last executing test programs: 9.872689167s ago: executing program 2 (id=1568): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) r1 = open_by_handle_at$auto(r0, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) read$auto(r1, 0x0, 0x401) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, 0x0, 0x6a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) getsockopt$auto(r2, 0x84, 0x18, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0xe982, 0x198, 0x14, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) 9.426580405s ago: executing program 0 (id=1570): migrate_pages$auto(0x0, 0x800, &(0x7f0000000440)=0x9, &(0x7f0000000480)=0x8) socket(0x2b, 0x800, 0x2) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/tty0\x00', 0x0, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) r0 = memfd_create$auto(0x0, 0xe) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) mmap$auto(0xfffffffffffffffd, 0x810006, 0x1, 0x8000000008011, r1, 0xffff) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'vcan0\x00'}) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/tty46\x00', 0x103800, 0x0) ioctl$auto_TUNSETCARRIER(r0, 0x400454e2, &(0x7f0000000080)=0x6a) r2 = ioctl$auto_TUNGETIFF2(0xffffffffffffffff, 0x800454d2, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b75, r2, 0x8000) setsockopt$auto_SO_WIFI_STATUS(0xffffffffffffffff, 0x7, 0x29, 0x0, 0x9) write$auto(0x1, 0x0, 0x80000000) ppoll$auto(0x0, 0xd6, 0x0, 0x0, 0x8) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) 7.967913341s ago: executing program 2 (id=1573): mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/nullb0\x00', 0x14fa02, 0x0) getsockopt$auto(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0) mmap$auto(0x0, 0x810004, 0x400000000fff, 0x8000000008011, 0x3, 0x8000) r0 = socket(0xa, 0x3, 0x3a) close$auto(r0) io_uring_register$auto(r0, 0x8, 0x0, 0x0) write$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./bus\x00', 0x12ba7e, 0x45) open(&(0x7f00000000c0)='./cgroup\x00', 0xe6a9030037b8afae, 0x69) mkdir$auto(&(0x7f0000000040)='./cgroup\x00', 0x6) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='./cgroup/cgroup.type\x00', 0x103042, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0x2003ec, 0x14) 7.707926563s ago: executing program 0 (id=1575): openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/net/bond0/bonding/arp_validate\x00', 0x2002, 0x0) r0 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) ioctl$auto_IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, 0x0) sendfile$auto(0x3, 0x3, 0x0, 0x400000000006) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) fanotify_init$auto(0x5, 0x0) io_uring_setup$auto(0xf00, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80402, 0x0) r1 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0xa, 0x801, 0x84) r2 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) ioctl$auto_SNDRV_TIMER_IOCTL_STOP_OLD(0xffffffffffffffff, 0x5421, &(0x7f0000000200)="cd5ff6e06adac35ef682a181b07fa6613c089295e1d3745009368fcdd09f858c2a7c963a6ecdbd5b39a0797188b5c8e0dcedefcc1417b080") write$auto(r1, &(0x7f0000000400)='/dev/audio1\x00', 0x100000a3d9) select$auto(0xe, 0x0, 0x0, &(0x7f00000002c0)={[0x8000000000001fd, 0x20000000007, 0x1, 0xbc3, 0x0, 0x3, 0x5, 0x10001, 0x400000000003, 0x5, 0xffffffffffffffff, 0xfffffffffffffffe, 0x6, 0x9, 0xffffffffffffff81, 0x4]}, 0x0) select$auto(0xe, 0x0, 0x0, &(0x7f0000000180)={[0x1ff, 0x200, 0xd7e, 0x1, 0x948b, 0x3, 0x95b45a07, 0x8000000000000003, 0xe05, 0x8000000000008001, 0x80000001, 0x7, 0x6d3f, 0x9, 0x800, 0x4]}, 0x0) ioctl$auto_VHOST_SET_VRING_CALL2(r2, 0x4008af21, 0x0) sendmsg$auto_NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x40) write$auto(0xffffffffffffffff, 0x0, 0x847a) 5.257666127s ago: executing program 0 (id=1579): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000140)='/sys/devices/platform/vhci_hcd.9/usb27/27-0:1.0/usb27-port6/power/runtime_active_time\x00', 0x480302, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$auto(0x3, 0x2, r0) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) read$auto(r1, 0x0, 0x10001) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) writev$auto(r2, &(0x7f0000000240)={0x0, 0x7}, 0x2) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/class/zram-control/hot_add\x00', 0x0, 0x0) r3 = openat$auto_raw_fops_raw_gadget(0xffffffffffffff9c, &(0x7f0000002640), 0x0, 0x0) ioctl$auto_USB_RAW_IOCTL_INIT(r3, 0x41015500, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video2\x00', 0x0, 0x0) unshare$auto(0x40000080) openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/ieee80211/phy13/netdev:wlan0/state\x00', 0x200, 0x0) 5.257549593s ago: executing program 3 (id=1580): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x0) openat$auto_vga_arb_device_fops_vgaarb(0xffffffffffffff9c, 0x0, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0xffff}, 0x1) read$auto(0x3, 0x0, 0x7fffffff) r0 = open(&(0x7f0000000000)='./file0\x00', 0x165b42, 0xe1d2b27bdc14aa98) r1 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/rds/tcp/rds_tcp_sndbuf\x00', 0xa802, 0x0) sendfile$auto(r0, r1, 0x0, 0x3) close_range$auto(0x2, 0x8, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) r2 = openat$auto_nvram_misc_fops_nvram(0xffffffffffffff9c, &(0x7f0000003c00), 0x40402, 0x0) ioctl$auto_FIFREEZE(r2, 0xc0045878, 0x1) openat$auto_trace_options_core_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/tracing/options/raw\x00', 0x0, 0x0) readv$auto(0x3, &(0x7f0000000a80)={0x0, 0x8000ffff}, 0x3) 4.946172412s ago: executing program 3 (id=1581): mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) unshare$auto(0x40000080) r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC0\x00', 0x8a000, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_INFO(r0, 0xc1105511, &(0x7f0000000040)={{@raw=0x6, 0x7, 0x5, 0x4, "3c70d528a4a70ef32de672c630142efc2c9963564ed0a722ed226e7254dd431c9712cc3b67a2203555dc9710"}, 0x7, 0x6, 0x4, @raw=0x3, @enumerated={0x2, 0xd, "7e84e6c428a94d86f1da07124ae3fe2e694832d7218694764444d9dfa511d5246626da11e26b6b267e1a2cb6e1d41331d12d9e78470cd1d0b56d0cd2145340fc", 0x4040000000000, 0x7dd04bb4}, "71bc01bc5686085ca15f095a841b25d66c148f52a1ad31a489e59be291336905d64a8f7dbd9775e74d1ee3d57ca9b9ac2d9c4c00fb687b7327a575257b3c0deb"}) r1 = openat$auto_check_wx_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0) read$auto(r1, &(0x7f0000000440)='nl802\xd6&\x86\x9a\xf7\xbcz\xa2\xe6\xe9D!\x93?\xad2#\'j\xd6\xac\xb1\xc8\xcdD<\xce\xf1}\xff\xc9~\xa6\xff\xef\x95\x8b\xd0\x1d\xdb\xd3\xb0\xe2\t\x00\x00\x00\x95\xb1\a\x15\xcb3\x91\x9ea6\xbc\x9d\x89;\\oI\x01I(\x1b\xd3\x7f\b\xb4\x9f\xa6$Fd\xa5\xbb\x99v\fY\xed\x1f:k\xd7\x01\x00\x00\x005\xaa\xe2Tx\xf1%\xcf\x16\xff\\\x03\x19\xac;1a-b\x9a2Q$s\x802\xb2\xe3J<\xec\xa4\xfb9\x89\x80[\xee\xf6\x9an@\xa7\x18\xcc0\x16#e%p\b\xee\x9ck\x7f\x05Q\xa1{88\xb2\xa3$&&I\x93\x1aE\x13\xd9\xf0k\xffok\x00\xa1\xcc\x05\xc7?\n\xea\x93\xe8\x84H\xeb\'zOJ-m\x8f\xcb\xd0\x9b\xcc\xc7^u\xb5\xcd\xe8mE\x8f\xeae\xf9\xdb\x83\x13\xf3\x8d\xbf\x82\xda},n\xb9@G\x1cK\x82z\x95\xe4\xa2\\\x9b\x83\xd1\x9e\x85\x17Le\xf2G\xa8\xd9r\x9f*\x1e\xe3\x14\xaf\xea\x10V\x98R\xad\xa6\x00\xd3\xadKmkc\xb5\xe2\xd0\x9e\x10zv\xd9,\r\x14u\xcc\x1d\xc6j-GG\xb0\x93\xf8\x87\xf3\n\xb3\xac-\x033%F~\x12\x89\v[J\xc0*\x9d\x11\x89}\xcf\xcc+\xcd\x02\x93G\xb8T\xd9Z3\xac\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x94\xafM\xba{pu\xbb\xc1\xcfb\xc8\x85\xfa1\xeb\xd3\x10m_\xac\xdf\xafN\xb2fZi', 0x800009) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$auto_nl80211(&(0x7f0000000080), r2) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$auto_NL80211_CMD_GET_INTERFACE(r2, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="010b27bd7000fda5c5a62073660008000300", @ANYRES32=r5], 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4040080) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/fs/cifs/SecurityFlags\x00', 0x480c1, 0x0) sendmmsg$auto(0xffffffffffffffff, 0x0, 0xffffffff, 0xffffffff) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000001c, 0x9, 0x0, 0x400000000009, 0x7) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f00000031c0)='/dev/ttyua\x00', 0x109000, 0x0) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x200) sendfile$auto(0x1, 0x3, 0x0, 0x74c) 4.287670968s ago: executing program 1 (id=1582): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f00000000c0)='./cgroup\x00', 0x80400, 0xb5d1af1605322dd2) r1 = open_by_handle_at$auto(r0, &(0x7f0000001280)={0x8, 0x2, "0200000000000000"}, 0x6) read$auto(r1, 0x0, 0x401) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) bind$auto(0x3, 0x0, 0x6a) close_range$auto(0x0, 0xfffffffffffff000, 0x2) unshare$auto(0x40000080) r2 = socket(0xa, 0x1, 0x84) mmap$auto(0x0, 0xa, 0xdb, 0x9b72, 0x5, 0x8000) io_uring_setup$auto(0x6, 0x0) setsockopt$auto(0x3, 0x10000000084, 0x81, 0x0, 0x8) getsockopt$auto(r2, 0x84, 0x18, 0x0, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x800) mmap$auto(0x0, 0xe982, 0x198, 0x14, 0xffffffffffffffff, 0x8000) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) openat$auto_posix_clock_file_operations_posix_clock(0xffffffffffffff9c, &(0x7f0000000000), 0xc0402, 0x0) 3.767330671s ago: executing program 2 (id=1583): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80802, 0x0) socket(0x11, 0x80003, 0x300) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socketpair$auto(0x1e, 0x5, 0x8000000000000000, 0x0) io_uring_setup$auto(0x2, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyzd\x00', 0x0, 0x0) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video8\x00', 0x802, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_trace_fops_debugfs(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x20461, 0x0) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x60742, 0x0) setresuid$auto(0x8, 0x8, 0x0) socketpair$auto(0x5b, 0x2, 0x420000, 0x0) ioctl$auto_TIOCSETD2(r0, 0x5423, 0x0) 3.240953991s ago: executing program 0 (id=1584): r0 = socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) setsockopt$auto_SO_RCVMARK(r0, 0x6, 0x4b, &(0x7f00000000c0)='\x00', 0xa5cd) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) pread64$auto(0xffffffffffffffff, 0x0, 0xd, 0x6e9) close_range$auto(0x2, 0x8, 0x0) openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000340), 0x189400, 0x0) pwrite64$auto(r0, &(0x7f0000000000)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x88\xa8s\x1c\b\x06\x8a>)\x14\r>\x94\x1a\xd3\xd3\x1d\xf8\xbebZ\xddL\'\x03\xf1`\x9f\x1e\xf9\xa4\xf8\x15\x02l@\x18*\xc0\xc1\xf2\x14^\x0fo\x84\xfc\x89\v\xea\x1b\x95\xafQ;CL\"\x01\x0e\xa4\xdf\xdav\x1cC\x8a\xeeq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2', 0x4e, 0x3) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x7fff) pread64$auto(r1, &(0x7f0000000080)=',[:^\'{\\\x00', 0xb, 0x18) r2 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/security/tomoyo/domain_policy\x00', 0x40802, 0x0) read$auto(r2, &(0x7f00000002c0)='N\xd5\f\xb9GC*(,\x00\xc4bAL\xa3`\xb1\xf2\xe7\xc04b$\x99.\xb4\xcc\xc0%\xaa\xd3\xd5\xef\xa4\xd35u\xc0\xa6\r\xcaJ\x11\xaf\x93\xde\xc3|\x17\x96\xd1\x15g\x10\x1ai1(=!\xf1\xe8\xe4\xcdm\xedKW\xe7\xfbL\\\xf2sj(\v\xcd\xe5\x02B\x81ss\xdd\x8199\xa5\x1e\xb0A\xa3\xcbj7\xe9\xc9L\xcc\xc6\xa4\xaf%\xba\xda\xee\xd8%:bXj\xd5[UG\x8a\x8ab\x9a\x18\xe8K\xafU\x8d\xb1\f~\xaa\xab(\x86(\xf9\b\xf7$%\xf2\x11\xa4\x9bj\xc1)\n\x1ft\xb6\xaf\xe2\xd4\x95\xa3\xe1\x1f\xf7uw\a\xd0\x83{_>/\xff', 0x100000001) waitid$auto_P_ALL(0x0, 0x1, 0x0, 0x4005, 0x0) r3 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r3, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef) 3.240681554s ago: executing program 2 (id=1585): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x4) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) select$auto(0x79c9, &(0x7f0000000200)={[0x0, 0x8, 0x4, 0x7f, 0x8, 0x7, 0x9, 0x7, 0x10000, 0x0, 0x7, 0x7, 0xdb, 0x8, 0x5ae, 0x6]}, 0x0, &(0x7f0000000440)={[0x4, 0x5ee7, 0x7, 0x80000, 0xffffffffffffff01, 0x1, 0x400, 0xe, 0x2, 0x2, 0x9, 0xbf87, 0x0, 0xfffffffffffffffd, 0x3, 0x81]}, &(0x7f0000000140)={0x401, 0x1}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) getsockopt$auto_SO_NETNS_COOKIE(0xffffffffffffffff, 0x7, 0x47, &(0x7f0000000380)='-\xc8\xa5\x83\x1c\xe0\x8a\xeb\xcc\xfb\xa8\xe3k\b/*\xa7dev/audio1\x00q>l. <\xb0', &(0x7f00000001c0)=0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r2, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x20040011) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf) 3.168173589s ago: executing program 1 (id=1586): mmap$auto(0x0, 0x20009, 0x3, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0x5, 0x0) r0 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, 0x0, 0xb02, 0x0) sendfile$auto(r0, r0, 0x0, 0x1) ioctl$auto(0xffffffffffffffff, 0x900064b7, 0xffffffffffffffff) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) read$auto(0xffffffffffffffff, 0x0, 0x20) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth0\x00'}) pipe$auto(0x0) close_range$auto(0x0, 0xffffffffffffffff, 0x2) socket(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) connect$auto(0xffffffffffffffff, &(0x7f0000000000)=@in={0x2, 0x100}, 0x3a) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x0) 3.008303534s ago: executing program 1 (id=1587): socket$nl_generic(0x10, 0x3, 0x10) socket(0x15, 0x5, 0x0) mmap$auto(0x0, 0x20009, 0xe2, 0xeb1, 0x405, 0x8000) userfaultfd$auto(0x1) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) socket(0xa, 0x801, 0x84) socket$nl_generic(0x10, 0x3, 0x10) socket(0x1, 0x1, 0x1) timerfd_create$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x801, 0x84) socketpair$auto(0x1, 0x2, 0x8000000000000000, 0x0) socket(0xa, 0x2, 0x3a) r0 = io_uring_setup$auto(0x6, 0x0) r1 = socket(0xa, 0x2, 0x88) close_range$auto(0x0, 0xfffffffffffff000, 0x2) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_map_fd=r1, 0x4, @old_map_fd=r0}, 0xa3) bpf$auto(0x3, &(0x7f0000000040)=@query={@target_ifindex, 0x4, 0x7, 0x9, 0x7f, @prog_cnt=0x4, 0x0, 0x0, 0xc, 0xb, 0x9}, 0x7) 2.903036933s ago: executing program 3 (id=1588): madvise$auto(0x0, 0xffffffffffff0005, 0x17) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000)=0x200, 0x9) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vhci_hcd.6/usb21/ep_00/power/runtime_status\x00', 0xc0, 0x0) write$auto(r0, &(0x7f00000003c0)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94\xf8F\xbb\xa2\xbb>\xade\x18\xbd\xe2\x1c\x89OO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\xef\xc0\x04z\xd0I>\x8f\x14\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(\x95\xdfH\xf4\v\xf3C\xf8B^`\xf8\xc2\x0e\xfc>\xa1\xc5\x1dc\xb5S\xb0eX\xba\xe2\xb8\x17\xd1?\xec\xa3Rc2U\xc2OD\x1cl\xc6\xf0,4\x84A\x8f\xa0\xecJ\xb7\xfcnDO\n[^\xfc\xee\xf4\x98\xb3:K\x05\xd6ElP\xb1\xdc\xa2cg\xafENM\xb2\x1e\xfe\x0f}\xba\x83\x00\x81\x1at\xbf\x9ezF+x\xec\xe1`Qfm:\xfd\xeek\xa6#\xde\x16\x8f\xe9\xe9\xccbP\xb2z\xe1\xed\x97\x11\xaa\xea@\xee:\r\xb8\xe5\xd9CNG\x94\xe5\xcf\xfc3\xc7Z8\x03\x00\x00\x00\xc9\xe2ny\xa7\xd4\xb5A\x8e\xe2\x87\xf0\x17\x90%c\x1dE\xb1j2\x13\x10\xc2\x98\xeak\xa8\x10\xa0\x0f\xe8\x828\"9\xc1\xf2\xb6\x18\x9atD\xf13\xb2+$\x06q\xd6\x8e\xc18\x85\xd2\xd2\x1f\x97\x1d\xd7\x88\"\x01w\xaa\\\f\x98\xbf\xff\xeb\xceg\xa7\x8e\x84B\x7fn\xddu\xe0i\xd3\xf8\x8e\xf4\x111\x86\xfd\xcb\xa1\xd41\x8cI\xe0\xfa\xb3/(s\xd6\xd8\xcdCr\xf5MZ\xb8\xd4\x97\xae1\xc23ph\x84-@\xd4N_\n\xef\x86\x93T\\x\xf2\xce \xfe\v2E\xcatr\x00\xe5\xd7\xb2\x13\xe6\xd8\xd0\xe1|f\xaa\xadX@!\xc2]\xf9\x80\x9a\x1d\xcbt;\xfew\x14\x92\xc27\xbf\xad\x10\xa4\x93\xcd\xdc\x89\xa15\xe7r\x85\xcc\xd2p?\xf2\x0f`+\xb2\xcb\xf1\xddXw\xd2}Is%x\xbbJx\xebo{\x80\xc6o\x9e\xb2\"\x1c\vzL\"\x880|\v\xe0N\x8f\xd6\x8a\xaf', 0x7) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @loopback}, 0x54) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) write$auto(0x3, 0x0, 0xfdef) shutdown$auto(0x200000003, 0x2) write$auto(0x3, 0x0, 0xfdef) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ioam6(&(0x7f0000000040), 0xffffffffffffffff) mmap$auto(0x0, 0xe983, 0x6, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0xa, 0x1, 0x84) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptyw5\x00', 0x80000, 0x0) close_range$auto(0x2, 0xa, 0x0) 2.594728642s ago: executing program 2 (id=1589): openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f0000001a40)='/dev/input/event1\x00', 0x30d980, 0x0) openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000180), 0x109802, 0x0) sendmmsg$auto(0xffffffffffffffff, &(0x7f0000000240)={{0x0, 0x12, 0x0, 0x9, 0x0, 0x1f, 0x101}, 0x8}, 0x7fffffff, 0x10) ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$auto(0x3, 0xae41, 0xffffffffffffffff) unshare$auto(0x40000080) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/nullb0\x00', 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008012, r0, 0x8000) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) mlock$auto(0x7c88, 0x7fff) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ttyS2\x00', 0x103e81, 0x0) getcpu$auto(&(0x7f00000000c0)=0xa51e, &(0x7f0000000140)=0x4800000, &(0x7f0000000180)={[0x5035, 0x2, 0x1, 0x4, 0x9, 0x8001, 0x9, 0x6, 0x9, 0x6, 0x0, 0x1, 0x2, 0x7, 0x4, 0xffffffff]}) socket(0x2b, 0x1, 0x0) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0A03:00/device:08/adr\x00', 0x0, 0x0) 2.589494032s ago: executing program 1 (id=1597): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) close_range$auto(0x2, 0xa, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/nbd10/queue/max_segments\x00', 0x80980, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0x40, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mountinfo\x00', 0x28c40, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyd8\x00', 0x480, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) sendfile$auto(0x1, r0, 0x0, 0x400007ffff000) close_range$auto(0x2, 0xffffffffffffffff, 0x0) 2.392273487s ago: executing program 3 (id=1590): socket(0x10, 0x3, 0x6) mmap$auto(0x0, 0x4, 0xdf, 0x80000000000eb1, 0x3, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/tty1\x00', 0x40, 0x0) openat$auto_proc_mountinfo_operations_mnt_namespace(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/mountinfo\x00', 0x28c40, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptyr0\x00', 0x6a500, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) pipe2$auto(0x0, 0x0) io_uring_setup$auto(0x7, 0x0) socketpair$auto(0x1, 0x5, 0x100000, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000002080)='/dev/ptyd8\x00', 0x480, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) mmap$auto(0x0, 0x2020009, 0x203, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$auto(0x3, 0x80000541b, r0) 2.385372591s ago: executing program 1 (id=1591): io_uring_setup$auto(0x1d48, &(0x7f0000000340)={0x7fffffff, 0x10, 0x2, 0x6, 0x7, 0x8, 0xffffffffffffffff, [], {0x6, 0x88, 0x1, 0x80000000, 0x10000100, 0x83, 0x101, 0x6, 0x8000000000000001}, {0x100, 0x1, 0x10000052, 0x5, 0x11, 0x101, 0x876c5, 0xc9, 0x3}}) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_nfsd(0x0, 0xffffffffffffffff) r0 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$auto_VHOST_SET_OWNER(r0, 0xaf01, 0x5) mmap$auto(0x6, 0x4, 0x4000000000dd, 0x40eb1, 0xffffffffffffffff, 0x300000000000) mmap$auto(0x0, 0x2020006, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) socket$nl_generic(0x10, 0x3, 0x10) unshare$auto(0x40000080) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) close_range$auto(0x2, 0x8, 0x0) clone$auto(0x3fff, 0xad3, 0x0, 0x0, 0x8000002) mmap$auto(0xfffffffffffffffb, 0x400008, 0x400df, 0x19, r1, 0x2a7d) close_range$auto(0x2, 0x8, 0x0) close_range$auto(0x2, 0x8, 0x0) acct$auto(&(0x7f0000000100)='./cgroup/cgroup.subtree_control\x00') syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mlock$auto(0xfbea, 0x7fffffffffffffff) 2.197225217s ago: executing program 3 (id=1592): mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x90}, 0x20000081) r0 = openat$auto_btrfs_ctl_fops_super(0xffffffffffffff9c, &(0x7f0000000000), 0xa800, 0x0) r1 = socket(0xa, 0x2, 0x88) bpf$auto(0x0, &(0x7f0000000000)=@link_update={r1, @new_prog_fd=0x4, 0x4}, 0xa3) ioctl$auto_BTRFS_IOC_DEVICES_READY(r0, 0x90009427, &(0x7f0000000540)={@inferred=r1, "a008b04bf3cc8ca8aecb68d236ce2b94a42623adcdfce5ea849d4f7b51caa6e74265e3e1834091e83629e9cb5685e215ef6613dc839cb62749bd902e9f345e4eef7c56cd81b882790eb6db058cb2424db62602e272e33b81fa719505d9078b8ae1beb2e4721ad2de61e81907d1a58926116f98458165ced6d3cf39a8b89bb22fc1bf56e9ab353565d553006f83de101edc2a8eba88f4bf97a2a0ab88e185037f819ef5767cc9b8407691becf8c086dcf9f22110fd4c0d0733040c5cfb7940c1b93f724abc4cde839c32bd0095943acad0222178b0d44167589fdeb1f42d73bd79c6c5f125ad3f0c8b07b303ab059d5aeb00eace0a2858e31637752727bf31cb06f5ca9d659628159294e8cd4d6a01f3a9832c66f04444328ffba57421da8fa050dca94d62493a0078d11906b6cd9b8d92e0413e9b62008d1837617aea177e39105ec24b5540d9aa5e768a4c165a0a9c4c04a006af1bd71dcce76e194d882ccad201f229517803b2464cf9aa16931b6985f8aea06670fff1864021a4e1d1d4f6d4d231f96c99fbb8108bf4123b74d5e46cb5146565caa2505b760c16b8cad5feed6c66b59a053734f7573f9b33ffb101d0775ee0c0c93b725bc4b3336c91a4a1ac0953ee657fb8af8f2512ab5d7a1c8e760cc32bffc712e1f84bb539c1c4edc336d23d2ce246a0372a670aa596c10c9a2a05b95172c23888ba81d402715dfdb07212c00e60694266a7fcda9d92933ced3d3d4095ad2f5cfb1243e0eb2f4098805d22227a665bae33435444f59c934b8cc5588df9c61f3285bd03386f87cc153ab050ba02c1ace8f32b3f84bcd1c8567543e330bc499944e53337691dba359ad49cc7196f3367d6620a836481762031771d343ccf092fd6bc0c2b44bec6c0f19f9fe426b6e46f8f836414ece71d300323fd461ffa3337fc7053e99eee157159c4dc3211fc70edf2433bb92654e1ecefa1514d9a9de3cdbd56ec10a79d2bacb86f1dcba5a6027de72180dd65204dc52415b8a59dabf4c25d15ec72bf9e2508ad08aa6b7b5ddf532d60472842ad77a2c6db85efbde5ac2e401a51352f98bdf70904b4196d111e1e563fe1c66edcd2f83ae7b2a323bd4a7d70856ab449c616d364f61cbf77fce27bb2f93ddf54767f6a1b68b27eaad34eb7b306c3221639231050c5438b59b396f52bcd8d6006d3652517003bab1eb43b1a8fff3a9066bc6c03936d6b1e70965261bee78a1bf4a687bc294457c93e09b3779a565daff7865c05d09253b671af1843305f9d15220b7c525e947fe122c218e4fc97cac58fd70e8b691372bf91654b0ce25ae6de25b538101d95c98c38b108580bbf2a99c263ed1eb7b1b35366fc05e77003a3d5cace2037164e67bc6c0c17027f6d71b282470222bc08f7fa9f0a35f08a7da1d094eb130aed19cdbec0d12881a378d6434f0b684da1a447eca547eae363376190d063987f08d98c130a2dda5990a204a509cb6e8799d6f10681992d032cffaa7d5f97402361db02efdb77c3f55dab44f309263b6d2d523aff9b9d29fefeed6dddc7bd0a3fba8adb0cdcdc85df7dd64f6172783152e59912fba97f2d8d7127fc053df94fa8e0d09abba42dc5bf6cc13b6af723f7104c86768a43a46551aaedbaa2a59429a78295fad1b047be4ac8ed52c584b9c7818d0ee539e3e46ef1e817d75f8261af64f0bd06b37bdafe9ff215825ffbdfead2e4aa6cd2fb6c28eeba06428f1b48942e85d4e5e022701beca38c3ef884818f21d6a6229e73407ba695d3726ea99f871546b94f07f4d2323260ee5730beaa6c6cdfc94bdfab41cf2ac4ef21fca830f857fef2f1d27a8905a83a4f48192dfc1040de16a531b91c9bc18b218f69d54780829d527c8eb2865b8a2909726a1b84affd3c0c467e4dbacae15594d3979080d90248a331f8d547bb6a0950229d6675b403346e94382dfaeadc0f6facbe3e45606c4a983c46b8f3fc9e02ebdc45db44dca4af0d8012b8869978a8aaa09fe1768e0288ff05116d825c18587e1fd0dbc8a47a6cd6214495573cda18464d5998f9eeee91c8b9f3ee2efefef112b83e0bfe6542c26bcb8749de4cad777c3186f6739c14174c73aaecaee3c34517b63a05774e64c0d99b678f3ab34c3c30a160f3f0d3ddb6468745508c35684e50990235b81af028c978d07d3fdf149d57bc8cf5f6ca7a02a9458490b399dae9ef78e460854fa009a25658ce806085abde2512d75e33268f45d3014dd02f1b2efce401b0d77a4c8b855d1b88f876e5f7caea07452e8f8d06f9cb075f763c7e6a2be8229308ce7ab6809fd730b02b1ea17ae0f2f0fef4bcecc0719e5608547b8e1404a6899ccd0a433baecdefe607199dad692bed2b784e7fb1ed5b9a7c7bf723ed9db9b62ce3ab54b3eea0ae87815b05c65bd78de5f86ef537e30e211b26bab057a7bfc1da5cc487b4c463731bac7016fd27e6375ba746136d177fa51f8db97ea2e728aafd83d8aa9dc6b74f41f09ea0ffba5bde2f1ed0fabbbb4baf4d857c399ef6261acb8260ecab707b39cf8e1d7015b01b63e51d1bad3f8ce4bb6bcfd12a1fa7a86ce0c9af146f8c40e0b99253e12c7e943cf4b3d584ff9278d8ea7d0411eac6a994668009dcb1d44641b976b4eea15b8d9137ecc105da9d41edcb2ae7c45f0b98a1b19b6f5652c976592e90f15d9c2880638b50bd6da8531a504658555df9941eff014fc2d381f23aaaf1c9dfad0d8dd9fe1a2f6a6cbfca51444b602023000784a08d18a44ab6202b06656dd19c07753e3a8f3f2c5e96bcb3e869f19aab3853b25d31f93ccd996000f90bf7361a5d15d6053246975cb40b8d677fa9af6bf333033b13f04643937fcff64e8826641f32d8af29000cc7bfaf2449ab6a590cb0d0962482a97bb72c0040a2ec279dc286e89f1009ba243996af6eaa38be8f303853bc19c927df7778b6c6b30819474d5ba6ae2bf8f4e0fb980a68efc47cd77ba766840b7b6974af105711b38c36b944b34bcaaa78344650640734d27721b51577b39145ac28159a7ebb0a81ccdfc84f80dbf18f6c2b9e08abd76a29e2f97ae0d6809915a33b6a6fc40121aac0cc0433830c6b7d2237df18b693300aca0cf8cc810f3eb16866baefb9db5359cb2167eb0d075ca3301a2f9e05cd8f9132d3c80d742a184708f9e5acee7ded741378a3059c2b54b141fed5fd3f37c6094d87755a2f03af72c24c89d2fb81eb636e99475cd52f102ea3527ff820ef1a4c7235bc13f1c8e90592c464c0b6505dbbcaf6601f58986e7c1ce1aea39a2a215bd996d7f57a46ba696cce31d90e0a227a46b8d57c681e9b07b11f3b3c9ee86be630b197ea348441abafc1af7eb24f59aae0532dd7260334b32a5c64206a6c066f390860483ad966863cd910e1d0ef30f4609491dac593178652c7d54517536676419e09e7f73938d2591b400d84ecb813cc46eaa75f6abd8dc988b059f24cda1c17d4ddff0a2c90d1fd3c1480fd0cd4f9818eeb9a281ea066ae396c857d0bc91e84b2e5c6f6a5b90e4e9f6072678c16ae3234315426048da397b6679e0008ce23dc78d6aca9ab1a65f114c267ff79e2b7d31d3482d7f901b9a22ca949ad5cc626d38ebc476459df9d4747ad36285bf57faa43c1b3993ff37834cf12fb7d7a48b7bd559198731ae5907559af48139b133d531fb1351b404bfcb0042ae5d48b619223f614c8af6b49bf07f752debc6eeeaa6e6715a72d1d336aabbc995f2dd688f505396feea7cc27b75c96038030ab1ee286d6cae730c9f960305112b7914f8969a2efd4da3e81ace0ae323f4e0bde166e8f98eb558ea55521d74a06d817edcc8c90a3b2820dd37638e74e37d0a113f06642d119813ac4d70906339c789821df5c1b46a4635dc9545c9ec3c3eb30878d85fe4cf27692e8352529dca81c49c1a609a7bd1507d4bf2a30ef02262b9f31a39effe0bc59b905284cadc02d78fb3f74bcc4cbe9b59206ba6a205d1c6314f0a691483b79c95eb0fd1fa766e5b303b7fd3843724145edb1770c622a6c01696aee6c30506b2dc3c7cc379f4b46ee7fd9a460c4c869d048bac31e3939d71667bfeec02b6b42e9f7cf99fd0187ff83bdc6ab50d02a8b17701612c63f007d5fbf7b9253eb7548c877064844990b499daa6206e8796ecc352deb33663e623a10b1b3c9c012786c3cf8c9995e0fe97ede3667c4572017832fe9c040f4f376b8c9176198bcefbe8ae885428690855b6e923cb773396ea319546aa15b03e227257d57c9164ff0bd116a06754fb7146408db4ea6fdcf23f824e9afdbca8e4079ea2cf901e5725082547472924cf3c99f5c1868694dcb73cddfb68649d71588b2512a75d029063bb06601c4327d58939cd2996eee1f2b443df2606f07cf3bbf17d95d3f2a563f6c84d6775a7b551ec2d9b87c0a378ebad5070d04d8de3dbd4c61b346585291777df95b31d94a64654ae28374733de6b25ee7b2b733c75cd134aebe27efb34655a4a1de2457738e5785520bfaca08334fa98d1dcbd36ca6bd9e48435d38cd9f5a082aa3d78569e7e36a59581e9c1345edc637411ba84278a15552b83b3d150232ce45cea03d2d3aeca19cd5d6afa066ade65f9d32a4ad09e32688dbaf3d4b9a0a00399a4a1e64119b6504eeb6bcd132b92fc5875ffba365ede953b214b955158d680f5da38ef50d91c85741f21ac58e762603046257e8cb3431f1700d2c68cf909c8d5f1a8b6d52ed49152af94c553c344cd023b3cb288f0c2c67781310ec640d7836a49558943cf9185724131ee5340dec819cbb3674bc3410e8f547bdbdd67eab8160b619f12adb8d79dabe75dd0f564357aeed4883b494b25755987529df3efdc8a1016830d704482a61c1efeceb99d7e5f7bbd5ce7ff081f1636555b86463a014aae1939f9445f8e536c326dd2e642261fafc825888212d417fcfde7ae37159191138db323f8a2954e67601e865e25d496d4eb65ff369fd2eec955231f442233f181448ecf1a2ee7026860134341378cc7ec83551da400daf15906a76a155319bf27019950165c76821e88c7dbc3594eb2f3773dfe9f11881106963a3727e34a0fb99b4ee89408f9083acb4af923e33a5e1c9bbe67145146e8272c252952cf16e4a2a290adfa3603532b6ba1ebb87f59d20447113227d62f2742d14f457848041060f4d836875d36cf16db0fb794a4c7b47f70ff106a38dee94508e9ee34b16a969731fb5ec582194f0b4869445136cf0390019377c862c217790ec361c581ebe6d42372aed32ca3a7d6dacd473497aad1983cfc15ce0a7bc2b8f15b854ac5d7da3d436f6bdc303a0b5e30db53d32590bc054f038137438e78cd629483e0a942b6db4b244a788cbf919a69d8571addf30faeb70ff9a8feb31cd5f43a09e3c3e1ca404222d35349965bda1b3b064678c72a7aab2923656b88f935efd9ea07a8b638b6c54aebc9b9dfe67b009ca4168cdd1d39036bed1afc96b4fb0f84ea99267ddfff03dcd71d649f3154f53f51bc4e278be45dd8ef8c8f72249ec0bcf9c13975340bf397eb4fad4a4f49ef2a37a7d9794b36df808c79a67436a1dc6809c05d7ab85c35462de5fc8b8d7d0b5bad3301b4a5d24abaeb208bf99a811a0ea91bd4a11858194462084ed50448676104408d9ab6993c6e36efe1bcf823b1b73531ecadb632374eaacea5a826a916c251e97f40c5aec57fb9b702a59493b0cdce42b0afa0d3885d74c5b9e9aa96cb314d215f08be733833235297a2f6e6f5f01f921b27a229e8b1535936511f4f43c6204c0ae3919365ca"}) r2 = openat$auto_btrfs_dir_file_operations_inode(0xffffffffffffff9c, &(0x7f0000000100)='/sys/devices/virtual/bluetooth/hci4/power\x00', 0x16382, 0x0) ioctl$auto_BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000280)={0xf, 0x5}) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0x4) socket(0x10, 0x3, 0x6) lstat$auto(0x0, &(0x7f0000000180)={0x4, 0x7ff, 0x9, 0x63, 0x0, 0x0, 0x0, 0x9, 0x200, 0x800000000100002, 0x40000407, 0x2, 0xc, 0x2, 0x19, 0x20000000009, 0x7}) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) r3 = openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0) ioctl$auto_IOCTL_VMCI_VERSION2(r3, 0x7a7, 0x0) ioctl$auto_IOCTL_VMCI_CTX_ADD_NOTIFICATION(r3, 0x7af, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="24051c27c100dedbdf250307cc0008000200", @ANYRES32=0x0, @ANYBLOB="060007000080000006000700050000000a00050000000000000000000a00010000000000000000000a0001"], 0x6c}}, 0x1004c440) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x1, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) 2.02684009s ago: executing program 3 (id=1593): socket(0x11, 0x3, 0xe) mmap$auto(0x0, 0x4020009, 0x6, 0xeb1, 0x401, 0x8000) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0xc0803, 0x0) mmap$auto(0x0, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) io_uring_register$auto_IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000280), 0x1) clone$auto(0x20003b48, 0x2, 0x0, 0x0, 0x5) statmount$auto(0x0, &(0x7f0000000180)={0x8, 0x1, 0x9, 0x5, 0xc, 0x2000000000940, 0x1ffde, 0x7, 0x4, 0x3fe, 0x9, 0x1, 0x2, 0x7, 0x9, 0x8, 0x8, 0x407, 0x5, 0x8000000007, 0x8000, 0x0, 0x0, 0x0, 0x0, 0xf3, 0x0, 0xfffffffc, 0x0, 0x1, 0x0, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000000004, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x47e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xe3a]}, 0x400, 0x81) r0 = socket(0x10, 0x2, 0x0) r1 = socket(0xa, 0x3, 0x3c) write$auto(r1, &(0x7f00000003c0)='+&\x00', 0x273f) sendmsg$auto_NL80211_CMD_GET_REG(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="f2000000", @ANYBLOB='p\x00', @ANYRES16], 0x1ac}, 0x1, 0x0, 0x0, 0x24048040}, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB='.'], 0x1ac}}, 0x40000) sendmmsg$auto(r0, &(0x7f0000000200)={{0x0, 0x0, &(0x7f0000000000)={0x0, 0xfc2}, 0x2, 0x0, 0x7, 0xa505}, 0x800}, 0x7, 0x4008) r2 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r2, &(0x7f0000000200)='7\x00\\\xa0\x04|\x03\'g\t$K\xcb\x12\xfa\x00\x00\xcfk', 0xb7f) select$auto(0x1, &(0x7f0000000040)={[0xfffffffffffff91e, 0x40, 0x4, 0x80, 0x7, 0x3, 0x80000001, 0x7c, 0x3, 0xfffffffffffffffc, 0x5, 0xb, 0x4, 0x7, 0x0, 0x6]}, &(0x7f00000000c0)={[0x3, 0x4, 0x0, 0x1, 0x39, 0x6, 0x7f, 0x3, 0x2, 0xc6d, 0x8, 0xffffffff, 0x1, 0x0, 0x7491, 0x40]}, 0x0, &(0x7f00000001c0)={0x9, 0x1}) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x802, 0x0) write$auto(r3, &(0x7f0000000180)='7\x00\\\xa0\x04|4\x00\x00\x03\x00\x00\x00\x10\x01\x00\x00\x00\x00\x00\x00\x00\x00rRVr\xc4O\xdc1\x9b%\x10Z\'\xb9\'\xa3stC=\x85\xc6\xf6\x13 \xeb\xff%\x11\x82\x05\xdfV\x02\xca&\xd8$<\xab&\xc8B-\xcc\x15\x04&\x13;\xfe\xbdQ\xaa\x16o\x1f\xc7\x94\xa3\xc9\x9a\xe1d\xf5\n\xe2\x88\x84\vT?\x98\xa2\x00'/206, 0x5) fsopen$auto(0x0, 0x1) 1.906108368s ago: executing program 0 (id=1594): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000000)='/dev/usbmon33\x00', 0x121200, 0x0) mmap$auto(0x0, 0x4000002, 0xfffffffffffffe01, 0x8051, 0x3, 0x0) syz_clone(0x5004000, 0x0, 0x0, 0x0, 0x0, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x400108, 0x3, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f00000005c0)='/dev/sda1\x00', 0x44003, 0x0) ioctl$auto_BLKPG(r0, 0x1269, 0x300) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) openat$auto_drm_debugfs_entry_fops_drm_debugfs(0xffffffffffffff9c, 0x0, 0x503083, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000080), 0xffffffffffffffff) unshare$auto(0x40000080) r1 = openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/usbmon0\x00', 0x0, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) ioctl$auto_MON_IOCX_MFETCH(r1, 0xc0109207, 0x0) openat$auto_usbdev_file_operations_usb(0xffffffffffffff9c, &(0x7f0000000340)='/dev/bus/usb/025/001\x00', 0x201, 0x0) 604.329385ms ago: executing program 0 (id=1595): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x20342, 0x0) ioctl$auto_SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) mmap$auto(0x0, 0x400007, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, 0x0, 0x802, 0x0) syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/net\x00') sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(0xffffffffffffffff, 0x0, 0x880) write$auto(0x3, 0x0, 0xffd8) write$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffffff, 0x0, 0x0) write$auto(0x3, 0x0, 0x100082) socket(0x2, 0x1, 0x106) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000300)='/sys/devices/platform/vhci_hcd.4/usb18/18-0:1.0/usb18-port3/location\x00', 0x0, 0x0) read$auto(0x3, 0x0, 0x7fffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, 0x0, 0x14be02, 0x0) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) io_uring_setup$auto(0x6, 0x0) pipe2$auto(0x0, 0x0) poll$auto(0x0, 0x5, 0x3fd) close_range$auto(0x2, 0x8, 0x0) 405.647911ms ago: executing program 2 (id=1596): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) r0 = open(&(0x7f0000000100)='./file0/file0\x00', 0x222c0, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000200)='/proc/filesystems\x00', 0x1c9802, 0x0) pread64$auto(r1, 0x0, 0x100000001, 0x100) fcntl$auto(r0, 0x400, 0x1) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) unshare$auto(0x40000080) socket(0xa, 0x5, 0x84) socket(0xa, 0x3, 0x3a) setsockopt$auto(0x400000000000003, 0x29, 0xcb, 0x0, 0x4) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000300)={{@raw=0x6, 0x0, 0x8001, 0x2, "da14cf93e7670976d4df4660872c34e34ab92824711bacf3578dcec408cf5180d03a4d126edb3169db6d48ac"}, 0x1, @iec958={"28f6a86309b1e098a7dfa272f95c4c28615313f81f02a4eb", "77a2e9b1b0224a8ef0ac25ff0db0b6ec20c55cccbf4e9b253241777363b62fbe19f64f49f5ed0205399a691cb53e4086d6ec9dcbc5173fee439c2db7f3d5f2d4dd2a267a11e3c0cc771cdddef6bdb02a85cf5ea2ecc26fa3fe291d1e45404619547117c0d45a0de14bc3b9c22d705152efa9d2cfb220c6210dd7606723fb4d6d8ea3e197b19203c65d90e3c761870cbd392bea", 0x0, "e8134be5"}, "a8949c7d9c57acd66da4c5f111166031ad47ebfed172b36a28d7b0204e3a90e9a6c41064df45da18212d9c4e61a29b8146bd0c0284d89751eb5c58cb32c2abf739599063c9a0820f08f1c1b3645f00006dcd033a712822785eeb6a2c41b6d7c00f5e965c1d0000000000000000000000000400"}) r2 = openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/neigh/vlan1/base_reachable_time\x00', 0x40400, 0x0) read$auto(r2, 0x0, 0x1ff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/LNXSYSTM:00/LNXSYBUS:00/PNP0C0F:00/status\x00', 0xa140, 0x0) r3 = openat$auto_proc_fail_nth_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/fail-nth\x00', 0x8002, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_REPLACE(0xffffffffffffffff, 0xc1105518, &(0x7f0000000800)={{@raw=0x1, 0x2a, 0x9, 0x8, "1fb8c66db3341cdd7c59af17e7b614aa3afcdeb461cadda10426d44d78a6ba746186ca630a6da69ee86ab53f"}, 0x5, 0x4, 0x5, @raw=0x7177, @integer64={0x4, 0xffffffffffff7b36, 0xa}, "cba6172b3efc8e802148850d899c7344d921d6500e1df65334791ec480e1f7d57f372e3ab8a1a0d9984325bf99e346b18bc1fd824548a13ab3cd10995fd5417b"}) writev$auto(r3, &(0x7f0000000200)={0x0, 0x7}, 0x3) close_range$auto(0x0, 0xfffffffffffff000, 0x2) io_uring_setup$auto(0x84, &(0x7f0000000080)={0x7fffffff, 0xd, 0x83000, 0x8000006, 0x4, 0x7fffffff, 0xffffffffffffffff, [], {0x6, 0xcb32dd6, 0x8c48, 0x29f, 0x100, 0x77fffffe, 0x101, 0xb0d, 0x3}, {0x100, 0x1, 0x20000052, 0x1, 0x2, 0x40, 0xc4, 0xb, 0x100000000}}) 0s ago: executing program 1 (id=1598): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x40000) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) sysfs$auto(0x2, 0x23, 0x0) r0 = openat$auto_ftrace_set_event_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/tracing/set_event\x00', 0x20201, 0x0) write$auto(r0, 0x0, 0x4) openat$auto_proc_page_owner_operations_page_owner(0xffffffffffffff9c, 0x0, 0x2482, 0x0) close_range$auto(0x2, 0x8, 0x0) select$auto(0x79c9, &(0x7f0000000200)={[0x0, 0x8, 0x4, 0x7f, 0x8, 0x7, 0x9, 0x7, 0x10000, 0x0, 0x7, 0x7, 0xdb, 0x8, 0x5ae, 0x6]}, 0x0, &(0x7f0000000440)={[0x4, 0x5ee7, 0x7, 0x80000, 0xffffffffffffff01, 0x1, 0x400, 0xe, 0x2, 0x2, 0x9, 0xbf87, 0x0, 0xfffffffffffffffd, 0x3, 0x81]}, &(0x7f0000000140)={0x401, 0x1}) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/pm_trace_dev_match\x00', 0x20080, 0x0) getsockopt$auto_SO_NETNS_COOKIE(0xffffffffffffffff, 0x7, 0x47, &(0x7f0000000380)='-\xc8\xa5\x83\x1c\xe0\x8a\xeb\xcc\xfb\xa8\xe3k\b/*\xa7dev/audio1\x00q>l. <\xb0', &(0x7f00000001c0)=0x9) r2 = socket$nl_generic(0x10, 0x3, 0x10) io_uring_setup$auto(0xd364, &(0x7f0000000000)={0x400, 0x10002, 0x7f, 0x7, 0x6, 0x5, r2, [], {0x2, 0x4, 0x6, 0x2, 0x40, 0x4, 0x7, 0x7, 0x80000000}, {0x7, 0x1ff, 0x80000001, 0x8, 0x6b, 0x9, 0x0, 0xfffffffa, 0xb1}}) sendmsg$auto_IPVS_CMD_SET_DEST(0xffffffffffffffff, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x20040011) read$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000280)=""/175, 0xaf) kernel console output (not intermixed with test programs): 26 [ 196.131682][ T7935] Call Trace: [ 196.131688][ T7935] [ 196.131695][ T7935] dump_stack_lvl+0x100/0x190 [ 196.131722][ T7935] should_fail_ex.cold+0x5/0xa [ 196.131742][ T7935] should_failslab+0xc2/0x120 [ 196.131759][ T7935] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 196.131783][ T7935] ? security_inode_alloc+0x3b/0x2c0 [ 196.131804][ T7935] ? lockdep_init_map_type+0x5c/0x250 [ 196.131826][ T7935] security_inode_alloc+0x3b/0x2c0 [ 196.131847][ T7935] inode_init_always_gfp+0xcc0/0x1000 [ 196.131866][ T7935] alloc_inode+0x8e/0x250 [ 196.131886][ T7935] new_inode+0x22/0x1c0 [ 196.131906][ T7935] tracefs_get_inode+0x19/0x80 [ 196.131927][ T7935] eventfs_get_inode+0x53/0x520 [ 196.131955][ T7935] eventfs_root_lookup+0x6f2/0xa50 [ 196.131978][ T7935] ? __pfx_eventfs_root_lookup+0x10/0x10 [ 196.132002][ T7935] ? __d_lookup+0x266/0x4a0 [ 196.132030][ T7935] lookup_open.isra.0+0x631/0x11b0 [ 196.132057][ T7935] ? __pfx_lookup_open.isra.0+0x10/0x10 [ 196.132089][ T7935] ? mnt_get_write_access+0x1e9/0x2f0 [ 196.132112][ T7935] path_openat+0xa98/0x31a0 [ 196.132135][ T7935] ? __pfx_path_openat+0x10/0x10 [ 196.132157][ T7935] do_file_open+0x20e/0x430 [ 196.132175][ T7935] ? __pfx_do_file_open+0x10/0x10 [ 196.132204][ T7935] ? alloc_fd+0x476/0x790 [ 196.132221][ T7935] ? do_getname+0x191/0x390 [ 196.132242][ T7935] do_sys_openat2+0x10d/0x1e0 [ 196.132261][ T7935] ? __pfx_do_sys_openat2+0x10/0x10 [ 196.132282][ T7935] ? blkcg_maybe_throttle_current+0x5e7/0xeb0 [ 196.132304][ T7935] __x64_sys_openat+0x12d/0x210 [ 196.132324][ T7935] ? __pfx___x64_sys_openat+0x10/0x10 [ 196.132351][ T7935] do_syscall_64+0x10b/0xf80 [ 196.132365][ T7935] ? clear_bhb_loop+0x40/0x90 [ 196.132383][ T7935] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.132398][ T7935] RIP: 0033:0x7f1df4b9c819 [ 196.132412][ T7935] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 196.132428][ T7935] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 196.132450][ T7935] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 196.132461][ T7935] RDX: 0000000000000002 RSI: 0000200000000100 RDI: ffffffffffffff9c [ 196.132470][ T7935] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 196.132480][ T7935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 196.132488][ T7935] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 196.132509][ T7935] [ 196.796489][ T50] Bluetooth: hci0: command 0x0406 tx timeout [ 196.802548][ T50] Bluetooth: hci2: command 0x0406 tx timeout [ 196.809400][ T50] Bluetooth: hci3: command 0x0406 tx timeout [ 196.815392][ T50] Bluetooth: hci1: command 0x0406 tx timeout [ 197.458757][ T29] audit: type=1804 audit(2147483684.910:5): pid=7954 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.579" name="/newroot/151/file0" dev="tmpfs" ino=812 res=1 errno=0 [ 197.528760][ T29] audit: type=1804 audit(2147483684.950:6): pid=7953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.579" name="/newroot/151/file0" dev="tmpfs" ino=812 res=1 errno=0 [ 200.307383][ T8013] netlink: 25 bytes leftover after parsing attributes in process `syz.2.595'. [ 201.822972][ T8041] netlink: 28 bytes leftover after parsing attributes in process `syz.0.601'. [ 202.339532][ T8041] bond0: (slave bond_slave_0): Releasing backup interface [ 204.092720][ T8068] netlink: 354 bytes leftover after parsing attributes in process `syz.1.611'. [ 204.190801][ T8075] netlink: 4 bytes leftover after parsing attributes in process `syz.3.613'. [ 204.231005][ T8075] netlink: 25 bytes leftover after parsing attributes in process `syz.3.613'. [ 205.624219][ T8105] pci 0000:00:01.0: [8086:7110] type 00 class 0x060100 conventional PCI endpoint [ 206.044184][ T8106] zswap: compressor not available [ 207.041898][ T8146] netlink: 4 bytes leftover after parsing attributes in process `syz.1.633'. [ 207.072711][ T8146] netlink: 13 bytes leftover after parsing attributes in process `syz.1.633'. [ 207.273518][ T8148] sp0: Synchronizing with TNC [ 207.617389][ T8155] netlink: 4 bytes leftover after parsing attributes in process `syz.2.637'. [ 207.672883][ T8155] netlink: 13 bytes leftover after parsing attributes in process `syz.2.637'. [ 207.809520][ T8152] vivid-007: ================= START STATUS ================= [ 207.835778][ T8152] vivid-007: Generate PTS: true [ 207.856066][ T8152] vivid-007: Generate SCR: true [ 207.860961][ T8152] tpg source WxH: 320x240 (Y'CbCr) [ 207.890699][ T8152] tpg field: 1 [ 207.894121][ T8152] tpg crop: (0,0)/320x240 [ 207.932454][ T8152] tpg compose: (0,0)/320x240 [ 207.955268][ T8152] tpg colorspace: 8 [ 207.985513][ T8152] tpg transfer function: 0/0 [ 208.015839][ T8152] tpg Y'CbCr encoding: 0/0 [ 208.029012][ T8152] tpg quantization: 0/0 [ 208.044036][ T8152] tpg RGB range: 0/2 [ 208.054127][ T8152] vivid-007: ================== END STATUS ================== [ 208.456233][ T8176] netlink: 4 bytes leftover after parsing attributes in process `syz.3.644'. [ 208.496390][ T8176] netlink: 25 bytes leftover after parsing attributes in process `syz.3.644'. [ 208.661665][ T8181] netlink: 'syz.1.646': attribute type 2 has an invalid length. [ 208.718446][ T8181] netlink: 5 bytes leftover after parsing attributes in process `syz.1.646'. [ 209.787188][ T8204] netlink: 12 bytes leftover after parsing attributes in process `syz.2.653'. [ 209.852683][ T8204] i: entered promiscuous mode [ 209.914667][ T8207] HfR: entered promiscuous mode [ 210.454806][ T8215] mkiss: ax0: crc mode is auto. [ 212.324043][ T8258] netlink: 12 bytes leftover after parsing attributes in process `syz.2.667'. [ 212.736423][ T8267] netlink: 306 bytes leftover after parsing attributes in process `syz.3.672'. [ 214.017290][ T8285] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 214.182986][ T8291] FAULT_INJECTION: forcing a failure. [ 214.182986][ T8291] name failslab, interval 1, probability 0, space 0, times 0 [ 214.310412][ T8291] CPU: 0 UID: 0 PID: 8291 Comm: syz.2.678 Not tainted syzkaller #0 PREEMPT(full) [ 214.310434][ T8291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 214.310444][ T8291] Call Trace: [ 214.310449][ T8291] [ 214.310455][ T8291] dump_stack_lvl+0x100/0x190 [ 214.310483][ T8291] should_fail_ex.cold+0x5/0xa [ 214.310502][ T8291] should_failslab+0xc2/0x120 [ 214.310518][ T8291] __kmalloc_cache_noprof+0x7a/0x6f0 [ 214.310539][ T8291] ? refill_pi_state_cache+0x91/0x260 [ 214.310564][ T8291] refill_pi_state_cache+0x91/0x260 [ 214.310586][ T8291] futex_lock_pi+0x177/0x7b0 [ 214.310609][ T8291] ? __pfx_futex_lock_pi+0x10/0x10 [ 214.310631][ T8291] ? __pfx___futex_wait+0x10/0x10 [ 214.310670][ T8291] ? __pfx_futex_wake_mark+0x10/0x10 [ 214.310695][ T8291] ? __get_user_nocheck_8+0x20/0x20 [ 214.310716][ T8291] ? do_vfs_ioctl+0x226/0x13e0 [ 214.310739][ T8291] do_futex+0x18a/0x350 [ 214.310758][ T8291] ? __pfx_do_futex+0x10/0x10 [ 214.310777][ T8291] ? find_held_lock+0x2b/0x80 [ 214.310794][ T8291] __x64_sys_futex+0x34f/0x4d0 [ 214.310816][ T8291] ? __pfx___x64_sys_futex+0x10/0x10 [ 214.310841][ T8291] do_syscall_64+0x10b/0xf80 [ 214.310854][ T8291] ? clear_bhb_loop+0x40/0x90 [ 214.310872][ T8291] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.310887][ T8291] RIP: 0033:0x7f1df4b9c819 [ 214.310900][ T8291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 214.310914][ T8291] RSP: 002b:00007f1df5a85028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 214.310929][ T8291] RAX: ffffffffffffffda RBX: 00007f1df4e16090 RCX: 00007f1df4b9c819 [ 214.310938][ T8291] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 214.310947][ T8291] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 000000008000fff5 [ 214.310955][ T8291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 214.310963][ T8291] R13: 00007f1df4e16128 R14: 00007f1df4e16090 R15: 00007ffe299149e8 [ 214.310982][ T8291] [ 217.409527][ T8325] hub 1-0:1.0: USB hub found [ 217.439329][ T8325] hub 1-0:1.0: 1 port detected [ 217.713789][ T8336] netlink: 25 bytes leftover after parsing attributes in process `syz.2.689'. [ 218.233054][ T8342] FAULT_INJECTION: forcing a failure. [ 218.233054][ T8342] name failslab, interval 1, probability 0, space 0, times 0 [ 218.447196][ T8346] netlink: 13 bytes leftover after parsing attributes in process `syz.2.693'. [ 218.469259][ T8342] CPU: 0 UID: 0 PID: 8342 Comm: syz.3.688 Not tainted syzkaller #0 PREEMPT(full) [ 218.469280][ T8342] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 218.469289][ T8342] Call Trace: [ 218.469295][ T8342] [ 218.469301][ T8342] dump_stack_lvl+0x100/0x190 [ 218.469328][ T8342] should_fail_ex.cold+0x5/0xa [ 218.469347][ T8342] should_failslab+0xc2/0x120 [ 218.469365][ T8342] __kvmalloc_node_noprof+0xfa/0xa00 [ 218.469379][ T8342] ? bucket_table_alloc.isra.0+0x88/0x460 [ 218.469404][ T8342] bucket_table_alloc.isra.0+0x88/0x460 [ 218.469427][ T8342] rhashtable_init_noprof+0x43b/0x7d0 [ 218.469451][ T8342] ioam6_net_init+0x11c/0x170 [ 218.469468][ T8342] ? __pfx_ioam6_net_init+0x10/0x10 [ 218.469481][ T8342] ops_init+0x1e2/0x5f0 [ 218.469507][ T8342] setup_net+0x118/0x3a0 [ 218.469521][ T8342] ? __pfx_setup_net+0x10/0x10 [ 218.469533][ T8342] ? lockdep_init_map_type+0x5c/0x250 [ 218.469554][ T8342] ? mutex_init_lockep+0x110/0x150 [ 218.469576][ T8342] copy_net_ns+0x46f/0x7c0 [ 218.469593][ T8342] create_new_namespaces+0x3ea/0xac0 [ 218.469613][ T8342] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 218.469631][ T8342] ksys_unshare+0x473/0xad0 [ 218.469651][ T8342] ? __pfx_ksys_unshare+0x10/0x10 [ 218.469676][ T8342] __x64_sys_unshare+0x31/0x40 [ 218.469694][ T8342] do_syscall_64+0x10b/0xf80 [ 218.469707][ T8342] ? clear_bhb_loop+0x40/0x90 [ 218.469725][ T8342] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.469740][ T8342] RIP: 0033:0x7f65e079c819 [ 218.469753][ T8342] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 218.469767][ T8342] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 218.469783][ T8342] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 218.469792][ T8342] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 218.469801][ T8342] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 218.469809][ T8342] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 218.469818][ T8342] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 218.469836][ T8342] [ 221.069688][ T8373] netlink: 'syz.0.702': attribute type 2 has an invalid length. [ 221.146443][ T8373] netlink: 5 bytes leftover after parsing attributes in process `syz.0.702'. [ 221.220887][ T8376] FAULT_INJECTION: forcing a failure. [ 221.220887][ T8376] name failslab, interval 1, probability 0, space 0, times 0 [ 221.311515][ T8376] CPU: 0 UID: 0 PID: 8376 Comm: syz.2.704 Not tainted syzkaller #0 PREEMPT(full) [ 221.311538][ T8376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 221.311547][ T8376] Call Trace: [ 221.311552][ T8376] [ 221.311558][ T8376] dump_stack_lvl+0x100/0x190 [ 221.311587][ T8376] should_fail_ex.cold+0x5/0xa [ 221.311606][ T8376] should_failslab+0xc2/0x120 [ 221.311623][ T8376] __kmalloc_cache_noprof+0x7a/0x6f0 [ 221.311643][ T8376] ? tty_alloc_file+0x3f/0xa0 [ 221.311661][ T8376] ? kobject_get_unless_zero+0x156/0x200 [ 221.311679][ T8376] ? __pfx_ptmx_open+0x10/0x10 [ 221.311694][ T8376] tty_alloc_file+0x3f/0xa0 [ 221.311713][ T8376] ptmx_open+0x61/0x3c0 [ 221.311728][ T8376] ? __pfx_ptmx_open+0x10/0x10 [ 221.311742][ T8376] chrdev_open+0x234/0x6a0 [ 221.311757][ T8376] ? __pfx_apparmor_file_open+0x10/0x10 [ 221.311778][ T8376] ? __pfx_chrdev_open+0x10/0x10 [ 221.311795][ T8376] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 221.311816][ T8376] do_dentry_open+0x6d8/0x1660 [ 221.311831][ T8376] ? __pfx_chrdev_open+0x10/0x10 [ 221.311852][ T8376] vfs_open+0x82/0x3f0 [ 221.311873][ T8376] path_openat+0x208c/0x31a0 [ 221.311895][ T8376] ? __pfx_path_openat+0x10/0x10 [ 221.311916][ T8376] do_file_open+0x20e/0x430 [ 221.311934][ T8376] ? __pfx_do_file_open+0x10/0x10 [ 221.311962][ T8376] ? alloc_fd+0x476/0x790 [ 221.311979][ T8376] ? do_getname+0x191/0x390 [ 221.311998][ T8376] do_sys_openat2+0x10d/0x1e0 [ 221.312018][ T8376] ? __pfx_do_sys_openat2+0x10/0x10 [ 221.312039][ T8376] ? __pfx_sched_core_share_pid+0x10/0x10 [ 221.312059][ T8376] __x64_sys_openat+0x12d/0x210 [ 221.312079][ T8376] ? __pfx___x64_sys_openat+0x10/0x10 [ 221.312106][ T8376] do_syscall_64+0x10b/0xf80 [ 221.312119][ T8376] ? clear_bhb_loop+0x40/0x90 [ 221.312137][ T8376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 221.312152][ T8376] RIP: 0033:0x7f1df4b9c819 [ 221.312165][ T8376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 221.312179][ T8376] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 221.312194][ T8376] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 221.312203][ T8376] RDX: 0000000000088000 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 221.312212][ T8376] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 221.312220][ T8376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 221.312229][ T8376] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 221.312248][ T8376] [ 222.838259][ T8390] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size [ 226.292535][ T8431] netlink: 4 bytes leftover after parsing attributes in process `syz.0.718'. [ 226.407271][ T8437] netlink: 'syz.0.718': attribute type 1 has an invalid length. [ 226.500237][ T8437] netlink: 5 bytes leftover after parsing attributes in process `syz.0.718'. [ 227.580120][ T8445] FAULT_INJECTION: forcing a failure. [ 227.580120][ T8445] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 227.795283][ T8445] CPU: 0 UID: 0 PID: 8445 Comm: syz.2.721 Not tainted syzkaller #0 PREEMPT(full) [ 227.795305][ T8445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 227.795315][ T8445] Call Trace: [ 227.795320][ T8445] [ 227.795327][ T8445] dump_stack_lvl+0x100/0x190 [ 227.795355][ T8445] should_fail_ex.cold+0x5/0xa [ 227.795371][ T8445] ? prepare_alloc_pages+0x16d/0x5f0 [ 227.795390][ T8445] should_fail_alloc_page+0xeb/0x140 [ 227.795408][ T8445] prepare_alloc_pages+0x1f0/0x5f0 [ 227.795428][ T8445] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 227.795452][ T8445] ? __pfx_stack_trace_save+0x10/0x10 [ 227.795468][ T8445] ? stack_depot_save_flags+0x27/0x9d0 [ 227.795484][ T8445] ? kasan_save_stack+0x3f/0x50 [ 227.795498][ T8445] ? kasan_save_stack+0x30/0x50 [ 227.795510][ T8445] ? kasan_save_track+0x14/0x30 [ 227.795525][ T8445] ? kasan_save_stack+0x3f/0x50 [ 227.795537][ T8445] ? kasan_save_stack+0x30/0x50 [ 227.795550][ T8445] ? kasan_save_track+0x14/0x30 [ 227.795562][ T8445] ? __kasan_slab_alloc+0x89/0x90 [ 227.795576][ T8445] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 227.795598][ T8445] ? __anon_vma_prepare+0x344/0x5e0 [ 227.795619][ T8445] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 227.795648][ T8445] ? handle_mm_fault+0x36d/0xa20 [ 227.795667][ T8445] ? __get_user_pages+0xf9c/0x34d0 [ 227.795684][ T8445] ? populate_vma_page_range+0x267/0x3f0 [ 227.795702][ T8445] ? vm_mmap_pgoff+0x37f/0x470 [ 227.795719][ T8445] ? __x64_sys_mmap+0x125/0x190 [ 227.795740][ T8445] ? do_syscall_64+0x10b/0xf80 [ 227.795753][ T8445] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.795773][ T8445] ? __lock_acquire+0x4a5/0x2630 [ 227.795795][ T8445] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 227.795811][ T8445] ? policy_nodemask+0xed/0x4f0 [ 227.795829][ T8445] alloc_pages_mpol+0x1fb/0x550 [ 227.795846][ T8445] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 227.795862][ T8445] ? __anon_vma_prepare+0x2db/0x5e0 [ 227.795881][ T8445] ? __anon_vma_prepare+0x2db/0x5e0 [ 227.795904][ T8445] folio_alloc_mpol_noprof+0x36/0x340 [ 227.795923][ T8445] vma_alloc_folio_noprof+0xed/0x1d0 [ 227.795942][ T8445] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 227.795960][ T8445] ? __anon_vma_prepare+0x2e2/0x5e0 [ 227.795984][ T8445] do_anonymous_page+0xb3a/0x1fb0 [ 227.796007][ T8445] ? __pmd_alloc+0x3fb/0x950 [ 227.796026][ T8445] __handle_mm_fault+0x1d48/0x2b60 [ 227.796049][ T8445] ? mt_find+0x45e/0x8e0 [ 227.796065][ T8445] ? __pfx___handle_mm_fault+0x10/0x10 [ 227.796083][ T8445] ? __pfx_mt_find+0x10/0x10 [ 227.796112][ T8445] handle_mm_fault+0x36d/0xa20 [ 227.796136][ T8445] __get_user_pages+0xf9c/0x34d0 [ 227.796160][ T8445] ? __pfx___get_user_pages+0x10/0x10 [ 227.796182][ T8445] populate_vma_page_range+0x267/0x3f0 [ 227.796201][ T8445] ? __pfx_populate_vma_page_range+0x10/0x10 [ 227.796219][ T8445] ? __pfx_find_vma_intersection+0x10/0x10 [ 227.796240][ T8445] __mm_populate+0x107/0x3a0 [ 227.796259][ T8445] ? __pfx___mm_populate+0x10/0x10 [ 227.796278][ T8445] ? up_write+0x406/0x4f0 [ 227.796300][ T8445] vm_mmap_pgoff+0x37f/0x470 [ 227.796320][ T8445] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 227.796338][ T8445] ? do_futex+0x192/0x350 [ 227.796358][ T8445] ? __pfx_do_futex+0x10/0x10 [ 227.796376][ T8445] ? find_held_lock+0x2b/0x80 [ 227.796392][ T8445] ksys_mmap_pgoff+0xe1/0x650 [ 227.796409][ T8445] ? __x64_sys_futex+0x34f/0x4d0 [ 227.796426][ T8445] ? __x64_sys_futex+0x358/0x4d0 [ 227.796445][ T8445] ? __pfx_ksys_mmap_pgoff+0x10/0x10 [ 227.796462][ T8445] ? xfd_validate_state+0x129/0x190 [ 227.796487][ T8445] __x64_sys_mmap+0x125/0x190 [ 227.796511][ T8445] do_syscall_64+0x10b/0xf80 [ 227.796524][ T8445] ? clear_bhb_loop+0x40/0x90 [ 227.796541][ T8445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 227.796556][ T8445] RIP: 0033:0x7f1df4b9c819 [ 227.796570][ T8445] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 227.796585][ T8445] RSP: 002b:00007f1df5a85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 227.796601][ T8445] RAX: ffffffffffffffda RBX: 00007f1df4e16090 RCX: 00007f1df4b9c819 [ 227.796611][ T8445] RDX: 00000000000000df RSI: 0000000000400008 RDI: 0000000000000000 [ 227.796619][ T8445] RBP: 00007f1df4c32c91 R08: 0000000000000002 R09: 0000000000008000 [ 227.796635][ T8445] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000000 [ 227.796645][ T8445] R13: 00007f1df4e16128 R14: 00007f1df4e16090 R15: 00007ffe299149e8 [ 227.796665][ T8445] [ 228.858803][ T8441] zswap: compressor not available [ 230.076732][ T8467] netlink: 4 bytes leftover after parsing attributes in process `syz.3.727'. [ 230.101937][ T8467] netlink: 'syz.3.727': attribute type 1 has an invalid length. [ 230.137817][ T8467] netlink: 5 bytes leftover after parsing attributes in process `syz.3.727'. [ 230.194382][ T8468] Invalid ELF header magic: != ELF [ 230.981153][ T8479] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 233.172788][ T8509] FAULT_INJECTION: forcing a failure. [ 233.172788][ T8509] name failslab, interval 1, probability 0, space 0, times 0 [ 233.285613][ T8511] snd_virmidi snd_virmidi.0: control 61678:131081:3:y>o[k<:1 is already present [ 233.408101][ T8509] CPU: 0 UID: 0 PID: 8509 Comm: syz.0.739 Not tainted syzkaller #0 PREEMPT(full) [ 233.408124][ T8509] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 233.408133][ T8509] Call Trace: [ 233.408138][ T8509] [ 233.408145][ T8509] dump_stack_lvl+0x100/0x190 [ 233.408173][ T8509] should_fail_ex.cold+0x5/0xa [ 233.408193][ T8509] should_failslab+0xc2/0x120 [ 233.408210][ T8509] __kmalloc_cache_noprof+0x7a/0x6f0 [ 233.408229][ T8509] ? refill_pi_state_cache+0x91/0x260 [ 233.408254][ T8509] refill_pi_state_cache+0x91/0x260 [ 233.408276][ T8509] futex_lock_pi+0x177/0x7b0 [ 233.408299][ T8509] ? __pfx_futex_lock_pi+0x10/0x10 [ 233.408325][ T8509] ? __pfx___futex_wait+0x10/0x10 [ 233.408346][ T8509] ? lockdep_hardirqs_on+0x78/0x100 [ 233.408383][ T8509] ? __pfx_futex_wake_mark+0x10/0x10 [ 233.408408][ T8509] ? __get_user_nocheck_8+0x20/0x20 [ 233.408428][ T8509] ? do_vfs_ioctl+0x226/0x13e0 [ 233.408452][ T8509] do_futex+0x18a/0x350 [ 233.408470][ T8509] ? __pfx_do_futex+0x10/0x10 [ 233.408490][ T8509] ? find_held_lock+0x2b/0x80 [ 233.408506][ T8509] __x64_sys_futex+0x34f/0x4d0 [ 233.408528][ T8509] ? __pfx___x64_sys_futex+0x10/0x10 [ 233.408553][ T8509] do_syscall_64+0x10b/0xf80 [ 233.408566][ T8509] ? clear_bhb_loop+0x40/0x90 [ 233.408583][ T8509] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.408598][ T8509] RIP: 0033:0x7f949a59c819 [ 233.408612][ T8509] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 233.408626][ T8509] RSP: 002b:00007f949b4bd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 233.408640][ T8509] RAX: ffffffffffffffda RBX: 00007f949a816090 RCX: 00007f949a59c819 [ 233.408650][ T8509] RDX: 0000000000000008 RSI: 0000000000000006 RDI: 0000000000000000 [ 233.408658][ T8509] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 000000008000fff5 [ 233.408666][ T8509] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.408675][ T8509] R13: 00007f949a816128 R14: 00007f949a816090 R15: 00007ffc7f3d6a98 [ 233.408693][ T8509] [ 234.010060][ T8514] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'. [ 234.056386][ T8514] dummy0: left allmulticast mode [ 234.061348][ T8514] dummy0: left promiscuous mode [ 234.105108][ T8514] bridge0: port 3(dummy0) entered disabled state [ 234.540855][ T8514] bridge_slave_1: left allmulticast mode [ 234.547030][ T8514] bridge_slave_1: left promiscuous mode [ 234.552790][ T8514] bridge0: port 2(bridge_slave_1) entered disabled state [ 234.604528][ T8514] bridge_slave_0: left allmulticast mode [ 234.651785][ T8514] bridge_slave_0: left promiscuous mode [ 234.658357][ T8514] bridge0: port 1(bridge_slave_0) entered disabled state [ 234.720632][ T29] audit: type=1800 audit(4294967357.130:7): pid=8516 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.741" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 235.283141][ T8524] FAULT_INJECTION: forcing a failure. [ 235.283141][ T8524] name failslab, interval 1, probability 0, space 0, times 0 [ 235.331116][ T8524] CPU: 0 UID: 0 PID: 8524 Comm: syz.1.744 Not tainted syzkaller #0 PREEMPT(full) [ 235.331138][ T8524] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 235.331148][ T8524] Call Trace: [ 235.331153][ T8524] [ 235.331159][ T8524] dump_stack_lvl+0x100/0x190 [ 235.331188][ T8524] should_fail_ex.cold+0x5/0xa [ 235.331207][ T8524] should_failslab+0xc2/0x120 [ 235.331224][ T8524] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 235.331240][ T8524] ? devinet_init_net+0xca/0x8d0 [ 235.331259][ T8524] kmemdup_noprof+0x29/0x60 [ 235.331274][ T8524] devinet_init_net+0xca/0x8d0 [ 235.331290][ T8524] ? __pfx_devinet_init_net+0x10/0x10 [ 235.331305][ T8524] ops_init+0x1e2/0x5f0 [ 235.331329][ T8524] setup_net+0x118/0x3a0 [ 235.331342][ T8524] ? __pfx_setup_net+0x10/0x10 [ 235.331354][ T8524] ? lockdep_init_map_type+0x5c/0x250 [ 235.331374][ T8524] ? mutex_init_lockep+0x110/0x150 [ 235.331396][ T8524] copy_net_ns+0x46f/0x7c0 [ 235.331413][ T8524] create_new_namespaces+0x3ea/0xac0 [ 235.331433][ T8524] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 235.331450][ T8524] ksys_unshare+0x473/0xad0 [ 235.331469][ T8524] ? __pfx_ksys_unshare+0x10/0x10 [ 235.331494][ T8524] __x64_sys_unshare+0x31/0x40 [ 235.331512][ T8524] do_syscall_64+0x10b/0xf80 [ 235.331525][ T8524] ? clear_bhb_loop+0x40/0x90 [ 235.331543][ T8524] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.331558][ T8524] RIP: 0033:0x7f85d979c819 [ 235.331571][ T8524] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 235.331585][ T8524] RSP: 002b:00007f85da58e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 235.331599][ T8524] RAX: ffffffffffffffda RBX: 00007f85d9a16090 RCX: 00007f85d979c819 [ 235.331608][ T8524] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 235.331617][ T8524] RBP: 00007f85d9832c91 R08: 0000000000000000 R09: 0000000000000000 [ 235.331625][ T8524] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 235.331633][ T8524] R13: 00007f85d9a16128 R14: 00007f85d9a16090 R15: 00007ffd29a9cbe8 [ 235.331652][ T8524] [ 236.856270][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.1.750'. [ 236.913466][ T8540] netlink: 'syz.1.750': attribute type 3 has an invalid length. [ 236.961019][ T8540] netlink: 17 bytes leftover after parsing attributes in process `syz.1.750'. [ 236.989040][ T29] audit: type=1800 audit(4294967359.400:8): pid=8545 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.751" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 237.292481][ T8550] netlink: 25 bytes leftover after parsing attributes in process `syz.1.753'. [ 237.667123][ T8555] netlink: 28 bytes leftover after parsing attributes in process `syz.3.754'. [ 238.434717][ T8564] netlink: 354 bytes leftover after parsing attributes in process `syz.3.757'. [ 238.480475][ T8566] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 238.706238][ T8566] File: /dev/nullb0 PID: 8566 Comm: syz.0.756 [ 238.790325][ T8571] netlink: 'syz.2.758': attribute type 1 has an invalid length. [ 238.856300][ T8571] netlink: 9 bytes leftover after parsing attributes in process `syz.2.758'. [ 240.559208][ T8599] usbip-vudc usbip-vudc.0: gadget not bound [ 240.666977][ T8593] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 241.034730][ T8602] hub 1-0:1.0: USB hub found [ 241.040099][ T8606] FAULT_INJECTION: forcing a failure. [ 241.040099][ T8606] name failslab, interval 1, probability 0, space 0, times 0 [ 241.187999][ T8602] hub 1-0:1.0: 1 port detected [ 241.194776][ T8606] CPU: 0 UID: 0 PID: 8606 Comm: syz.3.768 Not tainted syzkaller #0 PREEMPT(full) [ 241.194797][ T8606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 241.194809][ T8606] Call Trace: [ 241.194815][ T8606] [ 241.194821][ T8606] dump_stack_lvl+0x100/0x190 [ 241.194848][ T8606] should_fail_ex.cold+0x5/0xa [ 241.194868][ T8606] should_failslab+0xc2/0x120 [ 241.194885][ T8606] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 241.194901][ T8606] ? __devinet_sysctl_register+0xbc/0x360 [ 241.194921][ T8606] kmemdup_noprof+0x29/0x60 [ 241.194937][ T8606] __devinet_sysctl_register+0xbc/0x360 [ 241.194953][ T8606] ? trace_kmalloc+0x101/0x130 [ 241.194970][ T8606] ? __pfx___devinet_sysctl_register+0x10/0x10 [ 241.194990][ T8606] ? __asan_memcpy+0x3c/0x60 [ 241.195012][ T8606] devinet_init_net+0x334/0x8d0 [ 241.195029][ T8606] ? __pfx_devinet_init_net+0x10/0x10 [ 241.195044][ T8606] ops_init+0x1e2/0x5f0 [ 241.195068][ T8606] setup_net+0x118/0x3a0 [ 241.195081][ T8606] ? __pfx_setup_net+0x10/0x10 [ 241.195093][ T8606] ? lockdep_init_map_type+0x5c/0x250 [ 241.195113][ T8606] ? mutex_init_lockep+0x110/0x150 [ 241.195136][ T8606] copy_net_ns+0x46f/0x7c0 [ 241.195153][ T8606] create_new_namespaces+0x3ea/0xac0 [ 241.195173][ T8606] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 241.195190][ T8606] ksys_unshare+0x473/0xad0 [ 241.195210][ T8606] ? __pfx_ksys_unshare+0x10/0x10 [ 241.195238][ T8606] __x64_sys_unshare+0x31/0x40 [ 241.195256][ T8606] do_syscall_64+0x10b/0xf80 [ 241.195269][ T8606] ? clear_bhb_loop+0x40/0x90 [ 241.195288][ T8606] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 241.195310][ T8606] RIP: 0033:0x7f65e079c819 [ 241.195324][ T8606] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 241.195338][ T8606] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 241.195356][ T8606] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 241.195366][ T8606] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 241.195376][ T8606] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 241.195385][ T8606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 241.195393][ T8606] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 241.195412][ T8606] [ 242.384205][ T8625] FAULT_INJECTION: forcing a failure. [ 242.384205][ T8625] name failslab, interval 1, probability 0, space 0, times 0 [ 242.547928][ T8625] CPU: 0 UID: 0 PID: 8625 Comm: syz.2.774 Not tainted syzkaller #0 PREEMPT(full) [ 242.547950][ T8625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 242.547959][ T8625] Call Trace: [ 242.547965][ T8625] [ 242.547972][ T8625] dump_stack_lvl+0x100/0x190 [ 242.548001][ T8625] should_fail_ex.cold+0x5/0xa [ 242.548021][ T8625] should_failslab+0xc2/0x120 [ 242.548038][ T8625] __kmalloc_cache_noprof+0x7a/0x6f0 [ 242.548058][ T8625] ? device_add+0xd3a/0x1950 [ 242.548078][ T8625] device_add+0xd3a/0x1950 [ 242.548091][ T8625] ? dev_set_name+0xc7/0x100 [ 242.548108][ T8625] ? __pfx_dev_set_name+0x10/0x10 [ 242.548126][ T8625] ? __pfx_device_add+0x10/0x10 [ 242.548140][ T8625] ? lockdep_init_map_type+0x5c/0x250 [ 242.548165][ T8625] ? __init_waitqueue_head+0xca/0x150 [ 242.548191][ T8625] rfkill_register+0x1ad/0xb30 [ 242.548214][ T8625] nfc_register_device+0x11f/0x3e0 [ 242.548239][ T8625] nci_register_device+0x7f1/0xb80 [ 242.548259][ T8625] ? __pfx_nci_register_device+0x10/0x10 [ 242.548281][ T8625] ? lockdep_init_map_type+0x5c/0x250 [ 242.548303][ T8625] virtual_ncidev_open+0x141/0x220 [ 242.548323][ T8625] ? __pfx_virtual_ncidev_open+0x10/0x10 [ 242.548341][ T8625] misc_open+0x26d/0x450 [ 242.548356][ T8625] ? __pfx_misc_open+0x10/0x10 [ 242.548370][ T8625] chrdev_open+0x234/0x6a0 [ 242.548385][ T8625] ? __pfx_apparmor_file_open+0x10/0x10 [ 242.548406][ T8625] ? __pfx_chrdev_open+0x10/0x10 [ 242.548423][ T8625] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 242.548444][ T8625] do_dentry_open+0x6d8/0x1660 [ 242.548459][ T8625] ? __pfx_chrdev_open+0x10/0x10 [ 242.548480][ T8625] vfs_open+0x82/0x3f0 [ 242.548501][ T8625] path_openat+0x208c/0x31a0 [ 242.548523][ T8625] ? __pfx_path_openat+0x10/0x10 [ 242.548546][ T8625] do_file_open+0x20e/0x430 [ 242.548563][ T8625] ? __pfx_do_file_open+0x10/0x10 [ 242.548593][ T8625] ? alloc_fd+0x476/0x790 [ 242.548610][ T8625] ? do_getname+0x191/0x390 [ 242.548630][ T8625] do_sys_openat2+0x10d/0x1e0 [ 242.548649][ T8625] ? __pfx_do_sys_openat2+0x10/0x10 [ 242.548676][ T8625] __x64_sys_openat+0x12d/0x210 [ 242.548696][ T8625] ? __pfx___x64_sys_openat+0x10/0x10 [ 242.548723][ T8625] do_syscall_64+0x10b/0xf80 [ 242.548736][ T8625] ? clear_bhb_loop+0x40/0x90 [ 242.548753][ T8625] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.548768][ T8625] RIP: 0033:0x7f1df4b9c819 [ 242.548782][ T8625] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 242.548796][ T8625] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 242.548810][ T8625] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 242.548820][ T8625] RDX: 0000000000000002 RSI: 0000200000000080 RDI: ffffffffffffff9c [ 242.548829][ T8625] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 242.548837][ T8625] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000000 [ 242.548847][ T8625] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 242.548867][ T8625] [ 244.955549][ T8657] hub 1-0:1.0: USB hub found [ 244.995470][ T8657] hub 1-0:1.0: 1 port detected [ 245.401211][ T8664] netlink: 'syz.3.783': attribute type 1 has an invalid length. [ 245.469678][ T8664] netlink: 9 bytes leftover after parsing attributes in process `syz.3.783'. [ 248.220098][ T8696] Device name cannot be null; rc = [-22] [ 250.083112][ T8715] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 254.655034][ T8783] Console: switching to colour VGA+ 80x25 [ 254.781473][ T8779] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 254.816796][ T8785] netlink: 4 bytes leftover after parsing attributes in process `syz.2.818'. [ 254.863849][ T8779] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 254.945972][ T8786] netlink: 'syz.2.818': attribute type 1 has an invalid length. [ 254.983124][ T8786] netlink: 5 bytes leftover after parsing attributes in process `syz.2.818'. [ 255.323476][ T8779] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 255.355756][ T29] audit: type=1800 audit(4294967377.760:9): pid=8798 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.822" name="dbroot" dev="configfs" ino=24531 res=0 errno=0 [ 255.385753][ T8779] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 255.601156][ T8779] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 255.669998][ T8779] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 255.693677][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 255.700024][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 255.849786][ T8779] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 255.883189][ T8779] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 256.179492][ T5830] Bluetooth: hci0: command 0x0406 tx timeout [ 256.304319][ T8779] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 256.951003][ T8817] FAULT_INJECTION: forcing a failure. [ 256.951003][ T8817] name failslab, interval 1, probability 0, space 0, times 0 [ 257.126238][ T8817] CPU: 0 UID: 0 PID: 8817 Comm: syz.3.827 Not tainted syzkaller #0 PREEMPT(full) [ 257.126262][ T8817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 257.126271][ T8817] Call Trace: [ 257.126276][ T8817] [ 257.126282][ T8817] dump_stack_lvl+0x100/0x190 [ 257.126310][ T8817] should_fail_ex.cold+0x5/0xa [ 257.126330][ T8817] should_failslab+0xc2/0x120 [ 257.126347][ T8817] __kvmalloc_node_noprof+0xfa/0xa00 [ 257.126361][ T8817] ? io_uring_setup.cold+0x171/0x1c7e [ 257.126384][ T8817] ? lockdep_init_map_type+0x5c/0x250 [ 257.126406][ T8817] io_uring_setup.cold+0x171/0x1c7e [ 257.126428][ T8817] ? ksys_write+0x190/0x250 [ 257.126444][ T8817] ? __pfx_io_uring_setup+0x10/0x10 [ 257.126462][ T8817] ? do_futex+0x192/0x350 [ 257.126481][ T8817] ? __pfx_do_futex+0x10/0x10 [ 257.126498][ T8817] ? __fget_files+0x215/0x3d0 [ 257.126520][ T8817] ? xfd_validate_state+0x129/0x190 [ 257.126547][ T8817] __x64_sys_io_uring_setup+0xc2/0x170 [ 257.126564][ T8817] do_syscall_64+0x10b/0xf80 [ 257.126586][ T8817] ? clear_bhb_loop+0x40/0x90 [ 257.126604][ T8817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 257.126619][ T8817] RIP: 0033:0x7f65e079c819 [ 257.126633][ T8817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 257.126648][ T8817] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 257.126662][ T8817] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 257.126672][ T8817] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 257.126680][ T8817] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 257.126688][ T8817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 257.126696][ T8817] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 257.126715][ T8817] [ 257.601209][ T5830] Bluetooth: hci1: command 0x0406 tx timeout [ 257.608862][ T5830] Bluetooth: hci2: command 0x0406 tx timeout [ 257.997460][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 258.276898][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 259.045900][ T8837] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=538976288 (1077952576 ns) > initial count (3830 ns). Using initial count to start timer. [ 259.685761][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 259.691798][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 260.006529][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 262.085683][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 262.463659][ T8887] FAULT_INJECTION: forcing a failure. [ 262.463659][ T8887] name failslab, interval 1, probability 0, space 0, times 0 [ 262.537843][ T8887] CPU: 0 UID: 0 PID: 8887 Comm: syz.3.846 Not tainted syzkaller #0 PREEMPT(full) [ 262.537867][ T8887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 262.537877][ T8887] Call Trace: [ 262.537882][ T8887] [ 262.537888][ T8887] dump_stack_lvl+0x100/0x190 [ 262.537918][ T8887] should_fail_ex.cold+0x5/0xa [ 262.537938][ T8887] should_failslab+0xc2/0x120 [ 262.537956][ T8887] __kmalloc_cache_noprof+0x7a/0x6f0 [ 262.537976][ T8887] ? netdev_init+0xa0/0x3c0 [ 262.537991][ T8887] ? __pfx_proc_create_net_data+0x10/0x10 [ 262.538007][ T8887] ? __pfx_uevent_net_rcv+0x10/0x10 [ 262.538037][ T8887] netdev_init+0xa0/0x3c0 [ 262.538053][ T8887] ? __pfx_netdev_init+0x10/0x10 [ 262.538070][ T8887] ops_init+0x1e2/0x5f0 [ 262.538094][ T8887] setup_net+0x118/0x3a0 [ 262.538109][ T8887] ? __pfx_setup_net+0x10/0x10 [ 262.538121][ T8887] ? lockdep_init_map_type+0x5c/0x250 [ 262.538142][ T8887] ? mutex_init_lockep+0x110/0x150 [ 262.538164][ T8887] copy_net_ns+0x46f/0x7c0 [ 262.538181][ T8887] create_new_namespaces+0x3ea/0xac0 [ 262.538202][ T8887] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 262.538219][ T8887] ksys_unshare+0x473/0xad0 [ 262.538238][ T8887] ? __pfx_ksys_unshare+0x10/0x10 [ 262.538263][ T8887] __x64_sys_unshare+0x31/0x40 [ 262.538281][ T8887] do_syscall_64+0x10b/0xf80 [ 262.538295][ T8887] ? clear_bhb_loop+0x40/0x90 [ 262.538312][ T8887] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.538327][ T8887] RIP: 0033:0x7f65e079c819 [ 262.538340][ T8887] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 262.538355][ T8887] RSP: 002b:00007f65e15cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 262.538370][ T8887] RAX: ffffffffffffffda RBX: 00007f65e0a16090 RCX: 00007f65e079c819 [ 262.538380][ T8887] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 262.538389][ T8887] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 262.538398][ T8887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 262.538406][ T8887] R13: 00007f65e0a16128 R14: 00007f65e0a16090 R15: 00007ffc1fac8c88 [ 262.538425][ T8887] [ 262.762447][ T8889] netlink: 28 bytes leftover after parsing attributes in process `syz.1.848'. [ 263.633452][ T8889] bond0: (slave ): Releasing backup interface [ 264.055695][ T29] audit: type=1804 audit(4294967386.450:10): pid=8908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.852" name="/newroot/231/file0" dev="tmpfs" ino=1240 res=1 errno=0 [ 264.247423][ T29] audit: type=1804 audit(4294967386.450:11): pid=8911 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.852" name="/newroot/231/file0" dev="tmpfs" ino=1240 res=1 errno=0 [ 265.752098][ T8952] usbip-vudc usbip-vudc.0: gadget not bound [ 266.875679][ T29] audit: type=1804 audit(4294967389.280:12): pid=8967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.865" name="/newroot/224/file0" dev="tmpfs" ino=1215 res=1 errno=0 [ 266.995723][ T29] audit: type=1804 audit(4294967389.310:13): pid=8970 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.865" name="/newroot/224/file0" dev="tmpfs" ino=1215 res=1 errno=0 [ 267.376553][ T8974] kmem.tcp.limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 267.981854][ T8982] netlink: 25 bytes leftover after parsing attributes in process `syz.3.868'. [ 268.626560][ T8984] tipc: Withdrawal distribution failure [ 270.001343][ T9001] vivid-007: ================= START STATUS ================= [ 270.097614][ T9001] vivid-007: Generate PTS: true [ 270.166228][ T9001] vivid-007: Generate SCR: true [ 270.171120][ T9001] tpg source WxH: 320x240 (Y'CbCr) [ 270.231141][ T9001] tpg field: 1 [ 270.234557][ T9001] tpg crop: (0,0)/320x240 [ 270.345098][ T9001] tpg compose: (0,0)/320x240 [ 270.475697][ T9001] tpg colorspace: 8 [ 270.479554][ T9001] tpg transfer function: 0/0 [ 270.484120][ T9001] tpg Y'CbCr encoding: 0/0 [ 270.711543][ T9001] tpg quantization: 0/0 [ 270.817423][ T9001] tpg RGB range: 0/2 [ 270.821370][ T9001] vivid-007: ================== END STATUS ================== [ 270.970310][ T5841] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 271.317256][ T9019] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable [ 271.901366][ T9026] netlink: 342 bytes leftover after parsing attributes in process `syz.2.878'. [ 272.828486][ T9036] FAULT_INJECTION: forcing a failure. [ 272.828486][ T9036] name failslab, interval 1, probability 0, space 0, times 0 [ 272.972209][ T9036] CPU: 0 UID: 0 PID: 9036 Comm: syz.0.881 Not tainted syzkaller #0 PREEMPT(full) [ 272.972234][ T9036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 272.972243][ T9036] Call Trace: [ 272.972249][ T9036] [ 272.972255][ T9036] dump_stack_lvl+0x100/0x190 [ 272.972283][ T9036] should_fail_ex.cold+0x5/0xa [ 272.972304][ T9036] should_failslab+0xc2/0x120 [ 272.972322][ T9036] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 272.972344][ T9036] ? alloc_uid+0x13d/0x4c0 [ 272.972363][ T9036] ? rcu_is_watching+0x12/0xc0 [ 272.972387][ T9036] alloc_uid+0x13d/0x4c0 [ 272.972405][ T9036] ? __pfx_alloc_uid+0x10/0x10 [ 272.972422][ T9036] ? bpf_lsm_capable+0x9/0x10 [ 272.972438][ T9036] ? security_capable+0x80/0x260 [ 272.972459][ T9036] __sys_setreuid+0x63c/0xb00 [ 272.972476][ T9036] do_syscall_64+0x10b/0xf80 [ 272.972490][ T9036] ? clear_bhb_loop+0x40/0x90 [ 272.972508][ T9036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 272.972523][ T9036] RIP: 0033:0x7f949a59c819 [ 272.972536][ T9036] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 272.972550][ T9036] RSP: 002b:00007f949b4de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 272.972565][ T9036] RAX: ffffffffffffffda RBX: 00007f949a815fa0 RCX: 00007f949a59c819 [ 272.972575][ T9036] RDX: 0000000000000000 RSI: 00000000000009d7 RDI: 0000000000000008 [ 272.972584][ T9036] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 0000000000000000 [ 272.972593][ T9036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 272.972601][ T9036] R13: 00007f949a816038 R14: 00007f949a815fa0 R15: 00007ffc7f3d6a98 [ 272.972620][ T9036] [ 274.586249][ T9059] netlink: 25 bytes leftover after parsing attributes in process `syz.2.886'. [ 277.318237][ T9102] netlink: 28 bytes leftover after parsing attributes in process `syz.0.900'. [ 277.527336][ T5841] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 277.934200][ T9117] netlink: 5 bytes leftover after parsing attributes in process `syz.1.903'. [ 277.973458][ T9117] netlink: 8 bytes leftover after parsing attributes in process `syz.1.903'. [ 282.535562][ T9150] netlink: 28 bytes leftover after parsing attributes in process `syz.3.912'. [ 282.688739][ T9156] netlink: 25 bytes leftover after parsing attributes in process `syz.0.910'. [ 283.573394][ T9173] netlink: 4 bytes leftover after parsing attributes in process `syz.3.917'. [ 283.684918][ T9176] netlink: 354 bytes leftover after parsing attributes in process `syz.3.917'. [ 286.152324][ T9219] FAULT_INJECTION: forcing a failure. [ 286.152324][ T9219] name failslab, interval 1, probability 0, space 0, times 0 [ 286.232459][ T9219] CPU: 0 UID: 0 PID: 9219 Comm: syz.1.930 Not tainted syzkaller #0 PREEMPT(full) [ 286.232483][ T9219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 286.232492][ T9219] Call Trace: [ 286.232498][ T9219] [ 286.232504][ T9219] dump_stack_lvl+0x100/0x190 [ 286.232532][ T9219] should_fail_ex.cold+0x5/0xa [ 286.232552][ T9219] should_failslab+0xc2/0x120 [ 286.232569][ T9219] __kmalloc_cache_noprof+0x7a/0x6f0 [ 286.232589][ T9219] ? landlock_init_hierarchy_log+0xa9/0x820 [ 286.232610][ T9219] landlock_init_hierarchy_log+0xa9/0x820 [ 286.232631][ T9219] landlock_merge_ruleset+0x676/0x830 [ 286.232652][ T9219] ? prepare_creds+0x5ee/0x950 [ 286.232676][ T9219] __do_sys_landlock_restrict_self+0x2af/0x9e0 [ 286.232700][ T9219] do_syscall_64+0x10b/0xf80 [ 286.232714][ T9219] ? clear_bhb_loop+0x40/0x90 [ 286.232732][ T9219] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 286.232747][ T9219] RIP: 0033:0x7f85d979c819 [ 286.232760][ T9219] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 286.232774][ T9219] RSP: 002b:00007f85d79f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001be [ 286.232788][ T9219] RAX: ffffffffffffffda RBX: 00007f85d9a16180 RCX: 00007f85d979c819 [ 286.232805][ T9219] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000000000000006 [ 286.232814][ T9219] RBP: 00007f85d9832c91 R08: 0000000000000000 R09: 0000000000000000 [ 286.232823][ T9219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 286.232832][ T9219] R13: 00007f85d9a16218 R14: 00007f85d9a16180 R15: 00007ffd29a9cbe8 [ 286.232851][ T9219] [ 287.527060][ T5841] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 288.140598][ T9244] FAULT_INJECTION: forcing a failure. [ 288.140598][ T9244] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 288.262625][ T9244] CPU: 0 UID: 0 PID: 9244 Comm: syz.0.935 Not tainted syzkaller #0 PREEMPT(full) [ 288.262648][ T9244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 288.262658][ T9244] Call Trace: [ 288.262663][ T9244] [ 288.262669][ T9244] dump_stack_lvl+0x100/0x190 [ 288.262698][ T9244] should_fail_ex.cold+0x5/0xa [ 288.262717][ T9244] _copy_to_user+0x32/0xd0 [ 288.262742][ T9244] poll_select_finish+0x32f/0x670 [ 288.262759][ T9244] ? __pfx_poll_select_finish+0x10/0x10 [ 288.262777][ T9244] ? ktime_get_ts64+0x2d2/0x3f0 [ 288.262795][ T9244] ? read_tsc+0x9/0x20 [ 288.262812][ T9244] ? ktime_get_ts64+0x256/0x3f0 [ 288.262830][ T9244] kern_select+0x21b/0x270 [ 288.262846][ T9244] ? __pfx_kern_select+0x10/0x10 [ 288.262867][ T9244] __x64_sys_select+0xbd/0x160 [ 288.262881][ T9244] ? do_syscall_64+0x90/0xf80 [ 288.262894][ T9244] ? lockdep_hardirqs_on+0x78/0x100 [ 288.262917][ T9244] do_syscall_64+0x10b/0xf80 [ 288.262929][ T9244] ? clear_bhb_loop+0x40/0x90 [ 288.262947][ T9244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 288.262962][ T9244] RIP: 0033:0x7f949a59c819 [ 288.262975][ T9244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 288.262989][ T9244] RSP: 002b:00007f949b4de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 288.263005][ T9244] RAX: ffffffffffffffda RBX: 00007f949a815fa0 RCX: 00007f949a59c819 [ 288.263014][ T9244] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000000000000001 [ 288.263023][ T9244] RBP: 00007f949a632c91 R08: 0000200000000200 R09: 0000000000000000 [ 288.263032][ T9244] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000 [ 288.263041][ T9244] R13: 00007f949a816038 R14: 00007f949a815fa0 R15: 00007ffc7f3d6a98 [ 288.263059][ T9244] [ 290.405805][ T9253] random: crng reseeded on system resumption [ 291.142662][ T9268] syz.0.942 uses obsolete (PF_INET,SOCK_PACKET) [ 291.367421][ T9266] serio: Serial port ttyS0 [ 292.839413][ T9293] netlink: 202 bytes leftover after parsing attributes in process `syz.2.949'. [ 293.025530][ T9297] random: crng reseeded on system resumption [ 294.167356][ T9317] netlink: 4 bytes leftover after parsing attributes in process `syz.1.954'. [ 294.219731][ T5830] Bluetooth: hci2: ACL packet for unknown connection handle 0 [ 294.248471][ T9317] netlink: 354 bytes leftover after parsing attributes in process `syz.1.954'. [ 295.013449][ T9330] ubi0: attaching mtd0 [ 295.057405][ T9330] ubi0: scanning is finished [ 295.075718][ T9330] ubi0: empty MTD device detected [ 295.358314][ T9330] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 295.378395][ T9330] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 295.410484][ T9330] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 295.446209][ T9330] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 295.479863][ T9330] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 295.515759][ T9330] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 295.549564][ T9330] ubi0: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 1971604089 [ 295.585312][ T9330] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 295.657962][ T9331] ubi0: detaching mtd0 [ 295.662095][ T9337] ubi0: background thread "ubi_bgt0d" started, PID 9337 [ 295.777886][ T9331] ubi0: mtd0 is detached [ 299.726670][ T9394] FAULT_INJECTION: forcing a failure. [ 299.726670][ T9394] name failslab, interval 1, probability 0, space 0, times 0 [ 299.788418][ T9394] CPU: 0 UID: 0 PID: 9394 Comm: syz.2.974 Not tainted syzkaller #0 PREEMPT(full) [ 299.788440][ T9394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 299.788450][ T9394] Call Trace: [ 299.788455][ T9394] [ 299.788462][ T9394] dump_stack_lvl+0x100/0x190 [ 299.788489][ T9394] should_fail_ex.cold+0x5/0xa [ 299.788510][ T9394] should_failslab+0xc2/0x120 [ 299.788527][ T9394] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 299.788551][ T9394] ? alloc_uid+0x13d/0x4c0 [ 299.788569][ T9394] ? rcu_is_watching+0x12/0xc0 [ 299.788593][ T9394] alloc_uid+0x13d/0x4c0 [ 299.788610][ T9394] ? __pfx_alloc_uid+0x10/0x10 [ 299.788628][ T9394] ? bpf_lsm_capable+0x9/0x10 [ 299.788643][ T9394] ? security_capable+0x80/0x260 [ 299.788664][ T9394] __sys_setreuid+0x63c/0xb00 [ 299.788682][ T9394] do_syscall_64+0x10b/0xf80 [ 299.788696][ T9394] ? clear_bhb_loop+0x40/0x90 [ 299.788714][ T9394] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.788729][ T9394] RIP: 0033:0x7f1df4b9c819 [ 299.788742][ T9394] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.788757][ T9394] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000071 [ 299.788772][ T9394] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 299.788783][ T9394] RDX: 0000000000000000 RSI: 00000000000009d7 RDI: 0000000000000008 [ 299.788791][ T9394] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 299.788800][ T9394] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 299.788808][ T9394] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 299.788826][ T9394] [ 302.860441][ T9453] FAULT_INJECTION: forcing a failure. [ 302.860441][ T9453] name fail_futex, interval 1, probability 0, space 0, times 0 [ 302.967397][ T9453] CPU: 0 UID: 2519 PID: 9453 Comm: syz.1.988 Not tainted syzkaller #0 PREEMPT(full) [ 302.967421][ T9453] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 302.967430][ T9453] Call Trace: [ 302.967436][ T9453] [ 302.967443][ T9453] dump_stack_lvl+0x100/0x190 [ 302.967472][ T9453] should_fail_ex.cold+0x5/0xa [ 302.967491][ T9453] get_futex_key+0x1d2/0x1620 [ 302.967512][ T9453] ? __pfx_get_futex_key+0x10/0x10 [ 302.967529][ T9453] ? __lock_acquire+0x4a5/0x2630 [ 302.967554][ T9453] futex_wake+0xea/0x530 [ 302.967575][ T9453] ? lock_acquire+0x1cf/0x380 [ 302.967594][ T9453] ? __pfx_futex_wake+0x10/0x10 [ 302.967620][ T9453] ? proc_id_connector+0x2ed/0x650 [ 302.967640][ T9453] do_futex+0x32b/0x350 [ 302.967659][ T9453] ? __pfx_do_futex+0x10/0x10 [ 302.967682][ T9453] __x64_sys_futex+0x34f/0x4d0 [ 302.967703][ T9453] ? __pfx___x64_sys_futex+0x10/0x10 [ 302.967729][ T9453] do_syscall_64+0x10b/0xf80 [ 302.967743][ T9453] ? clear_bhb_loop+0x40/0x90 [ 302.967760][ T9453] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.967775][ T9453] RIP: 0033:0x7f85d979c819 [ 302.967789][ T9453] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.967804][ T9453] RSP: 002b:00007f85da5af0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 302.967824][ T9453] RAX: ffffffffffffffda RBX: 00007f85d9a15fa8 RCX: 00007f85d979c819 [ 302.967834][ T9453] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f85d9a15fac [ 302.967844][ T9453] RBP: 00007f85d9a15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 302.967853][ T9453] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 302.967862][ T9453] R13: 00007f85d9a16038 R14: 00007ffd29a9cb00 R15: 00007ffd29a9cbe8 [ 302.967881][ T9453] [ 304.670910][ T9474] netlink: 'syz.3.993': attribute type 1 has an invalid length. [ 304.708099][ T9474] netlink: 9 bytes leftover after parsing attributes in process `syz.3.993'. [ 306.072258][ T9501] FAULT_INJECTION: forcing a failure. [ 306.072258][ T9501] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 306.200906][ T9501] CPU: 0 UID: 0 PID: 9501 Comm: syz.1.999 Not tainted syzkaller #0 PREEMPT(full) [ 306.200931][ T9501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 306.200941][ T9501] Call Trace: [ 306.200947][ T9501] [ 306.200953][ T9501] dump_stack_lvl+0x100/0x190 [ 306.200981][ T9501] should_fail_ex.cold+0x5/0xa [ 306.200997][ T9501] ? prepare_alloc_pages+0x16d/0x5f0 [ 306.201016][ T9501] should_fail_alloc_page+0xeb/0x140 [ 306.201035][ T9501] prepare_alloc_pages+0x1f0/0x5f0 [ 306.201052][ T9501] ? find_held_lock+0x2b/0x80 [ 306.201069][ T9501] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 306.201094][ T9501] ? __kfree_rcu_sheaf+0x19a/0x720 [ 306.201109][ T9501] ? mas_ascend+0x53d/0xb30 [ 306.201132][ T9501] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 306.201149][ T9501] ? mas_next_node+0x7f8/0xf30 [ 306.201171][ T9501] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 306.201196][ T9501] ? mt_validate_nulls+0x1b3/0x9c0 [ 306.201214][ T9501] ? __pfx_mt_validate_nulls+0x10/0x10 [ 306.201233][ T9501] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 306.201249][ T9501] ? policy_nodemask+0xed/0x4f0 [ 306.201267][ T9501] alloc_pages_mpol+0x1fb/0x550 [ 306.201283][ T9501] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 306.201300][ T9501] ? __lock_acquire+0x4a5/0x2630 [ 306.201321][ T9501] folio_alloc_mpol_noprof+0x36/0x340 [ 306.201341][ T9501] alloc_migration_target_by_mpol+0x2c1/0x650 [ 306.201362][ T9501] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 306.201382][ T9501] ? __pfx___might_resched+0x10/0x10 [ 306.201403][ T9501] ? is_bpf_text_address+0x8a/0x1a0 [ 306.201428][ T9501] migrate_pages_batch+0x4f2/0x4530 [ 306.201446][ T9501] ? kernel_text_address+0x20/0x100 [ 306.201467][ T9501] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 306.201495][ T9501] ? arch_stack_walk+0xa6/0xf0 [ 306.201518][ T9501] ? __pfx_migrate_pages_batch+0x10/0x10 [ 306.201537][ T9501] ? __pfx_stack_trace_save+0x10/0x10 [ 306.201555][ T9501] ? stack_depot_save_flags+0x27/0x9d0 [ 306.201571][ T9501] ? __split_vma+0x392/0xd90 [ 306.201593][ T9501] ? kasan_save_stack+0x3f/0x50 [ 306.201606][ T9501] ? kasan_save_stack+0x30/0x50 [ 306.201619][ T9501] ? kasan_save_track+0x14/0x30 [ 306.201632][ T9501] ? __kasan_slab_alloc+0x89/0x90 [ 306.201647][ T9501] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 306.201670][ T9501] ? __mpol_dup+0x74/0x390 [ 306.201685][ T9501] ? mbind_range+0x2ad/0x550 [ 306.201704][ T9501] migrate_pages_sync+0x12c/0x880 [ 306.201724][ T9501] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 306.201748][ T9501] ? __pfx_migrate_pages_sync+0x10/0x10 [ 306.201768][ T9501] ? __lock_acquire+0x4a5/0x2630 [ 306.201791][ T9501] migrate_pages+0x1aae/0x28a0 [ 306.201812][ T9501] ? __pfx_alloc_migration_target_by_mpol+0x10/0x10 [ 306.201836][ T9501] ? __pfx_migrate_pages+0x10/0x10 [ 306.201856][ T9501] ? find_held_lock+0x2b/0x80 [ 306.201871][ T9501] ? do_mbind+0x555/0xfd0 [ 306.201892][ T9501] ? up_write+0x290/0x4f0 [ 306.201913][ T9501] do_mbind+0x5a4/0xfd0 [ 306.201937][ T9501] ? __pfx_do_mbind+0x10/0x10 [ 306.201955][ T9501] ? ksys_write+0x190/0x250 [ 306.201968][ T9501] ? ksys_write+0x190/0x250 [ 306.201990][ T9501] ? __pfx_get_nodes+0x10/0x10 [ 306.202009][ T9501] kernel_mbind+0x1b7/0x200 [ 306.202029][ T9501] ? __pfx_kernel_mbind+0x10/0x10 [ 306.202053][ T9501] do_syscall_64+0x10b/0xf80 [ 306.202067][ T9501] ? clear_bhb_loop+0x40/0x90 [ 306.202084][ T9501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 306.202099][ T9501] RIP: 0033:0x7f85d979c819 [ 306.202113][ T9501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 306.202127][ T9501] RSP: 002b:00007f85d79f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed [ 306.202142][ T9501] RAX: ffffffffffffffda RBX: 00007f85d9a16180 RCX: 00007f85d979c819 [ 306.202152][ T9501] RDX: 0000000000000004 RSI: 00000000002091d2 RDI: 0000000000000000 [ 306.202161][ T9501] RBP: 00007f85d9832c91 R08: 0000002000000006 R09: 0000000000000002 [ 306.202171][ T9501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 306.202180][ T9501] R13: 00007f85d9a16218 R14: 00007f85d9a16180 R15: 00007ffd29a9cbe8 [ 306.202200][ T9501] [ 307.272547][ T9518] FAULT_INJECTION: forcing a failure. [ 307.272547][ T9518] name failslab, interval 1, probability 0, space 0, times 0 [ 307.272599][ T9518] CPU: 0 UID: 0 PID: 9518 Comm: syz.1.1004 Not tainted syzkaller #0 PREEMPT(full) [ 307.272617][ T9518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 307.272626][ T9518] Call Trace: [ 307.272631][ T9518] [ 307.272636][ T9518] dump_stack_lvl+0x100/0x190 [ 307.272665][ T9518] should_fail_ex.cold+0x5/0xa [ 307.272684][ T9518] should_failslab+0xc2/0x120 [ 307.272700][ T9518] __kmalloc_cache_noprof+0x7a/0x6f0 [ 307.272720][ T9518] ? snd_midi_event_new+0x6f/0x210 [ 307.272739][ T9518] snd_midi_event_new+0x6f/0x210 [ 307.272754][ T9518] snd_virmidi_input_open+0x107/0x4d0 [ 307.272773][ T9518] open_substream+0x480/0x9e0 [ 307.272793][ T9518] rawmidi_open_priv+0x524/0x6f0 [ 307.272816][ T9518] snd_rawmidi_open+0x4c9/0xba0 [ 307.272839][ T9518] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 307.272860][ T9518] ? __pfx_default_wake_function+0x10/0x10 [ 307.272876][ T9518] ? soundcore_open+0x231/0x5a0 [ 307.272891][ T9518] ? soundcore_open+0x231/0x5a0 [ 307.272907][ T9518] ? __pfx_snd_rawmidi_open+0x10/0x10 [ 307.272928][ T9518] soundcore_open+0x2e3/0x5a0 [ 307.272944][ T9518] ? __pfx_soundcore_open+0x10/0x10 [ 307.272959][ T9518] chrdev_open+0x234/0x6a0 [ 307.272975][ T9518] ? __pfx_apparmor_file_open+0x10/0x10 [ 307.272995][ T9518] ? __pfx_chrdev_open+0x10/0x10 [ 307.273012][ T9518] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 307.273033][ T9518] do_dentry_open+0x6d8/0x1660 [ 307.273048][ T9518] ? __pfx_chrdev_open+0x10/0x10 [ 307.273068][ T9518] vfs_open+0x82/0x3f0 [ 307.273088][ T9518] path_openat+0x208c/0x31a0 [ 307.273110][ T9518] ? __pfx_path_openat+0x10/0x10 [ 307.273133][ T9518] do_file_open+0x20e/0x430 [ 307.273150][ T9518] ? __pfx_do_file_open+0x10/0x10 [ 307.273178][ T9518] ? alloc_fd+0x476/0x790 [ 307.273196][ T9518] ? do_getname+0x191/0x390 [ 307.273216][ T9518] do_sys_openat2+0x10d/0x1e0 [ 307.273235][ T9518] ? __pfx_do_sys_openat2+0x10/0x10 [ 307.273256][ T9518] ? __fget_files+0x21f/0x3d0 [ 307.273274][ T9518] __x64_sys_openat+0x12d/0x210 [ 307.273294][ T9518] ? __pfx___x64_sys_openat+0x10/0x10 [ 307.273324][ T9518] do_syscall_64+0x10b/0xf80 [ 307.273339][ T9518] ? clear_bhb_loop+0x40/0x90 [ 307.273357][ T9518] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 307.273379][ T9518] RIP: 0033:0x7f85d979c819 [ 307.273392][ T9518] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 307.273407][ T9518] RSP: 002b:00007f85da58e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 307.273421][ T9518] RAX: ffffffffffffffda RBX: 00007f85d9a16090 RCX: 00007f85d979c819 [ 307.273431][ T9518] RDX: 0000000000000800 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 307.273440][ T9518] RBP: 00007f85d9832c91 R08: 0000000000000000 R09: 0000000000000000 [ 307.273449][ T9518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 307.273458][ T9518] R13: 00007f85d9a16128 R14: 00007f85d9a16090 R15: 00007ffd29a9cbe8 [ 307.273477][ T9518] [ 309.476470][ T9525] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1007'. [ 309.918933][ T9544] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 311.150854][ T9559] can0: slcan on ttyS2. [ 311.309450][ T9558] can0 (unregistered): slcan off ttyS2. [ 312.329310][ T9597] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1023'. [ 317.133073][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.141467][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.335782][ T9702] FAULT_INJECTION: forcing a failure. [ 317.335782][ T9702] name failslab, interval 1, probability 0, space 0, times 0 [ 317.392205][ T9702] CPU: 0 UID: 0 PID: 9702 Comm: syz.3.1051 Not tainted syzkaller #0 PREEMPT(full) [ 317.392228][ T9702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 317.392238][ T9702] Call Trace: [ 317.392243][ T9702] [ 317.392249][ T9702] dump_stack_lvl+0x100/0x190 [ 317.392277][ T9702] should_fail_ex.cold+0x5/0xa [ 317.392301][ T9702] should_failslab+0xc2/0x120 [ 317.392319][ T9702] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 317.392342][ T9702] ? skb_clone+0x190/0x400 [ 317.392363][ T9702] ? nf_nat_ipv4_local_fn+0xb2/0x5a0 [ 317.392386][ T9702] skb_clone+0x190/0x400 [ 317.392408][ T9702] ip_mc_output+0x531/0xd70 [ 317.392425][ T9702] ? __pfx_ip_mc_output+0x10/0x10 [ 317.392441][ T9702] ? __pfx_dst_output+0x10/0x10 [ 317.392456][ T9702] ? csum_tcpudp_nofold+0x24/0x50 [ 317.392476][ T9702] ? __pfx_ip_mc_output+0x10/0x10 [ 317.392492][ T9702] ip_send_skb+0x24c/0x2a0 [ 317.392508][ T9702] udp_send_skb+0xb16/0x1610 [ 317.392535][ T9702] udp_sendmsg+0x17fa/0x2890 [ 317.392561][ T9702] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 317.392585][ T9702] ? __pfx_udp_sendmsg+0x10/0x10 [ 317.392608][ T9702] ? __lock_acquire+0x4a5/0x2630 [ 317.392647][ T9702] ? __pfx_udp_sendmsg+0x10/0x10 [ 317.392669][ T9702] inet_sendmsg+0x105/0x140 [ 317.392687][ T9702] sock_write_iter+0x4ea/0x5a0 [ 317.392703][ T9702] ? __pfx_inet_sendmsg+0x10/0x10 [ 317.392720][ T9702] ? __pfx_sock_write_iter+0x10/0x10 [ 317.392742][ T9702] ? bpf_lsm_file_permission+0x9/0x10 [ 317.392756][ T9702] ? security_file_permission+0x76/0x210 [ 317.392780][ T9702] ? rw_verify_area+0xce/0x6d0 [ 317.392804][ T9702] vfs_write+0x6ac/0x1070 [ 317.392818][ T9702] ? __pfx_sock_write_iter+0x10/0x10 [ 317.392836][ T9702] ? __pfx_vfs_write+0x10/0x10 [ 317.392849][ T9702] ? find_held_lock+0x2b/0x80 [ 317.392874][ T9702] ksys_write+0x1f8/0x250 [ 317.392888][ T9702] ? __pfx_ksys_write+0x10/0x10 [ 317.392907][ T9702] do_syscall_64+0x10b/0xf80 [ 317.392921][ T9702] ? clear_bhb_loop+0x40/0x90 [ 317.392938][ T9702] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 317.392953][ T9702] RIP: 0033:0x7f65e079c819 [ 317.392967][ T9702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 317.392981][ T9702] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 317.392996][ T9702] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 317.393006][ T9702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003 [ 317.393015][ T9702] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 317.393024][ T9702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 317.393032][ T9702] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 317.393051][ T9702] [ 318.398370][ T9706] Page cache invalidation failure on direct I/O. Possible data corruption due to collision with buffered I/O! [ 318.535716][ T9706] File: /dev/nullb0 PID: 9706 Comm: syz.1.1050 [ 319.317267][ T9715] netlink: zone id is out of range [ 319.376029][ T9715] netlink: zone id is out of range [ 319.436782][ T9720] netlink: zone id is out of range [ 319.441936][ T9720] netlink: zone id is out of range [ 319.487099][ T9715] netlink: zone id is out of range [ 319.525167][ T9715] netlink: zone id is out of range [ 319.567189][ T9720] netlink: zone id is out of range [ 319.600542][ T9715] netlink: zone id is out of range [ 319.663529][ T9720] netlink: zone id is out of range [ 319.674480][ T9715] netlink: zone id is out of range [ 321.924199][ T9762] random: crng reseeded on system resumption [ 322.014265][ T9762] FAULT_INJECTION: forcing a failure. [ 322.014265][ T9762] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 322.254988][ T9762] CPU: 0 UID: 0 PID: 9762 Comm: syz.2.1065 Not tainted syzkaller #0 PREEMPT(full) [ 322.255011][ T9762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 322.255020][ T9762] Call Trace: [ 322.255026][ T9762] [ 322.255032][ T9762] dump_stack_lvl+0x100/0x190 [ 322.255064][ T9762] should_fail_ex.cold+0x5/0xa [ 322.255080][ T9762] ? prepare_alloc_pages+0x16d/0x5f0 [ 322.255100][ T9762] should_fail_alloc_page+0xeb/0x140 [ 322.255117][ T9762] prepare_alloc_pages+0x1f0/0x5f0 [ 322.255138][ T9762] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 322.255162][ T9762] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 322.255191][ T9762] ? stack_trace_save+0x8e/0xc0 [ 322.255207][ T9762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 322.255230][ T9762] ? stack_depot_save_flags+0x27/0x9d0 [ 322.255246][ T9762] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 322.255272][ T9762] ? kasan_save_stack+0x3f/0x50 [ 322.255285][ T9762] ? kasan_save_stack+0x30/0x50 [ 322.255298][ T9762] ? kasan_save_track+0x14/0x30 [ 322.255315][ T9762] ? do_sys_openat2+0x10d/0x1e0 [ 322.255333][ T9762] ? __x64_sys_openat+0x12d/0x210 [ 322.255352][ T9762] ? do_syscall_64+0x10b/0xf80 [ 322.255365][ T9762] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.255381][ T9762] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 322.255398][ T9762] ? policy_nodemask+0xed/0x4f0 [ 322.255416][ T9762] alloc_pages_mpol+0x1fb/0x550 [ 322.255433][ T9762] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 322.255450][ T9762] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 322.255469][ T9762] alloc_pages_noprof+0x136/0x390 [ 322.255486][ T9762] get_zeroed_page_noprof+0x18/0xb0 [ 322.255503][ T9762] get_image_page+0x18/0x1a0 [ 322.255526][ T9762] alloc_rtree_node+0x3c/0xb0 [ 322.255541][ T9762] memory_bm_create+0x65e/0xba0 [ 322.255563][ T9762] create_basic_memory_bitmaps+0x10b/0x350 [ 322.255582][ T9762] snapshot_open+0x230/0x2a0 [ 322.255602][ T9762] ? __pfx_snapshot_open+0x10/0x10 [ 322.255620][ T9762] misc_open+0x26d/0x450 [ 322.255635][ T9762] ? __pfx_misc_open+0x10/0x10 [ 322.255650][ T9762] chrdev_open+0x234/0x6a0 [ 322.255666][ T9762] ? __pfx_apparmor_file_open+0x10/0x10 [ 322.255686][ T9762] ? __pfx_chrdev_open+0x10/0x10 [ 322.255703][ T9762] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 322.255724][ T9762] do_dentry_open+0x6d8/0x1660 [ 322.255739][ T9762] ? __pfx_chrdev_open+0x10/0x10 [ 322.255760][ T9762] vfs_open+0x82/0x3f0 [ 322.255781][ T9762] path_openat+0x208c/0x31a0 [ 322.255810][ T9762] ? __pfx_path_openat+0x10/0x10 [ 322.255833][ T9762] do_file_open+0x20e/0x430 [ 322.255851][ T9762] ? __pfx_do_file_open+0x10/0x10 [ 322.255882][ T9762] ? alloc_fd+0x476/0x790 [ 322.255900][ T9762] ? do_getname+0x191/0x390 [ 322.255921][ T9762] do_sys_openat2+0x10d/0x1e0 [ 322.255941][ T9762] ? __pfx_do_sys_openat2+0x10/0x10 [ 322.255967][ T9762] __x64_sys_openat+0x12d/0x210 [ 322.255987][ T9762] ? __pfx___x64_sys_openat+0x10/0x10 [ 322.256014][ T9762] do_syscall_64+0x10b/0xf80 [ 322.256028][ T9762] ? clear_bhb_loop+0x40/0x90 [ 322.256047][ T9762] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.256064][ T9762] RIP: 0033:0x7f1df4b9c819 [ 322.256078][ T9762] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 322.256093][ T9762] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 322.256108][ T9762] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 322.256119][ T9762] RDX: 0000000000008001 RSI: 0000200000000000 RDI: ffffffffffffff9c [ 322.256128][ T9762] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 322.256138][ T9762] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.256147][ T9762] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 322.256167][ T9762] [ 323.208495][ T9756] can: request_module (can-proto-3) failed. [ 327.727524][ T9812] netlink: 350 bytes leftover after parsing attributes in process `syz.3.1083'. [ 331.651103][ T9876] syz.0.1094 calls setitimer() with new_value NULL pointer. Misfeature support will be removed [ 332.037714][ T9876] FAULT_INJECTION: forcing a failure. [ 332.037714][ T9876] name failslab, interval 1, probability 0, space 0, times 0 [ 332.168403][ T9876] CPU: 0 UID: 0 PID: 9876 Comm: syz.0.1094 Not tainted syzkaller #0 PREEMPT(full) [ 332.168427][ T9876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 332.168436][ T9876] Call Trace: [ 332.168442][ T9876] [ 332.168448][ T9876] dump_stack_lvl+0x100/0x190 [ 332.168477][ T9876] should_fail_ex.cold+0x5/0xa [ 332.168497][ T9876] should_failslab+0xc2/0x120 [ 332.168514][ T9876] __kmalloc_cache_noprof+0x7a/0x6f0 [ 332.168534][ T9876] ? trace_pid_list_alloc+0x2fe/0x480 [ 332.168560][ T9876] trace_pid_list_alloc+0x2fe/0x480 [ 332.168585][ T9876] trace_pid_write+0x110/0x460 [ 332.168608][ T9876] ? __pfx_trace_pid_write+0x10/0x10 [ 332.168643][ T9876] event_pid_write.isra.0+0x1e4/0x800 [ 332.168661][ T9876] ? __pfx_event_pid_write.isra.0+0x10/0x10 [ 332.168682][ T9876] vfs_write+0x2aa/0x1070 [ 332.168697][ T9876] ? __pfx_ftrace_event_npid_write+0x10/0x10 [ 332.168714][ T9876] ? __pfx_vfs_write+0x10/0x10 [ 332.168728][ T9876] ? __fget_files+0x215/0x3d0 [ 332.168747][ T9876] ? __fget_files+0x21f/0x3d0 [ 332.168772][ T9876] ksys_write+0x12a/0x250 [ 332.168787][ T9876] ? __pfx_ksys_write+0x10/0x10 [ 332.168807][ T9876] do_syscall_64+0x10b/0xf80 [ 332.168822][ T9876] ? clear_bhb_loop+0x40/0x90 [ 332.168839][ T9876] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.168854][ T9876] RIP: 0033:0x7f949a59c819 [ 332.168868][ T9876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 332.168883][ T9876] RSP: 002b:00007f949b4de028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 332.168898][ T9876] RAX: ffffffffffffffda RBX: 00007f949a815fa0 RCX: 00007f949a59c819 [ 332.168908][ T9876] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 332.168917][ T9876] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 0000000000000000 [ 332.168925][ T9876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 332.168934][ T9876] R13: 00007f949a816038 R14: 00007f949a815fa0 R15: 00007ffc7f3d6a98 [ 332.168955][ T9876] [ 334.402392][ T9886] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4 [ 334.427843][ T9886] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4 [ 334.538692][ T9886] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db [ 335.282493][ T9912] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 336.273197][ T9929] FAULT_INJECTION: forcing a failure. [ 336.273197][ T9929] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 336.430581][ T9929] CPU: 0 UID: 0 PID: 9929 Comm: syz.0.1116 Not tainted syzkaller #0 PREEMPT(full) [ 336.430605][ T9929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 336.430615][ T9929] Call Trace: [ 336.430620][ T9929] [ 336.430626][ T9929] dump_stack_lvl+0x100/0x190 [ 336.430655][ T9929] should_fail_ex.cold+0x5/0xa [ 336.430671][ T9929] ? prepare_alloc_pages+0x16d/0x5f0 [ 336.430691][ T9929] should_fail_alloc_page+0xeb/0x140 [ 336.430709][ T9929] prepare_alloc_pages+0x1f0/0x5f0 [ 336.430730][ T9929] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 336.430756][ T9929] ? rcu_is_watching+0x12/0xc0 [ 336.430778][ T9929] ? trace_mm_page_alloc+0x17a/0x1d0 [ 336.430796][ T9929] ? __alloc_frozen_pages_noprof+0x2b1/0x2ba0 [ 336.430817][ T9929] ? kernel_text_address+0x21/0x100 [ 336.430842][ T9929] ? unwind_get_return_address+0x59/0xa0 [ 336.430860][ T9929] ? arch_stack_walk+0xa6/0xf0 [ 336.430875][ T9929] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 336.430906][ T9929] ? stack_depot_save_flags+0x27/0x9d0 [ 336.430923][ T9929] ? kmem_cache_alloc_noprof+0x241/0x6e0 [ 336.430945][ T9929] ? pcpu_get_vm_areas+0x520/0x55d0 [ 336.430960][ T9929] ? pcpu_create_chunk+0x254/0x730 [ 336.430986][ T9929] ? pcpu_create_chunk+0x254/0x730 [ 336.431005][ T9929] ? pcpu_alloc_noprof+0x18c4/0x1c50 [ 336.431029][ T9929] alloc_pages_bulk_noprof+0x782/0x1490 [ 336.431059][ T9929] ? __pfx_alloc_pages_bulk_noprof+0x10/0x10 [ 336.431089][ T9929] ? alloc_pages_noprof+0x238/0x390 [ 336.431107][ T9929] __kasan_populate_vmalloc+0xf0/0x210 [ 336.431134][ T9929] pcpu_get_vm_areas+0x2df1/0x55d0 [ 336.431165][ T9929] ? __pfx_pcpu_get_vm_areas+0x10/0x10 [ 336.431187][ T9929] pcpu_create_chunk+0x254/0x730 [ 336.431210][ T9929] pcpu_alloc_noprof+0x18c4/0x1c50 [ 336.431240][ T9929] bpf_map_alloc_percpu+0x9a/0xf0 [ 336.431256][ T9929] ? __pfx_bpf_map_alloc_percpu+0x10/0x10 [ 336.431273][ T9929] ? __pfx___might_resched+0x10/0x10 [ 336.431295][ T9929] ? __bpf_map_area_alloc+0x13a/0x200 [ 336.431323][ T9929] htab_map_alloc+0x1054/0x14e0 [ 336.431342][ T9929] ? ns_capable+0xd2/0xf0 [ 336.431359][ T9929] ? __pfx_htab_map_mem_usage+0x10/0x10 [ 336.431374][ T9929] map_create+0x84e/0x2ba0 [ 336.431388][ T9929] ? futex_unqueue+0x13d/0x2c0 [ 336.431407][ T9929] ? __futex_wait+0x256/0x300 [ 336.431432][ T9929] ? __pfx_map_create+0x10/0x10 [ 336.431446][ T9929] ? __might_fault+0xc5/0x140 [ 336.431467][ T9929] ? __might_fault+0xc5/0x140 [ 336.431494][ T9929] __sys_bpf+0x2091/0x4b90 [ 336.431514][ T9929] ? __pfx___sys_bpf+0x10/0x10 [ 336.431531][ T9929] ? __pfx_futex_wait+0x10/0x10 [ 336.431556][ T9929] ? do_writev+0x214/0x340 [ 336.431575][ T9929] ? do_futex+0x192/0x350 [ 336.431604][ T9929] ? xfd_validate_state+0x129/0x190 [ 336.431630][ T9929] __x64_sys_bpf+0x7b/0xc0 [ 336.431647][ T9929] ? lockdep_hardirqs_on+0x78/0x100 [ 336.431671][ T9929] do_syscall_64+0x10b/0xf80 [ 336.431684][ T9929] ? clear_bhb_loop+0x40/0x90 [ 336.431703][ T9929] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.431719][ T9929] RIP: 0033:0x7f949a59c819 [ 336.431733][ T9929] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 336.431747][ T9929] RSP: 002b:00007f949b49c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 336.431763][ T9929] RAX: ffffffffffffffda RBX: 00007f949a816180 RCX: 00007f949a59c819 [ 336.431773][ T9929] RDX: 00000000000000a3 RSI: 0000200000000780 RDI: 0000000000000000 [ 336.431782][ T9929] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 0000000000000000 [ 336.431791][ T9929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 336.431800][ T9929] R13: 00007f949a816218 R14: 00007f949a816180 R15: 00007ffc7f3d6a98 [ 336.431820][ T9929] [ 338.931138][ T9955] netlink: 13 bytes leftover after parsing attributes in process `syz.3.1114'. [ 339.142595][ T9963] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1117'. [ 339.496572][ T9972] vivid-007: ================= START STATUS ================= [ 339.521795][ T9972] vivid-007: Generate PTS: true [ 339.555075][ T9972] vivid-007: Generate SCR: true [ 339.598736][ T9972] tpg source WxH: 320x240 (Y'CbCr) [ 339.626157][ T9972] tpg field: 1 [ 339.647075][ T9972] tpg crop: (0,0)/320x240 [ 339.685901][ T9972] tpg compose: (0,0)/320x240 [ 339.690506][ T9972] tpg colorspace: 8 [ 339.694295][ T9972] tpg transfer function: 0/0 [ 339.735690][ T9972] tpg Y'CbCr encoding: 0/0 [ 339.766131][ T9972] tpg quantization: 0/0 [ 339.770297][ T9972] tpg RGB range: 0/2 [ 339.850283][ T9972] vivid-007: ================== END STATUS ================== [ 341.115745][T10001] device-mapper: ioctl: Unable to rename non-existent device, to uuid [ 341.614498][T10006] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1125'. [ 342.301759][T10015] netlink: 330 bytes leftover after parsing attributes in process `syz.0.1128'. [ 346.843852][T10101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1154'. [ 346.933274][T10101] openvswitch: HfR: Dropping previously announced user features [ 347.227365][T10110] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff) [ 347.715113][T10109] Invalid ELF header magic: != ELF [ 348.306373][T10125] netlink: 13 bytes leftover after parsing attributes in process `syz.0.1158'. [ 348.850412][T10132] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1160'. [ 349.609786][T10143] random: crng reseeded on system resumption [ 349.685829][T10143] hub 1-0:1.0: USB hub found [ 349.690864][T10143] hub 1-0:1.0: 1 port detected [ 349.698903][T10142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1163'. [ 349.773250][T10144] netlink: 'syz.1.1163': attribute type 1 has an invalid length. [ 349.902426][T10144] netlink: 5 bytes leftover after parsing attributes in process `syz.1.1163'. [ 350.308862][T10155] netlink: 318 bytes leftover after parsing attributes in process `syz.3.1170'. [ 350.723513][T10161] random: crng reseeded on system resumption [ 350.761347][T10160] netlink: 'syz.3.1172': attribute type 1 has an invalid length. [ 350.800609][T10160] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1172'. [ 352.026599][T10179] device-mapper: ioctl: Invalid new mapped device name or uuid string supplied. [ 354.185440][T10210] sp0: Synchronizing with TNC [ 356.367316][T10254] input: jJǸ-9%vJ86 as /devices/virtual/input/input12 [ 357.751849][T10257] can: request_module (can-proto-3) failed. [ 360.021781][T10288] binder: 10282:10288 ioctl c00c620f 2000000001c0 returned -22 [ 364.153325][T10362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1224'. [ 364.196947][T10362] netlink: 'syz.0.1224': attribute type 1 has an invalid length. [ 364.235122][T10362] netlink: 5 bytes leftover after parsing attributes in process `syz.0.1224'. [ 364.814371][T10372] zram: Added device: zram1 [ 366.186523][T10398] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 366.377369][T10398] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 366.450631][T10398] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 366.531840][T10398] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 367.917479][T10434] Falling back ldisc for ttyS2. [ 368.121316][T10436] FAULT_INJECTION: forcing a failure. [ 368.121316][T10436] name failslab, interval 1, probability 0, space 0, times 0 [ 368.208632][T10436] CPU: 0 UID: 0 PID: 10436 Comm: syz.1.1245 Not tainted syzkaller #0 PREEMPT(full) [ 368.208655][T10436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 368.208664][T10436] Call Trace: [ 368.208670][T10436] [ 368.208676][T10436] dump_stack_lvl+0x100/0x190 [ 368.208705][T10436] should_fail_ex.cold+0x5/0xa [ 368.208725][T10436] should_failslab+0xc2/0x120 [ 368.208742][T10436] __kmalloc_cache_noprof+0x7a/0x6f0 [ 368.208761][T10436] ? ip6addrlbl_add+0xe0/0xdb0 [ 368.208783][T10436] ip6addrlbl_add+0xe0/0xdb0 [ 368.208809][T10436] ip6addrlbl_net_init+0x10a/0x330 [ 368.208828][T10436] ? __pfx_ip6addrlbl_net_init+0x10/0x10 [ 368.208847][T10436] ops_init+0x1e2/0x5f0 [ 368.208872][T10436] setup_net+0x118/0x3a0 [ 368.208885][T10436] ? __pfx_setup_net+0x10/0x10 [ 368.208898][T10436] ? lockdep_init_map_type+0x5c/0x250 [ 368.208918][T10436] ? mutex_init_lockep+0x110/0x150 [ 368.208941][T10436] copy_net_ns+0x46f/0x7c0 [ 368.208957][T10436] create_new_namespaces+0x3ea/0xac0 [ 368.208978][T10436] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 368.209005][T10436] ksys_unshare+0x473/0xad0 [ 368.209026][T10436] ? __pfx_ksys_unshare+0x10/0x10 [ 368.209052][T10436] __x64_sys_unshare+0x31/0x40 [ 368.209071][T10436] do_syscall_64+0x10b/0xf80 [ 368.209085][T10436] ? clear_bhb_loop+0x40/0x90 [ 368.209103][T10436] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 368.209118][T10436] RIP: 0033:0x7f85d979c819 [ 368.209131][T10436] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 368.209146][T10436] RSP: 002b:00007f85da5af028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 368.209161][T10436] RAX: ffffffffffffffda RBX: 00007f85d9a15fa0 RCX: 00007f85d979c819 [ 368.209171][T10436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 368.209179][T10436] RBP: 00007f85d9832c91 R08: 0000000000000000 R09: 0000000000000000 [ 368.209188][T10436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 368.209196][T10436] R13: 00007f85d9a16038 R14: 00007f85d9a15fa0 R15: 00007ffd29a9cbe8 [ 368.209215][T10436] [ 368.710209][ T5830] Bluetooth: hci0: command 0x0406 tx timeout [ 368.718125][ T5830] Bluetooth: hci1: command 0x0406 tx timeout [ 368.726602][ T5830] Bluetooth: hci2: command 0x0406 tx timeout [ 368.732634][ T5830] Bluetooth: hci3: command 0x0406 tx timeout [ 369.706253][T10465] ubi0: attaching mtd0 [ 369.711586][T10465] ubi0: scanning is finished [ 370.032252][T10465] ubi0: attached mtd0 (name "mtdram test device", size 0 MiB) [ 370.082943][T10465] ubi0: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes [ 370.142725][T10465] ubi0: min./max. I/O unit sizes: 1/64, sub-page size 1 [ 370.201505][T10465] ubi0: VID header offset: 64 (aligned 64), data offset: 128 [ 370.267777][T10465] ubi0: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0 [ 370.294553][T10465] ubi0: user volume: 0, internal volumes: 1, max. volumes count: 23 [ 370.363584][T10465] ubi0: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 1971604089 [ 370.423413][T10465] ubi0: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0 [ 370.480668][T10470] ubi0: detaching mtd0 [ 370.484789][T10472] ubi0: background thread "ubi_bgt0d" started, PID 10472 [ 370.559138][T10470] ubi0: mtd0 is detached [ 370.824231][T10476] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1255'. [ 374.776253][T10544] blktrace: Concurrent blktraces are not allowed on loop2 [ 375.371036][T10549] random: crng reseeded on system resumption [ 375.500427][T10549] hub 1-0:1.0: USB hub found [ 375.544592][T10549] hub 1-0:1.0: 1 port detected [ 376.836366][T10567] netlink: 'syz.2.1276': attribute type 2 has an invalid length. [ 377.449430][T10580] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1280'. [ 378.240995][T10589] Invalid ELF header magic: != ELF [ 378.284907][T10592] FAULT_INJECTION: forcing a failure. [ 378.284907][T10592] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 378.377785][T10592] CPU: 0 UID: 0 PID: 10592 Comm: syz.3.1283 Not tainted syzkaller #0 PREEMPT(full) [ 378.377825][T10592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 378.377834][T10592] Call Trace: [ 378.377840][T10592] [ 378.377845][T10592] dump_stack_lvl+0x100/0x190 [ 378.377872][T10592] should_fail_ex.cold+0x5/0xa [ 378.377891][T10592] _copy_from_user+0x2e/0xd0 [ 378.377916][T10592] do_handle_open+0x60e/0xce0 [ 378.377938][T10592] ? __pfx_do_handle_open+0x10/0x10 [ 378.377961][T10592] ? __x64_sys_futex+0x34f/0x4d0 [ 378.377983][T10592] ? xfd_validate_state+0x129/0x190 [ 378.378011][T10592] ? do_syscall_64+0x10b/0xf80 [ 378.378025][T10592] do_syscall_64+0x10b/0xf80 [ 378.378041][T10592] ? clear_bhb_loop+0x40/0x90 [ 378.378058][T10592] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 378.378073][T10592] RIP: 0033:0x7f65e079c819 [ 378.378086][T10592] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 378.378100][T10592] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000130 [ 378.378115][T10592] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 378.378124][T10592] RDX: 000000000000000c RSI: 0000000000000000 RDI: 0000000000000004 [ 378.378133][T10592] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 378.378141][T10592] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 378.378150][T10592] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 378.378169][T10592] [ 378.785974][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 378.796397][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 379.594404][T10611] netlink: 25 bytes leftover after parsing attributes in process `syz.1.1287'. [ 380.422276][T10623] __vm_enough_memory: pid: 10623, comm: syz.0.1289, bytes: 4398046511104 not enough memory for the allocation [ 381.063687][ T5841] Bluetooth: hci0: unexpected subevent 0x01 length: 123 > 18 [ 381.479957][T10626] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 381.512282][T10626] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 381.590699][T10626] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 381.635492][T10626] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 381.666924][T10626] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 382.966389][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 383.606063][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 383.686387][ T5830] Bluetooth: hci2: command 0x0406 tx timeout [ 383.692987][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 385.046065][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 385.156706][T10698] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 385.178132][T10698] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 385.187767][T10705] sp0: Synchronizing with TNC [ 385.213438][T10698] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 385.260311][T10698] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 385.738885][T10713] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1316'. [ 385.986375][T10719] random: crng reseeded on system resumption [ 387.208066][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 387.214322][ T5830] Bluetooth: hci0: command 0x0406 tx timeout [ 387.285663][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 387.291971][ T5830] Bluetooth: hci2: command 0x0406 tx timeout [ 387.930924][T10748] blktrace: Concurrent blktraces are not allowed on loop2 [ 393.194362][T10816] netlink: 'syz.3.1343': attribute type 1 has an invalid length. [ 393.242689][T10816] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1343'. [ 394.395078][T10832] netlink: 'syz.2.1347': attribute type 1 has an invalid length. [ 394.425208][T10833] netlink: 'syz.0.1346': attribute type 2 has an invalid length. [ 394.449258][T10832] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1347'. [ 395.042941][T10847] random: crng reseeded on system resumption [ 396.288371][T10866] blktrace: Concurrent blktraces are not allowed on loop2 [ 397.564484][ T5841] Bluetooth: hci3: unexpected subevent 0x03 length: 253 > 9 [ 398.502348][T10890] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1360'. [ 398.526380][T10890] netlink: 354 bytes leftover after parsing attributes in process `syz.2.1360'. [ 398.767840][T10894] random: crng reseeded on system resumption [ 398.871163][T10894] hub 1-0:1.0: USB hub found [ 398.938436][T10894] hub 1-0:1.0: 1 port detected [ 399.956722][T10916] FAULT_INJECTION: forcing a failure. [ 399.956722][T10916] name failslab, interval 1, probability 0, space 0, times 0 [ 400.137777][T10916] CPU: 0 UID: 0 PID: 10916 Comm: syz.2.1368 Not tainted syzkaller #0 PREEMPT(full) [ 400.137801][T10916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 400.137811][T10916] Call Trace: [ 400.137816][T10916] [ 400.137822][T10916] dump_stack_lvl+0x100/0x190 [ 400.137851][T10916] should_fail_ex.cold+0x5/0xa [ 400.137870][T10916] ? security_inode_init_security+0x113/0x370 [ 400.137888][T10916] should_failslab+0xc2/0x120 [ 400.137905][T10916] __kmalloc_noprof+0xe0/0x850 [ 400.137932][T10916] security_inode_init_security+0x113/0x370 [ 400.137951][T10916] ? __pfx_shmem_initxattrs+0x10/0x10 [ 400.137970][T10916] ? __pfx_security_inode_init_security+0x10/0x10 [ 400.137990][T10916] ? make_vfsgid+0xf1/0x140 [ 400.138012][T10916] shmem_mknod+0x2bf/0x470 [ 400.138033][T10916] ? __pfx_shmem_mknod+0x10/0x10 [ 400.138058][T10916] vfs_create+0x301/0x6c0 [ 400.138081][T10916] filename_mknodat+0x2de/0x7f0 [ 400.138101][T10916] ? __pfx_filename_mknodat+0x10/0x10 [ 400.138117][T10916] ? strncpy_from_user+0x19d/0x2d0 [ 400.138142][T10916] ? do_getname+0x191/0x390 [ 400.138162][T10916] __x64_sys_mknod+0x8f/0xc0 [ 400.138180][T10916] do_syscall_64+0x10b/0xf80 [ 400.138193][T10916] ? clear_bhb_loop+0x40/0x90 [ 400.138211][T10916] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.138226][T10916] RIP: 0033:0x7f1df4b9c819 [ 400.138239][T10916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 400.138254][T10916] RSP: 002b:00007f1df5a85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000085 [ 400.138269][T10916] RAX: ffffffffffffffda RBX: 00007f1df4e16090 RCX: 00007f1df4b9c819 [ 400.138278][T10916] RDX: 0000000000000009 RSI: 0000000000000002 RDI: 0000000000000000 [ 400.138287][T10916] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 400.138295][T10916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 400.138304][T10916] R13: 00007f1df4e16128 R14: 00007f1df4e16090 R15: 00007ffe299149e8 [ 400.138323][T10916] [ 400.896786][T10926] random: crng reseeded on system resumption [ 401.072327][T10930] netlink: 25 bytes leftover after parsing attributes in process `syz.2.1373'. [ 401.757480][T10950] sp0: Synchronizing with TNC [ 404.951914][T11009] netlink: 'syz.0.1395': attribute type 1 has an invalid length. [ 405.276514][T11009] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1395'. [ 405.307502][T11008] sp0: Synchronizing with TNC [ 407.006094][T11051] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 407.050450][T11051] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 407.265764][T11051] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 407.350971][T11051] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 407.763603][T11059] sp0: Synchronizing with TNC [ 407.998435][T11069] can0: slcan on pty238. [ 408.096037][T11064] can0 (unregistered): slcan off pty238. [ 408.220355][T11076] blktrace: Concurrent blktraces are not allowed on loop2 [ 408.528057][ T29] audit: type=1807 audit(4294967530.930:14): UNKNOWN= res=0 [ 408.553744][ T29] audit: type=1802 audit(4294967530.950:15): pid=11084 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.0.1405" res=0 errno=0 [ 408.747638][T11084] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1405'. [ 408.795380][T11084] bridge0: port 2(bridge_slave_1) entered disabled state [ 408.850207][T11084] bridge_slave_1 (unregistering): left allmulticast mode [ 408.890082][T11084] bridge_slave_1 (unregistering): left promiscuous mode [ 408.921960][T11084] bridge0: port 2(bridge_slave_1) entered disabled state [ 409.044668][T11083] ima: policy update failed [ 409.049604][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 409.072784][ T29] audit: type=1802 audit(4294967531.480:16): pid=11083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.0.1405" res=0 errno=0 [ 409.125738][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 409.291851][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 409.366944][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 410.176897][T11132] QAT: Invalid ioctl 35077 [ 411.546137][T11158] blktrace: Concurrent blktraces are not allowed on loop2 [ 411.991273][T11164] random: crng reseeded on system resumption [ 412.162217][T11164] hub 1-0:1.0: USB hub found [ 412.229853][T11164] hub 1-0:1.0: 1 port detected [ 412.726041][ T5841] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 412.857754][T11177] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1423'. [ 412.907839][T11177] netlink: 2 bytes leftover after parsing attributes in process `syz.0.1423'. [ 413.307721][T11181] netlink: 17 bytes leftover after parsing attributes in process `syz.3.1425'. [ 413.600553][T11184] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1426'. [ 413.670036][T11184] netlink: 186 bytes leftover after parsing attributes in process `syz.2.1426'. [ 415.511258][ T29] audit: type=1800 audit(4294967537.920:17): pid=11232 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1437" name="dbroot" dev="configfs" ino=39844 res=0 errno=0 [ 415.829799][ T29] audit: type=1800 audit(4294967538.240:18): pid=11230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1434" name="sr0" dev="devtmpfs" ino=2874 res=0 errno=0 [ 416.500647][T11244] FAULT_INJECTION: forcing a failure. [ 416.500647][T11244] name failslab, interval 1, probability 0, space 0, times 0 [ 416.635429][T11244] CPU: 0 UID: 0 PID: 11244 Comm: syz.0.1440 Not tainted syzkaller #0 PREEMPT(full) [ 416.635453][T11244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 416.635462][T11244] Call Trace: [ 416.635468][T11244] [ 416.635474][T11244] dump_stack_lvl+0x100/0x190 [ 416.635502][T11244] should_fail_ex.cold+0x5/0xa [ 416.635526][T11244] should_failslab+0xc2/0x120 [ 416.635544][T11244] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 416.635566][T11244] ? security_inode_alloc+0x3b/0x2c0 [ 416.635587][T11244] ? lockdep_init_map_type+0x5c/0x250 [ 416.635609][T11244] security_inode_alloc+0x3b/0x2c0 [ 416.635631][T11244] inode_init_always_gfp+0xcc0/0x1000 [ 416.635650][T11244] alloc_inode+0x8e/0x250 [ 416.635670][T11244] sock_alloc+0x44/0x280 [ 416.635683][T11244] ? security_socket_create+0x7f/0x250 [ 416.635703][T11244] sock_create_lite+0x82/0x120 [ 416.635719][T11244] __netlink_kernel_create+0xbd/0x750 [ 416.635744][T11244] ? __pfx___netlink_kernel_create+0x10/0x10 [ 416.635773][T11244] uevent_net_init+0xf8/0x330 [ 416.635791][T11244] ? __pfx_uevent_net_init+0x10/0x10 [ 416.635810][T11244] ? __pfx_uevent_net_rcv+0x10/0x10 [ 416.635828][T11244] ? __kmalloc_noprof+0x320/0x850 [ 416.635853][T11244] ? __pfx_uevent_net_init+0x10/0x10 [ 416.635870][T11244] ops_init+0x1e2/0x5f0 [ 416.635894][T11244] setup_net+0x118/0x3a0 [ 416.635908][T11244] ? __pfx_setup_net+0x10/0x10 [ 416.635920][T11244] ? lockdep_init_map_type+0x5c/0x250 [ 416.635940][T11244] ? mutex_init_lockep+0x110/0x150 [ 416.635969][T11244] copy_net_ns+0x46f/0x7c0 [ 416.635986][T11244] create_new_namespaces+0x3ea/0xac0 [ 416.636007][T11244] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 416.636026][T11244] ksys_unshare+0x473/0xad0 [ 416.636046][T11244] ? __pfx_ksys_unshare+0x10/0x10 [ 416.636071][T11244] __x64_sys_unshare+0x31/0x40 [ 416.636089][T11244] do_syscall_64+0x10b/0xf80 [ 416.636102][T11244] ? clear_bhb_loop+0x40/0x90 [ 416.636120][T11244] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 416.636136][T11244] RIP: 0033:0x7f949a59c819 [ 416.636149][T11244] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 416.636163][T11244] RSP: 002b:00007f949b4bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 416.636177][T11244] RAX: ffffffffffffffda RBX: 00007f949a816090 RCX: 00007f949a59c819 [ 416.636187][T11244] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 416.636196][T11244] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 0000000000000000 [ 416.636205][T11244] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 416.636214][T11244] R13: 00007f949a816128 R14: 00007f949a816090 R15: 00007ffc7f3d6a98 [ 416.636233][T11244] [ 417.550072][T11253] FAULT_INJECTION: forcing a failure. [ 417.550072][T11253] name failslab, interval 1, probability 0, space 0, times 0 [ 417.594186][T11253] CPU: 0 UID: 0 PID: 11253 Comm: syz.3.1443 Not tainted syzkaller #0 PREEMPT(full) [ 417.594211][T11253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 417.594221][T11253] Call Trace: [ 417.594226][T11253] [ 417.594232][T11253] dump_stack_lvl+0x100/0x190 [ 417.594260][T11253] should_fail_ex.cold+0x5/0xa [ 417.594280][T11253] ? __netlink_kernel_create+0x181/0x750 [ 417.594303][T11253] should_failslab+0xc2/0x120 [ 417.594320][T11253] __kmalloc_noprof+0xe0/0x850 [ 417.594346][T11253] __netlink_kernel_create+0x181/0x750 [ 417.594372][T11253] ? __pfx___netlink_kernel_create+0x10/0x10 [ 417.594400][T11253] rtnetlink_net_init+0xb9/0x140 [ 417.594420][T11253] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 417.594439][T11253] ? lockdep_init_map_type+0x5c/0x250 [ 417.594459][T11253] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 417.594476][T11253] ? __pfx_rtnetlink_bind+0x10/0x10 [ 417.594496][T11253] ? mutex_init_lockep+0x110/0x150 [ 417.594518][T11253] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 417.594536][T11253] ops_init+0x1e2/0x5f0 [ 417.594560][T11253] setup_net+0x118/0x3a0 [ 417.594574][T11253] ? __pfx_setup_net+0x10/0x10 [ 417.594586][T11253] ? lockdep_init_map_type+0x5c/0x250 [ 417.594606][T11253] ? mutex_init_lockep+0x110/0x150 [ 417.594628][T11253] copy_net_ns+0x46f/0x7c0 [ 417.594645][T11253] create_new_namespaces+0x3ea/0xac0 [ 417.594665][T11253] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 417.594683][T11253] ksys_unshare+0x473/0xad0 [ 417.594703][T11253] ? __pfx_ksys_unshare+0x10/0x10 [ 417.594728][T11253] __x64_sys_unshare+0x31/0x40 [ 417.594746][T11253] do_syscall_64+0x10b/0xf80 [ 417.594759][T11253] ? clear_bhb_loop+0x40/0x90 [ 417.594777][T11253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 417.594793][T11253] RIP: 0033:0x7f65e079c819 [ 417.594806][T11253] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 417.594820][T11253] RSP: 002b:00007f65e15cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 417.594835][T11253] RAX: ffffffffffffffda RBX: 00007f65e0a16090 RCX: 00007f65e079c819 [ 417.594845][T11253] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 417.594854][T11253] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 417.594862][T11253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 417.594871][T11253] R13: 00007f65e0a16128 R14: 00007f65e0a16090 R15: 00007ffc1fac8c88 [ 417.594890][T11253] [ 417.933482][T11244] kobject_uevent: unable to create netlink socket! [ 419.697315][T11289] FAULT_INJECTION: forcing a failure. [ 419.697315][T11289] name failslab, interval 1, probability 0, space 0, times 0 [ 419.697361][T11289] CPU: 0 UID: 8 PID: 11289 Comm: syz.0.1450 Not tainted syzkaller #0 PREEMPT(full) [ 419.697380][T11289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 419.697389][T11289] Call Trace: [ 419.697394][T11289] [ 419.697399][T11289] dump_stack_lvl+0x100/0x190 [ 419.697426][T11289] should_fail_ex.cold+0x5/0xa [ 419.697445][T11289] should_failslab+0xc2/0x120 [ 419.697461][T11289] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 419.697483][T11289] ? key_alloc+0x3c5/0x1310 [ 419.697496][T11289] ? mark_held_locks+0x40/0x70 [ 419.697518][T11289] key_alloc+0x3c5/0x1310 [ 419.697538][T11289] ? __pfx_key_alloc+0x10/0x10 [ 419.697551][T11289] ? __pfx_key_default_cmp+0x10/0x10 [ 419.697568][T11289] ? __pfx_keyring_search_iterator+0x10/0x10 [ 419.697588][T11289] keyring_alloc+0x44/0xc0 [ 419.697605][T11289] look_up_user_keyrings+0x508/0x790 [ 419.697630][T11289] ? __pfx_look_up_user_keyrings+0x10/0x10 [ 419.697665][T11289] lookup_user_key+0xbb1/0x1300 [ 419.697689][T11289] ? __pfx_lookup_user_key+0x10/0x10 [ 419.697711][T11289] ? __pfx_do_futex+0x10/0x10 [ 419.697734][T11289] ? __pfx_lookup_user_key_possessed+0x10/0x10 [ 419.697760][T11289] ? xfd_validate_state+0x129/0x190 [ 419.697784][T11289] keyctl_keyring_unlink+0x1f/0x1b0 [ 419.697804][T11289] __do_sys_keyctl+0x3dd/0x5a0 [ 419.697825][T11289] do_syscall_64+0x10b/0xf80 [ 419.697839][T11289] ? clear_bhb_loop+0x40/0x90 [ 419.697856][T11289] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 419.697871][T11289] RIP: 0033:0x7f949a59c819 [ 419.697884][T11289] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 419.697899][T11289] RSP: 002b:00007f949b4bd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa [ 419.697914][T11289] RAX: ffffffffffffffda RBX: 00007f949a816090 RCX: 00007f949a59c819 [ 419.697924][T11289] RDX: fffffffffffffffd RSI: fffffffffffffffc RDI: 0000000000000009 [ 419.697933][T11289] RBP: 00007f949a632c91 R08: 0000000000000008 R09: 0000000000000000 [ 419.697942][T11289] R10: fffffffffffffffd R11: 0000000000000246 R12: 0000000000000000 [ 419.697950][T11289] R13: 00007f949a816128 R14: 00007f949a816090 R15: 00007ffc7f3d6a98 [ 419.697970][T11289] [ 425.999099][T11397] FAULT_INJECTION: forcing a failure. [ 425.999099][T11397] name failslab, interval 1, probability 0, space 0, times 0 [ 426.156195][T11397] CPU: 0 UID: 0 PID: 11397 Comm: syz.2.1467 Not tainted syzkaller #0 PREEMPT(full) [ 426.156220][T11397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 426.156231][T11397] Call Trace: [ 426.156236][T11397] [ 426.156242][T11397] dump_stack_lvl+0x100/0x190 [ 426.156270][T11397] should_fail_ex.cold+0x5/0xa [ 426.156290][T11397] should_failslab+0xc2/0x120 [ 426.156307][T11397] __kmalloc_cache_noprof+0x7a/0x6f0 [ 426.156327][T11397] ? kernfs_fop_open+0x23d/0xd50 [ 426.156349][T11397] kernfs_fop_open+0x23d/0xd50 [ 426.156372][T11397] do_dentry_open+0x6d8/0x1660 [ 426.156388][T11397] ? __pfx_kernfs_fop_open+0x10/0x10 [ 426.156410][T11397] vfs_open+0x82/0x3f0 [ 426.156431][T11397] path_openat+0x208c/0x31a0 [ 426.156454][T11397] ? __pfx_path_openat+0x10/0x10 [ 426.156476][T11397] do_file_open+0x20e/0x430 [ 426.156494][T11397] ? __pfx_do_file_open+0x10/0x10 [ 426.156523][T11397] ? alloc_fd+0x476/0x790 [ 426.156541][T11397] ? do_getname+0x191/0x390 [ 426.156561][T11397] do_sys_openat2+0x10d/0x1e0 [ 426.156581][T11397] ? __pfx_do_sys_openat2+0x10/0x10 [ 426.156602][T11397] ? find_held_lock+0x2b/0x80 [ 426.156621][T11397] __x64_sys_openat+0x12d/0x210 [ 426.156641][T11397] ? __pfx___x64_sys_openat+0x10/0x10 [ 426.156672][T11397] do_syscall_64+0x10b/0xf80 [ 426.156686][T11397] ? clear_bhb_loop+0x40/0x90 [ 426.156704][T11397] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 426.156719][T11397] RIP: 0033:0x7f1df4b9c819 [ 426.156733][T11397] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 426.156748][T11397] RSP: 002b:00007f1df5a64028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 426.156763][T11397] RAX: ffffffffffffffda RBX: 00007f1df4e16180 RCX: 00007f1df4b9c819 [ 426.156773][T11397] RDX: 0000000000082002 RSI: 0000200000000480 RDI: ffffffffffffff9c [ 426.156782][T11397] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 426.156791][T11397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 426.156799][T11397] R13: 00007f1df4e16218 R14: 00007f1df4e16180 R15: 00007ffe299149e8 [ 426.156818][T11397] [ 428.360748][T11424] FAULT_INJECTION: forcing a failure. [ 428.360748][T11424] name failslab, interval 1, probability 0, space 0, times 0 [ 428.468801][T11424] CPU: 0 UID: 0 PID: 11424 Comm: syz.3.1476 Not tainted syzkaller #0 PREEMPT(full) [ 428.468824][T11424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 428.468833][T11424] Call Trace: [ 428.468838][T11424] [ 428.468844][T11424] dump_stack_lvl+0x100/0x190 [ 428.468872][T11424] should_fail_ex.cold+0x5/0xa [ 428.468891][T11424] ? lsm_blob_alloc+0x68/0x90 [ 428.468907][T11424] should_failslab+0xc2/0x120 [ 428.468924][T11424] __kmalloc_noprof+0xe0/0x850 [ 428.468947][T11424] ? trace_kmalloc+0x101/0x130 [ 428.468966][T11424] lsm_blob_alloc+0x68/0x90 [ 428.468984][T11424] security_sk_alloc+0x2d/0x290 [ 428.469006][T11424] sk_prot_alloc+0x12a/0x2a0 [ 428.469023][T11424] sk_alloc+0x36/0xe80 [ 428.469043][T11424] __netlink_create+0x5e/0x2c0 [ 428.469065][T11424] __netlink_kernel_create+0xed/0x750 [ 428.469088][T11424] ? __lock_acquire+0x4a5/0x2630 [ 428.469107][T11424] ? __pfx___netlink_kernel_create+0x10/0x10 [ 428.469135][T11424] rtnetlink_net_init+0xb9/0x140 [ 428.469154][T11424] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 428.469173][T11424] ? lockdep_init_map_type+0x5c/0x250 [ 428.469191][T11424] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 428.469209][T11424] ? __pfx_rtnetlink_bind+0x10/0x10 [ 428.469228][T11424] ? mutex_init_lockep+0x110/0x150 [ 428.469250][T11424] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 428.469268][T11424] ops_init+0x1e2/0x5f0 [ 428.469291][T11424] setup_net+0x118/0x3a0 [ 428.469305][T11424] ? __pfx_setup_net+0x10/0x10 [ 428.469317][T11424] ? lockdep_init_map_type+0x5c/0x250 [ 428.469337][T11424] ? mutex_init_lockep+0x110/0x150 [ 428.469359][T11424] copy_net_ns+0x46f/0x7c0 [ 428.469376][T11424] create_new_namespaces+0x3ea/0xac0 [ 428.469396][T11424] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 428.469414][T11424] ksys_unshare+0x473/0xad0 [ 428.469433][T11424] ? __pfx_ksys_unshare+0x10/0x10 [ 428.469459][T11424] __x64_sys_unshare+0x31/0x40 [ 428.469476][T11424] do_syscall_64+0x10b/0xf80 [ 428.469490][T11424] ? clear_bhb_loop+0x40/0x90 [ 428.469508][T11424] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.469524][T11424] RIP: 0033:0x7f65e079c819 [ 428.469537][T11424] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 428.469552][T11424] RSP: 002b:00007f65e15cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 428.469567][T11424] RAX: ffffffffffffffda RBX: 00007f65e0a16090 RCX: 00007f65e079c819 [ 428.469576][T11424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 428.469585][T11424] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 428.469593][T11424] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 428.469602][T11424] R13: 00007f65e0a16128 R14: 00007f65e0a16090 R15: 00007ffc1fac8c88 [ 428.469621][T11424] [ 429.101756][T11428] MTRR 1 not used [ 432.858127][T11501] FAULT_INJECTION: forcing a failure. [ 432.858127][T11501] name failslab, interval 1, probability 0, space 0, times 0 [ 433.059018][T11501] CPU: 0 UID: 0 PID: 11501 Comm: syz.2.1490 Not tainted syzkaller #0 PREEMPT(full) [ 433.059042][T11501] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 433.059051][T11501] Call Trace: [ 433.059056][T11501] [ 433.059062][T11501] dump_stack_lvl+0x100/0x190 [ 433.059090][T11501] should_fail_ex.cold+0x5/0xa [ 433.059110][T11501] ? sk_prot_alloc+0x10b/0x2a0 [ 433.059125][T11501] should_failslab+0xc2/0x120 [ 433.059142][T11501] __kmalloc_noprof+0xe0/0x850 [ 433.059166][T11501] ? security_inode_alloc+0xcf/0x2c0 [ 433.059190][T11501] sk_prot_alloc+0x10b/0x2a0 [ 433.059207][T11501] sk_alloc+0x36/0xe80 [ 433.059227][T11501] __netlink_create+0x5e/0x2c0 [ 433.059250][T11501] __netlink_kernel_create+0xed/0x750 [ 433.059273][T11501] ? __lock_acquire+0x4a5/0x2630 [ 433.059292][T11501] ? __pfx___netlink_kernel_create+0x10/0x10 [ 433.059327][T11501] rtnetlink_net_init+0xb9/0x140 [ 433.059347][T11501] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 433.059367][T11501] ? lockdep_init_map_type+0x5c/0x250 [ 433.059390][T11501] ? __pfx_rtnetlink_rcv+0x10/0x10 [ 433.059407][T11501] ? __pfx_rtnetlink_bind+0x10/0x10 [ 433.059427][T11501] ? mutex_init_lockep+0x110/0x150 [ 433.059449][T11501] ? __pfx_rtnetlink_net_init+0x10/0x10 [ 433.059466][T11501] ops_init+0x1e2/0x5f0 [ 433.059490][T11501] setup_net+0x118/0x3a0 [ 433.059504][T11501] ? __pfx_setup_net+0x10/0x10 [ 433.059517][T11501] ? lockdep_init_map_type+0x5c/0x250 [ 433.059536][T11501] ? mutex_init_lockep+0x110/0x150 [ 433.059558][T11501] copy_net_ns+0x46f/0x7c0 [ 433.059575][T11501] create_new_namespaces+0x3ea/0xac0 [ 433.059595][T11501] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 433.059613][T11501] ksys_unshare+0x473/0xad0 [ 433.059633][T11501] ? __pfx_ksys_unshare+0x10/0x10 [ 433.059658][T11501] __x64_sys_unshare+0x31/0x40 [ 433.059676][T11501] do_syscall_64+0x10b/0xf80 [ 433.059690][T11501] ? clear_bhb_loop+0x40/0x90 [ 433.059708][T11501] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 433.059724][T11501] RIP: 0033:0x7f1df4b9c819 [ 433.059737][T11501] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 433.059751][T11501] RSP: 002b:00007f1df5a85028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 433.059767][T11501] RAX: ffffffffffffffda RBX: 00007f1df4e16090 RCX: 00007f1df4b9c819 [ 433.059776][T11501] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 433.059785][T11501] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 433.059794][T11501] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 433.059802][T11501] R13: 00007f1df4e16128 R14: 00007f1df4e16090 R15: 00007ffe299149e8 [ 433.059822][T11501] [ 435.213926][T11534] random: crng reseeded on system resumption [ 435.884024][T11528] x86/mm: Checked W+X mappings: passed, no W+X pages found. [ 436.124891][T11545] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1500'. [ 437.216789][T11564] netlink: 'syz.3.1507': attribute type 1 has an invalid length. [ 437.259790][T11564] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1507'. [ 437.683305][T11562] hub 1-0:1.0: USB hub found [ 437.716434][T11562] hub 1-0:1.0: 1 port detected [ 440.009190][ T1297] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.015651][ T1297] ieee802154 phy1 wpan1: encryption failed: -22 [ 444.297003][ T29] audit: type=1800 audit(4294967566.710:19): pid=11710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1531" name="sr0" dev="devtmpfs" ino=2874 res=0 errno=0 [ 450.920861][T11791] FAULT_INJECTION: forcing a failure. [ 450.920861][T11791] name failslab, interval 1, probability 0, space 0, times 0 [ 451.246545][T11791] CPU: 0 UID: 0 PID: 11791 Comm: syz.3.1552 Not tainted syzkaller #0 PREEMPT(full) [ 451.246571][T11791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 451.246581][T11791] Call Trace: [ 451.246586][T11791] [ 451.246592][T11791] dump_stack_lvl+0x100/0x190 [ 451.246623][T11791] should_fail_ex.cold+0x5/0xa [ 451.246642][T11791] should_failslab+0xc2/0x120 [ 451.246660][T11791] __kmalloc_cache_noprof+0x7a/0x6f0 [ 451.246680][T11791] ? kernfs_fop_open+0x23d/0xd50 [ 451.246703][T11791] kernfs_fop_open+0x23d/0xd50 [ 451.246725][T11791] do_dentry_open+0x6d8/0x1660 [ 451.246742][T11791] ? __pfx_kernfs_fop_open+0x10/0x10 [ 451.246765][T11791] vfs_open+0x82/0x3f0 [ 451.246786][T11791] path_openat+0x208c/0x31a0 [ 451.246808][T11791] ? __pfx_path_openat+0x10/0x10 [ 451.246831][T11791] do_file_open+0x20e/0x430 [ 451.246848][T11791] ? __pfx_do_file_open+0x10/0x10 [ 451.246877][T11791] ? alloc_fd+0x476/0x790 [ 451.246894][T11791] ? do_getname+0x191/0x390 [ 451.246915][T11791] do_sys_openat2+0x10d/0x1e0 [ 451.246934][T11791] ? __pfx_do_sys_openat2+0x10/0x10 [ 451.246955][T11791] ? find_held_lock+0x2b/0x80 [ 451.246974][T11791] __x64_sys_openat+0x12d/0x210 [ 451.246994][T11791] ? __pfx___x64_sys_openat+0x10/0x10 [ 451.247021][T11791] do_syscall_64+0x10b/0xf80 [ 451.247035][T11791] ? clear_bhb_loop+0x40/0x90 [ 451.247052][T11791] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 451.247067][T11791] RIP: 0033:0x7f65e079c819 [ 451.247081][T11791] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 451.247095][T11791] RSP: 002b:00007f65e15aa028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 451.247110][T11791] RAX: ffffffffffffffda RBX: 00007f65e0a16180 RCX: 00007f65e079c819 [ 451.247119][T11791] RDX: 0000000000082002 RSI: 0000200000000480 RDI: ffffffffffffff9c [ 451.247128][T11791] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 451.247137][T11791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 451.247146][T11791] R13: 00007f65e0a16218 R14: 00007f65e0a16180 R15: 00007ffc1fac8c88 [ 451.247165][T11791] [ 452.462784][T11801] netlink: 25 bytes leftover after parsing attributes in process `syz.0.1558'. [ 453.258200][ T29] audit: type=1800 audit(4294967575.660:20): pid=11806 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1559" name="discovery_nqn" dev="configfs" ino=43158 res=0 errno=0 [ 453.527389][T11822] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1562'. [ 455.709633][ T29] audit: type=1807 audit(4294967578.120:21): UNKNOWN= res=0 [ 455.753720][ T29] audit: type=1802 audit(4294967578.120:22): pid=11841 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=update_policy cause=invalid-policy comm="syz.3.1567" res=0 errno=0 [ 455.805022][T11839] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 455.829643][T11839] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 455.865814][T11839] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 455.915733][T11839] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 456.039250][T11843] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1567'. [ 456.557555][T11840] ima: policy update failed [ 456.562176][ T29] audit: type=1802 audit(4294967578.970:23): pid=11840 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.1567" res=0 errno=0 [ 457.847237][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 457.853266][ T5841] Bluetooth: hci0: command 0x0406 tx timeout [ 457.925813][ T5841] Bluetooth: hci3: command 0x0406 tx timeout [ 457.932613][ T5841] Bluetooth: hci2: command 0x0406 tx timeout [ 460.740080][T11902] FAULT_INJECTION: forcing a failure. [ 460.740080][T11902] name failslab, interval 1, probability 0, space 0, times 0 [ 460.842798][T11902] CPU: 0 UID: 0 PID: 11902 Comm: syz.0.1579 Not tainted syzkaller #0 PREEMPT(full) [ 460.842821][T11902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 460.842831][T11902] Call Trace: [ 460.842836][T11902] [ 460.842842][T11902] dump_stack_lvl+0x100/0x190 [ 460.842870][T11902] should_fail_ex.cold+0x5/0xa [ 460.842889][T11902] should_failslab+0xc2/0x120 [ 460.842906][T11902] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 460.842930][T11902] ? sock_alloc_inode+0x26/0x290 [ 460.842948][T11902] ? __pfx_sock_alloc_inode+0x10/0x10 [ 460.842964][T11902] sock_alloc_inode+0x26/0x290 [ 460.842979][T11902] ? __pfx_sock_alloc_inode+0x10/0x10 [ 460.842993][T11902] alloc_inode+0x68/0x250 [ 460.843014][T11902] sock_alloc+0x44/0x280 [ 460.843026][T11902] ? security_socket_create+0x7f/0x250 [ 460.843047][T11902] sock_create_lite+0x82/0x120 [ 460.843062][T11902] __netlink_kernel_create+0xbd/0x750 [ 460.843087][T11902] ? __pfx___netlink_kernel_create+0x10/0x10 [ 460.843114][T11902] ? __pfx_genl_pernet_init+0x10/0x10 [ 460.843130][T11902] genl_pernet_init+0xbd/0x160 [ 460.843146][T11902] ? __pfx_genl_pernet_init+0x10/0x10 [ 460.843162][T11902] ? lockdep_init_map_type+0x5c/0x250 [ 460.843181][T11902] ? __pfx_genl_rcv+0x10/0x10 [ 460.843195][T11902] ? __pfx_genl_bind+0x10/0x10 [ 460.843208][T11902] ? __pfx_genl_unbind+0x10/0x10 [ 460.843221][T11902] ? __pfx_genl_release+0x10/0x10 [ 460.843236][T11902] ? mutex_init_lockep+0x110/0x150 [ 460.843258][T11902] ops_init+0x1e2/0x5f0 [ 460.843282][T11902] setup_net+0x118/0x3a0 [ 460.843296][T11902] ? __pfx_setup_net+0x10/0x10 [ 460.843308][T11902] ? lockdep_init_map_type+0x5c/0x250 [ 460.843327][T11902] ? mutex_init_lockep+0x110/0x150 [ 460.843349][T11902] copy_net_ns+0x46f/0x7c0 [ 460.843366][T11902] create_new_namespaces+0x3ea/0xac0 [ 460.843387][T11902] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 460.843405][T11902] ksys_unshare+0x473/0xad0 [ 460.843424][T11902] ? __pfx_ksys_unshare+0x10/0x10 [ 460.843450][T11902] __x64_sys_unshare+0x31/0x40 [ 460.843467][T11902] do_syscall_64+0x10b/0xf80 [ 460.843481][T11902] ? clear_bhb_loop+0x40/0x90 [ 460.843499][T11902] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.843514][T11902] RIP: 0033:0x7f949a59c819 [ 460.843528][T11902] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 460.843542][T11902] RSP: 002b:00007f949b4bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 460.843557][T11902] RAX: ffffffffffffffda RBX: 00007f949a816090 RCX: 00007f949a59c819 [ 460.843567][T11902] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 460.843575][T11902] RBP: 00007f949a632c91 R08: 0000000000000000 R09: 0000000000000000 [ 460.843584][T11902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 460.843600][T11902] R13: 00007f949a816128 R14: 00007f949a816090 R15: 00007ffc7f3d6a98 [ 460.843620][T11902] [ 463.639317][T11945] netlink: 186 bytes leftover after parsing attributes in process `syz.3.1592'. [ 463.717145][T11949] Process accounting resumed [ 463.840588][T11952] netlink: 326 bytes leftover after parsing attributes in process `syz.3.1593'. [ 463.935955][T11959] FAULT_INJECTION: forcing a failure. [ 463.935955][T11959] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 463.996162][T11952] FAULT_INJECTION: forcing a failure. [ 463.996162][T11952] name failslab, interval 1, probability 0, space 0, times 0 [ 464.113582][T11959] CPU: 0 UID: 0 PID: 11959 Comm: syz.3.1593 Not tainted syzkaller #0 PREEMPT(full) [ 464.113605][T11959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 464.113615][T11959] Call Trace: [ 464.113620][T11959] [ 464.113626][T11959] dump_stack_lvl+0x100/0x190 [ 464.113654][T11959] should_fail_ex.cold+0x5/0xa [ 464.113674][T11959] core_sys_select+0x9b9/0xbb0 [ 464.113694][T11959] ? __pfx_core_sys_select+0x10/0x10 [ 464.113727][T11959] ? ktime_get_ts64+0x2d2/0x3f0 [ 464.113745][T11959] ? read_tsc+0x9/0x20 [ 464.113761][T11959] ? ktime_get_ts64+0x256/0x3f0 [ 464.113779][T11959] kern_select+0x20c/0x270 [ 464.113795][T11959] ? __pfx_kern_select+0x10/0x10 [ 464.113815][T11959] __x64_sys_select+0xbd/0x160 [ 464.113829][T11959] ? do_syscall_64+0x90/0xf80 [ 464.113843][T11959] ? lockdep_hardirqs_on+0x78/0x100 [ 464.113865][T11959] do_syscall_64+0x10b/0xf80 [ 464.113878][T11959] ? clear_bhb_loop+0x40/0x90 [ 464.113895][T11959] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.113910][T11959] RIP: 0033:0x7f65e079c819 [ 464.113922][T11959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 464.113937][T11959] RSP: 002b:00007f65e15cb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000017 [ 464.113951][T11959] RAX: ffffffffffffffda RBX: 00007f65e0a16090 RCX: 00007f65e079c819 [ 464.113961][T11959] RDX: 00002000000000c0 RSI: 0000200000000040 RDI: 0000000000000001 [ 464.113970][T11959] RBP: 00007f65e0832c91 R08: 00002000000001c0 R09: 0000000000000000 [ 464.113979][T11959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 464.113988][T11959] R13: 00007f65e0a16128 R14: 00007f65e0a16090 R15: 00007ffc1fac8c88 [ 464.114012][T11959] [ 464.114045][T11952] CPU: 0 UID: 0 PID: 11952 Comm: syz.3.1593 Not tainted syzkaller #0 PREEMPT(full) [ 464.114064][T11952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 464.114073][T11952] Call Trace: [ 464.114078][T11952] [ 464.114083][T11952] dump_stack_lvl+0x100/0x190 [ 464.114107][T11952] should_fail_ex.cold+0x5/0xa [ 464.114125][T11952] should_failslab+0xc2/0x120 [ 464.114141][T11952] __kmalloc_cache_noprof+0x7a/0x6f0 [ 464.114161][T11952] ? call_usermodehelper_setup+0xaf/0x360 [ 464.114186][T11952] ? __pfx_free_modprobe_argv+0x10/0x10 [ 464.114206][T11952] call_usermodehelper_setup+0xaf/0x360 [ 464.114232][T11952] __request_module+0x3c7/0x6c0 [ 464.114253][T11952] ? __pfx___request_module+0x10/0x10 [ 464.114278][T11952] ? __get_fs_type+0x12c/0x170 [ 464.114295][T11952] ? __get_fs_type+0x12c/0x170 [ 464.114319][T11952] get_fs_type+0xd7/0x190 [ 464.114336][T11952] __x64_sys_fsopen+0xca/0x220 [ 464.114358][T11952] do_syscall_64+0x10b/0xf80 [ 464.114371][T11952] ? clear_bhb_loop+0x40/0x90 [ 464.114388][T11952] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 464.114402][T11952] RIP: 0033:0x7f65e079c819 [ 464.114414][T11952] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 464.114427][T11952] RSP: 002b:00007f65e15ec028 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 464.114441][T11952] RAX: ffffffffffffffda RBX: 00007f65e0a15fa0 RCX: 00007f65e079c819 [ 464.114450][T11952] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 464.114459][T11952] RBP: 00007f65e0832c91 R08: 0000000000000000 R09: 0000000000000000 [ 464.114467][T11952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 464.114476][T11952] R13: 00007f65e0a16038 R14: 00007f65e0a15fa0 R15: 00007ffc1fac8c88 [ 464.114494][T11952] [ 465.690866][T11970] FAULT_INJECTION: forcing a failure. [ 465.690866][T11970] name failslab, interval 1, probability 0, space 0, times 0 [ 465.787655][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1596 Not tainted syzkaller #0 PREEMPT(full) [ 465.787680][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 465.787689][T11970] Call Trace: [ 465.787695][T11970] [ 465.787702][T11970] dump_stack_lvl+0x100/0x190 [ 465.787731][T11970] should_fail_ex.cold+0x5/0xa [ 465.787751][T11970] should_failslab+0xc2/0x120 [ 465.787768][T11970] __kmalloc_cache_noprof+0x7a/0x6f0 [ 465.787787][T11970] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 465.787810][T11970] ? alloc_file_pseudo+0x1a5/0x230 [ 465.787832][T11970] __io_uring_add_tctx_node+0x1ac/0x4c0 [ 465.787862][T11970] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 465.787889][T11970] ? __anon_inode_getfile+0x17c/0x280 [ 465.787911][T11970] io_uring_setup.cold+0x1993/0x1c7e [ 465.787937][T11970] ? __pfx_io_uring_setup+0x10/0x10 [ 465.787957][T11970] ? __pfx_do_futex+0x10/0x10 [ 465.787985][T11970] ? xfd_validate_state+0x129/0x190 [ 465.788012][T11970] __x64_sys_io_uring_setup+0xc2/0x170 [ 465.788029][T11970] do_syscall_64+0x10b/0xf80 [ 465.788043][T11970] ? clear_bhb_loop+0x40/0x90 [ 465.788061][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.788075][T11970] RIP: 0033:0x7f1df4b9c819 [ 465.788088][T11970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 465.788103][T11970] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 465.788117][T11970] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 465.788127][T11970] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 465.788136][T11970] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 465.788145][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 465.788153][T11970] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 465.788172][T11970] [ 465.789837][T11970] ------------[ cut here ]------------ [ 465.987377][T11970] !test_bit(IO_WQ_BIT_EXIT, &wq->state) [ 465.987397][T11970] WARNING: io_uring/io-wq.c:1396 at io_wq_put_and_exit+0x8a7/0x9d0, CPU#0: syz.2.1596/11970 [ 466.003025][T11970] Modules linked in: [ 466.007625][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1596 Not tainted syzkaller #0 PREEMPT(full) [ 466.017188][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 466.027833][T11970] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 466.033976][T11970] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 466.053749][T11970] RSP: 0018:ffffc90003b67b50 EFLAGS: 00010283 [ 466.060396][T11970] RAX: 00000000000143bc RBX: ffff88805fa2e000 RCX: ffffc900068a9000 [ 466.068400][T11970] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff888032635b80 [ 466.076381][T11970] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 466.084346][T11970] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff9200076cf8c [ 466.092354][T11970] R13: 0000000000000000 R14: ffff8880326364f0 R15: ffff888069c5bc18 [ 466.100338][T11970] FS: 00007f1df5aa66c0(0000) GS:ffff888124332000(0000) knlGS:0000000000000000 [ 466.109483][T11970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 466.116098][T11970] CR2: 00002000000000c0 CR3: 000000007e0e0000 CR4: 00000000003526f0 [ 466.124635][T11970] Call Trace: [ 466.128266][T11970] [ 466.131209][T11970] ? dump_stack_lvl+0x17c/0x190 [ 466.136097][T11970] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 466.141790][T11970] ? rcu_is_watching+0x12/0xc0 [ 466.146670][T11970] ? trace_kmalloc+0x101/0x130 [ 466.151456][T11970] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 466.157034][T11970] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 466.162761][T11970] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 466.168395][T11970] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 466.174466][T11970] ? __anon_inode_getfile+0x17c/0x280 [ 466.179855][T11970] io_uring_setup.cold+0x1993/0x1c7e [ 466.185161][T11970] ? __pfx_io_uring_setup+0x10/0x10 [ 466.190378][T11970] ? __pfx_do_futex+0x10/0x10 [ 466.195061][T11970] ? xfd_validate_state+0x129/0x190 [ 466.200291][T11970] __x64_sys_io_uring_setup+0xc2/0x170 [ 466.205769][T11970] do_syscall_64+0x10b/0xf80 [ 466.210360][T11970] ? clear_bhb_loop+0x40/0x90 [ 466.215035][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.220947][T11970] RIP: 0033:0x7f1df4b9c819 [ 466.225947][T11970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 466.246170][T11970] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 466.254660][T11970] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 466.262650][T11970] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 466.270641][T11970] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 466.278626][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.286618][T11970] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 466.294591][T11970] [ 466.297639][T11970] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 466.304900][T11970] CPU: 0 UID: 0 PID: 11970 Comm: syz.2.1596 Not tainted syzkaller #0 PREEMPT(full) [ 466.314247][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026 [ 466.324280][T11970] Call Trace: [ 466.327539][T11970] [ 466.330449][T11970] dump_stack_lvl+0x100/0x190 [ 466.335118][T11970] vpanic+0x552/0x970 [ 466.339083][T11970] ? __pfx_vpanic+0x10/0x10 [ 466.343577][T11970] panic+0xd1/0xe0 [ 466.347281][T11970] ? __pfx_panic+0x10/0x10 [ 466.351684][T11970] check_panic_on_warn.cold+0x19/0x34 [ 466.357057][T11970] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 466.362238][T11970] __warn.cold+0x191/0x348 [ 466.366640][T11970] __report_bug+0x296/0x3d0 [ 466.371130][T11970] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 466.376312][T11970] ? __pfx___report_bug+0x10/0x10 [ 466.381411][T11970] ? _printk+0xcf/0x110 [ 466.385556][T11970] ? __pfx___schedule+0x10/0x10 [ 466.390411][T11970] ? is_bpf_text_address+0x8a/0x1a0 [ 466.395607][T11970] ? bpf_ksym_find+0x124/0x1c0 [ 466.400355][T11970] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 466.405532][T11970] report_bug+0xb2/0x220 [ 466.409766][T11970] ? io_wq_put_and_exit+0x8a7/0x9d0 [ 466.415047][T11970] handle_bug+0x16a/0x2a0 [ 466.419362][T11970] exc_invalid_op+0x17/0x50 [ 466.423854][T11970] asm_exc_invalid_op+0x1a/0x20 [ 466.428688][T11970] RIP: 0010:io_wq_put_and_exit+0x8a7/0x9d0 [ 466.434481][T11970] Code: ff e8 7d bf 17 fd 44 0f b6 74 24 78 31 ff 44 89 f6 e8 bd b9 17 fd 45 84 f6 0f 85 1a fd ff ff e9 67 fd ff ff e8 5a bf 17 fd 90 <0f> 0b 90 e9 00 f8 ff ff e8 8c 5e 83 fd e9 72 f8 ff ff 48 8b 3c 24 [ 466.454070][T11970] RSP: 0018:ffffc90003b67b50 EFLAGS: 00010283 [ 466.460143][T11970] RAX: 00000000000143bc RBX: ffff88805fa2e000 RCX: ffffc900068a9000 [ 466.468113][T11970] RDX: 0000000000080000 RSI: ffffffff84f04b26 RDI: ffff888032635b80 [ 466.476064][T11970] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 466.484031][T11970] R10: 0000000000000000 R11: 0000000000000001 R12: 1ffff9200076cf8c [ 466.492003][T11970] R13: 0000000000000000 R14: ffff8880326364f0 R15: ffff888069c5bc18 [ 466.499959][T11970] ? io_wq_put_and_exit+0x8a6/0x9d0 [ 466.505161][T11970] ? dump_stack_lvl+0x17c/0x190 [ 466.510004][T11970] ? __pfx_io_wq_put_and_exit+0x10/0x10 [ 466.515531][T11970] ? rcu_is_watching+0x12/0xc0 [ 466.520285][T11970] ? trace_kmalloc+0x101/0x130 [ 466.525037][T11970] ? __kmalloc_cache_noprof+0x298/0x6f0 [ 466.530569][T11970] ? __io_uring_add_tctx_node+0x1ac/0x4c0 [ 466.536283][T11970] __io_uring_add_tctx_node+0x3e8/0x4c0 [ 466.541839][T11970] ? __pfx___io_uring_add_tctx_node+0x10/0x10 [ 466.547897][T11970] ? __anon_inode_getfile+0x17c/0x280 [ 466.553257][T11970] io_uring_setup.cold+0x1993/0x1c7e [ 466.558566][T11970] ? __pfx_io_uring_setup+0x10/0x10 [ 466.563752][T11970] ? __pfx_do_futex+0x10/0x10 [ 466.568423][T11970] ? xfd_validate_state+0x129/0x190 [ 466.573617][T11970] __x64_sys_io_uring_setup+0xc2/0x170 [ 466.579059][T11970] do_syscall_64+0x10b/0xf80 [ 466.583628][T11970] ? clear_bhb_loop+0x40/0x90 [ 466.588307][T11970] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 466.594182][T11970] RIP: 0033:0x7f1df4b9c819 [ 466.598579][T11970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 466.618166][T11970] RSP: 002b:00007f1df5aa6028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 466.626564][T11970] RAX: ffffffffffffffda RBX: 00007f1df4e15fa0 RCX: 00007f1df4b9c819 [ 466.634517][T11970] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000084 [ 466.642473][T11970] RBP: 00007f1df4c32c91 R08: 0000000000000000 R09: 0000000000000000 [ 466.650426][T11970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 466.658392][T11970] R13: 00007f1df4e16038 R14: 00007f1df4e15fa0 R15: 00007ffe299149e8 [ 466.666355][T11970] [ 466.669434][T11970] Kernel Offset: disabled [ 466.673747][T11970] Rebooting in 86400 seconds..