last executing test programs: 1.166137995s ago: executing program 0 (id=195): socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 1.140223051s ago: executing program 4 (id=199): sched_rr_get_interval(0x0, &(0x7f0000000000)) 1.120223862s ago: executing program 2 (id=200): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/context', 0x2, 0x0) 1.062291399s ago: executing program 0 (id=201): socket$packet(0x11, 0x2, 0x300) 1.021318408s ago: executing program 2 (id=204): syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) 1.018612791s ago: executing program 4 (id=205): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/urandom', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/urandom', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/urandom', 0x800, 0x0) 950.391031ms ago: executing program 1 (id=206): mq_timedsend(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) 950.202517ms ago: executing program 0 (id=207): socket$nl_audit(0x10, 0x3, 0x9) 922.563964ms ago: executing program 2 (id=209): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video37', 0x2, 0x0) 862.30087ms ago: executing program 4 (id=210): chdir(&(0x7f0000000000)) 862.121794ms ago: executing program 1 (id=211): syz_open_dev$vivid(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$vivid(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$vivid(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$vivid(&(0x7f0000000100), 0x0, 0x800) 844.15876ms ago: executing program 0 (id=212): syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$vim2m(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$vim2m(&(0x7f0000000140), 0x1, 0x0) syz_open_dev$vim2m(&(0x7f0000000180), 0x1, 0x1) syz_open_dev$vim2m(&(0x7f00000001c0), 0x1, 0x2) syz_open_dev$vim2m(&(0x7f0000000200), 0x1, 0x800) syz_open_dev$vim2m(&(0x7f0000000240), 0x2, 0x0) syz_open_dev$vim2m(&(0x7f0000000280), 0x2, 0x1) syz_open_dev$vim2m(&(0x7f00000002c0), 0x2, 0x2) syz_open_dev$vim2m(&(0x7f0000000300), 0x2, 0x800) syz_open_dev$vim2m(&(0x7f0000000340), 0x3, 0x0) syz_open_dev$vim2m(&(0x7f0000000380), 0x3, 0x1) syz_open_dev$vim2m(&(0x7f00000003c0), 0x3, 0x2) syz_open_dev$vim2m(&(0x7f0000000400), 0x3, 0x800) syz_open_dev$vim2m(&(0x7f0000000440), 0x4, 0x0) syz_open_dev$vim2m(&(0x7f0000000480), 0x4, 0x1) syz_open_dev$vim2m(&(0x7f00000004c0), 0x4, 0x2) syz_open_dev$vim2m(&(0x7f0000000500), 0x4, 0x800) 818.597051ms ago: executing program 2 (id=213): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/capi/capi20', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20', 0x800, 0x0) 813.694622ms ago: executing program 3 (id=214): syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) 730.42526ms ago: executing program 4 (id=215): mkdir(&(0x7f0000000000), 0x0) 730.282688ms ago: executing program 1 (id=216): fsmount(0xffffffffffffffff, 0x0, 0x0) 700.841704ms ago: executing program 3 (id=217): openat(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/ksm/run', 0x1, 0x0) 693.250649ms ago: executing program 2 (id=218): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng', 0x800, 0x0) 626.227506ms ago: executing program 1 (id=219): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) 626.085599ms ago: executing program 4 (id=220): syz_open_dev$usbfs(&(0x7f0000000040), 0x0, 0x0) syz_open_dev$usbfs(&(0x7f0000000080), 0x0, 0x1) syz_open_dev$usbfs(&(0x7f00000000c0), 0x0, 0x2) syz_open_dev$usbfs(&(0x7f0000000100), 0x0, 0x800) syz_open_dev$usbfs(&(0x7f0000000140), 0xa, 0x0) syz_open_dev$usbfs(&(0x7f0000000180), 0xa, 0x1) syz_open_dev$usbfs(&(0x7f00000001c0), 0xa, 0x2) syz_open_dev$usbfs(&(0x7f0000000200), 0xa, 0x800) syz_open_dev$usbfs(&(0x7f0000000240), 0x14, 0x0) syz_open_dev$usbfs(&(0x7f0000000280), 0x14, 0x1) syz_open_dev$usbfs(&(0x7f00000002c0), 0x14, 0x2) syz_open_dev$usbfs(&(0x7f0000000300), 0x14, 0x800) syz_open_dev$usbfs(&(0x7f0000000340), 0x1e, 0x0) syz_open_dev$usbfs(&(0x7f0000000380), 0x1e, 0x1) syz_open_dev$usbfs(&(0x7f00000003c0), 0x1e, 0x2) syz_open_dev$usbfs(&(0x7f0000000400), 0x1e, 0x800) syz_open_dev$usbfs(&(0x7f0000000440), 0x28, 0x0) syz_open_dev$usbfs(&(0x7f0000000480), 0x28, 0x1) syz_open_dev$usbfs(&(0x7f00000004c0), 0x28, 0x2) syz_open_dev$usbfs(&(0x7f0000000500), 0x28, 0x800) 625.909642ms ago: executing program 0 (id=221): setgid(0x0) 578.867237ms ago: executing program 2 (id=222): syz_init_net_socket$rose(0xb, 0x5, 0x0) 576.301342ms ago: executing program 3 (id=223): openat(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/validatetrans', 0x1, 0x0) 506.442577ms ago: executing program 1 (id=224): pwrite64(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) 506.236541ms ago: executing program 0 (id=225): io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0) 506.079917ms ago: executing program 4 (id=226): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/msm', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/msm', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/msm', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/msm', 0x800, 0x0) 473.85355ms ago: executing program 1 (id=227): sched_setaffinity(0x0, 0x0, &(0x7f0000000000)) 467.736134ms ago: executing program 3 (id=228): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_rmem', 0x1, 0x0) 132.554136ms ago: executing program 3 (id=233): openat(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nmem0', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nmem0', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/nmem0', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/dev/nmem0', 0x800, 0x0) 0s ago: executing program 3 (id=234): openat(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey', 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey', 0x1, 0x0) openat(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey', 0x2, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/net/pfkey', 0x800, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.10.19' (ED25519) to the list of known hosts. [ 171.080686][ T5768] cgroup: Unknown subsys name 'net' [ 171.211605][ T5768] cgroup: Unknown subsys name 'cpuset' [ 171.225504][ T5768] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 216.339945][ T5768] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 223.193249][ T5929] mmap: syz.2.133 (5929) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 224.384331][ T1278] ieee802154 phy0 wpan0: encryption failed: -22 [ 224.391000][ T1278] ieee802154 phy1 wpan1: encryption failed: -22 [ 226.466527][ T6032] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 226.577256][ T6039] slab kmalloc-192 start ffff888130260f00 pointer offset 8 size 192 [ 226.586072][ T6039] list_add corruption. prev->next should be next (ffff888100384660), but was ffff888130203c00. (prev=ffff888130260f08). [ 226.600786][ T6039] ------------[ cut here ]------------ [ 226.606576][ T6039] kernel BUG at lib/list_debug.c:34! [ 226.612185][ T6039] Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI [ 226.618860][ T6039] CPU: 1 UID: 0 PID: 6039 Comm: syz-executor Not tainted 6.13.0-syzkaller-09030-g6d61a53dd6f5 #0 [ 226.629613][ T6039] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024 [ 226.639890][ T6039] RIP: 0010:__list_add_valid_or_report+0x297/0x2a0 [ 226.646709][ T6039] Code: c7 80 20 03 00 00 00 00 00 00 4d 85 db 74 05 e8 af 45 51 01 48 c7 c7 4c 2a 39 91 4c 89 f6 4c 89 fa 4c 89 e9 e8 8a 8f fc ff 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 226.666651][ T6039] RSP: 0018:ffff88812d167738 EFLAGS: 00010282 [ 226.672961][ T6039] RAX: 0000000000000075 RBX: 0000000000000000 RCX: 0000000000000000 [ 226.681119][ T6039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 226.689273][ T6039] RBP: ffff88812d1677a8 R08: ffffffff81a6e036 R09: 0000000000000000 [ 226.697454][ T6039] R10: ffff88812c967398 R11: 0000000000000004 R12: ffff8881302c6f48 [ 226.705625][ T6039] R13: ffff888130260f08 R14: ffff888100384660 R15: ffff888130203c00 [ 226.713799][ T6039] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000580be440 [ 226.722940][ T6039] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 226.729710][ T6039] CR2: 00000000f72288c0 CR3: 0000000012cf0000 CR4: 00000000003526f0 [ 226.737879][ T6039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 226.746051][ T6039] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 226.754211][ T6039] Call Trace: [ 226.757699][ T6039] [ 226.760780][ T6039] ? show_trace_log_lvl+0x268/0x3d0 [ 226.766285][ T6039] ? kobject_add_internal+0xc1f/0x1900 [ 226.772005][ T6039] ? __die_body+0xce/0x1a0 [ 226.776694][ T6039] ? die+0x255/0x320 [ 226.780843][ T6039] ? do_trap+0x1d3/0x590 [ 226.785333][ T6039] ? kmsan_get_metadata+0x13e/0x1c0 [ 226.790806][ T6039] ? handle_invalid_op+0x190/0x230 [ 226.796163][ T6039] ? __list_add_valid_or_report+0x297/0x2a0 [ 226.802422][ T6039] ? __list_add_valid_or_report+0x297/0x2a0 [ 226.808582][ T6039] ? exc_invalid_op+0x37/0x50 [ 226.813481][ T6039] ? asm_exc_invalid_op+0x1f/0x30 [ 226.818757][ T6039] ? vprintk_emit+0xcf6/0xea0 [ 226.823667][ T6039] ? __list_add_valid_or_report+0x297/0x2a0 [ 226.829841][ T6039] ? __list_add_valid_or_report+0x296/0x2a0 [ 226.836001][ T6039] ? kobject_add_internal+0xbef/0x1900 [ 226.841712][ T6039] kobject_add_internal+0xc1f/0x1900 [ 226.847351][ T6039] kobject_init_and_add+0x348/0x4c0 [ 226.852818][ T6039] nfs_netns_sysfs_setup+0x1bc/0x440 [ 226.858628][ T6039] nfs_clients_init+0x244/0x390 [ 226.863712][ T6039] nfs_net_init+0x8a/0x150 [ 226.868359][ T6039] ? __pfx_nfs_net_init+0x10/0x10 [ 226.873626][ T6039] ops_init+0x462/0x7a0 [ 226.878058][ T6039] setup_net+0x305/0x12b0 [ 226.882639][ T6039] ? kmsan_internal_set_shadow_origin+0x69/0x100 [ 226.889231][ T6039] ? kmsan_internal_unpoison_memory+0x14/0x20 [ 226.895561][ T6039] copy_net_ns+0x4d4/0xaa0 [ 226.900417][ T6039] create_new_namespaces+0x717/0xdb0 [ 226.905962][ T6039] unshare_nsproxy_namespaces+0x17c/0x2b0 [ 226.911926][ T6039] ksys_unshare+0x939/0x1290 [ 226.916800][ T6039] __ia32_sys_unshare+0x47/0x70 [ 226.921919][ T6039] ia32_sys_call+0xccf/0x4180 [ 226.926856][ T6039] __do_fast_syscall_32+0xb0/0x110 [ 226.932191][ T6039] ? irqentry_exit+0x16/0x60 [ 226.937055][ T6039] do_fast_syscall_32+0x38/0x80 [ 226.942125][ T6039] do_SYSENTER_32+0x1f/0x30 [ 226.946852][ T6039] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 226.953464][ T6039] RIP: 0023:0xf744d579 [ 226.957729][ T6039] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 226.977583][ T6039] RSP: 002b:00000000ffa473dc EFLAGS: 00000206 ORIG_RAX: 0000000000000136 [ 226.986261][ T6039] RAX: ffffffffffffffda RBX: 0000000040000000 RCX: 00000000ffa46fb0 [ 226.994425][ T6039] RDX: 00000000f743cff4 RSI: 0000000000000000 RDI: 00000000ffa47484 [ 227.002584][ T6039] RBP: 00000000ffa47528 R08: 0000000000000000 R09: 0000000000000000 [ 227.010742][ T6039] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 227.018918][ T6039] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 227.027107][ T6039] [ 227.030296][ T6039] Modules linked in: [ 227.035050][ T6039] ---[ end trace 0000000000000000 ]--- [ 227.040709][ T6039] RIP: 0010:__list_add_valid_or_report+0x297/0x2a0 [ 227.047642][ T6039] Code: c7 80 20 03 00 00 00 00 00 00 4d 85 db 74 05 e8 af 45 51 01 48 c7 c7 4c 2a 39 91 4c 89 f6 4c 89 fa 4c 89 e9 e8 8a 8f fc ff 90 <0f> 0b 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 [ 227.067680][ T6039] RSP: 0018:ffff88812d167738 EFLAGS: 00010282 [ 227.074082][ T6039] RAX: 0000000000000075 RBX: 0000000000000000 RCX: 0000000000000000 [ 227.082332][ T6039] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 227.090481][ T6039] RBP: ffff88812d1677a8 R08: ffffffff81a6e036 R09: 0000000000000000 [ 227.098753][ T6039] R10: ffff88812c967398 R11: 0000000000000004 R12: ffff8881302c6f48 [ 227.107040][ T6039] R13: ffff888130260f08 R14: ffff888100384660 R15: ffff888130203c00 [ 227.115307][ T6039] FS: 0000000000000000(0000) GS:ffff88813fd00000(0063) knlGS:00000000580be440 [ 227.124834][ T6039] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 227.131676][ T6039] CR2: 00000000f72288c0 CR3: 0000000012cf0000 CR4: 00000000003526f0 [ 227.139839][ T6039] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 227.148136][ T6039] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 227.156634][ T6039] Kernel panic - not syncing: Fatal exception [ 227.163261][ T6039] Kernel Offset: disabled [ 227.167707][ T6039] Rebooting in 86400 seconds..