tainted: [U]=USER [ 425.854744][T11193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 425.854762][T11193] Call Trace: [ 425.854772][T11193] [ 425.854783][T11193] dump_stack_lvl+0x16c/0x1f0 [ 425.854828][T11193] should_fail_ex+0x512/0x640 [ 425.854872][T11193] ? __kmalloc_cache_noprof+0x5f/0x800 [ 425.854911][T11193] should_failslab+0xc2/0x120 [ 425.854956][T11193] __kmalloc_cache_noprof+0x80/0x800 [ 425.854989][T11193] ? ip6addrlbl_add+0xc0/0xd90 [ 425.855043][T11193] ? ip6addrlbl_add+0xc0/0xd90 [ 425.855088][T11193] ip6addrlbl_add+0xc0/0xd90 [ 425.855155][T11193] ip6addrlbl_net_init+0x10a/0x380 [ 425.855204][T11193] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 425.855286][T11193] ops_init+0x1e2/0x5f0 [ 425.855321][T11193] setup_net+0x11d/0x3a0 [ 425.855354][T11193] ? __pfx_setup_net+0x10/0x10 [ 425.855382][T11193] ? lockdep_init_map_type+0x5c/0x270 [ 425.855414][T11193] ? mutex_init_lockep+0x110/0x150 [ 425.855449][T11193] copy_net_ns+0x351/0x7c0 [ 425.855492][T11193] create_new_namespaces+0x3ea/0xab0 [ 425.855542][T11193] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 425.855587][T11193] ksys_unshare+0x45b/0xa40 [ 425.855634][T11193] ? __pfx_ksys_unshare+0x10/0x10 [ 425.855696][T11193] ? xfd_validate_state+0x61/0x180 [ 425.855737][T11193] __x64_sys_unshare+0x31/0x40 [ 425.855765][T11193] do_syscall_64+0xcd/0xf80 [ 425.855807][T11193] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.855839][T11193] RIP: 0033:0x7fe23598f7c9 [ 425.855864][T11193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.855895][T11193] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 425.855925][T11193] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 425.855944][T11193] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 425.855963][T11193] RBP: 00007fe235a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 425.855982][T11193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 425.856001][T11193] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 425.856044][T11193] [ 426.137818][T11198] FAULT_INJECTION: forcing a failure. [ 426.137818][T11198] name failslab, interval 1, probability 0, space 0, times 0 [ 426.152143][T11198] CPU: 1 UID: 0 PID: 11198 Comm: syz.3.934 Tainted: G U syzkaller #0 PREEMPT(full) [ 426.152193][T11198] Tainted: [U]=USER [ 426.152202][T11198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 426.152221][T11198] Call Trace: [ 426.152230][T11198] [ 426.152241][T11198] dump_stack_lvl+0x16c/0x1f0 [ 426.152282][T11198] should_fail_ex+0x512/0x640 [ 426.152328][T11198] ? kmem_cache_alloc_noprof+0x62/0x770 [ 426.152369][T11198] should_failslab+0xc2/0x120 [ 426.152414][T11198] kmem_cache_alloc_noprof+0x83/0x770 [ 426.152450][T11198] ? __proc_create+0x2c8/0x8d0 [ 426.152497][T11198] ? __proc_create+0x2c8/0x8d0 [ 426.152534][T11198] __proc_create+0x2c8/0x8d0 [ 426.152574][T11198] ? __pfx___proc_create+0x10/0x10 [ 426.152611][T11198] ? proc_register+0x554/0x8b0 [ 426.152657][T11198] ? _raw_write_unlock+0x28/0x50 [ 426.152695][T11198] proc_create_reg+0x7d/0x180 [ 426.152740][T11198] proc_create_net_data+0x8e/0x1c0 [ 426.152783][T11198] ? __pfx_proc_create_net_data+0x10/0x10 [ 426.152824][T11198] ? __pfx_uevent_net_rcv+0x10/0x10 [ 426.152870][T11198] ? ops_init+0x77/0x5f0 [ 426.152901][T11198] ? __pfx_dev_proc_net_init+0x10/0x10 [ 426.152959][T11198] dev_proc_net_init+0x5a/0x220 [ 426.153007][T11198] ops_init+0x1e2/0x5f0 [ 426.153041][T11198] setup_net+0x11d/0x3a0 [ 426.153074][T11198] ? __pfx_setup_net+0x10/0x10 [ 426.153104][T11198] ? lockdep_init_map_type+0x5c/0x270 [ 426.153135][T11198] ? mutex_init_lockep+0x110/0x150 [ 426.153171][T11198] copy_net_ns+0x351/0x7c0 [ 426.153211][T11198] create_new_namespaces+0x3ea/0xab0 [ 426.153261][T11198] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 426.153305][T11198] ksys_unshare+0x45b/0xa40 [ 426.153353][T11198] ? __pfx_ksys_unshare+0x10/0x10 [ 426.153402][T11198] ? xfd_validate_state+0x61/0x180 [ 426.153440][T11198] __x64_sys_unshare+0x31/0x40 [ 426.153466][T11198] do_syscall_64+0xcd/0xf80 [ 426.153504][T11198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.153534][T11198] RIP: 0033:0x7f5937b8f7c9 [ 426.153557][T11198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 426.153586][T11198] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 426.153613][T11198] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 426.153633][T11198] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 426.153659][T11198] RBP: 00007f5937c13f91 R08: 0000000000000000 R09: 0000000000000000 [ 426.153677][T11198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 426.153694][T11198] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 426.153738][T11198] [ 427.282717][T11219] ubi0: attaching mtd0 [ 427.292191][T11219] ubi0: scanning is finished [ 427.730582][T11219] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 427.767512][T11219] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 427.812372][T11219] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 428.014291][T11219] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 428.079939][T11219] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 428.150053][T11219] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 428.228035][T11219] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 428.270216][T11219] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 428.284209][T11228] ubi0: background thread "ubi_bgt0d" started, PID 11228 [ 428.311156][T11222] ubi0: detaching mtd0 [ 428.364561][T11222] ubi0: mtd0 is detached [ 428.732394][T11239] FAULT_INJECTION: forcing a failure. [ 428.732394][T11239] name failslab, interval 1, probability 0, space 0, times 0 [ 428.745239][T11239] CPU: 1 UID: 0 PID: 11239 Comm: syz.0.949 Tainted: G U syzkaller #0 PREEMPT(full) [ 428.745289][T11239] Tainted: [U]=USER [ 428.745300][T11239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 428.745317][T11239] Call Trace: [ 428.745326][T11239] [ 428.745339][T11239] dump_stack_lvl+0x16c/0x1f0 [ 428.745379][T11239] should_fail_ex+0x512/0x640 [ 428.745423][T11239] ? __kmalloc_cache_noprof+0x5f/0x800 [ 428.745461][T11239] should_failslab+0xc2/0x120 [ 428.745505][T11239] __kmalloc_cache_noprof+0x80/0x800 [ 428.745539][T11239] ? ip6addrlbl_add+0xc0/0xd90 [ 428.745592][T11239] ? ip6addrlbl_add+0xc0/0xd90 [ 428.745637][T11239] ip6addrlbl_add+0xc0/0xd90 [ 428.745694][T11239] ip6addrlbl_net_init+0x10a/0x380 [ 428.745744][T11239] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 428.745789][T11239] ops_init+0x1e2/0x5f0 [ 428.745841][T11239] setup_net+0x11d/0x3a0 [ 428.745879][T11239] ? __pfx_setup_net+0x10/0x10 [ 428.745906][T11239] ? lockdep_init_map_type+0x5c/0x270 [ 428.745934][T11239] ? mutex_init_lockep+0x110/0x150 [ 428.745968][T11239] copy_net_ns+0x351/0x7c0 [ 428.746014][T11239] create_new_namespaces+0x3ea/0xab0 [ 428.746062][T11239] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 428.746103][T11239] ksys_unshare+0x45b/0xa40 [ 428.746144][T11239] ? __pfx_ksys_unshare+0x10/0x10 [ 428.746188][T11239] ? xfd_validate_state+0x61/0x180 [ 428.746225][T11239] __x64_sys_unshare+0x31/0x40 [ 428.746249][T11239] do_syscall_64+0xcd/0xf80 [ 428.746287][T11239] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.746314][T11239] RIP: 0033:0x7fe23598f7c9 [ 428.746338][T11239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.746365][T11239] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 428.746393][T11239] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 428.746412][T11239] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 428.746429][T11239] RBP: 00007fe235a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 428.746446][T11239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.746463][T11239] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 428.746502][T11239] [ 430.218354][T11260] ubi0: attaching mtd0 [ 430.263556][T11260] ubi0: scanning is finished [ 430.445375][T11264] netlink: 8 bytes leftover after parsing attributes in process `syz.2.946'. [ 430.564611][T11266] FAULT_INJECTION: forcing a failure. [ 430.564611][T11266] name failslab, interval 1, probability 0, space 0, times 0 [ 430.622250][T11260] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 430.632140][T11260] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 430.661825][T11266] CPU: 1 UID: 0 PID: 11266 Comm: syz.0.947 Tainted: G U syzkaller #0 PREEMPT(full) [ 430.661876][T11266] Tainted: [U]=USER [ 430.661886][T11266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 430.661904][T11266] Call Trace: [ 430.661915][T11266] [ 430.661927][T11266] dump_stack_lvl+0x16c/0x1f0 [ 430.661972][T11266] should_fail_ex+0x512/0x640 [ 430.662018][T11266] ? __kmalloc_cache_noprof+0x5f/0x800 [ 430.662058][T11266] should_failslab+0xc2/0x120 [ 430.662104][T11266] __kmalloc_cache_noprof+0x80/0x800 [ 430.662135][T11266] ? find_held_lock+0x2b/0x80 [ 430.662173][T11266] ? uevent_net_init+0xd3/0x350 [ 430.662223][T11266] ? uevent_net_init+0xd3/0x350 [ 430.662266][T11266] uevent_net_init+0xd3/0x350 [ 430.662309][T11266] ? __pfx_uevent_net_init+0x10/0x10 [ 430.662353][T11266] ? rcu_is_watching+0x12/0xc0 [ 430.662395][T11266] ? __pfx_uevent_net_rcv+0x10/0x10 [ 430.662452][T11266] ? ops_init+0x77/0x5f0 [ 430.662493][T11266] ? __pfx_uevent_net_init+0x10/0x10 [ 430.662535][T11266] ops_init+0x1e2/0x5f0 [ 430.662574][T11266] setup_net+0x11d/0x3a0 [ 430.662608][T11266] ? __pfx_setup_net+0x10/0x10 [ 430.662640][T11266] ? lockdep_init_map_type+0x5c/0x270 [ 430.662681][T11266] ? mutex_init_lockep+0x110/0x150 [ 430.662721][T11266] copy_net_ns+0x351/0x7c0 [ 430.662763][T11266] create_new_namespaces+0x3ea/0xab0 [ 430.662818][T11266] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 430.662865][T11266] ksys_unshare+0x45b/0xa40 [ 430.662914][T11266] ? __pfx_ksys_unshare+0x10/0x10 [ 430.662963][T11266] ? xfd_validate_state+0x61/0x180 [ 430.663007][T11266] __x64_sys_unshare+0x31/0x40 [ 430.663033][T11266] do_syscall_64+0xcd/0xf80 [ 430.663074][T11266] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.663105][T11266] RIP: 0033:0x7fe23598f7c9 [ 430.663130][T11266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 430.663161][T11266] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 430.663191][T11266] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 430.663211][T11266] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 430.663229][T11266] RBP: 00007fe235a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 430.663248][T11266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 430.663267][T11266] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 430.663310][T11266] [ 430.945260][T11260] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 430.962875][T11260] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 430.989062][T11260] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 430.996102][T11260] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 431.004260][T11260] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 431.014629][T11260] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 431.024966][T11269] ubi0: background thread "ubi_bgt0d" started, PID 11269 [ 431.032269][T11261] ubi0: detaching mtd0 [ 431.039616][T11261] ubi0: mtd0 is detached [ 431.280626][ T5916] smpboot: CPU 0 is now offline [ 432.753600][T11293] FAULT_INJECTION: forcing a failure. [ 432.753600][T11293] name failslab, interval 1, probability 0, space 0, times 0 [ 432.945289][T11293] CPU: 1 UID: 0 PID: 11293 Comm: syz.1.952 Tainted: G U syzkaller #0 PREEMPT(full) [ 432.945322][T11293] Tainted: [U]=USER [ 432.945328][T11293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 432.945338][T11293] Call Trace: [ 432.945344][T11293] [ 432.945352][T11293] dump_stack_lvl+0x16c/0x1f0 [ 432.945378][T11293] should_fail_ex+0x512/0x640 [ 432.945407][T11293] ? kmem_cache_alloc_noprof+0x62/0x770 [ 432.945431][T11293] should_failslab+0xc2/0x120 [ 432.945458][T11293] kmem_cache_alloc_noprof+0x83/0x770 [ 432.945479][T11293] ? getname_flags.part.0+0x4c/0x550 [ 432.945503][T11293] ? getname_flags.part.0+0x4c/0x550 [ 432.945521][T11293] getname_flags.part.0+0x4c/0x550 [ 432.945543][T11293] getname_flags+0x93/0xf0 [ 432.945566][T11293] do_sys_openat2+0xb8/0x280 [ 432.945586][T11293] ? __pfx_do_sys_openat2+0x10/0x10 [ 432.945608][T11293] ? __fget_files+0x20e/0x3c0 [ 432.945637][T11293] __x64_sys_openat+0x174/0x210 [ 432.945658][T11293] ? __pfx___x64_sys_openat+0x10/0x10 [ 432.945677][T11293] ? ksys_write+0x1ac/0x250 [ 432.945721][T11293] do_syscall_64+0xcd/0xf80 [ 432.945745][T11293] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 432.945763][T11293] RIP: 0033:0x7f1cd138f7c9 [ 432.945779][T11293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 432.945796][T11293] RSP: 002b:00007f1cd22ca038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 432.945814][T11293] RAX: ffffffffffffffda RBX: 00007f1cd15e6090 RCX: 00007f1cd138f7c9 [ 432.945826][T11293] RDX: 0000000000000001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 432.945837][T11293] RBP: 00007f1cd22ca090 R08: 0000000000000000 R09: 0000000000000000 [ 432.945848][T11293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 432.945858][T11293] R13: 00007f1cd15e6128 R14: 00007f1cd15e6090 R15: 00007fff1660a488 [ 432.945881][T11293] [ 434.770149][T11319] ubi0: attaching mtd0 [ 434.795881][T11319] ubi0: scanning is finished [ 434.945307][T11319] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 434.976052][T11319] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 435.015598][T11319] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 435.076505][T11319] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 435.179195][T11319] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 435.266251][T11319] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 435.367353][T11319] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 435.511618][T11319] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 435.668354][T11323] ubi0: detaching mtd0 [ 435.748192][T11323] ubi0: mtd0 is detached [ 437.003288][T11358] netlink: 8 bytes leftover after parsing attributes in process `syz.1.961'. [ 437.456604][ T5841] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260 [ 437.456636][ T5841] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5 [ 439.598876][T11384] FAULT_INJECTION: forcing a failure. [ 439.598876][T11384] name failslab, interval 1, probability 0, space 0, times 0 [ 439.696129][T11384] CPU: 1 UID: 0 PID: 11384 Comm: syz.2.965 Tainted: G U syzkaller #0 PREEMPT(full) [ 439.696161][T11384] Tainted: [U]=USER [ 439.696167][T11384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 439.696178][T11384] Call Trace: [ 439.696184][T11384] [ 439.696191][T11384] dump_stack_lvl+0x16c/0x1f0 [ 439.696218][T11384] should_fail_ex+0x512/0x640 [ 439.696247][T11384] ? kmem_cache_alloc_noprof+0x62/0x770 [ 439.696271][T11384] should_failslab+0xc2/0x120 [ 439.696298][T11384] kmem_cache_alloc_noprof+0x83/0x770 [ 439.696320][T11384] ? getname_flags.part.0+0x4c/0x550 [ 439.696344][T11384] ? getname_flags.part.0+0x4c/0x550 [ 439.696362][T11384] getname_flags.part.0+0x4c/0x550 [ 439.696384][T11384] getname_flags+0x93/0xf0 [ 439.696408][T11384] do_sys_openat2+0xb8/0x280 [ 439.696428][T11384] ? __pfx_do_sys_openat2+0x10/0x10 [ 439.696450][T11384] ? __fget_files+0x20e/0x3c0 [ 439.696478][T11384] __x64_sys_openat+0x174/0x210 [ 439.696499][T11384] ? __pfx___x64_sys_openat+0x10/0x10 [ 439.696518][T11384] ? ksys_write+0x1ac/0x250 [ 439.696550][T11384] do_syscall_64+0xcd/0xf80 [ 439.696573][T11384] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.696592][T11384] RIP: 0033:0x7f7f4258f7c9 [ 439.696606][T11384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.696624][T11384] RSP: 002b:00007f7f4344c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 439.696641][T11384] RAX: ffffffffffffffda RBX: 00007f7f427e6090 RCX: 00007f7f4258f7c9 [ 439.696653][T11384] RDX: 0000000000002440 RSI: 00002000000002c0 RDI: ffffffffffffff9c [ 439.696672][T11384] RBP: 00007f7f4344c090 R08: 0000000000000000 R09: 0000000000000000 [ 439.696682][T11384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 439.696692][T11384] R13: 00007f7f427e6128 R14: 00007f7f427e6090 R15: 00007ffe49dbd168 [ 439.696715][T11384] [ 440.158607][T11390] netlink: 'syz.3.967': attribute type 1 has an invalid length. [ 440.166521][T11390] nbd: error processing sock list [ 440.331919][T11390] netlink: 4 bytes leftover after parsing attributes in process `syz.3.967'. [ 440.515433][T11398] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 440.851784][T11384] Format for deleting device is "id" (uint). [ 441.357056][T11398] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.172149][T11398] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.405580][T11398] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 442.883714][T11447] ubi0: attaching mtd0 [ 442.901010][T11447] ubi0: scanning is finished [ 443.094331][T11447] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 443.157817][T11447] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 443.346211][T11447] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 443.403531][T11447] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 443.501746][T11447] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 443.617941][T11447] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 443.837935][T11447] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 443.938190][T11447] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 444.035777][T11452] ubi0: background thread "ubi_bgt0d" started, PID 11452 [ 444.045906][T11449] ubi0: detaching mtd0 [ 444.132762][T11449] ubi0: mtd0 is detached [ 444.843653][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.852005][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.871266][T11472] netlink: 8 bytes leftover after parsing attributes in process `syz.1.979'. [ 446.824110][T11516] FAULT_INJECTION: forcing a failure. [ 446.824110][T11516] name failslab, interval 1, probability 0, space 0, times 0 [ 446.972868][T11516] CPU: 1 UID: 0 PID: 11516 Comm: syz.0.985 Tainted: G U syzkaller #0 PREEMPT(full) [ 446.972899][T11516] Tainted: [U]=USER [ 446.972905][T11516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 446.972915][T11516] Call Trace: [ 446.972921][T11516] [ 446.972927][T11516] dump_stack_lvl+0x16c/0x1f0 [ 446.972955][T11516] should_fail_ex+0x512/0x640 [ 446.972983][T11516] ? __kmalloc_noprof+0xca/0x910 [ 446.973005][T11516] should_failslab+0xc2/0x120 [ 446.973033][T11516] __kmalloc_noprof+0xeb/0x910 [ 446.973052][T11516] ? __pfx_aa_file_perm+0x10/0x10 [ 446.973072][T11516] ? kernfs_fop_write_iter+0x237/0x570 [ 446.973103][T11516] ? kernfs_fop_write_iter+0x237/0x570 [ 446.973128][T11516] ? __lock_acquire+0x436/0x2890 [ 446.973144][T11516] kernfs_fop_write_iter+0x237/0x570 [ 446.973173][T11516] do_iter_readv_writev+0x662/0x9e0 [ 446.973199][T11516] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 446.973233][T11516] vfs_writev+0x35f/0xde0 [ 446.973256][T11516] ? rcu_is_watching+0x12/0xc0 [ 446.973287][T11516] ? __pfx_vfs_writev+0x10/0x10 [ 446.973310][T11516] ? fdget_pos+0x2a2/0x370 [ 446.973351][T11516] ? __fget_files+0x20e/0x3c0 [ 446.973375][T11516] ? __fget_files+0x170/0x3c0 [ 446.973404][T11516] ? do_writev+0x132/0x340 [ 446.973426][T11516] do_writev+0x132/0x340 [ 446.973449][T11516] ? __pfx_do_writev+0x10/0x10 [ 446.973479][T11516] do_syscall_64+0xcd/0xf80 [ 446.973503][T11516] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 446.973521][T11516] RIP: 0033:0x7fe23598f7c9 [ 446.973536][T11516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 446.973554][T11516] RSP: 002b:00007fe233bd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 446.973571][T11516] RAX: ffffffffffffffda RBX: 00007fe235be6180 RCX: 00007fe23598f7c9 [ 446.973583][T11516] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 446.973593][T11516] RBP: 00007fe233bd5090 R08: 0000000000000000 R09: 0000000000000000 [ 446.973614][T11516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 446.973625][T11516] R13: 00007fe235be6218 R14: 00007fe235be6180 R15: 00007ffd51a5efe8 [ 446.973647][T11516] [ 447.398734][T11523] FAULT_INJECTION: forcing a failure. [ 447.398734][T11523] name failslab, interval 1, probability 0, space 0, times 0 [ 447.411774][T11523] CPU: 1 UID: 0 PID: 11523 Comm: syz.3.986 Tainted: G U syzkaller #0 PREEMPT(full) [ 447.411804][T11523] Tainted: [U]=USER [ 447.411809][T11523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 447.411820][T11523] Call Trace: [ 447.411826][T11523] [ 447.411833][T11523] dump_stack_lvl+0x16c/0x1f0 [ 447.411859][T11523] should_fail_ex+0x512/0x640 [ 447.411887][T11523] ? __kmalloc_cache_noprof+0x5f/0x800 [ 447.411910][T11523] should_failslab+0xc2/0x120 [ 447.411951][T11523] __kmalloc_cache_noprof+0x80/0x800 [ 447.411971][T11523] ? alloc_pipe_info+0x10e/0x590 [ 447.412002][T11523] ? alloc_pipe_info+0x10e/0x590 [ 447.412028][T11523] alloc_pipe_info+0x10e/0x590 [ 447.412057][T11523] splice_direct_to_actor+0x77d/0xa30 [ 447.412085][T11523] ? __lock_acquire+0x436/0x2890 [ 447.412101][T11523] ? __pfx_direct_splice_actor+0x10/0x10 [ 447.412128][T11523] ? __pfx_aa_file_perm+0x10/0x10 [ 447.412149][T11523] ? find_held_lock+0x2b/0x80 [ 447.412173][T11523] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 447.412198][T11523] ? get_pid_task+0xfc/0x250 [ 447.412219][T11523] do_splice_direct+0x174/0x240 [ 447.412246][T11523] ? __pfx_do_splice_direct+0x10/0x10 [ 447.412273][T11523] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 447.412302][T11523] ? rw_verify_area+0xcf/0x6c0 [ 447.412326][T11523] do_sendfile+0xb06/0xe50 [ 447.412354][T11523] ? __pfx_do_sendfile+0x10/0x10 [ 447.412378][T11523] ? __fget_files+0x20e/0x3c0 [ 447.412408][T11523] __x64_sys_sendfile64+0x1d8/0x220 [ 447.412424][T11523] ? ksys_write+0x1ac/0x250 [ 447.412449][T11523] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 447.412472][T11523] do_syscall_64+0xcd/0xf80 [ 447.412496][T11523] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 447.412514][T11523] RIP: 0033:0x7f5937b8f7c9 [ 447.412528][T11523] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 447.412547][T11523] RSP: 002b:00007f5935df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 447.412564][T11523] RAX: ffffffffffffffda RBX: 00007f5937de6270 RCX: 00007f5937b8f7c9 [ 447.412575][T11523] RDX: 0000000000000000 RSI: 000000000000000b RDI: 000000000000000b [ 447.412586][T11523] RBP: 00007f5935df6090 R08: 0000000000000000 R09: 0000000000000000 [ 447.412596][T11523] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 447.412606][T11523] R13: 00007f5937de6308 R14: 00007f5937de6270 R15: 00007ffdf0090618 [ 447.412628][T11523] [ 448.166048][T11528] FAULT_INJECTION: forcing a failure. [ 448.166048][T11528] name failslab, interval 1, probability 0, space 0, times 0 [ 448.222489][T11528] CPU: 1 UID: 0 PID: 11528 Comm: syz.1.987 Tainted: G U syzkaller #0 PREEMPT(full) [ 448.222521][T11528] Tainted: [U]=USER [ 448.222527][T11528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 448.222538][T11528] Call Trace: [ 448.222544][T11528] [ 448.222551][T11528] dump_stack_lvl+0x16c/0x1f0 [ 448.222579][T11528] should_fail_ex+0x512/0x640 [ 448.222608][T11528] ? kmem_cache_alloc_noprof+0x62/0x770 [ 448.222633][T11528] should_failslab+0xc2/0x120 [ 448.222662][T11528] kmem_cache_alloc_noprof+0x83/0x770 [ 448.222684][T11528] ? __proc_create+0x2c8/0x8d0 [ 448.222720][T11528] ? __proc_create+0x2c8/0x8d0 [ 448.222742][T11528] __proc_create+0x2c8/0x8d0 [ 448.222767][T11528] ? __pfx___proc_create+0x10/0x10 [ 448.222794][T11528] ? __pfx___netlink_kernel_create+0x10/0x10 [ 448.222822][T11528] proc_create_reg+0x7d/0x180 [ 448.222850][T11528] proc_create_net_data+0x8e/0x1c0 [ 448.222876][T11528] ? __pfx_proc_create_net_data+0x10/0x10 [ 448.222900][T11528] ? __pfx_uevent_net_rcv+0x10/0x10 [ 448.222933][T11528] ? ops_init+0x77/0x5f0 [ 448.222954][T11528] ? __pfx_proto_init_net+0x10/0x10 [ 448.222978][T11528] proto_init_net+0x53/0x70 [ 448.223001][T11528] ops_init+0x1e2/0x5f0 [ 448.223022][T11528] setup_net+0x11d/0x3a0 [ 448.223043][T11528] ? __pfx_setup_net+0x10/0x10 [ 448.223061][T11528] ? lockdep_init_map_type+0x5c/0x270 [ 448.223080][T11528] ? mutex_init_lockep+0x110/0x150 [ 448.223102][T11528] copy_net_ns+0x351/0x7c0 [ 448.223127][T11528] create_new_namespaces+0x3ea/0xab0 [ 448.223164][T11528] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 448.223192][T11528] ksys_unshare+0x45b/0xa40 [ 448.223220][T11528] ? __pfx_ksys_unshare+0x10/0x10 [ 448.223250][T11528] ? xfd_validate_state+0x61/0x180 [ 448.223275][T11528] __x64_sys_unshare+0x31/0x40 [ 448.223291][T11528] do_syscall_64+0xcd/0xf80 [ 448.223315][T11528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 448.223333][T11528] RIP: 0033:0x7f1cd138f7c9 [ 448.223349][T11528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 448.223367][T11528] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 448.223385][T11528] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 448.223397][T11528] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 448.223408][T11528] RBP: 00007f1cd1413f91 R08: 0000000000000000 R09: 0000000000000000 [ 448.223418][T11528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 448.223429][T11528] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 448.223452][T11528] [ 450.338074][T11573] ubi0: attaching mtd0 [ 450.412289][T11573] ubi0: scanning is finished [ 450.986146][T11573] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 451.112687][T11573] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 451.227515][T11573] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 451.234533][T11573] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 451.487275][T11573] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 451.550115][T11573] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 451.607631][T11573] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 451.759587][T11573] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 451.865509][T11584] ubi0: background thread "ubi_bgt0d" started, PID 11584 [ 451.875625][T11575] ubi0: detaching mtd0 [ 451.988828][T11575] ubi0: mtd0 is detached [ 453.768938][T11603] netlink: 8 bytes leftover after parsing attributes in process `syz.1.997'. [ 456.150175][T11660] FAULT_INJECTION: forcing a failure. [ 456.150175][T11660] name failslab, interval 1, probability 0, space 0, times 0 [ 456.198609][T11660] CPU: 1 UID: 0 PID: 11660 Comm: syz.1.1005 Tainted: G U syzkaller #0 PREEMPT(full) [ 456.198643][T11660] Tainted: [U]=USER [ 456.198648][T11660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 456.198660][T11660] Call Trace: [ 456.198666][T11660] [ 456.198673][T11660] dump_stack_lvl+0x16c/0x1f0 [ 456.198707][T11660] should_fail_ex+0x512/0x640 [ 456.198737][T11660] ? kmem_cache_alloc_noprof+0x62/0x770 [ 456.198762][T11660] should_failslab+0xc2/0x120 [ 456.198791][T11660] kmem_cache_alloc_noprof+0x83/0x770 [ 456.198814][T11660] ? __proc_create+0x2c8/0x8d0 [ 456.198842][T11660] ? __proc_create+0x2c8/0x8d0 [ 456.198865][T11660] __proc_create+0x2c8/0x8d0 [ 456.198889][T11660] ? __pfx___proc_create+0x10/0x10 [ 456.198916][T11660] ? _raw_write_unlock+0x28/0x50 [ 456.198936][T11660] ? proc_register+0x559/0x8b0 [ 456.198963][T11660] proc_create_reg+0x7d/0x180 [ 456.198991][T11660] proc_create_seq_private+0x8e/0x180 [ 456.199017][T11660] ? __pfx_proc_create_seq_private+0x10/0x10 [ 456.199044][T11660] ? __pfx_uevent_net_rcv+0x10/0x10 [ 456.199072][T11660] ? ops_init+0x77/0x5f0 [ 456.199091][T11660] ? __pfx_dev_proc_net_init+0x10/0x10 [ 456.199121][T11660] dev_proc_net_init+0xa8/0x220 [ 456.199150][T11660] ops_init+0x1e2/0x5f0 [ 456.199171][T11660] setup_net+0x11d/0x3a0 [ 456.199191][T11660] ? __pfx_setup_net+0x10/0x10 [ 456.199209][T11660] ? lockdep_init_map_type+0x5c/0x270 [ 456.199233][T11660] ? mutex_init_lockep+0x110/0x150 [ 456.199255][T11660] copy_net_ns+0x351/0x7c0 [ 456.199280][T11660] create_new_namespaces+0x3ea/0xab0 [ 456.199310][T11660] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 456.199337][T11660] ksys_unshare+0x45b/0xa40 [ 456.199366][T11660] ? __pfx_ksys_unshare+0x10/0x10 [ 456.199396][T11660] ? xfd_validate_state+0x61/0x180 [ 456.199420][T11660] __x64_sys_unshare+0x31/0x40 [ 456.199436][T11660] do_syscall_64+0xcd/0xf80 [ 456.199459][T11660] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.199477][T11660] RIP: 0033:0x7f1cd138f7c9 [ 456.199493][T11660] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 456.199511][T11660] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 456.199529][T11660] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 456.199541][T11660] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 456.199551][T11660] RBP: 00007f1cd1413f91 R08: 0000000000000000 R09: 0000000000000000 [ 456.199562][T11660] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 456.199573][T11660] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 456.199596][T11660] [ 457.292256][T11672] ubi0: attaching mtd0 [ 457.301888][T11672] ubi0: scanning is finished [ 457.494120][T11672] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 457.567310][T11672] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 457.574755][T11672] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 457.728538][T11672] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 457.807328][T11672] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 457.937248][T11672] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 458.029889][T11672] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 458.278877][T11672] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 458.379741][T11680] ubi0: background thread "ubi_bgt0d" started, PID 11680 [ 458.387023][T11677] ubi0: detaching mtd0 [ 458.470818][T11677] ubi0: mtd0 is detached [ 458.620605][T11688] ubi0: attaching mtd0 [ 458.636187][T11688] ubi0: scanning is finished [ 458.992796][T11688] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 459.077541][T11688] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 459.085079][T11688] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 459.294904][T11688] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 459.462612][T11688] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 459.630284][T11688] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 459.737286][T11688] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 459.869311][T11688] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 459.928568][T11693] ubi0: detaching mtd0 [ 460.033519][T11693] ubi0: mtd0 is detached [ 460.890699][T11720] FAULT_INJECTION: forcing a failure. [ 460.890699][T11720] name failslab, interval 1, probability 0, space 0, times 0 [ 460.957286][T11720] CPU: 1 UID: 0 PID: 11720 Comm: syz.2.1015 Tainted: G U syzkaller #0 PREEMPT(full) [ 460.957320][T11720] Tainted: [U]=USER [ 460.957326][T11720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 460.957337][T11720] Call Trace: [ 460.957345][T11720] [ 460.957353][T11720] dump_stack_lvl+0x16c/0x1f0 [ 460.957381][T11720] should_fail_ex+0x512/0x640 [ 460.957410][T11720] ? __kmalloc_node_track_caller_noprof+0xcb/0x930 [ 460.957440][T11720] should_failslab+0xc2/0x120 [ 460.957468][T11720] __kmalloc_node_track_caller_noprof+0xec/0x930 [ 460.957495][T11720] ? sysctl_core_net_init+0x42/0x280 [ 460.957527][T11720] ? kmemdup_noprof+0x29/0x60 [ 460.957546][T11720] ? lockdep_init_map_type+0x5c/0x270 [ 460.957582][T11720] kmemdup_noprof+0x29/0x60 [ 460.957610][T11720] sysctl_core_net_init+0x42/0x280 [ 460.957638][T11720] ? __pfx_sysctl_core_net_init+0x10/0x10 [ 460.957665][T11720] ops_init+0x1e2/0x5f0 [ 460.957688][T11720] setup_net+0x11d/0x3a0 [ 460.957709][T11720] ? __pfx_setup_net+0x10/0x10 [ 460.957727][T11720] ? lockdep_init_map_type+0x5c/0x270 [ 460.957746][T11720] ? mutex_init_lockep+0x110/0x150 [ 460.957767][T11720] copy_net_ns+0x351/0x7c0 [ 460.957792][T11720] create_new_namespaces+0x3ea/0xab0 [ 460.957822][T11720] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 460.957850][T11720] ksys_unshare+0x45b/0xa40 [ 460.957879][T11720] ? __pfx_ksys_unshare+0x10/0x10 [ 460.957909][T11720] ? xfd_validate_state+0x61/0x180 [ 460.957932][T11720] __x64_sys_unshare+0x31/0x40 [ 460.957947][T11720] do_syscall_64+0xcd/0xf80 [ 460.957971][T11720] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.957989][T11720] RIP: 0033:0x7f7f4258f7c9 [ 460.958005][T11720] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.958023][T11720] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 460.958042][T11720] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 460.958054][T11720] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 460.958065][T11720] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 460.958076][T11720] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.958086][T11720] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 460.958110][T11720] [ 462.368476][T11734] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1014'. [ 463.408188][T11750] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1020'. [ 463.782314][T11754] ubi0: attaching mtd0 [ 463.815188][T11754] ubi0: scanning is finished [ 463.997904][T11754] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 464.054271][T11754] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 464.161306][T11754] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 464.269171][T11754] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 464.276586][T11754] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 464.442877][T11754] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 464.530143][T11754] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 464.709383][T11754] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 464.810797][T11762] ubi0: background thread "ubi_bgt0d" started, PID 11762 [ 464.818393][T11758] ubi0: detaching mtd0 [ 464.862889][T11772] binder: 11761:11772 ioctl c0306201 200000000000 returned -14 [ 464.899709][T11758] ubi0: mtd0 is detached [ 464.977350][T11763] ubi0: attaching mtd0 [ 464.982956][T11763] ubi0: scanning is finished [ 465.105475][T11754] binder: 11752:11754 ioctl c0306201 0 returned -14 [ 465.321715][T11763] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4 [ 466.702086][T11803] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1025'. [ 468.731882][ T5841] Bluetooth: hci2: unexpected event 0x3e length: 728 > 260 [ 468.731912][ T5841] Bluetooth: hci2: unexpected subevent 0x0c length: 727 > 5 [ 468.755822][T11831] FAULT_INJECTION: forcing a failure. [ 468.755822][T11831] name failslab, interval 1, probability 0, space 0, times 0 [ 468.802215][T11831] CPU: 1 UID: 0 PID: 11831 Comm: syz.2.1037 Tainted: G U syzkaller #0 PREEMPT(full) [ 468.802248][T11831] Tainted: [U]=USER [ 468.802254][T11831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 468.802265][T11831] Call Trace: [ 468.802271][T11831] [ 468.802279][T11831] dump_stack_lvl+0x16c/0x1f0 [ 468.802306][T11831] should_fail_ex+0x512/0x640 [ 468.802335][T11831] ? __kmalloc_cache_noprof+0x5f/0x800 [ 468.802358][T11831] should_failslab+0xc2/0x120 [ 468.802386][T11831] __kmalloc_cache_noprof+0x80/0x800 [ 468.802407][T11831] ? __do_sys_fanotify_init+0x526/0xeb0 [ 468.802432][T11831] ? get_mem_cgroup_from_mm+0x132/0x600 [ 468.802456][T11831] ? __do_sys_fanotify_init+0x526/0xeb0 [ 468.802480][T11831] __do_sys_fanotify_init+0x526/0xeb0 [ 468.802508][T11831] do_syscall_64+0xcd/0xf80 [ 468.802533][T11831] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 468.802551][T11831] RIP: 0033:0x7f7f4258f7c9 [ 468.802566][T11831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 468.802585][T11831] RSP: 002b:00007f7f4344c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012c [ 468.802602][T11831] RAX: ffffffffffffffda RBX: 00007f7f427e6090 RCX: 00007f7f4258f7c9 [ 468.802614][T11831] RDX: 0000000000000000 RSI: 0002000000000002 RDI: 0000000000000005 [ 468.802625][T11831] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 468.802636][T11831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 468.802647][T11831] R13: 00007f7f427e6128 R14: 00007f7f427e6090 R15: 00007ffe49dbd168 [ 468.802674][T11831] [ 471.624842][T11881] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1049'. [ 472.399251][T11884] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1043'. [ 473.615009][T11900] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1045'. [ 474.486312][T11929] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1050'. [ 475.085336][T11927] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1052'. [ 475.098333][T11937] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1053'. [ 475.397533][T11948] ubi0: attaching mtd0 [ 475.421361][T11948] ubi0: scanning is finished [ 475.890472][T11948] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 475.983622][T11948] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 476.129146][T11948] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 476.176073][T11948] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 476.271853][T11948] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 476.347247][T11948] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 476.431504][T11948] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 476.520733][T11948] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 476.604370][T11957] ubi0: background thread "ubi_bgt0d" started, PID 11957 [ 476.611600][T11949] ubi0: detaching mtd0 [ 476.656306][T11949] ubi0: mtd0 is detached [ 477.362323][T11968] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1057'. [ 477.793974][T11976] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1059'. [ 481.728398][T12055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1076'. [ 482.161845][T12088] FAULT_INJECTION: forcing a failure. [ 482.161845][T12088] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 482.231686][T12088] CPU: 1 UID: 0 PID: 12088 Comm: syz.3.1083 Tainted: G U syzkaller #0 PREEMPT(full) [ 482.231717][T12088] Tainted: [U]=USER [ 482.231723][T12088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 482.231735][T12088] Call Trace: [ 482.231741][T12088] [ 482.231748][T12088] dump_stack_lvl+0x16c/0x1f0 [ 482.231774][T12088] should_fail_ex+0x512/0x640 [ 482.231807][T12088] _copy_from_user+0x2e/0xd0 [ 482.231835][T12088] copy_msghdr_from_user+0x98/0x160 [ 482.231855][T12088] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 482.231884][T12088] ___sys_sendmsg+0xfe/0x1d0 [ 482.231903][T12088] ? __pfx____sys_sendmsg+0x10/0x10 [ 482.231946][T12088] __sys_sendmsg+0x16d/0x220 [ 482.231964][T12088] ? __pfx___sys_sendmsg+0x10/0x10 [ 482.231996][T12088] do_syscall_64+0xcd/0xf80 [ 482.232020][T12088] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.232039][T12088] RIP: 0033:0x7f5937b8f7c9 [ 482.232054][T12088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.232072][T12088] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 482.232090][T12088] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 482.232101][T12088] RDX: 0000000004000040 RSI: 0000200000004100 RDI: 0000000000000003 [ 482.232112][T12088] RBP: 00007f5938988090 R08: 0000000000000000 R09: 0000000000000000 [ 482.232122][T12088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 482.232132][T12088] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 482.232154][T12088] [ 482.623068][T12094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1080'. [ 482.766139][T12099] FAULT_INJECTION: forcing a failure. [ 482.766139][T12099] name failslab, interval 1, probability 0, space 0, times 0 [ 482.827404][T12099] CPU: 1 UID: 0 PID: 12099 Comm: syz.1.1086 Tainted: G U syzkaller #0 PREEMPT(full) [ 482.827435][T12099] Tainted: [U]=USER [ 482.827441][T12099] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 482.827452][T12099] Call Trace: [ 482.827458][T12099] [ 482.827465][T12099] dump_stack_lvl+0x16c/0x1f0 [ 482.827493][T12099] should_fail_ex+0x512/0x640 [ 482.827521][T12099] ? fs_reclaim_acquire+0xae/0x150 [ 482.827566][T12099] should_failslab+0xc2/0x120 [ 482.827594][T12099] __kmalloc_noprof+0xeb/0x910 [ 482.827618][T12099] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 482.827645][T12099] ? tomoyo_realpath_from_path+0xc2/0x6e0 [ 482.827665][T12099] tomoyo_realpath_from_path+0xc2/0x6e0 [ 482.827688][T12099] ? tomoyo_profile+0x47/0x60 [ 482.827712][T12099] tomoyo_path_number_perm+0x245/0x580 [ 482.827740][T12099] ? tomoyo_path_number_perm+0x237/0x580 [ 482.827771][T12099] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 482.827802][T12099] ? find_held_lock+0x2b/0x80 [ 482.827853][T12099] ? find_held_lock+0x2b/0x80 [ 482.827876][T12099] ? hook_file_ioctl_common+0x144/0x410 [ 482.827897][T12099] ? __fget_files+0x20e/0x3c0 [ 482.827926][T12099] security_file_ioctl+0x9b/0x240 [ 482.827945][T12099] __x64_sys_ioctl+0xb7/0x210 [ 482.827968][T12099] do_syscall_64+0xcd/0xf80 [ 482.827992][T12099] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.828011][T12099] RIP: 0033:0x7f1cd138f7c9 [ 482.828025][T12099] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.828043][T12099] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 482.828061][T12099] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 482.828073][T12099] RDX: 0000000000000000 RSI: 0000000040046210 RDI: 0000000000000003 [ 482.828083][T12099] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 482.828094][T12099] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 482.828105][T12099] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 482.828127][T12099] [ 482.828135][T12099] ERROR: Out of memory at tomoyo_realpath_from_path. [ 483.606584][T12107] 0x000200000001-0xa29656a63616329 : "" [ 483.618653][T12107] mtd: partition "" is out of reach -- disabled [ 483.704600][T12107] ftl_cs: FTL header not found. [ 483.750884][T12099] binder: 12098:12099 ioctl 40046210 0 returned -14 [ 484.159552][T12122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1087'. [ 484.584939][T12137] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1088'. [ 484.873677][T12142] FAULT_INJECTION: forcing a failure. [ 484.873677][T12142] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 484.960525][T12142] CPU: 1 UID: 0 PID: 12142 Comm: syz.1.1094 Tainted: G U syzkaller #0 PREEMPT(full) [ 484.960563][T12142] Tainted: [U]=USER [ 484.960570][T12142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 484.960580][T12142] Call Trace: [ 484.960586][T12142] [ 484.960593][T12142] dump_stack_lvl+0x16c/0x1f0 [ 484.960620][T12142] should_fail_ex+0x512/0x640 [ 484.960652][T12142] _copy_from_user+0x2e/0xd0 [ 484.960681][T12142] move_addr_to_kernel+0x65/0x170 [ 484.960708][T12142] __sys_sendto+0x1be/0x520 [ 484.960737][T12142] ? __pfx___sys_sendto+0x10/0x10 [ 484.960782][T12142] ? ksys_write+0x1ac/0x250 [ 484.960807][T12142] ? __pfx_ksys_write+0x10/0x10 [ 484.960835][T12142] __x64_sys_sendto+0xe0/0x1c0 [ 484.960863][T12142] ? do_syscall_64+0x91/0xf80 [ 484.960884][T12142] ? lockdep_hardirqs_on+0x7c/0x110 [ 484.960906][T12142] do_syscall_64+0xcd/0xf80 [ 484.960929][T12142] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.960948][T12142] RIP: 0033:0x7f1cd138f7c9 [ 484.960963][T12142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.960981][T12142] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 484.960999][T12142] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 484.961010][T12142] RDX: 0000000006fffff9 RSI: 0000000000000000 RDI: 0000000000000003 [ 484.961021][T12142] RBP: 00007f1cd22eb090 R08: 0000200000000440 R09: 0000000000000036 [ 484.961032][T12142] R10: 00000000fffffff8 R11: 0000000000000246 R12: 0000000000000001 [ 484.961042][T12142] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 484.961064][T12142] [ 485.276751][T12148] FAULT_INJECTION: forcing a failure. [ 485.276751][T12148] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 485.289951][T12148] CPU: 1 UID: 0 PID: 12148 Comm: syz.3.1098 Tainted: G U syzkaller #0 PREEMPT(full) [ 485.289981][T12148] Tainted: [U]=USER [ 485.289986][T12148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 485.289997][T12148] Call Trace: [ 485.290003][T12148] [ 485.290010][T12148] dump_stack_lvl+0x16c/0x1f0 [ 485.290037][T12148] should_fail_ex+0x512/0x640 [ 485.290068][T12148] _copy_from_user+0x2e/0xd0 [ 485.290097][T12148] copy_msghdr_from_user+0x98/0x160 [ 485.290117][T12148] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 485.290139][T12148] ? __pfx__kstrtoull+0x10/0x10 [ 485.290163][T12148] ___sys_sendmsg+0xfe/0x1d0 [ 485.290182][T12148] ? __pfx____sys_sendmsg+0x10/0x10 [ 485.290210][T12148] ? find_held_lock+0x2b/0x80 [ 485.290246][T12148] __sys_sendmmsg+0x200/0x420 [ 485.290267][T12148] ? __pfx___sys_sendmmsg+0x10/0x10 [ 485.290292][T12148] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 485.290325][T12148] ? fput+0x70/0xf0 [ 485.290342][T12148] ? ksys_write+0x1ac/0x250 [ 485.290367][T12148] ? __pfx_ksys_write+0x10/0x10 [ 485.290396][T12148] __x64_sys_sendmmsg+0x9c/0x100 [ 485.290414][T12148] ? lockdep_hardirqs_on+0x7c/0x110 [ 485.290436][T12148] do_syscall_64+0xcd/0xf80 [ 485.290459][T12148] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 485.290477][T12148] RIP: 0033:0x7f5937b8f7c9 [ 485.290493][T12148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 485.290510][T12148] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 485.290528][T12148] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 485.290540][T12148] RDX: 0000000000000003 RSI: 0000200000000080 RDI: 0000000000000003 [ 485.290551][T12148] RBP: 00007f5938988090 R08: 0000000000000000 R09: 0000000000000000 [ 485.290561][T12148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 485.290572][T12148] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 485.290601][T12148] [ 485.740925][T12150] vhci_hcd vhci_hcd.2: invalid port number 16 [ 485.747026][T12150] vhci_hcd vhci_hcd.2: invalid port number 16 [ 486.905608][ T5841] Bluetooth: hci1: unexpected event 0x3e length: 728 > 260 [ 486.905638][ T5841] Bluetooth: hci1: unexpected subevent 0x0c length: 727 > 5 [ 487.449672][ T5841] Bluetooth: hci0: unexpected event 0x3e length: 728 > 260 [ 487.449704][ T5841] Bluetooth: hci0: unexpected subevent 0x0c length: 727 > 5 [ 488.814363][T12221] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1106'. [ 489.984593][T12238] netlink: 'syz.3.1115': attribute type 15 has an invalid length. [ 490.010956][T12238] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1115'. [ 491.269384][T12280] FAULT_INJECTION: forcing a failure. [ 491.269384][T12280] name failslab, interval 1, probability 0, space 0, times 0 [ 491.321207][T12280] CPU: 1 UID: 0 PID: 12280 Comm: syz.3.1123 Tainted: G U syzkaller #0 PREEMPT(full) [ 491.321238][T12280] Tainted: [U]=USER [ 491.321244][T12280] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 491.321254][T12280] Call Trace: [ 491.321260][T12280] [ 491.321269][T12280] dump_stack_lvl+0x16c/0x1f0 [ 491.321296][T12280] should_fail_ex+0x512/0x640 [ 491.321325][T12280] ? __kmalloc_noprof+0xca/0x910 [ 491.321347][T12280] should_failslab+0xc2/0x120 [ 491.321374][T12280] __kmalloc_noprof+0xeb/0x910 [ 491.321393][T12280] ? __pfx_aa_file_perm+0x10/0x10 [ 491.321413][T12280] ? kernfs_fop_write_iter+0x237/0x570 [ 491.321444][T12280] ? kernfs_fop_write_iter+0x237/0x570 [ 491.321470][T12280] ? __lock_acquire+0x436/0x2890 [ 491.321486][T12280] kernfs_fop_write_iter+0x237/0x570 [ 491.321525][T12280] do_iter_readv_writev+0x662/0x9e0 [ 491.321551][T12280] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 491.321586][T12280] vfs_writev+0x35f/0xde0 [ 491.321609][T12280] ? rcu_is_watching+0x12/0xc0 [ 491.321639][T12280] ? __pfx_vfs_writev+0x10/0x10 [ 491.321662][T12280] ? fdget_pos+0x2a2/0x370 [ 491.321703][T12280] ? __fget_files+0x20e/0x3c0 [ 491.321727][T12280] ? __fget_files+0x170/0x3c0 [ 491.321757][T12280] ? do_writev+0x132/0x340 [ 491.321778][T12280] do_writev+0x132/0x340 [ 491.321802][T12280] ? __pfx_do_writev+0x10/0x10 [ 491.321832][T12280] do_syscall_64+0xcd/0xf80 [ 491.321856][T12280] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 491.321874][T12280] RIP: 0033:0x7f5937b8f7c9 [ 491.321889][T12280] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 491.321912][T12280] RSP: 002b:00007f5938988038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 491.321930][T12280] RAX: ffffffffffffffda RBX: 00007f5937de5fa0 RCX: 00007f5937b8f7c9 [ 491.321942][T12280] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 491.321953][T12280] RBP: 00007f5938988090 R08: 0000000000000000 R09: 0000000000000000 [ 491.321964][T12280] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 491.321974][T12280] R13: 00007f5937de6038 R14: 00007f5937de5fa0 R15: 00007ffdf0090618 [ 491.321997][T12280] [ 492.077788][T12277] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR [ 493.231711][T12308] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1121'. [ 493.743980][T12322] FAULT_INJECTION: forcing a failure. [ 493.743980][T12322] name failslab, interval 1, probability 0, space 0, times 0 [ 493.852297][T12322] CPU: 1 UID: 0 PID: 12322 Comm: syz.0.1131 Tainted: G U syzkaller #0 PREEMPT(full) [ 493.852327][T12322] Tainted: [U]=USER [ 493.852333][T12322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 493.852344][T12322] Call Trace: [ 493.852349][T12322] [ 493.852356][T12322] dump_stack_lvl+0x16c/0x1f0 [ 493.852384][T12322] should_fail_ex+0x512/0x640 [ 493.852412][T12322] ? fs_reclaim_acquire+0xae/0x150 [ 493.852442][T12322] should_failslab+0xc2/0x120 [ 493.852469][T12322] kmem_cache_alloc_noprof+0x83/0x770 [ 493.852491][T12322] ? ima_inode_get+0x11f/0x580 [ 493.852520][T12322] ? ima_inode_get+0x11f/0x580 [ 493.852542][T12322] ima_inode_get+0x11f/0x580 [ 493.852577][T12322] process_measurement+0x56d/0x22d0 [ 493.852605][T12322] ? __lock_acquire+0x436/0x2890 [ 493.852624][T12322] ? __pfx_process_measurement+0x10/0x10 [ 493.852657][T12322] ? find_held_lock+0x2b/0x80 [ 493.852680][T12322] ? aa_file_perm+0x29e/0x1560 [ 493.852720][T12322] ? get_pid_task+0x106/0x250 [ 493.852740][T12322] ima_file_mmap+0x1b6/0x1e0 [ 493.852764][T12322] ? __pfx_ima_file_mmap+0x10/0x10 [ 493.852794][T12322] security_mmap_file+0x88c/0x990 [ 493.852815][T12322] vm_mmap_pgoff+0xec/0x470 [ 493.852843][T12322] ? find_held_lock+0x2b/0x80 [ 493.852865][T12322] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 493.852894][T12322] ? __fget_files+0x20e/0x3c0 [ 493.852924][T12322] ksys_mmap_pgoff+0x32c/0x5c0 [ 493.852950][T12322] ? __pfx_ksys_write+0x10/0x10 [ 493.852979][T12322] __x64_sys_mmap+0x125/0x190 [ 493.853000][T12322] do_syscall_64+0xcd/0xf80 [ 493.853024][T12322] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.853042][T12322] RIP: 0033:0x7fe23598f7c9 [ 493.853058][T12322] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.853076][T12322] RSP: 002b:00007fe233bb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 493.853094][T12322] RAX: ffffffffffffffda RBX: 00007fe235be6270 RCX: 00007fe23598f7c9 [ 493.853106][T12322] RDX: 0000000000000fd5 RSI: 0000000000000006 RDI: 0000000000000f22 [ 493.853117][T12322] RBP: 00007fe233bb4090 R08: 0000000000000003 R09: 0000000000000000 [ 493.853128][T12322] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001 [ 493.853138][T12322] R13: 00007fe235be6308 R14: 00007fe235be6270 R15: 00007ffd51a5efe8 [ 493.853161][T12322] [ 494.693852][ T30] audit: type=1800 audit(1765471567.226:2): pid=12334 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1134" name="dbroot" dev="configfs" ino=45141 res=0 errno=0 [ 494.736938][T12334] netlink: 334 bytes leftover after parsing attributes in process `syz.3.1134'. [ 495.129507][T12342] FAULT_INJECTION: forcing a failure. [ 495.129507][T12342] name failslab, interval 1, probability 0, space 0, times 0 [ 495.189201][T12342] CPU: 1 UID: 0 PID: 12342 Comm: syz.0.1135 Tainted: G U syzkaller #0 PREEMPT(full) [ 495.189232][T12342] Tainted: [U]=USER [ 495.189238][T12342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 495.189248][T12342] Call Trace: [ 495.189254][T12342] [ 495.189261][T12342] dump_stack_lvl+0x16c/0x1f0 [ 495.189288][T12342] should_fail_ex+0x512/0x640 [ 495.189316][T12342] ? __kmalloc_noprof+0xca/0x910 [ 495.189337][T12342] should_failslab+0xc2/0x120 [ 495.189366][T12342] __kmalloc_noprof+0xeb/0x910 [ 495.189384][T12342] ? __pfx_aa_file_perm+0x10/0x10 [ 495.189405][T12342] ? kernfs_fop_write_iter+0x237/0x570 [ 495.189440][T12342] ? kernfs_fop_write_iter+0x237/0x570 [ 495.189466][T12342] ? __lock_acquire+0x436/0x2890 [ 495.189481][T12342] kernfs_fop_write_iter+0x237/0x570 [ 495.189511][T12342] do_iter_readv_writev+0x662/0x9e0 [ 495.189538][T12342] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 495.189572][T12342] vfs_writev+0x35f/0xde0 [ 495.189596][T12342] ? rcu_is_watching+0x12/0xc0 [ 495.189626][T12342] ? __pfx_vfs_writev+0x10/0x10 [ 495.189648][T12342] ? fdget_pos+0x2a2/0x370 [ 495.189691][T12342] ? __fget_files+0x20e/0x3c0 [ 495.189714][T12342] ? __fget_files+0x170/0x3c0 [ 495.189744][T12342] ? do_writev+0x132/0x340 [ 495.189766][T12342] do_writev+0x132/0x340 [ 495.189789][T12342] ? __pfx_do_writev+0x10/0x10 [ 495.189825][T12342] do_syscall_64+0xcd/0xf80 [ 495.189850][T12342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.189868][T12342] RIP: 0033:0x7fe23598f7c9 [ 495.189884][T12342] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 495.189902][T12342] RSP: 002b:00007fe236755038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 495.189920][T12342] RAX: ffffffffffffffda RBX: 00007fe235be5fa0 RCX: 00007fe23598f7c9 [ 495.189932][T12342] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 495.189942][T12342] RBP: 00007fe236755090 R08: 0000000000000000 R09: 0000000000000000 [ 495.189953][T12342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 495.189963][T12342] R13: 00007fe235be6038 R14: 00007fe235be5fa0 R15: 00007ffd51a5efe8 [ 495.189987][T12342] [ 495.927911][T12354] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1138'. [ 498.237491][T12384] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1149'. [ 500.605131][T12421] netlink: 'syz.0.1158': attribute type 4 has an invalid length. [ 500.650340][T12421] netlink: 314 bytes leftover after parsing attributes in process `syz.0.1158'. [ 501.097018][T12437] FAULT_INJECTION: forcing a failure. [ 501.097018][T12437] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 501.146631][T12437] CPU: 1 UID: 0 PID: 12437 Comm: syz.2.1152 Tainted: G U syzkaller #0 PREEMPT(full) [ 501.146663][T12437] Tainted: [U]=USER [ 501.146669][T12437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 501.146679][T12437] Call Trace: [ 501.146686][T12437] [ 501.146693][T12437] dump_stack_lvl+0x16c/0x1f0 [ 501.146721][T12437] should_fail_ex+0x512/0x640 [ 501.146753][T12437] _copy_from_user+0x2e/0xd0 [ 501.146787][T12437] core_sys_select+0x35b/0xc20 [ 501.146818][T12437] ? __pfx_core_sys_select+0x10/0x10 [ 501.146847][T12437] ? proc_fail_nth_write+0x9f/0x220 [ 501.146881][T12437] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 501.146910][T12437] kern_select+0x15d/0x1e0 [ 501.146935][T12437] ? __pfx_kern_select+0x10/0x10 [ 501.146962][T12437] ? __pfx_ksys_write+0x10/0x10 [ 501.146990][T12437] __x64_sys_select+0xbd/0x160 [ 501.147014][T12437] ? do_syscall_64+0x91/0xf80 [ 501.147038][T12437] ? lockdep_hardirqs_on+0x7c/0x110 [ 501.147060][T12437] do_syscall_64+0xcd/0xf80 [ 501.147083][T12437] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 501.147102][T12437] RIP: 0033:0x7f7f4258f7c9 [ 501.147116][T12437] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 501.147139][T12437] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 501.147157][T12437] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 501.147168][T12437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e [ 501.147179][T12437] RBP: 00007f7f4346d090 R08: 0000000000000000 R09: 0000000000000000 [ 501.147190][T12437] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001 [ 501.147200][T12437] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 501.147223][T12437] [ 502.295724][T12449] netlink: 'syz.2.1155': attribute type 15 has an invalid length. [ 502.340606][T12449] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1155'. [ 502.948122][T12457] openvswitch: netlink: Key type 34 is out of range max 32 [ 503.731565][T12478] FAULT_INJECTION: forcing a failure. [ 503.731565][T12478] name failslab, interval 1, probability 0, space 0, times 0 [ 503.769782][T12478] CPU: 1 UID: 0 PID: 12478 Comm: syz.1.1164 Tainted: G U syzkaller #0 PREEMPT(full) [ 503.769813][T12478] Tainted: [U]=USER [ 503.769819][T12478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 503.769830][T12478] Call Trace: [ 503.769836][T12478] [ 503.769843][T12478] dump_stack_lvl+0x16c/0x1f0 [ 503.769869][T12478] should_fail_ex+0x512/0x640 [ 503.769899][T12478] ? __kmalloc_noprof+0xca/0x910 [ 503.769920][T12478] should_failslab+0xc2/0x120 [ 503.769948][T12478] __kmalloc_noprof+0xeb/0x910 [ 503.769967][T12478] ? __pfx_aa_file_perm+0x10/0x10 [ 503.769987][T12478] ? kernfs_fop_write_iter+0x237/0x570 [ 503.770018][T12478] ? kernfs_fop_write_iter+0x237/0x570 [ 503.770043][T12478] ? __lock_acquire+0x436/0x2890 [ 503.770059][T12478] kernfs_fop_write_iter+0x237/0x570 [ 503.770088][T12478] do_iter_readv_writev+0x662/0x9e0 [ 503.770115][T12478] ? __pfx_do_iter_readv_writev+0x10/0x10 [ 503.770149][T12478] vfs_writev+0x35f/0xde0 [ 503.770172][T12478] ? rcu_is_watching+0x12/0xc0 [ 503.770202][T12478] ? __pfx_vfs_writev+0x10/0x10 [ 503.770225][T12478] ? fdget_pos+0x2a2/0x370 [ 503.770266][T12478] ? __fget_files+0x20e/0x3c0 [ 503.770290][T12478] ? __fget_files+0x170/0x3c0 [ 503.770320][T12478] ? do_writev+0x132/0x340 [ 503.770341][T12478] do_writev+0x132/0x340 [ 503.770365][T12478] ? __pfx_do_writev+0x10/0x10 [ 503.770394][T12478] do_syscall_64+0xcd/0xf80 [ 503.770419][T12478] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 503.770437][T12478] RIP: 0033:0x7f1cd138f7c9 [ 503.770452][T12478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 503.770469][T12478] RSP: 002b:00007f1cd22eb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 503.770487][T12478] RAX: ffffffffffffffda RBX: 00007f1cd15e5fa0 RCX: 00007f1cd138f7c9 [ 503.770499][T12478] RDX: 0000000000000008 RSI: 0000200000000100 RDI: 0000000000000003 [ 503.770510][T12478] RBP: 00007f1cd22eb090 R08: 0000000000000000 R09: 0000000000000000 [ 503.770520][T12478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 503.770530][T12478] R13: 00007f1cd15e6038 R14: 00007f1cd15e5fa0 R15: 00007fff1660a488 [ 503.770559][T12478] [ 504.207567][T12468] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1160'. [ 504.383613][ T5841] Bluetooth: hci3: unexpected event 0x3e length: 728 > 260 [ 504.383642][ T5841] Bluetooth: hci3: unexpected subevent 0x0c length: 727 > 5 [ 504.759295][T12489] FAULT_INJECTION: forcing a failure. [ 504.759295][T12489] name failslab, interval 1, probability 0, space 0, times 0 [ 504.792583][T12491] netlink: 'syz.1.1167': attribute type 15 has an invalid length. [ 504.829629][T12489] CPU: 1 UID: 0 PID: 12489 Comm: syz.2.1175 Tainted: G U syzkaller #0 PREEMPT(full) [ 504.829662][T12489] Tainted: [U]=USER [ 504.829668][T12489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 504.829679][T12489] Call Trace: [ 504.829685][T12489] [ 504.829693][T12489] dump_stack_lvl+0x16c/0x1f0 [ 504.829722][T12489] should_fail_ex+0x512/0x640 [ 504.829751][T12489] ? fs_reclaim_acquire+0xae/0x150 [ 504.829782][T12489] should_failslab+0xc2/0x120 [ 504.829810][T12489] kmem_cache_alloc_noprof+0x83/0x770 [ 504.829831][T12489] ? __pfx_map_id_range_down+0x10/0x10 [ 504.829858][T12489] ? security_inode_alloc+0x3b/0x2b0 [ 504.829899][T12489] ? security_inode_alloc+0x3b/0x2b0 [ 504.829925][T12489] security_inode_alloc+0x3b/0x2b0 [ 504.829954][T12489] inode_init_always_gfp+0xced/0x1040 [ 504.829986][T12489] alloc_inode+0x86/0x240 [ 504.830006][T12489] sock_alloc+0x40/0x280 [ 504.830028][T12489] sock_create_lite+0x82/0x120 [ 504.830057][T12489] __netlink_kernel_create+0xbd/0x750 [ 504.830080][T12489] ? __pfx___netlink_kernel_create+0x10/0x10 [ 504.830110][T12489] uevent_net_init+0xf8/0x350 [ 504.830136][T12489] ? __pfx_uevent_net_init+0x10/0x10 [ 504.830163][T12489] ? rcu_is_watching+0x12/0xc0 [ 504.830189][T12489] ? __pfx_uevent_net_rcv+0x10/0x10 [ 504.830217][T12489] ? ops_init+0x77/0x5f0 [ 504.830239][T12489] ? __pfx_uevent_net_init+0x10/0x10 [ 504.830265][T12489] ops_init+0x1e2/0x5f0 [ 504.830286][T12489] setup_net+0x11d/0x3a0 [ 504.830307][T12489] ? __pfx_setup_net+0x10/0x10 [ 504.830325][T12489] ? lockdep_init_map_type+0x5c/0x270 [ 504.830344][T12489] ? mutex_init_lockep+0x110/0x150 [ 504.830365][T12489] copy_net_ns+0x351/0x7c0 [ 504.830389][T12489] create_new_namespaces+0x3ea/0xab0 [ 504.830420][T12489] unshare_nsproxy_namespaces+0xc0/0x1f0 [ 504.830446][T12489] ksys_unshare+0x45b/0xa40 [ 504.830489][T12489] ? __pfx_ksys_unshare+0x10/0x10 [ 504.830520][T12489] ? xfd_validate_state+0x61/0x180 [ 504.830544][T12489] __x64_sys_unshare+0x31/0x40 [ 504.830560][T12489] do_syscall_64+0xcd/0xf80 [ 504.830584][T12489] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 504.830604][T12489] RIP: 0033:0x7f7f4258f7c9 [ 504.830619][T12489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 504.830637][T12489] RSP: 002b:00007f7f4346d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 504.830655][T12489] RAX: ffffffffffffffda RBX: 00007f7f427e5fa0 RCX: 00007f7f4258f7c9 [ 504.830667][T12489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 504.830678][T12489] RBP: 00007f7f42613f91 R08: 0000000000000000 R09: 0000000000000000 [ 504.830689][T12489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 504.830700][T12489] R13: 00007f7f427e6038 R14: 00007f7f427e5fa0 R15: 00007ffe49dbd168 [ 504.830723][T12489] [ 504.831895][T12491] netlink: 186 bytes leftover after parsing attributes in process `syz.1.1167'. [ 505.133692][T12489] kobject_uevent: unable to create netlink socket! [ 506.283615][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.293588][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.719193][T12509] ubi0: attaching mtd0 [ 506.749980][T12509] ubi0: scanning is finished [ 506.887276][T12509] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 506.887298][T12509] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 506.887320][T12509] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 506.887332][T12509] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 506.887346][T12509] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 506.887359][T12509] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 506.887372][T12509] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3299379665 [ 506.887386][T12509] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 506.887415][T12513] ubi0: background thread "ubi_bgt0d" started, PID 12513 [ 506.887456][T12512] ubi0: detaching mtd0 [ 506.937702][T12512] ubi0: mtd0 is detached [ 509.500378][ T5841] Bluetooth: hci0: unexpected event 0x3e length: 728 > 260 [ 509.500408][ T5841] Bluetooth: hci0: unexpected subevent 0x0c length: 727 > 5 [ 510.554684][ T30] audit: type=1800 audit(1765471583.080:3): pid=12554 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1181" name="dbroot" dev="configfs" ino=46279 res=0 errno=0 [ 510.605776][T12554] netlink: 334 bytes leftover after parsing attributes in process `syz.1.1181'. [ 510.753276][T12547] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1180'. [ 511.929351][ T5841] Bluetooth: hci0: unexpected event 0x3e length: 728 > 260 [ 511.929381][ T5841] Bluetooth: hci0: unexpected subevent 0x0c length: 727 > 5 [ 513.221377][T12582] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1184'. [ 514.699793][T12620] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 514.707634][T12620] #PF: supervisor instruction fetch in kernel mode [ 514.714129][T12620] #PF: error_code(0x0010) - not-present page [ 514.720121][T12620] PGD 800000005b720067 P4D 800000005b720067 PUD 0 [ 514.726634][T12620] Oops: Oops: 0010 [#1] SMP KASAN PTI [ 514.732092][T12620] CPU: 1 UID: 0 PID: 12620 Comm: syz.0.1191 Tainted: G U syzkaller #0 PREEMPT(full) [ 514.743024][T12620] Tainted: [U]=USER [ 514.746874][T12620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 514.757012][T12620] RIP: 0010:0x0 [ 514.760483][T12620] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 514.767942][T12620] RSP: 0018:ffffc90004dbf988 EFLAGS: 00010287 [ 514.774020][T12620] RAX: 00000000000008e7 RBX: 0000000000000000 RCX: ffffc9000d6ab000 [ 514.782000][T12620] RDX: 0000000000080000 RSI: ffffea0002206140 RDI: ffff888039545180 [ 514.790079][T12620] RBP: ffffea0002206140 R08: 0000000000000007 R09: 0000000000000000 [ 514.798061][T12620] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920009b7f32 [ 514.806127][T12620] R13: ffff888039545180 R14: 0000000000000000 R15: dffffc0000000000 [ 514.814210][T12620] FS: 00007fe233bf66c0(0000) GS:ffff888124a02000(0000) knlGS:0000000000000000 [ 514.823214][T12620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 514.829800][T12620] CR2: ffffffffffffffd6 CR3: 0000000080f90000 CR4: 00000000003526f0 [ 514.837779][T12620] Call Trace: [ 514.841057][T12620] [ 514.843991][T12620] filemap_read_folio+0xc8/0x2a0 [ 514.848930][T12620] ? __pfx_filemap_read_folio+0x10/0x10 [ 514.854588][T12620] do_read_cache_folio+0x266/0x5c0 [ 514.859716][T12620] freader_get_folio+0x33a/0x930 [ 514.864664][T12620] freader_fetch+0xbd/0x740 [ 514.869249][T12620] ? __asan_memset+0x23/0x50 [ 514.873847][T12620] __build_id_parse.isra.0+0xdd/0x6c0 [ 514.879239][T12620] ? query_matching_vma+0x48e/0x7d0 [ 514.884765][T12620] ? __pfx___build_id_parse.isra.0+0x10/0x10 [ 514.890841][T12620] do_procmap_query+0xb0e/0x1080 [ 514.895800][T12620] ? __pfx_do_procmap_query+0x10/0x10 [ 514.901185][T12620] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 514.907097][T12620] ? do_vfs_ioctl+0x128/0x14f0 [ 514.911869][T12620] ? __fget_files+0x20e/0x3c0 [ 514.916560][T12620] procfs_procmap_ioctl+0x9d/0xe0 [ 514.921597][T12620] ? __pfx_procfs_procmap_ioctl+0x10/0x10 [ 514.927333][T12620] __x64_sys_ioctl+0x18e/0x210 [ 514.932113][T12620] do_syscall_64+0xcd/0xf80 [ 514.936721][T12620] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.942720][T12620] RIP: 0033:0x7fe23598f7c9 [ 514.947152][T12620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 514.966844][T12620] RSP: 002b:00007fe233bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 514.975540][T12620] RAX: ffffffffffffffda RBX: 00007fe235be6090 RCX: 00007fe23598f7c9 [ 514.983573][T12620] RDX: 0000200000000080 RSI: 00000000c0686611 RDI: 0000000000000005 [ 514.991622][T12620] RBP: 00007fe235a13f91 R08: 0000000000000000 R09: 0000000000000000 [ 514.999603][T12620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 515.007667][T12620] R13: 00007fe235be6128 R14: 00007fe235be6090 R15: 00007ffd51a5efe8 [ 515.015642][T12620] [ 515.018746][T12620] Modules linked in: [ 515.022638][T12620] CR2: 0000000000000000 [ 515.026781][T12620] ---[ end trace 0000000000000000 ]--- [ 515.032229][T12620] RIP: 0010:0x0 [ 515.035692][T12620] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 515.043073][T12620] RSP: 0018:ffffc90004dbf988 EFLAGS: 00010287 [ 515.049142][T12620] RAX: 00000000000008e7 RBX: 0000000000000000 RCX: ffffc9000d6ab000 [ 515.057110][T12620] RDX: 0000000000080000 RSI: ffffea0002206140 RDI: ffff888039545180 [ 515.065089][T12620] RBP: ffffea0002206140 R08: 0000000000000007 R09: 0000000000000000 [ 515.073411][T12620] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff920009b7f32 [ 515.081377][T12620] R13: ffff888039545180 R14: 0000000000000000 R15: dffffc0000000000 [ 515.089444][T12620] FS: 00007fe233bf66c0(0000) GS:ffff888124a02000(0000) knlGS:0000000000000000 [ 515.098397][T12620] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 515.104987][T12620] CR2: ffffffffffffffd6 CR3: 0000000080f90000 CR4: 00000000003526f0 [ 515.112970][T12620] Kernel panic - not syncing: Fatal exception [ 515.119095][T12620] Kernel Offset: disabled [ 515.123429][T12620] Rebooting in 86400 seconds..