last executing test programs: 1m38.701994421s ago: executing program 3 (id=559): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x1000, 0x9, 0x3, 0xb) r1 = io_uring_setup$auto(0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x4, 0x80000010, r0, 0xffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r2 = gettid() r3 = getpid() rt_tgsigqueueinfo$auto(r3, r2, 0x5, &(0x7f0000000140)={@siginfo_0_0={0x8, 0x7fffffff, 0x80, @_kill={r3, 0x0}}}) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r1, &(0x7f0000000c80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x850}, 0x4040) r5 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) write$auto(r6, 0x0, 0x3) mmap$auto(0x0, 0x2020006, 0x4, 0x17, 0xffffffffffffffff, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) io_uring_register$auto(0xffffffffffffffff, 0xe, 0x0, 0x0) shmctl$auto_SHM_STAT_ANY(0xb, 0xf, &(0x7f0000000540)={{0x0, r4, 0x0, 0xfffff6a8, 0x8, 0x18000, 0x3}, 0x4a3, 0x4, 0x1, 0x80, @raw=0xff, @inferred=r2, 0x8, 0x0, &(0x7f0000000480)="4e1270bb22e53266072a469413b4427e63f44a005401f8fdaf8d4a71014b41f0908d8dceedc8bcb2d4b1038a04c7ce3540ef0868fa5f26b1f65b8fd5c8ee58b7bde4bad49e3d336d113e6b82577adc7c817ad4d3df53851bc98a98474bf371385a005a17061cc337fabbe6956707275d8354cba4fcacbef5626aba55967e5fa7a7a89d27e1ba956b0b25", &(0x7f0000000240)="d2148ffc1e0bc655696895ea231455dfc392f2f06d"}) ioctl$auto(r0, 0x8936, 0x1) 1m38.393470094s ago: executing program 3 (id=562): mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0xffffffffffffffff, 0x8000) socket(0x5, 0x5, 0x1) openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/fs/cifs/cifsFYI\x00', 0x40c01, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/devices/virtual/net/bond0/queues/tx-6/tx_timeout\x00', 0x2440, 0x0) fanotify_init$auto(0x5, 0x2000000000002) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/nullb0\x00', 0x900, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_set_tracer_fops_trace(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/current_tracer\x00', 0x40, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_proc_sys_file_operations_proc_sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/conf/bridge_slave_0/accept_local\x00', 0x8040, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_nst_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000000), 0xe0282, 0x0) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/ksm_stat\x00', 0x180780, 0x0) socketpair$auto(0xfffffffe, 0x5, 0x8000000000000000, 0x0) close_range$auto(0x2, 0xffffffffffffffff, 0x0) open(0x0, 0x22240, 0x55) openat$auto_dvb_frontend_fops_dvb_frontend(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x2, 0x0) ioctl$auto(0x3, 0x40106f52, r0) 1m38.133428841s ago: executing program 3 (id=565): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) listmount$auto(0x0, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x2, 0x3, 0x100) sethostname$auto(0x0, 0x1) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40480c0}, 0x40000) io_uring_setup$auto(0x7, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_ETHTOOL_MSG_MM_SET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000855}, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r3) write$auto_bm_status_operations_binfmt_misc(r3, &(0x7f0000000300)="9c68758bd1aeb39b89bedf4c113df49850cbd98839a66046e85d03c0379092faccb940b81efb4b1debb8d58116b8da0bb9c4e86141bcf80a6e3755981b8857a84b72fd63c799ab2db69e0535f3bb113bc3ad65de640474493abc2ae5f8c9ec5b2769afd1abc33a677f8a8c6ad2d3dca99a4b2429b0d4d4b961c2c5a510b560397a54ccb5b4771195b1fb34f0af3955ebbf7671268b95d949522b33d1d158a270172ffa3b6dd4b42c6def39221dccf161a918af1923b336147b0cece173e3a83fa67a65773374029c1237bc06", 0xcc) socket(0x10, 0x2, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000a000100aaaaaaaaaaaa00000a000500ffffffffffff0000060006004600000006000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x5, 0x800, 0x2) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x8) 1m37.11400916s ago: executing program 3 (id=571): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xffffffffffffffff, 0x8000) r0 = socket(0xa, 0x3, 0x3a) semctl$auto_IPC_INFO(0x1000, 0x9, 0x3, 0xb) r1 = io_uring_setup$auto(0x7, 0x0) mmap$auto(0x0, 0x2020009, 0x4, 0x80000010, r0, 0xffffffff) openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/nullb0\x00', 0x60742, 0x0) r2 = gettid() r3 = getpid() rt_tgsigqueueinfo$auto(r3, r2, 0x5, &(0x7f0000000140)={@siginfo_0_0={0x8, 0x7fffffff, 0x80, @_kill={r3, 0x0}}}) syz_genetlink_get_family_id$auto_tipcv2(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_TIPC_NL_MON_SET(r1, &(0x7f0000000c80)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x850}, 0x4040) r5 = socket(0x2b, 0x1, 0x1) mmap$auto(0x0, 0x2020009, 0x5, 0xeb1, 0xfffffffffffffffa, 0x8000) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000001480)={'veth0_virt_wifi\x00'}) r6 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x80302, 0x0) write$auto(r6, 0x0, 0x3) mmap$auto(0x0, 0x2020006, 0x4, 0x17, 0xffffffffffffffff, 0x8000) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) io_uring_register$auto(0xffffffffffffffff, 0xe, 0x0, 0x0) shmctl$auto_SHM_STAT_ANY(0xb, 0xf, &(0x7f0000000540)={{0x0, r4, 0x0, 0xfffff6a8, 0x8, 0x18000, 0x3}, 0x4a3, 0x4, 0x1, 0x80, @raw=0xff, @inferred=r2, 0x8, 0x0, &(0x7f0000000480)="4e1270bb22e53266072a469413b4427e63f44a005401f8fdaf8d4a71014b41f0908d8dceedc8bcb2d4b1038a04c7ce3540ef0868fa5f26b1f65b8fd5c8ee58b7bde4bad49e3d336d113e6b82577adc7c817ad4d3df53851bc98a98474bf371385a005a17061cc337fabbe6956707275d8354cba4fcacbef5626aba55967e5fa7a7a89d27e1ba956b0b25", &(0x7f0000000240)="d2148ffc1e0bc655696895ea231455dfc392f2f06d"}) ioctl$auto(r0, 0x8936, 0x1) 1m36.907715002s ago: executing program 3 (id=573): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) listmount$auto(0x0, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x2, 0x3, 0x100) sethostname$auto(0x0, 0x1) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40480c0}, 0x40000) io_uring_setup$auto(0x7, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_ETHTOOL_MSG_MM_SET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000855}, 0x0) close_range$auto(0x2, 0x8, 0x0) r3 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r3) write$auto_bm_status_operations_binfmt_misc(r3, &(0x7f0000000300)="9c68758bd1aeb39b89bedf4c113df49850cbd98839a66046e85d03c0379092faccb940b81efb4b1debb8d58116b8da0bb9c4e86141bcf80a6e3755981b8857a84b72fd63c799ab2db69e0535f3bb113bc3ad65de640474493abc2ae5f8c9ec5b2769afd1abc33a677f8a8c6ad2d3dca99a4b2429b0d4d4b961c2c5a510b560397a54ccb5b4771195b1fb34f0af3955ebbf7671268b95d949522b33d1d158a270172ffa3b6dd4b42c6def39221dccf161a918af1923b336147b0cece173e3a83fa67a65773374029c1237bc06", 0xcc) socket(0x10, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000a000100aaaaaaaaaaaa00000a000500ffffffffffff0000060006004600000006000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x5, 0x800, 0x2) socket(0x10, 0x2, 0x0) 1m35.88960577s ago: executing program 3 (id=578): mmap$auto(0x80000001, 0x400000000000006, 0x6, 0x40eb6, 0xffffffffffffffff, 0x308000000000) r0 = socket(0x22, 0x2, 0x1) fstat$auto(r0, 0x0) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$auto(r1, 0x3b85, 0x38) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x3, 0x4, 0xeb1, 0x401, 0x8000) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) mmap$auto(0x0, 0x400e983, 0x3, 0xe31, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x254, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000580)='/dev/snd/controlC2\x00', 0x2001, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, 0x0) 1m20.634095842s ago: executing program 32 (id=578): mmap$auto(0x80000001, 0x400000000000006, 0x6, 0x40eb6, 0xffffffffffffffff, 0x308000000000) r0 = socket(0x22, 0x2, 0x1) fstat$auto(r0, 0x0) r1 = openat$auto_iommufd_fops_main(0xffffffffffffff9c, &(0x7f0000000000), 0x80001, 0x0) ioctl$auto(r1, 0x3b85, 0x38) openat$auto_dynamic_events_ops_trace_dynevent(0xffffffffffffff9c, &(0x7f0000000280)='/sys/kernel/tracing/dynamic_events\x00', 0x201, 0x0) r2 = socket(0x15, 0x5, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) mmap$auto(0x0, 0x3, 0x4, 0xeb1, 0x401, 0x8000) sendmsg$auto(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x7fc, 0x0, 0x8, 0x0, 0x1, 0x4}, 0x0) mmap$auto(0x0, 0x400e983, 0x3, 0xe31, 0xffffffffffffffff, 0x8000) recvmmsg$auto(0x3, 0x0, 0x10000, 0x254, 0x0) r3 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000580)='/dev/snd/controlC2\x00', 0x2001, 0x0) ioctl$auto_SNDRV_CTL_IOCTL_TLV_COMMAND(r3, 0xc008551c, 0x0) 8.51714786s ago: executing program 0 (id=1025): openat$auto_proc_setgroups_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/setgroups\x00', 0x149002, 0x0) write$auto(0xffffffffffffffff, &(0x7f0000000080)='0\x00\xa6\xcc\r\x91QU\x9dI\xda\x1b\xad\xb1\x9e\xc8Tt\xa8\x94\x9c\x8a\xe2\xc7cOM\xb6\xa3,!o\x9e\xb0\xadT\xfbR\xa1Y\x94V[8\x04c\xdf:]\xd9\x94&\x81\xe2\x13\x8f\xea#\xf8F\xbbOO]e[\xbb\xf9\xcd\xc0\xc9\x00\xda\xac\xdd\x1a\xdd\xdd\xb9o\x1a\xab\xd5\b\xc1\x04z\xd0I>\x8f\x00\xe5\x1c*\xed`\xfd\x15\x88\x0f\x9a\xd5\xa7\x14\f};\xabt\xd1ak\xe5\x98\xea\xe3}\x10\xab\f_\x19\x9b\x11\xb25VUK\x93\xcdd\x17\xe4\xcbA\xa5[\b\xb8;\x02tcf\x06\xfbD\x91\xcaG\xdaa:k[r\x06\xeb\xf0\xc4\xcb\x10\xae\xc8\xe9u\x9f\xdeK\xa5\x8e\xd6\x8f\xd0UV\x11\xcb\xdd\x81\xbe\xdeL/\x06(\x1d\xa5\xc5\x9b\xb2\x96\x05`\xe7\xd5Y\a\xc1\xe9(', 0xa) unshare$auto(0x40000080) r0 = openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D0\x00', 0x1, 0x0) r1 = prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) mmap$auto(0x0, 0x20009, 0x2000000df, 0xeb1, 0x401, 0x8000) r2 = socket(0x2, 0x3, 0xa) getsockopt$auto(r2, 0x0, 0x30, 0x0, &(0x7f0000000040)=0xdbb) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84D\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xbf\xd4m\xbf\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) socket(0x2b, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x202000a, 0xffffffff, 0xdc, 0xfffffffffffffffa, 0x7ffc) keyctl$auto(0x1f, 0x1, 0x6, 0x3, 0x3ff) r3 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0x2003f2, 0x15) r4 = syz_genetlink_get_family_id$auto_ethtool(0x0, r1) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000980)={0x14, r4, 0x1, 0x70bd31, 0x25dfdbfd}, 0x14}}, 0x24048084) madvise$auto(0x1800000000000000, 0x200007, 0x19) openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/thread-self/pagemap\x00', 0x103003, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, 0x0, 0x101001, 0x0) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000001c0), 0x101000, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) r6 = openat$auto_zero_fops_mem(0xffffffffffffff9c, &(0x7f0000000340), 0x80200, 0x0) pread64$auto(r6, 0x0, 0x100000002, 0x100000001) close_range$auto(0x0, 0xfffffffffffff000, 0x0) mq_open$auto(&(0x7f0000000280)='\\*)A\x00', 0x7e, 0x9, 0x0) mq_timedsend$auto(r3, 0x0, 0x2, 0x9, 0x0) 6.669454947s ago: executing program 0 (id=1032): mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sda\x00', 0x8001, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$auto(r0, 0x2201, r0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/devices/virtual/block/loop11/queue/zoned\x00', 0x9a6181, 0x0) setresuid$auto(0x2, 0x7, 0x8080) ioctl$auto_FS_IOC_RESVSP(r1, 0x40305828, 0x9) write$auto_kernfs_file_fops_kernfs_internal(r1, &(0x7f0000000000)='b', 0x1) 6.503918619s ago: executing program 4 (id=1033): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/defrag\x00', 0x2, 0x0) sendfile$auto(r0, 0x3, 0x0, 0xc01) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0x7) r2 = getpid() mmap$auto(0x0, 0x340000000000000, 0x3, 0x17, 0xfffffffffffffffa, 0x0) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r3, r4) mremap$auto(0x0, 0x1006, 0x3fd6, 0x8, 0x1ffffffe) fcntl$auto_F_DUPFD_CLOEXEC(r1, 0x406, r0) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x91f5}, 0x9, &(0x7f0000000100)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0xfffffffffffff34d, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r5 = set_tid_address$auto(0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r6 = syz_open_procfs$namespace(r5, &(0x7f0000000080)) getdents64$auto(r6, 0x0, 0x18) r7 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy18/queues\x00', 0x81340, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r7, 0x0, 0x0) r8 = clone$auto(0x6, 0x6, &(0x7f0000000000)=0xec, &(0x7f0000000040)=0x4, 0x8000000000000000) kcmp$auto_KCMP_VM(r8, r8, 0x1, 0x9, 0xffffffffffffffff) r9 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f0000000000)=0x200000000) read$auto(r9, 0x0, 0x3ff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1a, 0x1ff) fsopen$auto(0x0, 0x1) 6.424028591s ago: executing program 0 (id=1034): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x20c002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ptyq5\x00', 0x210a01, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x400400, 0x0) socket(0x15, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/vlan/vlan1\x00', 0x18b202, 0x0) pread64$auto(r1, &(0x7f0000000340)='/proc/Nes\x00'/22, 0x100000001, 0x100) write$auto(r0, 0x0, 0x9) 5.517570104s ago: executing program 0 (id=1038): mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x2, 0x8, 0x0) socket(0x2, 0x80002, 0x73) openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) openat$auto_snd_rawmidi_f_ops_rawmidi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/midiC2D1\x00', 0x20c002, 0x0) r0 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyprintk\x00', 0x109401, 0x0) openat$auto_rfkill_fops_core(0xffffffffffffff9c, &(0x7f0000000140), 0x382, 0x0) socket(0x15, 0x5, 0x0) socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) write$auto(r0, 0x0, 0x9) (fail_nth: 3) 5.473122469s ago: executing program 4 (id=1039): mmap$auto(0x0, 0xb, 0xdf, 0x9b72, 0xffffffffffffffff, 0x0) mmap$auto(0x0, 0xc, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) close_range$auto(0x0, 0xffffeffe, 0x2) pipe$auto(0x0) pipe$auto(0x0) unshare$auto(0x40000080) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) socket(0x2c, 0x1, 0x0) listen$auto(0x3, 0x81) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x3, 0x202000a, 0x3, 0xeb3, 0xfffffffffffffffa, 0x8000) prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) madvise$auto(0x0, 0xa1, 0x15) madvise$auto(0x0, 0x200007, 0x19) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x8000) prctl$auto(0x2, 0x400, 0x4, 0x1, 0xb) madvise$auto(0x0, 0xffffffffffff0005, 0x19) openat$auto_proc_pid_maps_operations_internal(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/smaps_rollup\x00', 0x40000, 0x0) remap_file_pages$auto(0x6a27, 0x1000, 0x0, 0xb74, 0x66a) mmap$auto(0x9, 0x400000cc4, 0xfffffffffffffff8, 0x800018, 0x2, 0x5b3) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/tracing/per_cpu/cpu1/trace_pipe_raw\x00', 0x1000, 0x0) sendfile$auto(0x1, 0x3, 0x0, 0x40000000c07) close_range$auto(0x2, 0xffffffffffffffff, 0x0) setsockopt$auto(0x3, 0x0, 0xf, 0x0, 0xb) fcntl$auto(r0, 0x10, 0x2) r1 = socket(0x2, 0x1, 0x0) setsockopt$auto(r1, 0x0, 0x10, 0x0, 0x17) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) 4.488630477s ago: executing program 0 (id=1041): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) socket(0xa, 0x3, 0x3b) connect$auto(0x3, &(0x7f0000000000)=@generic={0xa, "0000e100"}, 0x58) prctl$auto(0x3e, 0x1, 0x0, 0x1, 0x0) recvmmsg$auto(0x3, 0x0, 0x10000, 0x0, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x19) sendmmsg$auto(0x3, 0x0, 0x9a6, 0x7000000) mmap$auto(0x0, 0x3, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) mmap$auto(0x0, 0x2000009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) ptrace$auto_ARCH_MAP_VDSO_64(0x3, 0x0, 0x200, 0x2003) close_range$auto(0x2, 0x8, 0x0) socket(0x10, 0x2, 0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x6ab82, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$auto(r0, 0xae41, 0xffffffffffffffff) ioctl$auto_KVM_GET_MSRS(r1, 0x4008ae89, &(0x7f0000000080)={0x9, 0x0, [{0x48, 0x400, 0x1f}]}) sendfile$auto(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1) statmount$auto(0x0, &(0x7f0000000480)={0x5ffc2f43, 0x4, 0x8000, 0xf, 0x8, 0x6, 0x15e, 0x8, 0x5, 0xffffffff, 0x3fb, 0x4688, 0x0, 0x6, 0x7, 0xffffffff, 0xfffffffffffffffa, 0x8, 0x6, 0x6, 0x2cf2, 0x0, 0x2, 0x8, 0x8001, 0x9, 0x5, 0xffffff53, 0x9, 0x3, 0x0, [0x2, 0xc5, 0x200, 0x0, 0x800, 0x15, 0x3, 0x200, 0x7, 0x8, 0x8000000000000001, 0x800, 0x6, 0x0, 0x5, 0x9, 0x8, 0x40, 0x87, 0x800, 0x3, 0x5, 0x1, 0x1f0b, 0x200, 0x1ff, 0x9, 0x0, 0x2, 0x7, 0x3, 0x1, 0x6, 0x100, 0x0, 0x1, 0x7, 0x2000000000000, 0xd5, 0x2, 0x7ff, 0x5, 0x8], "548d8ea698997f834de0f18213dd3b52214026ce4187935c0c77717f3e44f3f00f1a8f2d30b91d4e80e45ab184bba619e17ef29993af7cb9867ed24679cb4ef88c32af5dc2f73167ae6f63fc2a3926a371b5af"}, 0x9f, 0x7) unshare$auto(0x40000080) sendmsg$auto_ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x24048004) futex$auto(0x0, 0x9, 0x3e, 0x0, 0x0, 0x0) r3 = openat$auto_uinput_fops_uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x101001, 0x0) ioctl$auto_UI_DEV_SETUP(r3, 0x405c5503, &(0x7f00000000c0)={{0x9, 0xf2cf, 0x8, 0x80}, "6a034a07c7b82d90b69a39e32576f893fb4a3836d61c9100fefbbabea6ef9368c7996e841f3f1561d4992f726b0a6c36b0b2fd1678e816201cf562367fe6596824588a2e3d84ba165f00", 0xa}) ioctl$auto_UI_DEV_CREATE(r3, 0x5501, 0x0) writev$auto(r3, &(0x7f0000000340)={0x0, 0x500000}, 0x9) socket(0xa, 0x1, 0x84) 3.844484763s ago: executing program 4 (id=1044): mmap$auto(0x0, 0x2020009, 0x3, 0x800000000000eb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xffffffffffff0005, 0x17) madvise$auto(0x0, 0xffffffffffff0001, 0x15) r0 = prctl$auto(0x1000000003b, 0x1, 0x4, 0x5, 0x7) madvise$auto(0x0, 0xffffffffffff0005, 0x19) setsockopt$auto(r0, 0x7ff, 0xd, &(0x7f0000000000)='\\)-\x00', 0x3) timer_create$auto(0x9, 0x0, 0x0) 3.463041503s ago: executing program 2 (id=1046): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) listmount$auto(0x0, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x2, 0x3, 0x100) sethostname$auto(0x0, 0x1) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) socket(0x2, 0x1, 0x0) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, 0x0, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40480c0}, 0x40000) io_uring_setup$auto(0x7, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_ETHTOOL_MSG_MM_SET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000855}, 0x0) close_range$auto(0x2, 0x8, 0x0) r1 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r1) write$auto_bm_status_operations_binfmt_misc(r1, &(0x7f0000000300)="9c68758bd1aeb39b89bedf4c113df49850cbd98839a66046e85d03c0379092faccb940b81efb4b1debb8d58116b8da0bb9c4e86141bcf80a6e3755981b8857a84b72fd63c799ab2db69e0535f3bb113bc3ad65de640474493abc2ae5f8c9ec5b2769afd1abc33a677f8a8c6ad2d3dca99a4b2429b0d4d4b961c2c5a510b560397a54ccb5b4771195b1fb34f0af3955ebbf7671268b95d949522b33d1d158a270172ffa3b6dd4b42c6def39221dccf161a918af1923b336147b0cece173e3a83fa67a65773374029c1237bc06", 0xcc) socket(0x10, 0x2, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000a000100aaaaaaaaaaaa00000a000500ffffffffffff0000060006004600000006000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x5, 0x800, 0x2) socket(0x10, 0x2, 0x0) 3.087159467s ago: executing program 2 (id=1047): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000440), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'dummy0\x00', 0x0}) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r0, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000000040)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NETDEV_A_QUEUE_IFINDEX={0x8, 0x2, r2}, @NETDEV_A_QUEUE_TYPE={0x8}, @NETDEV_A_QUEUE_ID={0x8, 0x1, 0x400}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x810) (async) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r3 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0xe0180, 0x0) r4 = ioctl$auto_KVM_CREATE_VM(r3, 0xae01, 0x0) (async) r5 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$auto(r4, 0x4010ae68, r5) (async) read$auto_kernfs_file_fops_kernfs_internal(r4, &(0x7f00000001c0)=""/186, 0xba) (async) sysfs$auto(0x2, 0x100000000000035, 0x0) r6 = fsopen$auto(0x0, 0x1) sendmsg$auto_ETHTOOL_MSG_FEC_SET(r6, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002dbd7000ffdbdf251e0000004c000180080003000001000008000300000000001400020076657468315f746f5f6261746164760008000100", @ANYRES32=r2, @ANYBLOB="14000200726f736530000000000000000000000008000100", @ANYRES32=r2, @ANYBLOB="0500030004000000050003000200000005000300d90000000500030053000000"], 0x80}}, 0x4) (async, rerun: 32) mremap$auto(0x110c230000, 0x0, 0x101, 0x0, 0x0) (async, rerun: 32) fsconfig$auto(r6, 0x1, &(0x7f0000000000)='4\x93\x03\x00\x04\x00\x00', &(0x7f00000001c0), 0x0) 2.584527868s ago: executing program 2 (id=1048): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/defrag\x00', 0x2, 0x0) sendfile$auto(r0, 0x3, 0x0, 0xc01) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0x7) r2 = getpid() mmap$auto(0x0, 0x340000000000000, 0x3, 0x17, 0xfffffffffffffffa, 0x0) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r3, r4) mremap$auto(0x0, 0x1006, 0x3fd6, 0x8, 0x1ffffffe) fcntl$auto_F_DUPFD_CLOEXEC(r1, 0x406, r0) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x91f5}, 0x9, &(0x7f0000000100)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0xfffffffffffff34d, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r5 = set_tid_address$auto(0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r6 = syz_open_procfs$namespace(r5, &(0x7f0000000080)) getdents64$auto(r6, 0x0, 0x18) r7 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy18/queues\x00', 0x81340, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r7, 0x0, 0x0) r8 = clone$auto(0x6, 0x6, &(0x7f0000000000)=0xec, &(0x7f0000000040)=0x4, 0x8000000000000000) kcmp$auto_KCMP_VM(r8, r8, 0x1, 0x9, 0xffffffffffffffff) r9 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f0000000000)=0x200000000) read$auto(r9, 0x0, 0x3ff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1a, 0x1ff) fsopen$auto(0x0, 0x1) 2.438306577s ago: executing program 4 (id=1049): openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x100, 0x0) r0 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000100), 0xe5db8963c69233fa, 0x0) ioctl$auto_TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)=0x64f) ioctl$auto_TUNSETVNETLE(r0, 0x400454dc, &(0x7f0000000180)=0x1) mmap$auto(0x10000000000000, 0x8004c7, 0x4000000000df, 0x18, 0x401, 0x8000) socketpair$auto(0x1e, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_sw_sync_debugfs_fops_sync_debug(0xffffffffffffff9c, &(0x7f0000000000), 0xc0040, 0x0) r2 = ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) ioctl$auto_SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, 0x0) select$auto(0x0, 0x0, 0x0, &(0x7f0000000040)={[0x1ff, 0x3b, 0xa, 0x1, 0x948b, 0x3, 0x5, 0x7, 0x3, 0x10001, 0x80000023, 0x200000000000007, 0x6d48, 0x10000027f, 0x3, 0x8]}, 0x0) close_range$auto(0x2, 0x8, 0x0) ioctl$auto_TUNSETVNETLE2(r2, 0x400454dc, &(0x7f00000000c0)=0x6) mmap$auto(0x129e, 0x9, 0xa, 0xe9f, 0xffffffffffffffff, 0x5) 1.747270062s ago: executing program 2 (id=1052): socket(0x2, 0x5, 0x0) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_tracing_buffers_fops_trace(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/tracing/per_cpu/cpu0/trace_pipe_raw\x00', 0x2c82, 0x0) socket(0x15, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) openat$auto_dev_fops_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) pipe2$auto(0x0, 0x0) process_madvise$auto_MADV_WILLNEED(0xffffffffffffffff, &(0x7f0000007900)={0x0, 0x4}, 0x9, 0x3, 0x0) io_uring_setup$auto(0x7e1b, 0x0) sendmsg$auto_NL80211_CMD_RELOAD_REGDB(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x0, 0x4, 0x70bd27, 0x25dfdbfc, {}, [@NL80211_ATTR_SCHED_SCAN_INTERVAL={0x8, 0x77, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x40080) socket(0x2, 0x5, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket(0x11, 0x2, 0x14) openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000300)='/dev/snd/controlC2\x00', 0x8100, 0x0) socketpair$auto(0x1, 0x5, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000400)='/dev/ptyde\x00', 0xa0102, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) 1.539109422s ago: executing program 1 (id=1053): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) listmount$auto(0x0, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x2, 0x3, 0x100) sethostname$auto(0x0, 0x1) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00'}) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40480c0}, 0x40000) io_uring_setup$auto(0x7, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_ETHTOOL_MSG_MM_SET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000855}, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r2) write$auto_bm_status_operations_binfmt_misc(r2, &(0x7f0000000300)="9c68758bd1aeb39b89bedf4c113df49850cbd98839a66046e85d03c0379092faccb940b81efb4b1debb8d58116b8da0bb9c4e86141bcf80a6e3755981b8857a84b72fd63c799ab2db69e0535f3bb113bc3ad65de640474493abc2ae5f8c9ec5b2769afd1abc33a677f8a8c6ad2d3dca99a4b2429b0d4d4b961c2c5a510b560397a54ccb5b4771195b1fb34f0af3955ebbf7671268b95d949522b33d1d158a270172ffa3b6dd4b42c6def39221dccf161a918af1923b336147b0cece173e3a83fa67a65773374029c1237bc06", 0xcc) socket(0x10, 0x2, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000a000100aaaaaaaaaaaa00000a000500ffffffffffff0000060006004600000006000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x5, 0x800, 0x2) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="72010000", @ANYBLOB="13"], 0x1ac}}, 0x4004) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x8) 1.431831434s ago: executing program 4 (id=1054): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/defrag\x00', 0x2, 0x0) sendfile$auto(r0, 0x3, 0x0, 0xc01) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0x7) r2 = getpid() mmap$auto(0x0, 0x340000000000000, 0x3, 0x17, 0xfffffffffffffffa, 0x0) r3 = setfsuid$auto(0xee00) r4 = setfsuid$auto(0xee01) setresuid$auto(r3, r3, r4) mremap$auto(0x0, 0x1006, 0x3fd6, 0x8, 0x1ffffffe) fcntl$auto_F_DUPFD_CLOEXEC(r1, 0x406, r0) process_vm_readv$auto(r2, &(0x7f0000000000)={0x0, 0x91f5}, 0x9, &(0x7f0000000100)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0xfffffffffffff34d, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r5 = set_tid_address$auto(0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r6 = syz_open_procfs$namespace(r5, &(0x7f0000000080)) getdents64$auto(r6, 0x0, 0x18) r7 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy18/queues\x00', 0x81340, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r7, 0x0, 0x0) r8 = clone$auto(0x6, 0x6, &(0x7f0000000000)=0xec, &(0x7f0000000040)=0x4, 0x8000000000000000) kcmp$auto_KCMP_VM(r8, r8, 0x1, 0x9, 0xffffffffffffffff) r9 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r9, 0x4008af00, &(0x7f0000000000)=0x200000000) read$auto(r9, 0x0, 0x3ff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1a, 0x1ff) fsopen$auto(0x0, 0x1) 1.112461112s ago: executing program 2 (id=1055): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000001340), 0xffffffffffffffff) sendmsg$auto_HWSIM_CMD_NEW_RADIO(r0, &(0x7f0000001400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=' `\x00\x00', @ANYRES16=r1, @ANYBLOB="01002bbd7000fcdbdf2504"], 0x20}, 0x1, 0x0, 0x0, 0x24040000}, 0x18800) 1.032332849s ago: executing program 1 (id=1056): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) listmount$auto(0x0, 0x0, 0x0, 0x1) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb2, 0x403, 0x8000) socket(0x2, 0x3, 0x100) sethostname$auto(0x0, 0x1) mmap$auto(0x0, 0x202000a, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) r0 = socket(0x1d, 0x2, 0x6) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'vcan0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r1, 0xfd}, 0x6a) sendmsg$auto_NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={0x0, 0x21}}, 0x40) sendmsg$auto_NL80211_CMD_SET_WIPHY(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x14, 0x0, 0x200, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40480c0}, 0x40000) io_uring_setup$auto(0x7, 0x0) syz_genetlink_get_family_id$auto_ethtool(0x0, r0) sendmsg$auto_ETHTOOL_MSG_MM_SET(r0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000855}, 0x0) close_range$auto(0x2, 0x8, 0x0) r2 = socketcall$auto(0x8000, 0x0) ioctl$auto(0x3, 0xae41, r2) write$auto_bm_status_operations_binfmt_misc(r2, &(0x7f0000000300)="9c68758bd1aeb39b89bedf4c113df49850cbd98839a66046e85d03c0379092faccb940b81efb4b1debb8d58116b8da0bb9c4e86141bcf80a6e3755981b8857a84b72fd63c799ab2db69e0535f3bb113bc3ad65de640474493abc2ae5f8c9ec5b2769afd1abc33a677f8a8c6ad2d3dca99a4b2429b0d4d4b961c2c5a510b560397a54ccb5b4771195b1fb34f0af3955ebbf7671268b95d949522b33d1d158a270172ffa3b6dd4b42c6def39221dccf161a918af1923b336147b0cece173e3a83fa67a65773374029c1237bc06", 0xcc) socket(0x10, 0x2, 0x0) readv$auto(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x5}, 0x3) close_range$auto(0x2, 0x8, 0x0) sendmsg$auto_HSR_C_GET_NODE_STATUS(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="000226bd7000fedbdf25030000000800030000020000060007000080000008000200", @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000a000100aaaaaaaaaaaa00000a000500ffffffffffff0000060006004600000006000700070000000800040073090000"], 0x68}, 0x1, 0x0, 0x0, 0x18a64d47ddeca1f0}, 0x4040090) socket(0x5, 0x800, 0x2) socket(0x10, 0x2, 0x0) 796.953249ms ago: executing program 2 (id=1057): r0 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ram5\x00', 0x14fa02, 0x0) (async) r1 = openat$auto_snd_pcm_f_ops_pcm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/pcmC1D1p\x00', 0x80, 0x0) ioctl$auto_SNDRV_PCM_IOCTL_HW_PARAMS_OLD(r1, 0xc1004111, &(0x7f0000000180)={0x3, [0x62, 0x1, 0x8], [{0x2, 0x4}, {0x4, 0x800, 0x1, 0x1, 0x1, 0x1}, {0x4, 0x3, 0x0, 0x1, 0x1}, {0xffff, 0x7, 0x1, 0x0, 0x0, 0x1}, {0xfffff801, 0x0, 0x1, 0x1, 0x1}, {0x4, 0x101, 0x0, 0x0, 0x1, 0x1}, {0x100, 0x3ff, 0x0, 0x0, 0x1}, {0xf07, 0x5}, {0x6, 0xa, 0x0, 0x0, 0x1, 0x1}, {0x7a8000, 0x5}, {0x3a, 0x2, 0x1, 0x0, 0x0, 0x1}, {0xa, 0x3d37, 0x1, 0x0, 0x1}], 0x10000, 0x0, 0x60db70ee, 0x8df2, 0x6, 0x3, 0x44b8, "e55a7b4dbf972fa8078774b08f1f5d9004756cb20995ee900c4f52dabc8642735b0961436d58fbdf15cc74fe2b268486fe99a379c3221edac7f31a9f14a89a70"}) (async) mmap$auto(0x0, 0x4020009, 0xdf, 0x400000000e31, 0xffffffffffffffff, 0x0) (async, rerun: 64) r2 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x98003, 0x0) (rerun: 64) pread64$auto(r2, 0x0, 0xd, 0x6e9) (async) getrandom$auto(0x0, 0x6000000, 0x3) (async) mmap$auto(0x0, 0x810004, 0xffb, 0x8000000008011, 0x3, 0x8000) write$auto(r0, &(0x7f00000000c0)='/Eev/audio1\x00VI\xa3\xaa\xb1;\x9dJ\xc6\xc0\'\xdbV\xd4\xee\xc2\xdd\xa7\xee$\x8d\xc4\xe9d\x03\rF\xec\xb8\xb1Z|\xffGP\x97)\xcf\a\xfb\\n\x89C:\x84L\x1du\xb4\x9ab\xce\xa7tU\x14w\xb4\x14\x1dU\x9d\x8b\xa4U\x953.O\xab\"4\x8a\xbbY8@Z5`\xa4m\xffb\x17\xbb\x7f\xea4*\xa4\xf4\xb4\x90\xc0\xff\a\x00\x00\xc7\x15\xbe\x01\x98\xd7lD\x97)}\xfaK\xdf>f\xb8&\x959-\n\xccWw\xe2\x9cK\fE\a\xca\xd36\xe8\xcb?(\xfaI\xe2\xae,\x95k8\x83\xcf\xc5D\xcc', 0x100000a3d9) 696.605596ms ago: executing program 1 (id=1058): sendmsg$auto_ETHTOOL_MSG_PLCA_GET_CFG(0xffffffffffffffff, 0x0, 0x40) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) r0 = socket(0x11, 0x3, 0x9) capset$auto(0x0, &(0x7f0000000000)={0x1, 0x6, 0x48}) sendmmsg$auto(r0, &(0x7f00000006c0)={{&(0x7f0000000000), 0x5ac, &(0x7f0000000100)={&(0x7f0000000200)="4c03000000ffff0000a3677337f9", 0x49}, 0x5, 0x0, 0x5, 0x1}, 0x5}, 0x2, 0x100) 601.430525ms ago: executing program 0 (id=1059): r0 = openat$auto_ppp_device_fops_ppp_generic(0xffffffffffffff9c, &(0x7f0000000400), 0x189002, 0x0) mmap$auto(0x0, 0x20009, 0x20004000000000df, 0xebd, r0, 0x8000) unshare$auto(0x40000080) sendmsg$auto_NFSD_CMD_VERSION_GET(0xffffffffffffffff, 0x0, 0x0) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000280)='/sys/devices/virtual/net/bond0/bonding/slaves\x00', 0x80002, 0x0) write$auto_ocfs2_control_fops_stack_user(r1, &(0x7f0000000000)="2dc2f404", 0x4) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/module/nvme_core/parameters/iopolicy\x00', 0x2400, 0x0) r2 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cec7\x00', 0x10b101, 0x0) poll$auto(&(0x7f0000000040)={0x3, 0x1, 0xa}, 0x5, 0x108) select$auto(0x7, 0x0, &(0x7f0000000080)={[0x8, 0x9, 0x8, 0x5, 0x1001, 0xffffffffffffffff, 0xf, 0x1000, 0xfffffffffffffff8, 0x1, 0xced80000000000, 0x9, 0x6, 0x0, 0x1, 0x7fffffff]}, 0x0, 0x0) ioctl$auto_CEC_S_MODE(r2, 0x40046109, &(0x7f0000002c40)=0xd0) mmap$auto(0x0, 0x2020002, 0x8000000000000003, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) sendmsg$auto_GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x4000804) r3 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/bus/platform/drivers/dln2-i2c/unbind\x00', 0x202800, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r3, &(0x7f0000000080)=""/162, 0xa2) ioctl$auto_PPPIOCSPASS(r0, 0x40107447, &(0x7f00000000c0)={0x9, &(0x7f0000000000)={0x28, 0xf3, 0xb0, @raw=0xfffff018}}) getsockopt$auto_SO_ERROR(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000140)='/sys/devices/virtual/mac80211_hwsim/hwsim0/ieee80211/phy0/addresses\x00', &(0x7f00000001c0)=0x6) 510.416842ms ago: executing program 1 (id=1060): r0 = openat$auto_snd_ctl_f_ops_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snd/controlC2\x00', 0x0, 0x0) mmap$auto(0x0, 0x420009, 0xdf, 0xeb1, 0x401, 0x10000008000) close_range$auto(0x2, 0x8, 0x0) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000340)='/sys/devices/virtual/tty/ptyqe/power/control\x00', 0xa0b02, 0x0) r1 = openat$auto_tomoyo_operations_securityfs_if(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/security/tomoyo/profile\x00', 0x48802, 0x0) read$auto(r1, 0x0, 0xb4d3) write$auto(0x3, 0x0, 0x70) write$auto(0x3, 0x0, 0x5c8) ioctl$auto_SNDRV_CTL_IOCTL_ELEM_LIST(r0, 0xc0505510, &(0x7f00000000c0)={0x2, 0x6, 0x1, @inferred, 0x0, "c659491445a51b365f4e27e0b5d5f45157b60c95830c727cfc4f3d31beb5e1eec43735fd1b3784bbc591a7f61ea489070095"}) 383.174443ms ago: executing program 4 (id=1061): mmap$auto(0x0, 0x20009, 0x4000000000df, 0x40000000000eb1, 0xffffffffffffffff, 0x8000) io_uring_setup$auto(0x6, 0x0) r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/mm/transparent_hugepage/khugepaged/defrag\x00', 0x2, 0x0) sendfile$auto(r0, 0x3, 0x0, 0xc01) r1 = openat$auto_cec_devnode_fops_cec_priv(0xffffffffffffff9c, &(0x7f0000002c00)='/dev/cec18\x00', 0x900, 0x0) ioctl$auto_CEC_S_MODE(r1, 0x40046109, &(0x7f0000002c40)=0x7) mlockall$auto(0x7) mmap$auto(0x0, 0x340000000000000, 0x3, 0x17, 0xfffffffffffffffa, 0x0) r2 = setfsuid$auto(0xee00) r3 = setfsuid$auto(0xee01) setresuid$auto(r2, r2, r3) mremap$auto(0x0, 0x1006, 0x3fd6, 0x8, 0x1ffffffe) fcntl$auto_F_DUPFD_CLOEXEC(r1, 0x406, r0) process_vm_readv$auto(0x0, &(0x7f0000000000)={0x0, 0x91f5}, 0x9, &(0x7f0000000100)={&(0x7f00000010c0)="837c43558323d5db424689e7e6cb5c40ad091e4374c10000000025", 0x1ffffffff}, 0xfffffffffffff34d, 0x0) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x403, 0x8000) r4 = set_tid_address$auto(0x0) syslog$auto(0x3, &(0x7f0000000080)='..\x00k\xac\x8c\x1d\x0e\x98\x80\xd2\xaf\xa1\xf2\x1e\xe1R1\xa2\x8e\xce\xa0\x17\bI3\'\xc5tw\xd7\x1d\xa6\xf4#+\xfa\xd7\x01\xb9j<\v\xf47\n\xa7\xd2\x8b\x11e1\xb3\xfdd\x04\xa9 1q\x97\xc4,\xa9^\xc1\xb6\xa1q\x0f\xd1\x013\x87l\xb9\x1e\x05\x90\xa2', 0x5) r5 = syz_open_procfs$namespace(r4, &(0x7f0000000080)) getdents64$auto(r5, 0x0, 0x18) r6 = openat$auto_debugfs_full_proxy_file_operations_internal(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/debug/ieee80211/phy18/queues\x00', 0x81340, 0x0) read$auto_debugfs_full_proxy_file_operations_internal(r6, 0x0, 0x0) r7 = clone$auto(0x6, 0x6, &(0x7f0000000000)=0xec, &(0x7f0000000040)=0x4, 0x8000000000000000) kcmp$auto_KCMP_VM(r7, r7, 0x1, 0x9, 0xffffffffffffffff) r8 = openat$auto_vhost_net_fops_net(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) ioctl$auto_VHOST_SET_FEATURES(r8, 0x4008af00, &(0x7f0000000000)=0x200000000) read$auto(r8, 0x0, 0x3ff) mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) sysfs$auto(0x2, 0x1a, 0x1ff) fsopen$auto(0x0, 0x1) 246.319697ms ago: executing program 1 (id=1062): r0 = socket(0x2, 0x1, 0x100) mknod$auto(&(0x7f0000000180)=':,\x00', 0xcb, 0xfffffffa) r1 = socket$nl_generic(0x11, 0x3, 0x10) bind$auto(r1, &(0x7f0000000200)=@generic={0x11, "0000000000000000d29e006300"}, 0x80) execve$auto(&(0x7f00000001c0)=':,\x00', 0x0, 0x0) listen$auto(r0, 0x1ff) cachestat$auto(r0, &(0x7f0000000100)={0x9, 0xa}, &(0x7f0000000000)={0xa, 0xe5d, 0x8, 0xfffd, 0x800}, 0x20400) close_range$auto(0x2, 0xffffffffffffffff, 0x0) r2 = ioctl$auto_NS_GET_TGID_FROM_PIDNS(0xffffffffffffffff, 0x8004b707, &(0x7f0000000040)=0x7) ioctl$auto_USBDEVFS_GETDRIVER(r2, 0x41045508, &(0x7f0000000200)={0x2, "30dacf1f173f1ea4b55e13512048e390a7dd0daa7a84b7fa6841c55797c819ebf2936e8948a42b8a58820af263c99aee5f03b563706bc16052d3a284f4b55faa88fe2fd7ba8064b0973577e14c74be7b30c35ad52a91105effd61d67fb66eda0ef8b598b71ddb609e5f21deefe4bef94ae5ba220e4ec0dd04730670a99fda77364153a04820f47090a75e31cfef8042b2c7fd318e981608965fbde9cbb530cc2c5f83297efe87d2034d73a02c11c17af40bd4a0bbfc71a581e05d2f19c9915781fcc3674e9c455839db219b6c8212afd0cced6ce4588575ad6c365fe8f3a99e499e5be9444cebccd8e55518d5f7e9094cb61be9172e642941feecda5ba02d632"}) openat$auto_evdev_fops_evdev(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/input/event2\x00', 0x40000, 0x0) socket(0x10, 0x2, 0x4) openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x102800, 0x0) socket(0x2, 0x3, 0x4) bind$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x4001, @loopback}, 0x6b) 0s ago: executing program 1 (id=1063): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_genetlink_get_family_id$auto_mac80211_hwsim(&(0x7f0000000040), 0xffffffffffffffff) r0 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000800)='/dev/tty0\x00', 0x102, 0x0) write$auto_console_fops_tty_io(r0, &(0x7f0000000000)="c80d1b5d399b3b", 0xfdef) kernel console output (not intermixed with test programs): c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 147.396450][ T7149] RSP: 002b:00007f00507fe0e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 147.396481][ T7149] RAX: ffffffffffffffda RBX: 00007f004fc15fa8 RCX: 00007f004f99c139 [ 147.396501][ T7149] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007f004fc15fac [ 147.396520][ T7149] RBP: 00007f004fc15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 147.396537][ T7149] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000000 [ 147.396553][ T7149] R13: 00007f004fc16038 R14: 00007fff7aa49d50 R15: 00007fff7aa49e38 [ 147.396593][ T7149] [ 147.882735][ T7173] zswap: compressor not available [ 147.888243][ T7181] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 148.062464][ T7198] FAULT_INJECTION: forcing a failure. [ 148.062464][ T7198] name failslab, interval 1, probability 0, space 0, times 0 [ 148.114732][ T7198] CPU: 0 UID: 0 PID: 7198 Comm: syz.3.191 Not tainted syzkaller #0 PREEMPT(full) [ 148.114773][ T7198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 148.114790][ T7198] Call Trace: [ 148.114801][ T7198] [ 148.114811][ T7198] dump_stack_lvl+0x100/0x190 [ 148.114855][ T7198] should_fail_ex.cold+0x5/0xa [ 148.114888][ T7198] should_failslab+0xc2/0x120 [ 148.114932][ T7198] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 148.114968][ T7198] ? skb_clone+0x190/0x400 [ 148.115019][ T7198] skb_clone+0x190/0x400 [ 148.115062][ T7198] netlink_deliver_tap+0xaed/0xcc0 [ 148.115114][ T7198] netlink_unicast+0x650/0x870 [ 148.115149][ T7198] ? __pfx_netlink_unicast+0x10/0x10 [ 148.115194][ T7198] netlink_sendmsg+0x8b0/0xda0 [ 148.115231][ T7198] ? __pfx_netlink_sendmsg+0x10/0x10 [ 148.115265][ T7198] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 148.115303][ T7198] __sys_sendto+0x4aa/0x520 [ 148.115344][ T7198] ? __pfx___sys_sendto+0x10/0x10 [ 148.115426][ T7198] ? __pfx___x64_sys_futex+0x10/0x10 [ 148.115457][ T7198] ? ksys_write+0x1ac/0x250 [ 148.115492][ T7198] ? __pfx_ksys_write+0x10/0x10 [ 148.115535][ T7198] __x64_sys_sendto+0xe0/0x1c0 [ 148.115573][ T7198] ? do_syscall_64+0x95/0xf80 [ 148.115601][ T7198] ? lockdep_hardirqs_on+0x78/0x100 [ 148.115644][ T7198] do_syscall_64+0x106/0xf80 [ 148.115668][ T7198] ? clear_bhb_loop+0x40/0x90 [ 148.115703][ T7198] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 148.115737][ T7198] RIP: 0033:0x7f004f95ca0e [ 148.115761][ T7198] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 148.115787][ T7198] RSP: 002b:00007f00507fce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 148.115814][ T7198] RAX: ffffffffffffffda RBX: 00007f00507fe6c0 RCX: 00007f004f95ca0e [ 148.115833][ T7198] RDX: 0000000000000020 RSI: 00007f00507fd000 RDI: 0000000000000004 [ 148.115850][ T7198] RBP: 0000000000000000 R08: 00007f00507fcf04 R09: 000000000000000c [ 148.115866][ T7198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 148.115883][ T7198] R13: 00007f00507fcf58 R14: 00007f00507fd000 R15: 0000000000000000 [ 148.115921][ T7198] [ 149.124126][ T7282] FAULT_INJECTION: forcing a failure. [ 149.124126][ T7282] name failslab, interval 1, probability 0, space 0, times 0 [ 149.141258][ T7282] CPU: 1 UID: 0 PID: 7282 Comm: syz.3.194 Not tainted syzkaller #0 PREEMPT(full) [ 149.141290][ T7282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 149.141301][ T7282] Call Trace: [ 149.141308][ T7282] [ 149.141315][ T7282] dump_stack_lvl+0x100/0x190 [ 149.141347][ T7282] should_fail_ex.cold+0x5/0xa [ 149.141369][ T7282] should_failslab+0xc2/0x120 [ 149.141397][ T7282] __kmalloc_cache_noprof+0x7a/0x6f0 [ 149.141425][ T7282] ? ip_vs_est_add_kthread+0x253/0x800 [ 149.141445][ T7282] ? krealloc_node_align_noprof+0x23c/0x3e0 [ 149.141473][ T7282] ip_vs_est_add_kthread+0x253/0x800 [ 149.141497][ T7282] ip_vs_start_estimator+0x24e/0x430 [ 149.141521][ T7282] ip_vs_control_net_init+0x158a/0x1d50 [ 149.141552][ T7282] __ip_vs_init+0x217/0x520 [ 149.141579][ T7282] ? __pfx___ip_vs_init+0x10/0x10 [ 149.141604][ T7282] ops_init+0x1e2/0x5f0 [ 149.141624][ T7282] setup_net+0x118/0x3a0 [ 149.141642][ T7282] ? __pfx_setup_net+0x10/0x10 [ 149.141658][ T7282] ? lockdep_init_map_type+0x5c/0x250 [ 149.141684][ T7282] ? mutex_init_lockep+0x110/0x150 [ 149.141710][ T7282] copy_net_ns+0x46f/0x7c0 [ 149.141732][ T7282] create_new_namespaces+0x3ea/0xac0 [ 149.141756][ T7282] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 149.141776][ T7282] ksys_unshare+0x455/0xab0 [ 149.141799][ T7282] ? __pfx_ksys_unshare+0x10/0x10 [ 149.141828][ T7282] __x64_sys_unshare+0x31/0x40 [ 149.141849][ T7282] do_syscall_64+0x106/0xf80 [ 149.141866][ T7282] ? clear_bhb_loop+0x40/0x90 [ 149.141888][ T7282] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 149.141907][ T7282] RIP: 0033:0x7f004f99c139 [ 149.141922][ T7282] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 149.141939][ T7282] RSP: 002b:00007f00507fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 149.141957][ T7282] RAX: ffffffffffffffda RBX: 00007f004fc15fa0 RCX: 00007f004f99c139 [ 149.141968][ T7282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 149.141978][ T7282] RBP: 00007f004fa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 149.141988][ T7282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 149.141998][ T7282] R13: 00007f004fc16038 R14: 00007f004fc15fa0 R15: 00007fff7aa49e38 [ 149.142021][ T7282] [ 149.506785][ T7283] QAT: Stopping all acceleration devices. [ 149.644971][ T7283] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 149.645624][ T7283] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.779945][ T7283] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 149.790920][ T7283] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 149.791042][ T7283] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 149.825615][ T7283] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 150.320077][ T7283] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 150.339281][ T7283] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 150.531791][ T7283] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 150.575434][ T7283] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 150.589739][ T7283] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 150.619333][ T7283] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 150.920361][ T7350] FAULT_INJECTION: forcing a failure. [ 150.920361][ T7350] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 150.993803][ T7350] CPU: 0 UID: 0 PID: 7350 Comm: syz.0.200 Not tainted syzkaller #0 PREEMPT(full) [ 150.993847][ T7350] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 150.993865][ T7350] Call Trace: [ 150.993875][ T7350] [ 150.993887][ T7350] dump_stack_lvl+0x100/0x190 [ 150.993938][ T7350] should_fail_ex.cold+0x5/0xa [ 150.993965][ T7350] ? prepare_alloc_pages+0x16d/0x5f0 [ 150.994015][ T7350] should_fail_alloc_page+0xeb/0x140 [ 150.994060][ T7350] prepare_alloc_pages+0x1f0/0x5f0 [ 150.994110][ T7350] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 150.994160][ T7350] ? stack_trace_save+0x8e/0xc0 [ 150.994206][ T7350] ? __pfx_stack_trace_save+0x10/0x10 [ 150.994251][ T7350] ? is_bpf_text_address+0x94/0x1a0 [ 150.994294][ T7350] ? stack_depot_save_flags+0x27/0x9d0 [ 150.994337][ T7350] ? __kernel_text_address+0xd/0x30 [ 150.994380][ T7350] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 150.994422][ T7350] ? kasan_save_stack+0x3f/0x50 [ 150.994462][ T7350] ? kasan_save_track+0x14/0x30 [ 150.994501][ T7350] ? __kasan_kmalloc+0xaa/0xb0 [ 150.994538][ T7350] ? snd_pcm_attach_substream+0x451/0xd60 [ 150.994588][ T7350] ? snd_pcm_oss_open+0x735/0x1390 [ 150.994629][ T7350] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.994677][ T7350] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 150.994722][ T7350] ? policy_nodemask+0xed/0x4f0 [ 150.994769][ T7350] alloc_pages_mpol+0x1fb/0x550 [ 150.994813][ T7350] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 150.994856][ T7350] ? __split_page_owner+0x1fe/0x350 [ 150.994904][ T7350] alloc_pages_noprof+0x131/0x390 [ 150.994953][ T7350] alloc_pages_exact_noprof+0x32/0xf0 [ 150.994987][ T7350] snd_pcm_attach_substream+0x4cb/0xd60 [ 150.995048][ T7350] snd_pcm_open_substream+0x90/0x1850 [ 150.995099][ T7350] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 150.995160][ T7350] snd_pcm_oss_open+0x735/0x1390 [ 150.995216][ T7350] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 150.995257][ T7350] ? __lock_acquire+0x4a5/0x2630 [ 150.995295][ T7350] ? __pfx_default_wake_function+0x10/0x10 [ 150.995347][ T7350] ? __lock_acquire+0x4a5/0x2630 [ 150.995392][ T7350] ? do_raw_spin_lock+0x128/0x260 [ 150.995436][ T7350] ? soundcore_open+0x231/0x5a0 [ 150.995473][ T7350] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 150.995513][ T7350] soundcore_open+0x2e3/0x5a0 [ 150.995552][ T7350] ? __pfx_soundcore_open+0x10/0x10 [ 150.995588][ T7350] chrdev_open+0x234/0x6a0 [ 150.995633][ T7350] ? __pfx_apparmor_file_open+0x10/0x10 [ 150.995679][ T7350] ? __pfx_chrdev_open+0x10/0x10 [ 150.995727][ T7350] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 150.995784][ T7350] do_dentry_open+0x6d8/0x1660 [ 150.995825][ T7350] ? __pfx_chrdev_open+0x10/0x10 [ 150.995880][ T7350] vfs_open+0x82/0x3f0 [ 150.995916][ T7350] path_openat+0x208c/0x31a0 [ 150.995976][ T7350] ? __pfx_path_openat+0x10/0x10 [ 150.996037][ T7350] do_file_open+0x20e/0x430 [ 150.996087][ T7350] ? __pfx_do_file_open+0x10/0x10 [ 150.996164][ T7350] ? alloc_fd+0x476/0x790 [ 150.996212][ T7350] ? do_getname+0x191/0x390 [ 150.996249][ T7350] do_sys_openat2+0x10d/0x1e0 [ 150.996283][ T7350] ? __pfx_do_sys_openat2+0x10/0x10 [ 150.996319][ T7350] ? find_held_lock+0x2b/0x80 [ 150.996376][ T7350] __x64_sys_openat+0x12d/0x210 [ 150.996411][ T7350] ? __pfx___x64_sys_openat+0x10/0x10 [ 150.996462][ T7350] do_syscall_64+0x106/0xf80 [ 150.996492][ T7350] ? clear_bhb_loop+0x40/0x90 [ 150.996531][ T7350] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 150.996562][ T7350] RIP: 0033:0x7fa5abb9c139 [ 150.996590][ T7350] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 150.996620][ T7350] RSP: 002b:00007fa5acb32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 150.996651][ T7350] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 150.996692][ T7350] RDX: 0000000000020342 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 150.996712][ T7350] RBP: 00007fa5abc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 150.996731][ T7350] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 150.996750][ T7350] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 150.996794][ T7350] [ 151.655952][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout [ 151.818844][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout [ 152.381923][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout [ 152.531668][ T7429] FAULT_INJECTION: forcing a failure. [ 152.531668][ T7429] name failslab, interval 1, probability 0, space 0, times 0 [ 152.570692][ T7429] CPU: 0 UID: 0 PID: 7429 Comm: syz.2.204 Not tainted syzkaller #0 PREEMPT(full) [ 152.570736][ T7429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 152.570748][ T7429] Call Trace: [ 152.570754][ T7429] [ 152.570761][ T7429] dump_stack_lvl+0x100/0x190 [ 152.570793][ T7429] should_fail_ex.cold+0x5/0xa [ 152.570814][ T7429] should_failslab+0xc2/0x120 [ 152.570843][ T7429] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 152.570869][ T7429] ? __ip_vs_tcp_init+0x37/0xc0 [ 152.570895][ T7429] kmemdup_noprof+0x29/0x60 [ 152.570920][ T7429] ? __pfx___ip_vs_tcp_init+0x10/0x10 [ 152.570939][ T7429] __ip_vs_tcp_init+0x37/0xc0 [ 152.570960][ T7429] ip_vs_protocol_net_init+0x194/0x300 [ 152.570985][ T7429] __ip_vs_init+0x239/0x520 [ 152.571011][ T7429] ? __pfx___ip_vs_init+0x10/0x10 [ 152.571037][ T7429] ops_init+0x1e2/0x5f0 [ 152.571058][ T7429] setup_net+0x118/0x3a0 [ 152.571076][ T7429] ? __pfx_setup_net+0x10/0x10 [ 152.571092][ T7429] ? lockdep_init_map_type+0x5c/0x250 [ 152.571115][ T7429] ? mutex_init_lockep+0x110/0x150 [ 152.571141][ T7429] copy_net_ns+0x46f/0x7c0 [ 152.571163][ T7429] create_new_namespaces+0x3ea/0xac0 [ 152.571186][ T7429] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 152.571205][ T7429] ksys_unshare+0x455/0xab0 [ 152.571230][ T7429] ? __pfx_ksys_unshare+0x10/0x10 [ 152.571260][ T7429] __x64_sys_unshare+0x31/0x40 [ 152.571281][ T7429] do_syscall_64+0x106/0xf80 [ 152.571297][ T7429] ? clear_bhb_loop+0x40/0x90 [ 152.571319][ T7429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 152.571337][ T7429] RIP: 0033:0x7fafd4d9c139 [ 152.571353][ T7429] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 152.571370][ T7429] RSP: 002b:00007fafd5ba1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 152.571387][ T7429] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 152.571399][ T7429] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 152.571409][ T7429] RBP: 00007fafd4e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 152.571419][ T7429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 152.571429][ T7429] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 152.571452][ T7429] [ 152.877608][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout [ 153.305950][ T7469] Line length is too long: Should be less than 4094 [ 153.735777][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout [ 153.896152][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout [ 154.454747][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout [ 154.786302][ T7543] FAULT_INJECTION: forcing a failure. [ 154.786302][ T7543] name failslab, interval 1, probability 0, space 0, times 0 [ 154.810498][ T7543] CPU: 1 UID: 0 PID: 7543 Comm: syz.2.211 Not tainted syzkaller #0 PREEMPT(full) [ 154.810543][ T7543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 154.810561][ T7543] Call Trace: [ 154.810572][ T7543] [ 154.810583][ T7543] dump_stack_lvl+0x100/0x190 [ 154.810629][ T7543] should_fail_ex.cold+0x5/0xa [ 154.810666][ T7543] should_failslab+0xc2/0x120 [ 154.810713][ T7543] __kmalloc_cache_noprof+0x7a/0x6f0 [ 154.810748][ T7543] ? rtnl_newlink+0x126/0x2380 [ 154.810779][ T7543] ? __pfx_rtnl_newlink+0x10/0x10 [ 154.810810][ T7543] rtnl_newlink+0x126/0x2380 [ 154.810854][ T7543] ? __pfx_rtnl_newlink+0x10/0x10 [ 154.810883][ T7543] ? rcu_is_watching+0x12/0xc0 [ 154.810929][ T7543] ? kasan_quarantine_put+0x104/0x240 [ 154.810969][ T7543] ? lockdep_hardirqs_on+0x78/0x100 [ 154.811023][ T7543] ? kfree_skbmem+0x19a/0x210 [ 154.811057][ T7543] ? kmem_cache_free+0x124/0x6a0 [ 154.811100][ T7543] ? __lock_acquire+0x4a5/0x2630 [ 154.811142][ T7543] ? find_held_lock+0x2b/0x80 [ 154.811202][ T7543] ? find_held_lock+0x2b/0x80 [ 154.811247][ T7543] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 154.811277][ T7543] ? rtnetlink_rcv_msg+0x93a/0xe90 [ 154.811310][ T7543] ? __pfx_rtnl_newlink+0x10/0x10 [ 154.811349][ T7543] rtnetlink_rcv_msg+0x95e/0xe90 [ 154.811383][ T7543] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 154.811425][ T7543] ? ref_tracker_free+0x37e/0x6c0 [ 154.811478][ T7543] netlink_rcv_skb+0x159/0x420 [ 154.811518][ T7543] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [ 154.811551][ T7543] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 154.811597][ T7543] ? netlink_deliver_tap+0x1ae/0xcc0 [ 154.811647][ T7543] netlink_unicast+0x5aa/0x870 [ 154.811684][ T7543] ? __pfx_netlink_unicast+0x10/0x10 [ 154.811731][ T7543] netlink_sendmsg+0x8b0/0xda0 [ 154.811770][ T7543] ? __pfx_netlink_sendmsg+0x10/0x10 [ 154.811807][ T7543] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 154.811849][ T7543] __sys_sendto+0x4aa/0x520 [ 154.811907][ T7543] ? __pfx___sys_sendto+0x10/0x10 [ 154.811985][ T7543] ? xfd_validate_state+0x129/0x190 [ 154.812046][ T7543] __x64_sys_sendto+0xe0/0x1c0 [ 154.812090][ T7543] ? do_syscall_64+0x95/0xf80 [ 154.812119][ T7543] ? lockdep_hardirqs_on+0x78/0x100 [ 154.812169][ T7543] do_syscall_64+0x106/0xf80 [ 154.812197][ T7543] ? clear_bhb_loop+0x40/0x90 [ 154.812234][ T7543] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 154.812266][ T7543] RIP: 0033:0x7fafd4d5ca0e [ 154.812292][ T7543] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 154.812321][ T7543] RSP: 002b:00007fafd5b9fe88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 154.812359][ T7543] RAX: ffffffffffffffda RBX: 00007fafd5ba16c0 RCX: 00007fafd4d5ca0e [ 154.812379][ T7543] RDX: 0000000000000020 RSI: 00007fafd5ba0000 RDI: 0000000000000004 [ 154.812398][ T7543] RBP: 0000000000000000 R08: 00007fafd5b9ff04 R09: 000000000000000c [ 154.812416][ T7543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 154.812442][ T7543] R13: 00007fafd5b9ff58 R14: 00007fafd5ba0000 R15: 0000000000000000 [ 154.812482][ T7543] [ 155.126022][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout [ 155.814725][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout [ 155.953329][ T7569] syz.1.212(7569): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored. [ 155.977590][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout [ 156.076747][ T7593] FAULT_INJECTION: forcing a failure. [ 156.076747][ T7593] name failslab, interval 1, probability 0, space 0, times 0 [ 156.096269][ T7593] CPU: 1 UID: 0 PID: 7593 Comm: syz.2.214 Not tainted syzkaller #0 PREEMPT(full) [ 156.096313][ T7593] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 156.096332][ T7593] Call Trace: [ 156.096343][ T7593] [ 156.096354][ T7593] dump_stack_lvl+0x100/0x190 [ 156.096406][ T7593] should_fail_ex.cold+0x5/0xa [ 156.096443][ T7593] should_failslab+0xc2/0x120 [ 156.096488][ T7593] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 156.096527][ T7593] ? __proc_create+0x2cb/0x8c0 [ 156.096578][ T7593] __proc_create+0x2cb/0x8c0 [ 156.096622][ T7593] ? __pfx___proc_create+0x10/0x10 [ 156.096671][ T7593] ? _raw_write_unlock+0x28/0x50 [ 156.096726][ T7593] ? proc_register+0x559/0x8a0 [ 156.096774][ T7593] proc_create_reg+0x75/0x170 [ 156.096823][ T7593] proc_create_net_data+0x8e/0x1c0 [ 156.096869][ T7593] ? __pfx_proc_create_net_data+0x10/0x10 [ 156.096911][ T7593] ? __pfx_proc_create_net_data+0x10/0x10 [ 156.096957][ T7593] ? __kasan_kmalloc+0xaa/0xb0 [ 156.097007][ T7593] ip_vs_conn_net_init+0x13f/0x200 [ 156.097054][ T7593] __ip_vs_init+0x27d/0x520 [ 156.097101][ T7593] ? __pfx___ip_vs_init+0x10/0x10 [ 156.097143][ T7593] ops_init+0x1e2/0x5f0 [ 156.097178][ T7593] setup_net+0x118/0x3a0 [ 156.097209][ T7593] ? __pfx_setup_net+0x10/0x10 [ 156.097255][ T7593] ? lockdep_init_map_type+0x5c/0x250 [ 156.097300][ T7593] ? mutex_init_lockep+0x110/0x150 [ 156.097347][ T7593] copy_net_ns+0x46f/0x7c0 [ 156.097384][ T7593] create_new_namespaces+0x3ea/0xac0 [ 156.097425][ T7593] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 156.097459][ T7593] ksys_unshare+0x455/0xab0 [ 156.097499][ T7593] ? __pfx_ksys_unshare+0x10/0x10 [ 156.097552][ T7593] __x64_sys_unshare+0x31/0x40 [ 156.097590][ T7593] do_syscall_64+0x106/0xf80 [ 156.097619][ T7593] ? clear_bhb_loop+0x40/0x90 [ 156.097656][ T7593] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.097687][ T7593] RIP: 0033:0x7fafd4d9c139 [ 156.097721][ T7593] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 156.097749][ T7593] RSP: 002b:00007fafd5ba1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 156.097779][ T7593] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 156.097799][ T7593] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 156.097817][ T7593] RBP: 00007fafd4e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 156.097835][ T7593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 156.097853][ T7593] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 156.097894][ T7593] [ 156.374838][ T7599] i2c i2c-0: dvb_frontend_start: failed to start kthread (-4) [ 156.545447][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout [ 157.177264][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout [ 158.494500][ T7725] FAULT_INJECTION: forcing a failure. [ 158.494500][ T7725] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 158.554786][ T7725] CPU: 1 UID: 0 PID: 7725 Comm: syz.1.220 Not tainted syzkaller #0 PREEMPT(full) [ 158.554829][ T7725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 158.554847][ T7725] Call Trace: [ 158.554858][ T7725] [ 158.554870][ T7725] dump_stack_lvl+0x100/0x190 [ 158.554922][ T7725] should_fail_ex.cold+0x5/0xa [ 158.554952][ T7725] ? prepare_alloc_pages+0x16d/0x5f0 [ 158.555007][ T7725] should_fail_alloc_page+0xeb/0x140 [ 158.555058][ T7725] prepare_alloc_pages+0x1f0/0x5f0 [ 158.555115][ T7725] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 158.555170][ T7725] ? stack_trace_save+0x8e/0xc0 [ 158.555219][ T7725] ? __pfx_stack_trace_save+0x10/0x10 [ 158.555266][ T7725] ? is_bpf_text_address+0x94/0x1a0 [ 158.555310][ T7725] ? stack_depot_save_flags+0x27/0x9d0 [ 158.555355][ T7725] ? __kernel_text_address+0xd/0x30 [ 158.555398][ T7725] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 158.555440][ T7725] ? kasan_save_stack+0x3f/0x50 [ 158.555481][ T7725] ? kasan_save_track+0x14/0x30 [ 158.555519][ T7725] ? __kasan_kmalloc+0xaa/0xb0 [ 158.555557][ T7725] ? snd_pcm_attach_substream+0x451/0xd60 [ 158.555608][ T7725] ? snd_pcm_oss_open+0x735/0x1390 [ 158.555662][ T7725] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.555706][ T7725] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 158.555758][ T7725] ? policy_nodemask+0xed/0x4f0 [ 158.555808][ T7725] alloc_pages_mpol+0x1fb/0x550 [ 158.555858][ T7725] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 158.555907][ T7725] ? __split_page_owner+0x1fe/0x350 [ 158.555961][ T7725] alloc_pages_noprof+0x131/0x390 [ 158.556011][ T7725] alloc_pages_exact_noprof+0x32/0xf0 [ 158.556043][ T7725] snd_pcm_attach_substream+0x4cb/0xd60 [ 158.556104][ T7725] snd_pcm_open_substream+0x90/0x1850 [ 158.556156][ T7725] ? __pfx_snd_pcm_open_substream+0x10/0x10 [ 158.556217][ T7725] snd_pcm_oss_open+0x735/0x1390 [ 158.556273][ T7725] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 158.556314][ T7725] ? __lock_acquire+0x4a5/0x2630 [ 158.556354][ T7725] ? __pfx_default_wake_function+0x10/0x10 [ 158.556405][ T7725] ? __lock_acquire+0x4a5/0x2630 [ 158.556452][ T7725] ? do_raw_spin_lock+0x128/0x260 [ 158.556498][ T7725] ? soundcore_open+0x231/0x5a0 [ 158.556537][ T7725] ? __pfx_snd_pcm_oss_open+0x10/0x10 [ 158.556580][ T7725] soundcore_open+0x2e3/0x5a0 [ 158.556620][ T7725] ? __pfx_soundcore_open+0x10/0x10 [ 158.556663][ T7725] chrdev_open+0x234/0x6a0 [ 158.556709][ T7725] ? __pfx_apparmor_file_open+0x10/0x10 [ 158.556746][ T7725] ? __pfx_chrdev_open+0x10/0x10 [ 158.556794][ T7725] ? fsnotify_open_perm_and_set_mode+0x17a/0xa80 [ 158.556850][ T7725] do_dentry_open+0x6d8/0x1660 [ 158.556894][ T7725] ? __pfx_chrdev_open+0x10/0x10 [ 158.556951][ T7725] vfs_open+0x82/0x3f0 [ 158.556988][ T7725] path_openat+0x208c/0x31a0 [ 158.557050][ T7725] ? __pfx_path_openat+0x10/0x10 [ 158.557113][ T7725] do_file_open+0x20e/0x430 [ 158.557162][ T7725] ? __pfx_do_file_open+0x10/0x10 [ 158.557259][ T7725] ? alloc_fd+0x476/0x790 [ 158.557308][ T7725] ? do_getname+0x191/0x390 [ 158.557344][ T7725] do_sys_openat2+0x10d/0x1e0 [ 158.557378][ T7725] ? __pfx_do_sys_openat2+0x10/0x10 [ 158.557412][ T7725] ? find_held_lock+0x2b/0x80 [ 158.557468][ T7725] __x64_sys_openat+0x12d/0x210 [ 158.557504][ T7725] ? __pfx___x64_sys_openat+0x10/0x10 [ 158.557557][ T7725] do_syscall_64+0x106/0xf80 [ 158.557586][ T7725] ? clear_bhb_loop+0x40/0x90 [ 158.557625][ T7725] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 158.557664][ T7725] RIP: 0033:0x7f4085b9c139 [ 158.557692][ T7725] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 158.557721][ T7725] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 158.557751][ T7725] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 158.557772][ T7725] RDX: 0000000000020342 RSI: 00002000000001c0 RDI: ffffffffffffff9c [ 158.557791][ T7725] RBP: 00007f4085c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 158.557809][ T7725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 158.557826][ T7725] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 158.557868][ T7725] [ 158.970119][ T7728] FAULT_INJECTION: forcing a failure. [ 158.970119][ T7728] name failslab, interval 1, probability 0, space 0, times 0 [ 159.003718][ T7728] CPU: 0 UID: 0 PID: 7728 Comm: syz.0.221 Not tainted syzkaller #0 PREEMPT(full) [ 159.003761][ T7728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 159.003780][ T7728] Call Trace: [ 159.003791][ T7728] [ 159.003803][ T7728] dump_stack_lvl+0x100/0x190 [ 159.003855][ T7728] should_fail_ex.cold+0x5/0xa [ 159.003892][ T7728] should_failslab+0xc2/0x120 [ 159.003941][ T7728] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 159.003981][ T7728] ? skb_clone+0x190/0x400 [ 159.004039][ T7728] skb_clone+0x190/0x400 [ 159.004091][ T7728] netlink_deliver_tap+0xaed/0xcc0 [ 159.004152][ T7728] netlink_unicast+0x650/0x870 [ 159.004192][ T7728] ? __pfx_netlink_unicast+0x10/0x10 [ 159.004241][ T7728] netlink_sendmsg+0x8b0/0xda0 [ 159.004281][ T7728] ? __pfx_netlink_sendmsg+0x10/0x10 [ 159.004320][ T7728] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 159.004363][ T7728] __sys_sendto+0x4aa/0x520 [ 159.004409][ T7728] ? __pfx___sys_sendto+0x10/0x10 [ 159.004486][ T7728] ? xfd_validate_state+0x129/0x190 [ 159.004538][ T7728] __x64_sys_sendto+0xe0/0x1c0 [ 159.004582][ T7728] ? do_syscall_64+0x95/0xf80 [ 159.004608][ T7728] ? lockdep_hardirqs_on+0x78/0x100 [ 159.004672][ T7728] do_syscall_64+0x106/0xf80 [ 159.004700][ T7728] ? clear_bhb_loop+0x40/0x90 [ 159.004740][ T7728] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 159.004772][ T7728] RIP: 0033:0x7fa5abb5ca0e [ 159.004799][ T7728] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 159.004828][ T7728] RSP: 002b:00007fa5acb30e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 159.004859][ T7728] RAX: ffffffffffffffda RBX: 00007fa5acb326c0 RCX: 00007fa5abb5ca0e [ 159.004878][ T7728] RDX: 0000000000000020 RSI: 00007fa5acb31000 RDI: 0000000000000004 [ 159.004896][ T7728] RBP: 0000000000000000 R08: 00007fa5acb30f04 R09: 000000000000000c [ 159.004914][ T7728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000004 [ 159.004931][ T7728] R13: 00007fa5acb30f58 R14: 00007fa5acb31000 R15: 0000000000000000 [ 159.004972][ T7728] [ 159.669322][ T7738] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 160.076516][ T7752] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 160.286956][ T7757] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 162.157128][ T7820] bond0: option slaves: interface -] does not exist! [ 163.101046][ T7872] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 164.639513][ T7925] zswap: compressor not available [ 164.720808][ T7942] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 165.488940][ T7997] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 165.561778][ T7988] FAULT_INJECTION: forcing a failure. [ 165.561778][ T7988] name failslab, interval 1, probability 0, space 0, times 0 [ 165.605684][ T7988] CPU: 1 UID: 0 PID: 7988 Comm: syz.0.243 Not tainted syzkaller #0 PREEMPT(full) [ 165.605728][ T7988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 165.605746][ T7988] Call Trace: [ 165.605757][ T7988] [ 165.605768][ T7988] dump_stack_lvl+0x100/0x190 [ 165.605817][ T7988] should_fail_ex.cold+0x5/0xa [ 165.605855][ T7988] should_failslab+0xc2/0x120 [ 165.605902][ T7988] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 165.605942][ T7988] ? __proc_create+0x2cb/0x8c0 [ 165.605994][ T7988] __proc_create+0x2cb/0x8c0 [ 165.606037][ T7988] ? __pfx___proc_create+0x10/0x10 [ 165.606086][ T7988] ? _raw_write_unlock+0x28/0x50 [ 165.606134][ T7988] ? proc_register+0x559/0x8a0 [ 165.606182][ T7988] proc_create_reg+0x75/0x170 [ 165.606230][ T7988] proc_create_seq_private+0x8e/0x180 [ 165.606276][ T7988] ? __pfx_proc_create_seq_private+0x10/0x10 [ 165.606330][ T7988] xt_proto_init+0x3ab/0xb80 [ 165.606372][ T7988] ? __pfx_xt_proto_init+0x10/0x10 [ 165.606412][ T7988] ? kasan_save_track+0x14/0x30 [ 165.606452][ T7988] ? __kasan_kmalloc+0xaa/0xb0 [ 165.606499][ T7988] ? __pfx_ip_tables_net_init+0x10/0x10 [ 165.606537][ T7988] ops_init+0x1e2/0x5f0 [ 165.606573][ T7988] setup_net+0x118/0x3a0 [ 165.606613][ T7988] ? __pfx_setup_net+0x10/0x10 [ 165.606641][ T7988] ? lockdep_init_map_type+0x5c/0x250 [ 165.606681][ T7988] ? mutex_init_lockep+0x110/0x150 [ 165.606732][ T7988] copy_net_ns+0x46f/0x7c0 [ 165.606772][ T7988] create_new_namespaces+0x3ea/0xac0 [ 165.606813][ T7988] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 165.606847][ T7988] ksys_unshare+0x455/0xab0 [ 165.606885][ T7988] ? __pfx_ksys_unshare+0x10/0x10 [ 165.606933][ T7988] __x64_sys_unshare+0x31/0x40 [ 165.606967][ T7988] do_syscall_64+0x106/0xf80 [ 165.606994][ T7988] ? clear_bhb_loop+0x40/0x90 [ 165.607031][ T7988] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 165.607062][ T7988] RIP: 0033:0x7fa5abb9c139 [ 165.607089][ T7988] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 165.607118][ T7988] RSP: 002b:00007fa5acb32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 165.607148][ T7988] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 165.607169][ T7988] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 165.607189][ T7988] RBP: 00007fa5abc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 165.607207][ T7988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 165.607226][ T7988] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 165.607271][ T7988] [ 168.732047][ T30] audit: type=1800 audit(6066341114.273:3): pid=8160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.252" name="dbroot" dev="configfs" ino=14382 res=0 errno=0 [ 169.011967][ T8172] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 169.918972][ T8192] zswap: compressor not available [ 169.947610][ T8212] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 169.966528][ T8211] FAULT_INJECTION: forcing a failure. [ 169.966528][ T8211] name failslab, interval 1, probability 0, space 0, times 0 [ 169.979529][ T8211] CPU: 1 UID: 0 PID: 8211 Comm: syz.3.258 Not tainted syzkaller #0 PREEMPT(full) [ 169.979556][ T8211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 169.979567][ T8211] Call Trace: [ 169.979574][ T8211] [ 169.979581][ T8211] dump_stack_lvl+0x100/0x190 [ 169.979612][ T8211] should_fail_ex.cold+0x5/0xa [ 169.979633][ T8211] ? __register_sysctl_table+0xac/0x1650 [ 169.979659][ T8211] should_failslab+0xc2/0x120 [ 169.979686][ T8211] __kmalloc_noprof+0xe0/0x850 [ 169.979714][ T8211] __register_sysctl_table+0xac/0x1650 [ 169.979739][ T8211] ? is_module_address+0x5f/0xf0 [ 169.979765][ T8211] ? __pfx___register_sysctl_table+0x10/0x10 [ 169.979790][ T8211] ? is_module_address+0x69/0xf0 [ 169.979810][ T8211] ? register_net_sysctl_sz+0x222/0x430 [ 169.979833][ T8211] ? __asan_memcpy+0x3c/0x60 [ 169.979856][ T8211] __ip_vs_lblc_init+0x159/0x340 [ 169.979883][ T8211] ? __pfx___ip_vs_lblc_init+0x10/0x10 [ 169.979908][ T8211] ops_init+0x1e2/0x5f0 [ 169.979928][ T8211] setup_net+0x118/0x3a0 [ 169.979946][ T8211] ? __pfx_setup_net+0x10/0x10 [ 169.979962][ T8211] ? lockdep_init_map_type+0x5c/0x250 [ 169.979985][ T8211] ? mutex_init_lockep+0x110/0x150 [ 169.980011][ T8211] copy_net_ns+0x46f/0x7c0 [ 169.980033][ T8211] create_new_namespaces+0x3ea/0xac0 [ 169.980057][ T8211] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 169.980077][ T8211] ksys_unshare+0x455/0xab0 [ 169.980100][ T8211] ? __pfx_ksys_unshare+0x10/0x10 [ 169.980130][ T8211] __x64_sys_unshare+0x31/0x40 [ 169.980151][ T8211] do_syscall_64+0x106/0xf80 [ 169.980167][ T8211] ? clear_bhb_loop+0x40/0x90 [ 169.980189][ T8211] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 169.980208][ T8211] RIP: 0033:0x7f004f99c139 [ 169.980224][ T8211] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 169.980241][ T8211] RSP: 002b:00007f00507fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 169.980259][ T8211] RAX: ffffffffffffffda RBX: 00007f004fc15fa0 RCX: 00007f004f99c139 [ 169.980270][ T8211] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 169.980281][ T8211] RBP: 00007f004fa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 169.980291][ T8211] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 169.980302][ T8211] R13: 00007f004fc16038 R14: 00007f004fc15fa0 R15: 00007fff7aa49e38 [ 169.980324][ T8211] [ 171.260187][ T8311] zswap: compressor not available [ 172.024962][ T8363] zswap: compressor not available [ 172.039957][ T8376] ACPI: EC: Assuming SCI_EVT clearing on QR_EC writes [ 174.145446][ T8521] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input10 [ 174.364033][ T8530] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input11 [ 175.298651][ T8616] bond0: option slaves: interface -] does not exist! [ 176.142934][ T8665] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 176.420271][ T8684] bond0: option slaves: interface -] does not exist! [ 177.162083][ T8750] bond0: option slaves: interface -] does not exist! [ 177.502981][ T8772] bond0: option slaves: interface -] does not exist! [ 178.849238][ T8817] netlink: 4 bytes leftover after parsing attributes in process `syz.1.296'. [ 178.971981][ T8831] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 180.515934][ T8922] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 180.972811][ T8942] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 182.795540][ T9012] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 183.889857][ T9078] bond0: option slaves: interface -] does not exist! [ 185.045605][ T9123] nvme_fcloop: unknown parameter or missing value '7' [ 185.606036][ T9134] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 186.034827][ T9152] FAULT_INJECTION: forcing a failure. [ 186.034827][ T9152] name failslab, interval 1, probability 0, space 0, times 0 [ 186.083700][ T9152] CPU: 0 UID: 0 PID: 9152 Comm: syz.2.335 Not tainted syzkaller #0 PREEMPT(full) [ 186.083743][ T9152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.083763][ T9152] Call Trace: [ 186.083772][ T9152] [ 186.083785][ T9152] dump_stack_lvl+0x100/0x190 [ 186.083835][ T9152] should_fail_ex.cold+0x5/0xa [ 186.083871][ T9152] should_failslab+0xc2/0x120 [ 186.083918][ T9152] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 186.083958][ T9152] ? vm_area_dup+0x27/0x8e0 [ 186.083990][ T9152] ? rcu_is_watching+0x12/0xc0 [ 186.084033][ T9152] ? percpu_counter_add_batch+0xb9/0x230 [ 186.084078][ T9152] vm_area_dup+0x27/0x8e0 [ 186.084116][ T9152] dup_mmap+0x6c9/0x1db0 [ 186.084163][ T9152] ? __pfx_dup_mmap+0x10/0x10 [ 186.084190][ T9152] ? rcu_is_watching+0x12/0xc0 [ 186.084261][ T9152] copy_process+0x73d7/0x7a10 [ 186.084314][ T9152] ? __pfx_copy_process+0x10/0x10 [ 186.084350][ T9152] ? find_held_lock+0x2b/0x80 [ 186.084402][ T9152] ? futex_private_hash_put+0x107/0x1c0 [ 186.084442][ T9152] kernel_clone+0xfc/0x9a0 [ 186.084480][ T9152] ? __pfx_kernel_clone+0x10/0x10 [ 186.084544][ T9152] __do_sys_clone+0xd9/0x120 [ 186.084577][ T9152] ? __pfx___do_sys_clone+0x10/0x10 [ 186.084655][ T9152] do_syscall_64+0x106/0xf80 [ 186.084685][ T9152] ? clear_bhb_loop+0x40/0x90 [ 186.084725][ T9152] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.084758][ T9152] RIP: 0033:0x7fafd4d9c139 [ 186.084786][ T9152] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.084816][ T9152] RSP: 002b:00007fafd5ba0fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 186.084846][ T9152] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 186.084866][ T9152] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000 [ 186.084884][ T9152] RBP: 00007fafd4e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 186.084903][ T9152] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 186.084923][ T9152] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 186.084968][ T9152] [ 186.090956][ T9144] zswap: compressor not available [ 186.509755][ T9162] FAULT_INJECTION: forcing a failure. [ 186.509755][ T9162] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 186.546312][ T9162] CPU: 1 UID: 0 PID: 9162 Comm: syz.2.336 Not tainted syzkaller #0 PREEMPT(full) [ 186.546365][ T9162] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 186.546385][ T9162] Call Trace: [ 186.546396][ T9162] [ 186.546409][ T9162] dump_stack_lvl+0x100/0x190 [ 186.546459][ T9162] should_fail_ex.cold+0x5/0xa [ 186.546489][ T9162] ? prepare_alloc_pages+0x16d/0x5f0 [ 186.546543][ T9162] should_fail_alloc_page+0xeb/0x140 [ 186.546592][ T9162] prepare_alloc_pages+0x1f0/0x5f0 [ 186.546642][ T9162] ? __lock_acquire+0x4a5/0x2630 [ 186.546685][ T9162] __alloc_frozen_pages_noprof+0x19a/0x2ba0 [ 186.546731][ T9162] ? __lock_acquire+0x4a5/0x2630 [ 186.546789][ T9162] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 186.546832][ T9162] ? find_held_lock+0x2b/0x80 [ 186.546878][ T9162] ? is_bpf_text_address+0x8a/0x1a0 [ 186.546921][ T9162] ? is_bpf_text_address+0x8a/0x1a0 [ 186.546973][ T9162] ? bpf_ksym_find+0x124/0x1c0 [ 186.547005][ T9162] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 186.547061][ T9162] ? kernel_text_address+0x8d/0x100 [ 186.547105][ T9162] ? is_bpf_text_address+0x8a/0x1a0 [ 186.547147][ T9162] ? __kernel_text_address+0xd/0x30 [ 186.547190][ T9162] ? unwind_get_return_address+0x59/0xa0 [ 186.547224][ T9162] ? arch_stack_walk+0xa6/0xf0 [ 186.547257][ T9162] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 186.547314][ T9162] ? policy_nodemask+0xed/0x4f0 [ 186.547380][ T9162] alloc_pages_mpol+0x1fb/0x550 [ 186.547431][ T9162] ? __pfx_alloc_pages_mpol+0x10/0x10 [ 186.547488][ T9162] alloc_pages_noprof+0x131/0x390 [ 186.547540][ T9162] __pud_alloc+0x3b/0x760 [ 186.547575][ T9162] copy_page_range+0x3f06/0x6570 [ 186.547620][ T9162] ? __lock_acquire+0x4a5/0x2630 [ 186.547688][ T9162] ? mas_wr_store_entry+0x6d2/0x2390 [ 186.547727][ T9162] ? __pfx_copy_page_range+0x10/0x10 [ 186.547772][ T9162] ? mas_store+0x666/0xac0 [ 186.547810][ T9162] ? __pfx_mas_store+0x10/0x10 [ 186.547855][ T9162] ? __pfx___vma_start_write+0x10/0x10 [ 186.547903][ T9162] dup_mmap+0xc00/0x1db0 [ 186.547950][ T9162] ? __pfx_dup_mmap+0x10/0x10 [ 186.547979][ T9162] ? rcu_is_watching+0x12/0xc0 [ 186.548052][ T9162] copy_process+0x73d7/0x7a10 [ 186.548108][ T9162] ? __pfx_copy_process+0x10/0x10 [ 186.548166][ T9162] kernel_clone+0xfc/0x9a0 [ 186.548200][ T9162] ? __pfx_futex_wait+0x10/0x10 [ 186.548246][ T9162] ? __pfx_kernel_clone+0x10/0x10 [ 186.548307][ T9162] __do_sys_clone+0xd9/0x120 [ 186.548353][ T9162] ? __pfx___do_sys_clone+0x10/0x10 [ 186.548424][ T9162] do_syscall_64+0x106/0xf80 [ 186.548454][ T9162] ? clear_bhb_loop+0x40/0x90 [ 186.548495][ T9162] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.548527][ T9162] RIP: 0033:0x7fafd4d9c139 [ 186.548555][ T9162] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 186.548585][ T9162] RSP: 002b:00007fafd5ba0fd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 186.548617][ T9162] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 186.548638][ T9162] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 186.548657][ T9162] RBP: 00007fafd4e327e0 R08: 0000000000000000 R09: 0000000000000000 [ 186.548675][ T9162] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 186.548694][ T9162] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 186.548738][ T9162] [ 188.054915][ T9224] mmap: syz.3.342 (9224) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 188.198766][ T9245] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 189.164800][ T9284] bond0: option slaves: interface -] does not exist! [ 190.140140][ T9359] program syz.2.353 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 190.461191][ T9370] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 190.726611][ T9381] ima: policy update failed [ 190.745567][ T30] audit: type=1802 audit(6066341136.273:4): pid=9381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.3.357" res=0 errno=0 [ 191.847952][ T9412] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes. [ 191.956345][ T9414] ima: Unable to open file: /sys/kernel/security/integrity/ima/policy (-26) [ 192.061330][ T9411] ima: policy update failed [ 192.097378][ T30] audit: type=1802 audit(6066341137.633:5): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=policy_update cause=failed comm="syz.1.363" res=0 errno=0 [ 193.813025][ T9528] netlink: 'syz.1.377': attribute type 27 has an invalid length. [ 193.834375][ T9528] netlink: 334 bytes leftover after parsing attributes in process `syz.1.377'. [ 194.627261][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.637297][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.472896][ T9626] netlink: 12 bytes leftover after parsing attributes in process `syz.2.389'. [ 196.678589][ T9687] netlink: 'syz.3.395': attribute type 33 has an invalid length. [ 199.829033][ T9817] FAULT_INJECTION: forcing a failure. [ 199.829033][ T9817] name failslab, interval 1, probability 0, space 0, times 0 [ 199.935492][ T9817] CPU: 1 UID: 0 PID: 9817 Comm: syz.3.409 Not tainted syzkaller #0 PREEMPT(full) [ 199.935532][ T9817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 199.935549][ T9817] Call Trace: [ 199.935559][ T9817] [ 199.935571][ T9817] dump_stack_lvl+0x100/0x190 [ 199.935630][ T9817] should_fail_ex.cold+0x5/0xa [ 199.935665][ T9817] should_failslab+0xc2/0x120 [ 199.935710][ T9817] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 199.935748][ T9817] ? __pmd_alloc+0xbf/0x9c0 [ 199.935784][ T9817] __pmd_alloc+0xbf/0x9c0 [ 199.935818][ T9817] __handle_mm_fault+0xa99/0x2b60 [ 199.935859][ T9817] ? mt_find+0x45e/0x8e0 [ 199.935893][ T9817] ? __pfx___handle_mm_fault+0x10/0x10 [ 199.935926][ T9817] ? __pfx_mt_find+0x10/0x10 [ 199.935980][ T9817] ? find_vma+0xbf/0x140 [ 199.936021][ T9817] ? __pfx_find_vma+0x10/0x10 [ 199.936068][ T9817] handle_mm_fault+0x36d/0xa20 [ 199.936112][ T9817] do_user_addr_fault+0x74c/0x12f0 [ 199.936170][ T9817] exc_page_fault+0x6f/0xd0 [ 199.936219][ T9817] asm_exc_page_fault+0x26/0x30 [ 199.936248][ T9817] RIP: 0010:rep_movs_alternative+0xf/0x90 [ 199.936287][ T9817] Code: c4 10 c3 cc cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 83 f9 40 73 44 83 f9 08 73 25 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 e9 bd 93 04 00 66 66 [ 199.936315][ T9817] RSP: 0018:ffffc900191ffd30 EFLAGS: 00050202 [ 199.936339][ T9817] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000004 [ 199.936357][ T9817] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffc900191ffda0 [ 199.936374][ T9817] RBP: 0000000000000004 R08: 0000000000000001 R09: fffff5200323ffb4 [ 199.936391][ T9817] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000 [ 199.936408][ T9817] R13: ffffc900191ffda0 R14: 0000000000000000 R15: 0000000000000000 [ 199.936446][ T9817] _copy_from_user+0x98/0xd0 [ 199.936490][ T9817] do_sock_getsockopt+0x30b/0x3d0 [ 199.936528][ T9817] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 199.936589][ T9817] __sys_getsockopt+0x133/0x1d0 [ 199.936639][ T9817] ? __pfx_ksys_write+0x10/0x10 [ 199.936686][ T9817] ? __x64_sys_getsockopt+0xbd/0x160 [ 199.936730][ T9817] __x64_sys_getsockopt+0xbd/0x160 [ 199.936775][ T9817] ? do_syscall_64+0x95/0xf80 [ 199.936802][ T9817] ? lockdep_hardirqs_on+0x78/0x100 [ 199.936848][ T9817] do_syscall_64+0x106/0xf80 [ 199.936876][ T9817] ? clear_bhb_loop+0x40/0x90 [ 199.936913][ T9817] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.936943][ T9817] RIP: 0033:0x7f004f99c139 [ 199.936968][ T9817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 199.936995][ T9817] RSP: 002b:00007f00507fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 199.937023][ T9817] RAX: ffffffffffffffda RBX: 00007f004fc15fa0 RCX: 00007f004f99c139 [ 199.937042][ T9817] RDX: 000000000000001b RSI: 0000000000000084 RDI: 0000000000000003 [ 199.937060][ T9817] RBP: 00007f00507fe090 R08: 0000000000000000 R09: 0000000000000000 [ 199.937077][ T9817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.937094][ T9817] R13: 00007f004fc16038 R14: 00007f004fc15fa0 R15: 00007fff7aa49e38 [ 199.937135][ T9817] [ 203.457418][ T9939] syz.3.419 (9939): attempted to duplicate a private mapping with mremap. This is not supported. [ 205.321064][ T9966] FAULT_INJECTION: forcing a failure. [ 205.321064][ T9966] name fail_futex, interval 1, probability 0, space 0, times 0 [ 205.424110][ T9966] CPU: 1 UID: 0 PID: 9966 Comm: syz.2.421 Tainted: G L syzkaller #0 PREEMPT(full) [ 205.424160][ T9966] Tainted: [L]=SOFTLOCKUP [ 205.424172][ T9966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 205.424189][ T9966] Call Trace: [ 205.424199][ T9966] [ 205.424210][ T9966] dump_stack_lvl+0x100/0x190 [ 205.424260][ T9966] should_fail_ex.cold+0x5/0xa [ 205.424288][ T9966] ? rcu_is_watching+0x12/0xc0 [ 205.424344][ T9966] get_futex_key+0x106f/0x1620 [ 205.424382][ T9966] ? __pfx_get_futex_key+0x10/0x10 [ 205.424410][ T9966] ? lock_acquire+0x1cf/0x380 [ 205.424458][ T9966] futex_wake+0xea/0x530 [ 205.424504][ T9966] ? __pfx_futex_wake+0x10/0x10 [ 205.424547][ T9966] ? exit_mm_release+0x19/0x30 [ 205.424590][ T9966] do_futex+0x32b/0x350 [ 205.424623][ T9966] ? __pfx_do_futex+0x10/0x10 [ 205.424650][ T9966] ? __might_fault+0xc5/0x140 [ 205.424697][ T9966] mm_release+0x24a/0x2f0 [ 205.424726][ T9966] do_exit+0x675/0x2aa0 [ 205.424769][ T9966] ? __pfx_do_exit+0x10/0x10 [ 205.424805][ T9966] ? do_raw_spin_lock+0x128/0x260 [ 205.424843][ T9966] ? find_held_lock+0x2b/0x80 [ 205.424886][ T9966] ? get_signal+0x7e0/0x21e0 [ 205.424918][ T9966] do_group_exit+0xd5/0x2a0 [ 205.424959][ T9966] get_signal+0x1ec7/0x21e0 [ 205.425001][ T9966] ? __pfx_get_signal+0x10/0x10 [ 205.425032][ T9966] ? do_futex+0x192/0x350 [ 205.425070][ T9966] arch_do_signal_or_restart+0x91/0x770 [ 205.425108][ T9966] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 205.425155][ T9966] ? __pfx___x64_sys_futex+0x10/0x10 [ 205.425199][ T9966] exit_to_user_mode_loop+0x86/0x4a0 [ 205.425239][ T9966] do_syscall_64+0x668/0xf80 [ 205.425267][ T9966] ? clear_bhb_loop+0x40/0x90 [ 205.425312][ T9966] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.425342][ T9966] RIP: 0033:0x7fafd4d9c139 [ 205.425367][ T9966] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 205.425395][ T9966] RSP: 002b:00007fafd5b800e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 205.425423][ T9966] RAX: fffffffffffffe00 RBX: 00007fafd5016098 RCX: 00007fafd4d9c139 [ 205.425443][ T9966] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fafd5016098 [ 205.425460][ T9966] RBP: 00007fafd5016090 R08: 0000000000000000 R09: 0000000000000000 [ 205.425478][ T9966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 205.425495][ T9966] R13: 00007fafd5016128 R14: 00007fff41b40eb0 R15: 00007fff41b40f98 [ 205.425535][ T9966] [ 205.804863][ T9995] bond0: option slaves: interface -] does not exist! [ 206.046240][ T9996] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 207.243853][T10081] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 208.923793][T10156] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 209.610209][T10202] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 210.798958][T10254] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 211.861217][T10295] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 212.619894][T10349] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 212.860909][T10371] bdi 43:192: the stable_pages_required attribute has been removed. Use the stable_writes queue attribute instead. [ 213.441732][T10387] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 214.015268][T10429] bond0: option slaves: interface -] does not exist! [ 214.465706][T10463] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 215.123131][T10483] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 216.346980][T10586] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 217.392897][T10620] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 218.127215][T10663] bond0: option slaves: interface -] does not exist! [ 218.505734][T10689] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 218.814623][T10712] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 219.393232][T10752] bond0: option slaves: interface -] does not exist! [ 219.902636][T10778] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 220.040233][T10779] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 220.393666][T10809] bond0: option slaves: interface -] does not exist! [ 221.291142][T10847] vhci_hcd: not connected 4 [ 221.419638][T10849] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 221.720763][T10861] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 222.044490][T10886] device-mapper: ioctl: ioctl interface mismatch: kernel(4.50.0), user(0.0.0), cmd(2) [ 222.188002][T10879] bond0: option slaves: interface -] does not exist! [ 222.310152][T10913] netlink: 4 bytes leftover after parsing attributes in process `syz.0.528'. [ 222.320454][T10913] netlink: 17 bytes leftover after parsing attributes in process `syz.0.528'. [ 222.645726][T10928] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 223.191715][T10950] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 223.533892][T10960] netlink: 2468 bytes leftover after parsing attributes in process `syz.3.537'. [ 223.571500][T10960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.537'. [ 223.948742][T10979] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 224.719653][T10989] bond0: no command found in slaves file - use +ifname or -ifname [ 224.952017][T11024] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 225.353135][T11038] FAULT_INJECTION: forcing a failure. [ 225.353135][T11038] name failslab, interval 1, probability 0, space 0, times 0 [ 225.394449][T11038] CPU: 0 UID: 0 PID: 11038 Comm: syz.3.550 Tainted: G L syzkaller #0 PREEMPT(full) [ 225.394500][T11038] Tainted: [L]=SOFTLOCKUP [ 225.394518][T11038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 225.394534][T11038] Call Trace: [ 225.394551][T11038] [ 225.394563][T11038] dump_stack_lvl+0x100/0x190 [ 225.394614][T11038] should_fail_ex.cold+0x5/0xa [ 225.394650][T11038] should_failslab+0xc2/0x120 [ 225.394697][T11038] __kmalloc_cache_noprof+0x7a/0x6f0 [ 225.394732][T11038] ? watch_queue_init+0x45/0x170 [ 225.394772][T11038] ? __pfx_pipe_lock_cmp_fn+0x10/0x10 [ 225.394822][T11038] watch_queue_init+0x45/0x170 [ 225.394865][T11038] create_pipe_files+0x672/0x970 [ 225.394916][T11038] do_pipe2+0xbd/0x1e0 [ 225.394961][T11038] ? __pfx_do_pipe2+0x10/0x10 [ 225.395006][T11038] ? xfd_validate_state+0x129/0x190 [ 225.395062][T11038] __x64_sys_pipe2+0x54/0x80 [ 225.395107][T11038] do_syscall_64+0x106/0xf80 [ 225.395135][T11038] ? clear_bhb_loop+0x40/0x90 [ 225.395173][T11038] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.395204][T11038] RIP: 0033:0x7f004f99c139 [ 225.395231][T11038] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 225.395260][T11038] RSP: 002b:00007f00507fe028 EFLAGS: 00000246 ORIG_RAX: 0000000000000125 [ 225.395289][T11038] RAX: ffffffffffffffda RBX: 00007f004fc15fa0 RCX: 00007f004f99c139 [ 225.395308][T11038] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000000 [ 225.395326][T11038] RBP: 00007f004fa327e0 R08: 0000000000000000 R09: 0000000000000000 [ 225.395344][T11038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 225.395362][T11038] R13: 00007f004fc16038 R14: 00007f004fc15fa0 R15: 00007fff7aa49e38 [ 225.395403][T11038] [ 225.581724][T11034] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 226.005859][T11056] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 226.354104][T11068] FAULT_INJECTION: forcing a failure. [ 226.354104][T11068] name failslab, interval 1, probability 0, space 0, times 0 [ 226.384894][T11068] CPU: 0 UID: 0 PID: 11068 Comm: syz.0.556 Tainted: G L syzkaller #0 PREEMPT(full) [ 226.384943][T11068] Tainted: [L]=SOFTLOCKUP [ 226.384952][T11068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 226.384969][T11068] Call Trace: [ 226.384978][T11068] [ 226.384989][T11068] dump_stack_lvl+0x100/0x190 [ 226.385036][T11068] should_fail_ex.cold+0x5/0xa [ 226.385070][T11068] should_failslab+0xc2/0x120 [ 226.385114][T11068] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 226.385151][T11068] ? mas_alloc_nodes+0x280/0x390 [ 226.385199][T11068] mas_alloc_nodes+0x280/0x390 [ 226.385244][T11068] mas_preallocate+0x39c/0xf10 [ 226.385281][T11068] ? __pfx_mas_preallocate+0x10/0x10 [ 226.385320][T11068] ? vm_area_alloc+0x1f/0x160 [ 226.385354][T11068] ? hugetlbfs_file_mmap_prepare+0x4fa/0x640 [ 226.385407][T11068] ? lockdep_init_map_type+0x5c/0x250 [ 226.385448][T11068] __mmap_region+0x1218/0x2760 [ 226.385486][T11068] ? ima_store_measurement+0x522/0x5b0 [ 226.385525][T11068] ? __pfx___mmap_region+0x10/0x10 [ 226.385570][T11068] ? find_held_lock+0x2b/0x80 [ 226.385632][T11068] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 226.385677][T11068] ? __pfx_hugetlb_file_mmap_prepare_success+0x10/0x10 [ 226.385720][T11068] ? process_measurement+0x1f4/0x2350 [ 226.385807][T11068] ? rcu_is_watching+0x12/0xc0 [ 226.385847][T11068] ? cap_capable+0x107/0x460 [ 226.385885][T11068] mmap_region+0x30a/0x3e0 [ 226.385930][T11068] do_mmap+0xc63/0x12f0 [ 226.385982][T11068] ? __pfx_do_mmap+0x10/0x10 [ 226.386026][T11068] ? __pfx_down_write_killable+0x10/0x10 [ 226.386068][T11068] vm_mmap_pgoff+0x29e/0x470 [ 226.386122][T11068] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 226.386164][T11068] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 226.386198][T11068] ? hugetlbfs_get_inode+0x36e/0x750 [ 226.386253][T11068] ksys_mmap_pgoff+0x1c4/0x5b0 [ 226.386304][T11068] __x64_sys_mmap+0x125/0x190 [ 226.386350][T11068] do_syscall_64+0x106/0xf80 [ 226.386384][T11068] ? clear_bhb_loop+0x40/0x90 [ 226.386420][T11068] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 226.386451][T11068] RIP: 0033:0x7fa5abb9c139 [ 226.386474][T11068] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 226.386501][T11068] RSP: 002b:00007fa5acb32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 226.386530][T11068] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 226.386550][T11068] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000000000000 [ 226.386567][T11068] RBP: 00007fa5acb32090 R08: 0000000000000401 R09: 0000300000000000 [ 226.386585][T11068] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000002 [ 226.386603][T11068] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 226.386641][T11068] [ 226.420454][T11074] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 227.156768][T11115] bond0: option slaves: interface -] does not exist! [ 227.286645][T11126] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 228.417243][T11175] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 228.709647][T11188] FAULT_INJECTION: forcing a failure. [ 228.709647][T11188] name failslab, interval 1, probability 0, space 0, times 0 [ 228.734085][T11188] CPU: 1 UID: 0 PID: 11188 Comm: syz.1.572 Tainted: G L syzkaller #0 PREEMPT(full) [ 228.734132][T11188] Tainted: [L]=SOFTLOCKUP [ 228.734144][T11188] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 228.734161][T11188] Call Trace: [ 228.734171][T11188] [ 228.734182][T11188] dump_stack_lvl+0x100/0x190 [ 228.734228][T11188] should_fail_ex.cold+0x5/0xa [ 228.734264][T11188] should_failslab+0xc2/0x120 [ 228.734317][T11188] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 228.734354][T11188] ? vm_area_dup+0x27/0x8e0 [ 228.734394][T11188] vm_area_dup+0x27/0x8e0 [ 228.734431][T11188] __split_vma+0x18c/0xd90 [ 228.734472][T11188] ? __pfx___split_vma+0x10/0x10 [ 228.734521][T11188] ? __pfx_mas_prev+0x10/0x10 [ 228.734560][T11188] vms_gather_munmap_vmas+0x39f/0x1500 [ 228.734614][T11188] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 228.734654][T11188] ? mas_walk+0x6ef/0x9b0 [ 228.734710][T11188] __mmap_region+0x46e/0x2760 [ 228.734748][T11188] ? find_held_lock+0x2b/0x80 [ 228.734794][T11188] ? is_bpf_text_address+0x8a/0x1a0 [ 228.734838][T11188] ? __pfx___mmap_region+0x10/0x10 [ 228.734884][T11188] ? __kernel_text_address+0xd/0x30 [ 228.734927][T11188] ? unwind_get_return_address+0x59/0xa0 [ 228.734958][T11188] ? kvm_sched_clock_read+0x11/0x20 [ 228.735004][T11188] ? sched_clock+0x38/0x60 [ 228.735045][T11188] ? lock_acquire+0x1cf/0x380 [ 228.735080][T11188] ? find_held_lock+0x2b/0x80 [ 228.735124][T11188] ? finish_task_switch.isra.0+0x200/0xb80 [ 228.735154][T11188] ? finish_task_switch.isra.0+0x200/0xb80 [ 228.735186][T11188] ? rcu_is_watching+0x12/0xc0 [ 228.735244][T11188] ? __schedule+0x1000/0x60e0 [ 228.735354][T11188] ? rcu_is_watching+0x12/0xc0 [ 228.735397][T11188] ? cap_capable+0x107/0x460 [ 228.735438][T11188] mmap_region+0x180/0x3e0 [ 228.735486][T11188] do_mmap+0xc63/0x12f0 [ 228.735540][T11188] ? __pfx_do_mmap+0x10/0x10 [ 228.735584][T11188] ? __pfx_down_write_killable+0x10/0x10 [ 228.735626][T11188] vm_mmap_pgoff+0x29e/0x470 [ 228.735681][T11188] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 228.735728][T11188] ? find_held_lock+0x2b/0x80 [ 228.735778][T11188] ? __x64_sys_futex+0x34f/0x4d0 [ 228.735810][T11188] ? __x64_sys_futex+0x358/0x4d0 [ 228.735850][T11188] ksys_mmap_pgoff+0x7d/0x5b0 [ 228.735901][T11188] __x64_sys_mmap+0x125/0x190 [ 228.735949][T11188] do_syscall_64+0x106/0xf80 [ 228.735974][T11188] ? clear_bhb_loop+0x40/0x90 [ 228.736011][T11188] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.736040][T11188] RIP: 0033:0x7f4085b9c139 [ 228.736066][T11188] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 228.736095][T11188] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 228.736124][T11188] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 228.736143][T11188] RDX: 00004000000000df RSI: 0000000000002101 RDI: 0000000000000000 [ 228.736161][T11188] RBP: 00007f4085c327e0 R08: 0000000000000401 R09: 0000000000008000 [ 228.736179][T11188] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 228.736196][T11188] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 228.736237][T11188] [ 229.426798][T11206] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 229.682227][T11215] FAULT_INJECTION: forcing a failure. [ 229.682227][T11215] name failslab, interval 1, probability 0, space 0, times 0 [ 229.704467][T11215] CPU: 0 UID: 0 PID: 11215 Comm: syz.1.577 Tainted: G L syzkaller #0 PREEMPT(full) [ 229.704526][T11215] Tainted: [L]=SOFTLOCKUP [ 229.704536][T11215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 229.704551][T11215] Call Trace: [ 229.704560][T11215] [ 229.704570][T11215] dump_stack_lvl+0x100/0x190 [ 229.704617][T11215] should_fail_ex.cold+0x5/0xa [ 229.704660][T11215] should_failslab+0xc2/0x120 [ 229.704703][T11215] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 229.704741][T11215] ? __d_alloc+0x34/0xa80 [ 229.704794][T11215] __d_alloc+0x34/0xa80 [ 229.704842][T11215] d_alloc+0x4a/0x1e0 [ 229.704888][T11215] lookup_one_qstr_excl+0x175/0x250 [ 229.704924][T11215] start_dirop+0x59/0xb0 [ 229.704984][T11215] simple_start_creating+0xf9/0x110 [ 229.705025][T11215] ? __pfx_simple_start_creating+0x10/0x10 [ 229.705066][T11215] ? mntput+0x70/0xa0 [ 229.705103][T11215] ? simple_pin_fs+0xa3/0x190 [ 229.705140][T11215] debugfs_start_creating.part.0+0x82/0x170 [ 229.705179][T11215] __debugfs_create_file+0xb3/0x4f0 [ 229.705222][T11215] debugfs_create_file_full+0x41/0x60 [ 229.705262][T11215] ref_tracker_dir_debugfs+0x19e/0x2e0 [ 229.705303][T11215] ? __pfx_ref_tracker_dir_debugfs+0x10/0x10 [ 229.705343][T11215] ? rcu_is_watching+0x12/0xc0 [ 229.705417][T11215] ? lockdep_init_map_type+0x5c/0x250 [ 229.705457][T11215] preinit_net.part.0+0x24e/0x8f0 [ 229.705490][T11215] copy_net_ns+0x339/0x7c0 [ 229.705524][T11215] create_new_namespaces+0x3ea/0xac0 [ 229.705562][T11215] unshare_nsproxy_namespaces+0xc3/0x1f0 [ 229.705603][T11215] ksys_unshare+0x455/0xab0 [ 229.705648][T11215] ? __pfx_ksys_unshare+0x10/0x10 [ 229.705700][T11215] __x64_sys_unshare+0x31/0x40 [ 229.705733][T11215] do_syscall_64+0x106/0xf80 [ 229.705759][T11215] ? clear_bhb_loop+0x40/0x90 [ 229.705797][T11215] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 229.705827][T11215] RIP: 0033:0x7f4085b9c139 [ 229.705851][T11215] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 229.705888][T11215] RSP: 002b:00007f4086a1d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000110 [ 229.705917][T11215] RAX: ffffffffffffffda RBX: 00007f4085e16090 RCX: 00007f4085b9c139 [ 229.705935][T11215] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000080 [ 229.705953][T11215] RBP: 00007f4085c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 229.705971][T11215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 229.705988][T11215] R13: 00007f4085e16128 R14: 00007f4085e16090 R15: 00007fff6e140698 [ 229.706027][T11215] [ 229.969167][T11217] bond0: option slaves: interface -] does not exist! [ 230.015010][T11214] netlink: 'syz.1.577': attribute type 1 has an invalid length. [ 231.548484][T11365] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 231.947642][T11379] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 232.446787][T11386] FAULT_INJECTION: forcing a failure. [ 232.446787][T11386] name failslab, interval 1, probability 0, space 0, times 0 [ 232.459805][T11386] CPU: 0 UID: 0 PID: 11386 Comm: syz.1.586 Tainted: G L syzkaller #0 PREEMPT(full) [ 232.459853][T11386] Tainted: [L]=SOFTLOCKUP [ 232.459864][T11386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 232.459882][T11386] Call Trace: [ 232.459893][T11386] [ 232.459905][T11386] dump_stack_lvl+0x100/0x190 [ 232.459957][T11386] should_fail_ex.cold+0x5/0xa [ 232.459994][T11386] should_failslab+0xc2/0x120 [ 232.460042][T11386] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 232.460082][T11386] ? anon_vma_clone+0x2bd/0xc70 [ 232.460122][T11386] anon_vma_clone+0x2bd/0xc70 [ 232.460167][T11386] __split_vma+0x51f/0xd90 [ 232.460209][T11386] ? __pfx___split_vma+0x10/0x10 [ 232.460255][T11386] ? __pfx_mas_prev+0x10/0x10 [ 232.460298][T11386] vms_gather_munmap_vmas+0x39f/0x1500 [ 232.460336][T11386] ? __print_lock_name+0x29/0x80 [ 232.460394][T11386] ? __pfx_vms_gather_munmap_vmas+0x10/0x10 [ 232.460441][T11386] ? mas_walk+0x6ef/0x9b0 [ 232.460502][T11386] __mmap_region+0x46e/0x2760 [ 232.460568][T11386] ? __pfx___mmap_region+0x10/0x10 [ 232.460623][T11386] ? lock_acquire+0x1cf/0x380 [ 232.460658][T11386] ? find_held_lock+0x2b/0x80 [ 232.460706][T11386] ? finish_task_switch.isra.0+0x200/0xb80 [ 232.460738][T11386] ? finish_task_switch.isra.0+0x200/0xb80 [ 232.460772][T11386] ? rcu_is_watching+0x12/0xc0 [ 232.460818][T11386] ? finish_task_switch.isra.0+0x205/0xb80 [ 232.460850][T11386] ? lockdep_hardirqs_on+0x78/0x100 [ 232.460899][T11386] ? finish_task_switch.isra.0+0x205/0xb80 [ 232.461010][T11386] ? rcu_is_watching+0x12/0xc0 [ 232.461053][T11386] ? cap_capable+0x107/0x460 [ 232.461096][T11386] mmap_region+0x180/0x3e0 [ 232.461144][T11386] do_mmap+0xc63/0x12f0 [ 232.461200][T11386] ? __pfx_do_mmap+0x10/0x10 [ 232.461249][T11386] ? __pfx_down_write_killable+0x10/0x10 [ 232.461293][T11386] vm_mmap_pgoff+0x29e/0x470 [ 232.461351][T11386] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 232.461411][T11386] ? __x64_sys_futex+0x34f/0x4d0 [ 232.461445][T11386] ? __x64_sys_futex+0x358/0x4d0 [ 232.461487][T11386] ksys_mmap_pgoff+0x7d/0x5b0 [ 232.461552][T11386] __x64_sys_mmap+0x125/0x190 [ 232.461603][T11386] do_syscall_64+0x106/0xf80 [ 232.461630][T11386] ? clear_bhb_loop+0x40/0x90 [ 232.461667][T11386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 232.461699][T11386] RIP: 0033:0x7f4085b9c139 [ 232.461725][T11386] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 232.461754][T11386] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 232.461783][T11386] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 232.461803][T11386] RDX: 00004000000000df RSI: 0000000000020009 RDI: 0000000000000000 [ 232.461821][T11386] RBP: 00007f4085c327e0 R08: 0000000000000401 R09: 0000000000008000 [ 232.461840][T11386] R10: 0000000000000eb1 R11: 0000000000000246 R12: 0000000000000000 [ 232.461858][T11386] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 232.461900][T11386] [ 233.255464][T11415] FAULT_INJECTION: forcing a failure. [ 233.255464][T11415] name failslab, interval 1, probability 0, space 0, times 0 [ 233.325813][T11415] CPU: 0 UID: 0 PID: 11415 Comm: syz.0.590 Tainted: G L syzkaller #0 PREEMPT(full) [ 233.325864][T11415] Tainted: [L]=SOFTLOCKUP [ 233.325875][T11415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 233.325893][T11415] Call Trace: [ 233.325904][T11415] [ 233.325916][T11415] dump_stack_lvl+0x100/0x190 [ 233.325966][T11415] should_fail_ex.cold+0x5/0xa [ 233.325999][T11415] should_failslab+0xc2/0x120 [ 233.326045][T11415] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 233.326083][T11415] ? __d_alloc+0x34/0xa80 [ 233.326127][T11415] ? lockdep_init_map_type+0x5c/0x250 [ 233.326170][T11415] __d_alloc+0x34/0xa80 [ 233.326217][T11415] d_alloc_pseudo+0x1c/0xc0 [ 233.326253][T11415] alloc_file_pseudo+0xcf/0x230 [ 233.326298][T11415] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 233.326333][T11415] ? alloc_fd+0x476/0x790 [ 233.326384][T11415] sock_alloc_file+0x50/0x210 [ 233.326418][T11415] __sys_socket+0x1c0/0x260 [ 233.326465][T11415] ? __pfx___sys_socket+0x10/0x10 [ 233.326517][T11415] __x64_sys_socket+0x72/0xb0 [ 233.326553][T11415] ? lockdep_hardirqs_on+0x78/0x100 [ 233.326604][T11415] do_syscall_64+0x106/0xf80 [ 233.326632][T11415] ? clear_bhb_loop+0x40/0x90 [ 233.326670][T11415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 233.326702][T11415] RIP: 0033:0x7fa5abb9c139 [ 233.326728][T11415] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 233.326757][T11415] RSP: 002b:00007fa5acb32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 233.326786][T11415] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 233.326805][T11415] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000018 [ 233.326824][T11415] RBP: 00007fa5abc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 233.326843][T11415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 233.326862][T11415] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 233.326904][T11415] [ 234.233202][T11449] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 234.328797][T11458] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 234.675398][T11472] __vm_enough_memory: pid: 11472, comm: syz.0.597, bytes: 4398046511104 not enough memory for the allocation [ 234.886472][T11472] FAULT_INJECTION: forcing a failure. [ 234.886472][T11472] name failslab, interval 1, probability 0, space 0, times 0 [ 234.902850][T11472] CPU: 0 UID: 0 PID: 11472 Comm: syz.0.597 Tainted: G L syzkaller #0 PREEMPT(full) [ 234.902891][T11472] Tainted: [L]=SOFTLOCKUP [ 234.902897][T11472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 234.902908][T11472] Call Trace: [ 234.902915][T11472] [ 234.902922][T11472] dump_stack_lvl+0x100/0x190 [ 234.902953][T11472] should_fail_ex.cold+0x5/0xa [ 234.902974][T11472] should_failslab+0xc2/0x120 [ 234.903003][T11472] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 234.903026][T11472] ? ptlock_alloc+0x1f/0x70 [ 234.903051][T11472] ? __pfx_filemap_map_pages+0x10/0x10 [ 234.903073][T11472] ptlock_alloc+0x1f/0x70 [ 234.903093][T11472] pte_alloc_one+0x84/0x3e0 [ 234.903114][T11472] __do_fault+0x359/0x550 [ 234.903141][T11472] ? __pfx_filemap_map_pages+0x10/0x10 [ 234.903163][T11472] do_fault+0x2db/0x1a00 [ 234.903179][T11472] ? __pmd_alloc+0x6aa/0x9c0 [ 234.903198][T11472] __handle_mm_fault+0x180f/0x2b60 [ 234.903222][T11472] ? mt_find+0x45e/0x8e0 [ 234.903243][T11472] ? __pfx___handle_mm_fault+0x10/0x10 [ 234.903262][T11472] ? __pfx_mt_find+0x10/0x10 [ 234.903294][T11472] ? find_vma+0xbf/0x140 [ 234.903319][T11472] ? __pfx_find_vma+0x10/0x10 [ 234.903348][T11472] handle_mm_fault+0x36d/0xa20 [ 234.903373][T11472] do_user_addr_fault+0x74c/0x12f0 [ 234.903410][T11472] exc_page_fault+0x6f/0xd0 [ 234.903439][T11472] asm_exc_page_fault+0x26/0x30 [ 234.903457][T11472] RIP: 0010:__put_user_4+0xd/0x20 [ 234.903486][T11472] Code: 66 89 01 31 c9 0f 01 ca e9 80 d0 03 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca e9 57 d0 03 00 0f 1f 80 00 00 00 00 90 90 90 [ 234.903503][T11472] RSP: 0018:ffffc9000c75fc88 EFLAGS: 00050246 [ 234.903519][T11472] RAX: 000000000000025a RBX: 0000000000000000 RCX: 0000000000000000 [ 234.903530][T11472] RDX: 1ffff920018ebfbf RSI: ffffffff8255c091 RDI: ffffc9000c75fdf8 [ 234.903541][T11472] RBP: ffff888053659e40 R08: 0000000000000001 R09: 00000000000001c5 [ 234.903552][T11472] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000002360400 [ 234.903563][T11472] R13: 1ffff920018ebf96 R14: ffff88802a1a6000 R15: 0000000000000000 [ 234.903580][T11472] ? __might_fault+0x111/0x140 [ 234.903605][T11472] kernel_clone+0x6b1/0x9a0 [ 234.903628][T11472] ? __pfx_kernel_clone+0x10/0x10 [ 234.903674][T11472] __do_sys_clone+0xd9/0x120 [ 234.903695][T11472] ? __pfx___do_sys_clone+0x10/0x10 [ 234.903734][T11472] do_syscall_64+0x106/0xf80 [ 234.903751][T11472] ? clear_bhb_loop+0x40/0x90 [ 234.903773][T11472] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.903792][T11472] RIP: 0033:0x7fa5abb9c139 [ 234.903808][T11472] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 234.903824][T11472] RSP: 002b:00007fa5acb31fd8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038 [ 234.903840][T11472] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 234.903851][T11472] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000002360411 [ 234.903862][T11472] RBP: 00007fa5abc327e0 R08: 0000000000000000 R09: 0000000000000000 [ 234.903874][T11472] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000 [ 234.903889][T11472] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 234.903925][T11472] [ 236.881910][T11517] FAULT_INJECTION: forcing a failure. [ 236.881910][T11517] name failslab, interval 1, probability 0, space 0, times 0 [ 236.913534][T11517] CPU: 1 UID: 0 PID: 11517 Comm: syz.2.600 Tainted: G L syzkaller #0 PREEMPT(full) [ 236.913597][T11517] Tainted: [L]=SOFTLOCKUP [ 236.913608][T11517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 236.913625][T11517] Call Trace: [ 236.913636][T11517] [ 236.913648][T11517] dump_stack_lvl+0x100/0x190 [ 236.913694][T11517] should_fail_ex.cold+0x5/0xa [ 236.913727][T11517] ? ima_write_template_field_data+0x59/0x1d0 [ 236.913773][T11517] should_failslab+0xc2/0x120 [ 236.913833][T11517] __kmalloc_noprof+0xe0/0x850 [ 236.913878][T11517] ? do_syscall_64+0x106/0xf80 [ 236.913907][T11517] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.913945][T11517] ima_write_template_field_data+0x59/0x1d0 [ 236.913999][T11517] ima_eventdigest_init_common+0x158/0x460 [ 236.914050][T11517] ? __pfx_ima_eventdigest_init_common+0x10/0x10 [ 236.914122][T11517] ? trace_kmalloc+0xf0/0x130 [ 236.914167][T11517] ? __kasan_kmalloc+0xaa/0xb0 [ 236.914208][T11517] ? __kmalloc_noprof+0x320/0x850 [ 236.914248][T11517] ? take_dentry_name_snapshot+0x30b/0x7c0 [ 236.914288][T11517] ima_alloc_init_template+0x399/0x6d0 [ 236.914337][T11517] ima_store_measurement+0x1e3/0x5b0 [ 236.914377][T11517] ? __pfx_ima_store_measurement+0x10/0x10 [ 236.914432][T11517] ? __pfx_ima_get_hash_algo+0x10/0x10 [ 236.914471][T11517] process_measurement+0x19cc/0x2350 [ 236.914520][T11517] ? __pfx_process_measurement+0x10/0x10 [ 236.914551][T11517] ? kasan_save_stack+0x3f/0x50 [ 236.914596][T11517] ? kasan_save_track+0x14/0x30 [ 236.914646][T11517] ? find_held_lock+0x2b/0x80 [ 236.914693][T11517] ? aa_file_perm+0x268/0x1530 [ 236.914787][T11517] ima_file_mmap+0x1c4/0x1f0 [ 236.914823][T11517] ? __pfx_ima_file_mmap+0x10/0x10 [ 236.914868][T11517] security_mmap_file+0x278/0x9b0 [ 236.914916][T11517] vm_mmap_pgoff+0xec/0x470 [ 236.914970][T11517] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 236.915016][T11517] ? __pfx_alloc_file_pseudo+0x10/0x10 [ 236.915052][T11517] ? hugetlbfs_get_inode+0x36e/0x750 [ 236.915106][T11517] ksys_mmap_pgoff+0x1c4/0x5b0 [ 236.915155][T11517] __x64_sys_mmap+0x125/0x190 [ 236.915199][T11517] do_syscall_64+0x106/0xf80 [ 236.915224][T11517] ? clear_bhb_loop+0x40/0x90 [ 236.915258][T11517] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.915287][T11517] RIP: 0033:0x7fafd4d9c139 [ 236.915314][T11517] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 236.915342][T11517] RSP: 002b:00007fafd5ba1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 236.915378][T11517] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 236.915396][T11517] RDX: 00004000000000df RSI: 0000000000000004 RDI: 0000000020000000 [ 236.915414][T11517] RBP: 00007fafd4e327e0 R08: 0000000000000401 R09: 0000300000000000 [ 236.915433][T11517] R10: 0000000000040eb1 R11: 0000000000000246 R12: 0000000000000000 [ 236.915451][T11517] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 236.915492][T11517] [ 237.544815][ T30] audit: type=1804 audit(6066341183.083:6): pid=11517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=add_template_measure cause=ENOMEM comm="syz.2.600" name="anon_hugepage" dev="hugetlbfs" ino=21982 res=0 errno=0 [ 237.938244][T11543] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 238.015813][T11550] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 241.272515][T11661] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 241.413460][T11660] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 243.950455][T11746] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 244.192817][T11754] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 245.196315][ T5829] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 245.206519][ T5829] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 245.219704][ T5829] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 245.228196][ T5829] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 245.236597][ T5829] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 245.941820][T11798] chnl_net:caif_netlink_parms(): no params data found [ 246.296865][T11798] bridge0: port 1(bridge_slave_0) entered blocking state [ 246.304242][T11798] bridge0: port 1(bridge_slave_0) entered disabled state [ 246.312202][T11798] bridge_slave_0: entered allmulticast mode [ 246.336828][T11798] bridge_slave_0: entered promiscuous mode [ 246.357200][T11798] bridge0: port 2(bridge_slave_1) entered blocking state [ 246.364466][T11798] bridge0: port 2(bridge_slave_1) entered disabled state [ 246.387664][T11798] bridge_slave_1: entered allmulticast mode [ 246.405725][T11937] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 246.412204][T11798] bridge_slave_1: entered promiscuous mode [ 246.537236][T11798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 246.558530][T11798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 246.666742][T11798] team0: Port device team_slave_0 added [ 246.698205][T11798] team0: Port device team_slave_1 added [ 246.725724][T11980] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 246.825087][T11798] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 246.839825][T11798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 246.871667][T11798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 246.889205][T11798] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 246.896677][T11798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 246.941468][T11798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 247.180941][T11798] hsr_slave_0: entered promiscuous mode [ 247.191140][T11798] hsr_slave_1: entered promiscuous mode [ 247.198775][T11798] debugfs: 'hsr0' already exists in 'hsr' [ 247.205420][T11798] Cannot create hsr debugfs directory [ 247.335989][ T5822] Bluetooth: hci4: command tx timeout [ 248.141804][T11798] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 248.207189][T11798] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 248.259524][T11798] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 248.328528][T11798] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 248.590853][T11798] 8021q: adding VLAN 0 to HW filter on device bond0 [ 248.644406][T11798] 8021q: adding VLAN 0 to HW filter on device team0 [ 248.670481][ T36] bridge0: port 1(bridge_slave_0) entered blocking state [ 248.677789][ T36] bridge0: port 1(bridge_slave_0) entered forwarding state [ 248.725289][ T36] bridge0: port 2(bridge_slave_1) entered blocking state [ 248.732555][ T36] bridge0: port 2(bridge_slave_1) entered forwarding state [ 249.016569][T12172] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 249.158573][T12181] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 249.335724][T12191] FAULT_INJECTION: forcing a failure. [ 249.335724][T12191] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 249.414673][ T5822] Bluetooth: hci4: command tx timeout [ 249.444695][T12191] CPU: 1 UID: 0 PID: 12191 Comm: syz.1.650 Tainted: G L syzkaller #0 PREEMPT(full) [ 249.444744][T12191] Tainted: [L]=SOFTLOCKUP [ 249.444754][T12191] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 249.444771][T12191] Call Trace: [ 249.444782][T12191] [ 249.444793][T12191] dump_stack_lvl+0x100/0x190 [ 249.444842][T12191] should_fail_ex.cold+0x5/0xa [ 249.444877][T12191] _copy_to_iter+0x1f3/0x1720 [ 249.444926][T12191] ? __pfx__copy_to_iter+0x10/0x10 [ 249.444965][T12191] ? kernfs_seq_stop+0xcd/0x120 [ 249.445016][T12191] ? kernfs_put_active+0x93/0xe0 [ 249.445069][T12191] seq_read_iter+0xdab/0x1270 [ 249.445152][T12191] kernfs_fop_read_iter+0x46c/0x610 [ 249.445195][T12191] ? rw_verify_area+0xce/0x6d0 [ 249.445227][T12191] ? __pfx_kernfs_fop_read_iter+0x10/0x10 [ 249.445270][T12191] vfs_read+0x825/0xb30 [ 249.445309][T12191] ? __pfx_vfs_read+0x10/0x10 [ 249.445368][T12191] ksys_read+0x12a/0x250 [ 249.445405][T12191] ? __pfx_ksys_read+0x10/0x10 [ 249.445452][T12191] do_syscall_64+0x106/0xf80 [ 249.445477][T12191] ? clear_bhb_loop+0x40/0x90 [ 249.445511][T12191] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 249.445547][T12191] RIP: 0033:0x7f4085b9c139 [ 249.445570][T12191] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 249.445596][T12191] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 249.445622][T12191] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 249.445641][T12191] RDX: 0000000000000fff RSI: 0000200000001180 RDI: 0000000000000003 [ 249.445657][T12191] RBP: 00007f4086a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 249.445673][T12191] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 249.445687][T12191] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 249.445726][T12191] [ 249.777656][T11798] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 250.189597][T12212] capability: warning: `syz.1.653' uses 32-bit capabilities (legacy support in use) [ 250.989053][T11798] veth0_vlan: entered promiscuous mode [ 251.039822][T11798] veth1_vlan: entered promiscuous mode [ 251.435472][T11798] veth0_macvtap: entered promiscuous mode [ 251.506655][ T5822] Bluetooth: hci4: command tx timeout [ 251.517430][T12308] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 251.527262][T11798] veth1_macvtap: entered promiscuous mode [ 251.590065][T11798] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 251.662536][T11798] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 251.716675][ T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.740339][ T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.773580][ T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.804364][ T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 251.872349][T12321] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 252.409208][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 252.436536][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 252.526431][ T9047] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 252.534384][ T9047] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 253.061396][T12350] [U]  [ 253.064475][T12350] [U] [ 253.067226][T12350] [U] [ 253.069961][T12350] [U] [ 253.088841][T12350] [U] [ 253.091625][T12350] [U] [ 253.094462][T12350] [U] [ 253.097219][T12350] [U] [ 253.099393][T12390] FAULT_INJECTION: forcing a failure. [ 253.099393][T12390] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 253.107085][T12350] [U] [ 253.117068][T12350] [U] [ 253.117124][T12350] [U] [ 253.117195][T12350] [U] [ 253.122405][T12350] [U] [ 253.122463][T12350] [U] [ 253.122512][T12350] [U] [ 253.122556][T12350] [U] [ 253.122778][T12350] [U] [ 253.122825][T12350] [U] [ 253.122877][T12350] [U] [ 253.122923][T12350] [U] [ 253.123396][T12350] [U] [ 253.123447][T12350] [U] [ 253.123495][T12350] [U] [ 253.123541][T12350] [U] [ 253.123750][T12350] [U] [ 253.123789][T12350] [U] [ 253.123828][T12350] [U] [ 253.136936][T12390] CPU: 0 UID: 0 PID: 12390 Comm: syz.4.665 Tainted: G L syzkaller #0 PREEMPT(full) [ 253.136978][T12390] Tainted: [L]=SOFTLOCKUP [ 253.136987][T12390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 253.137002][T12390] Call Trace: [ 253.137011][T12390] [ 253.137021][T12390] dump_stack_lvl+0x100/0x190 [ 253.137065][T12390] should_fail_ex.cold+0x5/0xa [ 253.137096][T12390] _copy_from_user+0x2e/0xd0 [ 253.137151][T12390] input_event_from_user+0xb9/0x290 [ 253.137183][T12390] ? __pfx_input_event_from_user+0x10/0x10 [ 253.137211][T12390] ? __pfx___might_resched+0x10/0x10 [ 253.137247][T12390] ? input_inject_event+0x1c9/0x3b0 [ 253.137281][T12390] evdev_write+0x27a/0x430 [ 253.137313][T12390] ? __pfx_evdev_write+0x10/0x10 [ 253.137343][T12390] ? bpf_lsm_file_permission+0x9/0x10 [ 253.137376][T12390] ? security_file_permission+0x76/0x210 [ 253.137418][T12390] ? rw_verify_area+0xce/0x6d0 [ 253.137454][T12390] vfs_write+0x2aa/0x1070 [ 253.137488][T12390] ? __pfx_evdev_write+0x10/0x10 [ 253.137526][T12390] ? __pfx_vfs_write+0x10/0x10 [ 253.137556][T12390] ? find_held_lock+0x2b/0x80 [ 253.137593][T12390] ? __fget_files+0x215/0x3d0 [ 253.137625][T12390] ? __fget_files+0x215/0x3d0 [ 253.137665][T12390] ? __fget_files+0x21f/0x3d0 [ 253.137709][T12390] ksys_write+0x1f8/0x250 [ 253.137743][T12390] ? __pfx_ksys_write+0x10/0x10 [ 253.137787][T12390] do_syscall_64+0x106/0xf80 [ 253.137812][T12390] ? clear_bhb_loop+0x40/0x90 [ 253.137843][T12390] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 253.137869][T12390] RIP: 0033:0x7f81fa59c139 [ 253.137891][T12390] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 253.137915][T12390] RSP: 002b:00007f81fb390028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 253.137941][T12390] RAX: ffffffffffffffda RBX: 00007f81fa815fa0 RCX: 00007f81fa59c139 [ 253.137957][T12390] RDX: 0000000000010001 RSI: 0000200000000040 RDI: 0000000000000003 [ 253.137973][T12390] RBP: 00007f81fb390090 R08: 0000000000000000 R09: 0000000000000000 [ 253.137988][T12390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 253.138003][T12390] R13: 00007f81fa816038 R14: 00007f81fa815fa0 R15: 00007fff676fe5b8 [ 253.138038][T12390] [ 253.397944][T12350] [U] [ 253.423239][T12350] [U] [ 253.426025][T12350] [U] [ 253.428766][T12350] [U] [ 253.431504][T12350] [U] [ 253.477278][T12350] [U] [ 253.584965][ T5822] Bluetooth: hci4: command tx timeout [ 253.779727][T12399] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 253.951090][T12408] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 254.508023][T12432] Invalid input. Must be >= 4608 [ 255.366695][ T30] audit: type=1800 audit(6066341200.913:7): pid=12470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.678" name="SYSV00000008" dev="tmpfs" ino=0 res=0 errno=0 [ 255.488812][T12488] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 255.642066][T12492] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 256.075180][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.081564][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 258.566656][T12621] FAULT_INJECTION: forcing a failure. [ 258.566656][T12621] name failslab, interval 1, probability 0, space 0, times 0 [ 258.594373][T12621] CPU: 0 UID: 0 PID: 12621 Comm: syz.2.697 Tainted: G L syzkaller #0 PREEMPT(full) [ 258.594420][T12621] Tainted: [L]=SOFTLOCKUP [ 258.594430][T12621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 258.594446][T12621] Call Trace: [ 258.594458][T12621] [ 258.594469][T12621] dump_stack_lvl+0x100/0x190 [ 258.594520][T12621] should_fail_ex.cold+0x5/0xa [ 258.594562][T12621] should_failslab+0xc2/0x120 [ 258.594602][T12621] kmem_cache_alloc_lru_noprof+0x80/0x6e0 [ 258.594636][T12621] ? alloc_inode+0x183/0x250 [ 258.594671][T12621] alloc_inode+0x183/0x250 [ 258.594700][T12621] alloc_anon_inode+0x2a/0x3e0 [ 258.594741][T12621] anon_inode_make_secure_inode+0x2f/0x140 [ 258.594788][T12621] __anon_inode_getfile+0x1cf/0x280 [ 258.594827][T12621] ? _copy_to_user+0xaf/0xd0 [ 258.594864][T12621] io_uring_setup.cold+0x19e3/0x1d09 [ 258.594906][T12621] ? __pfx_io_uring_setup+0x10/0x10 [ 258.594968][T12621] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 258.595009][T12621] ? fput+0x79/0x100 [ 258.595034][T12621] ? ksys_write+0x1ac/0x250 [ 258.595068][T12621] ? __pfx_ksys_write+0x10/0x10 [ 258.595108][T12621] __x64_sys_io_uring_setup+0xc2/0x170 [ 258.595150][T12621] do_syscall_64+0x106/0xf80 [ 258.595173][T12621] ? clear_bhb_loop+0x40/0x90 [ 258.595205][T12621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 258.595232][T12621] RIP: 0033:0x7fafd4d9c139 [ 258.595256][T12621] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 258.595280][T12621] RSP: 002b:00007fafd5ba1028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a9 [ 258.595306][T12621] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 258.595323][T12621] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 258.595337][T12621] RBP: 00007fafd5ba1090 R08: 0000000000000000 R09: 0000000000000000 [ 258.595354][T12621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 258.595370][T12621] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 258.595407][T12621] [ 259.658081][ T5822] Bluetooth: hci0: unexpected event 0x1c length: 725 > 5 [ 260.608202][T12696] netlink: 4 bytes leftover after parsing attributes in process `syz.2.707'. [ 263.582438][T12879] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 263.825463][T12890] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 265.455814][T12965] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 265.674141][T12969] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 266.914102][T13011] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 267.435940][T13047] NOTICE: Automounting of tracing to debugfs is deprecated and will be removed in 2030 [ 267.463092][T13008] FAULT_INJECTION: forcing a failure. [ 267.463092][T13008] name fail_futex, interval 1, probability 0, space 0, times 0 [ 267.477576][T13043] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 267.498105][T13008] CPU: 0 UID: 0 PID: 13008 Comm: syz.0.744 Tainted: G L syzkaller #0 PREEMPT(full) [ 267.498153][T13008] Tainted: [L]=SOFTLOCKUP [ 267.498164][T13008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 267.498182][T13008] Call Trace: [ 267.498191][T13008] [ 267.498202][T13008] dump_stack_lvl+0x100/0x190 [ 267.498246][T13008] should_fail_ex.cold+0x5/0xa [ 267.498279][T13008] get_futex_key+0x1d2/0x1620 [ 267.498316][T13008] ? __pfx_get_futex_key+0x10/0x10 [ 267.498346][T13008] ? do_mremap+0xa96/0x2130 [ 267.498393][T13008] futex_wake+0xea/0x530 [ 267.498437][T13008] ? __pfx_futex_wake+0x10/0x10 [ 267.498483][T13008] ? ksys_write+0x190/0x250 [ 267.498532][T13008] do_futex+0x32b/0x350 [ 267.498573][T13008] ? __pfx_do_futex+0x10/0x10 [ 267.498604][T13008] ? __pfx___do_sys_mremap+0x10/0x10 [ 267.498638][T13008] __x64_sys_futex+0x34f/0x4d0 [ 267.498662][T13008] ? __pfx___x64_sys_futex+0x10/0x10 [ 267.498691][T13008] do_syscall_64+0x106/0xf80 [ 267.498709][T13008] ? clear_bhb_loop+0x40/0x90 [ 267.498731][T13008] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 267.498750][T13008] RIP: 0033:0x7fa5abb9c139 [ 267.498767][T13008] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 267.498785][T13008] RSP: 002b:00007fa5acb320e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 267.498805][T13008] RAX: ffffffffffffffda RBX: 00007fa5abe15fa8 RCX: 00007fa5abb9c139 [ 267.498817][T13008] RDX: 00000000000f4240 RSI: 0000000000000081 RDI: 00007fa5abe15fac [ 267.498828][T13008] RBP: 00007fa5abe15fa0 R08: 0000000000000000 R09: 0000000000000000 [ 267.498839][T13008] R10: 0000000100000000 R11: 0000000000000246 R12: 0000000000000000 [ 267.498850][T13008] R13: 00007fa5abe16038 R14: 00007ffcd5a17030 R15: 00007ffcd5a17118 [ 267.498874][T13008] [ 269.004567][T13095] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 269.212852][T13102] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 269.378237][T13107] bond0: option slaves: interface -] does not exist! [ 269.831124][T13126] FAULT_INJECTION: forcing a failure. [ 269.831124][T13126] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 269.953217][T13126] CPU: 0 UID: 0 PID: 13126 Comm: syz.2.759 Tainted: G L syzkaller #0 PREEMPT(full) [ 269.953275][T13126] Tainted: [L]=SOFTLOCKUP [ 269.953286][T13126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 269.953303][T13126] Call Trace: [ 269.953313][T13126] [ 269.953324][T13126] dump_stack_lvl+0x100/0x190 [ 269.953373][T13126] should_fail_ex.cold+0x5/0xa [ 269.953409][T13126] _copy_from_iter+0x1f4/0x1690 [ 269.953456][T13126] ? __asan_memset+0x23/0x50 [ 269.953494][T13126] ? __pfx__copy_from_iter+0x10/0x10 [ 269.953533][T13126] ? __pfx___alloc_skb+0x10/0x10 [ 269.953594][T13126] netlink_sendmsg+0x808/0xda0 [ 269.953634][T13126] ? __pfx_netlink_sendmsg+0x10/0x10 [ 269.953672][T13126] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 269.953713][T13126] sock_write_iter+0x566/0x610 [ 269.953751][T13126] ? __pfx_sock_write_iter+0x10/0x10 [ 269.953802][T13126] ? bpf_lsm_file_permission+0x9/0x10 [ 269.953842][T13126] ? security_file_permission+0x76/0x210 [ 269.953893][T13126] ? rw_verify_area+0xce/0x6d0 [ 269.953934][T13126] vfs_write+0x6ac/0x1070 [ 269.953976][T13126] ? __pfx_sock_write_iter+0x10/0x10 [ 269.954015][T13126] ? __pfx_vfs_write+0x10/0x10 [ 269.954058][T13126] ? __pfx_do_sys_openat2+0x10/0x10 [ 269.954110][T13126] ksys_write+0x1f8/0x250 [ 269.954152][T13126] ? __pfx_ksys_write+0x10/0x10 [ 269.954204][T13126] do_syscall_64+0x106/0xf80 [ 269.954234][T13126] ? clear_bhb_loop+0x40/0x90 [ 269.954280][T13126] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 269.954311][T13126] RIP: 0033:0x7fafd4d9c139 [ 269.954337][T13126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 269.954364][T13126] RSP: 002b:00007fafd2fb4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 269.954393][T13126] RAX: ffffffffffffffda RBX: 00007fafd5016360 RCX: 00007fafd4d9c139 [ 269.954413][T13126] RDX: 0000000000000005 RSI: 0000000000000000 RDI: 0000000000000002 [ 269.954430][T13126] RBP: 00007fafd2fb4090 R08: 0000000000000000 R09: 0000000000000000 [ 269.954446][T13126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 269.954464][T13126] R13: 00007fafd50163f8 R14: 00007fafd5016360 R15: 00007fff41b40f98 [ 269.954500][T13126] [ 271.799774][T13230] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 273.168535][T13287] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 273.550672][T13316] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 274.985570][T13388] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 275.279039][T13399] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 276.113346][T13454] zswap: compressor not available [ 276.657609][T13492] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 277.003351][T13504] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 278.218680][T13572] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 278.729054][T13582] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 279.214457][T13617] netlink: 346 bytes leftover after parsing attributes in process `syz.1.813'. [ 279.227247][T13620] netlink: 186 bytes leftover after parsing attributes in process `syz.4.814'. [ 280.138329][T13643] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 281.351372][T13703] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 282.078877][T13744] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 283.248189][T13790] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 283.574014][T13803] FAULT_INJECTION: forcing a failure. [ 283.574014][T13803] name failslab, interval 1, probability 0, space 0, times 0 [ 283.624202][T13803] CPU: 1 UID: 0 PID: 13803 Comm: syz.4.836 Tainted: G L syzkaller #0 PREEMPT(full) [ 283.624258][T13803] Tainted: [L]=SOFTLOCKUP [ 283.624269][T13803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 283.624285][T13803] Call Trace: [ 283.624294][T13803] [ 283.624305][T13803] dump_stack_lvl+0x100/0x190 [ 283.624354][T13803] should_fail_ex.cold+0x5/0xa [ 283.624389][T13803] should_failslab+0xc2/0x120 [ 283.624433][T13803] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 283.624470][T13803] ? vm_area_alloc+0x1f/0x160 [ 283.624504][T13803] ? vma_merge_new_range+0x38b/0xa30 [ 283.624536][T13803] ? __pfx___sanitizer_cov_trace_const_cmp8+0x10/0x10 [ 283.624585][T13803] vm_area_alloc+0x1f/0x160 [ 283.624618][T13803] __mmap_region+0x1027/0x2760 [ 283.624654][T13803] ? __lock_acquire+0x4a5/0x2630 [ 283.624691][T13803] ? __pfx___mmap_region+0x10/0x10 [ 283.624757][T13803] ? is_bpf_text_address+0x8a/0x1a0 [ 283.624797][T13803] ? bpf_ksym_find+0x124/0x1c0 [ 283.624845][T13803] ? __lock_acquire+0x4a5/0x2630 [ 283.624946][T13803] mmap_region+0x180/0x3e0 [ 283.624991][T13803] do_mmap+0xc63/0x12f0 [ 283.625044][T13803] ? __pfx_do_mmap+0x10/0x10 [ 283.625085][T13803] ? __pfx_down_write_killable+0x10/0x10 [ 283.625123][T13803] vm_mmap_pgoff+0x29e/0x470 [ 283.625173][T13803] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 283.625222][T13803] ? __fget_files+0x21f/0x3d0 [ 283.625282][T13803] ksys_mmap_pgoff+0x7d/0x5b0 [ 283.625322][T13803] ? __pfx_ksys_write+0x10/0x10 [ 283.625363][T13803] __x64_sys_mmap+0x125/0x190 [ 283.625410][T13803] do_syscall_64+0x106/0xf80 [ 283.625435][T13803] ? clear_bhb_loop+0x40/0x90 [ 283.625471][T13803] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 283.625498][T13803] RIP: 0033:0x7f81fa59c139 [ 283.625522][T13803] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 283.625549][T13803] RSP: 002b:00007f81fb390028 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 283.625576][T13803] RAX: ffffffffffffffda RBX: 00007f81fa815fa0 RCX: 00007f81fa59c139 [ 283.625596][T13803] RDX: 00000000000000df RSI: 0000000000000008 RDI: 0000000000200000 [ 283.625613][T13803] RBP: 00007f81fb390090 R08: 0000000000000002 R09: 0000000000008000 [ 283.625630][T13803] R10: 0000000000029b72 R11: 0000000000000246 R12: 0000000000000001 [ 283.625647][T13803] R13: 00007f81fa816038 R14: 00007f81fa815fa0 R15: 00007fff676fe5b8 [ 283.625687][T13803] [ 283.980584][T13814] netlink: 28 bytes leftover after parsing attributes in process `syz.2.838'. [ 284.126673][T13814] bond0: (slave bond_slave_0): Releasing backup interface [ 284.597378][T13839] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 285.166534][T13870] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 286.367812][T13923] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 286.922603][T13939] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 288.220400][T13986] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 288.723522][T14036] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 290.052556][T14053] can: request_module (can-proto-0) failed. [ 290.358654][T14091] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 290.609649][T14106] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 290.731044][T14113] vivid-007: ================= START STATUS ================= [ 290.739208][T14113] vivid-007: Generate PTS: true [ 290.757327][T14113] vivid-007: Generate SCR: true [ 290.762365][T14113] tpg source WxH: 320x240 (Y'CbCr) [ 290.768232][T14113] tpg field: 1 [ 290.771696][T14113] tpg crop: (0,0)/320x240 [ 290.788418][T14113] tpg compose: (0,0)/320x240 [ 290.803827][T14113] tpg colorspace: 8 [ 290.809935][T14113] tpg transfer function: 0/0 [ 290.818503][T14113] tpg Y'CbCr encoding: 0/0 [ 290.823473][T14113] tpg quantization: 0/0 [ 290.833589][T14113] tpg RGB range: 0/2 [ 290.838232][T14113] vivid-007: ================== END STATUS ================== [ 291.030631][T14127] bond0: option slaves: interface -] does not exist! [ 292.345093][T14182] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 292.976053][T14212] Invalid ELF header magic: != ELF [ 294.004357][T14261] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 294.057753][T14243] FAULT_INJECTION: forcing a failure. [ 294.057753][T14243] name failslab, interval 1, probability 0, space 0, times 0 [ 294.133873][T14243] CPU: 0 UID: 0 PID: 14243 Comm: syz.2.895 Tainted: G L syzkaller #0 PREEMPT(full) [ 294.133921][T14243] Tainted: [L]=SOFTLOCKUP [ 294.133931][T14243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 294.133948][T14243] Call Trace: [ 294.133958][T14243] [ 294.133970][T14243] dump_stack_lvl+0x100/0x190 [ 294.134020][T14243] should_fail_ex.cold+0x5/0xa [ 294.134055][T14243] should_failslab+0xc2/0x120 [ 294.134099][T14243] __kmalloc_node_track_caller_noprof+0xe3/0x850 [ 294.134141][T14243] ? kvasprintf_const+0x66/0x1a0 [ 294.134191][T14243] kvasprintf+0xbc/0x150 [ 294.134230][T14243] ? __pfx_kvasprintf+0x10/0x10 [ 294.134281][T14243] ? find_held_lock+0x2b/0x80 [ 294.134321][T14243] ? rcu_read_unlock+0x17/0x60 [ 294.134363][T14243] ? rcu_read_unlock+0x17/0x60 [ 294.134417][T14243] kvasprintf_const+0x66/0x1a0 [ 294.134457][T14243] kobject_set_name_vargs+0x5a/0x140 [ 294.134493][T14243] dev_set_name+0xc7/0x100 [ 294.134534][T14243] ? __pfx_dev_set_name+0x10/0x10 [ 294.134574][T14243] ? trace_kmalloc+0x101/0x130 [ 294.134611][T14243] ? __kmalloc_large_node_noprof+0x5d/0x70 [ 294.134643][T14243] ? __kmalloc_noprof+0x320/0x850 [ 294.134679][T14243] ? wiphy_new_nm+0x797/0x21a0 [ 294.134711][T14243] wiphy_new_nm+0x811/0x21a0 [ 294.134741][T14243] ? __pfx_ieee80211_emulate_remove_chanctx+0x10/0x10 [ 294.134775][T14243] ? __pfx_ieee80211_emulate_add_chanctx+0x10/0x10 [ 294.134806][T14243] ? __pfx_mac80211_hwsim_link_info_changed+0x10/0x10 [ 294.134850][T14243] ieee80211_alloc_hw_nm+0x1ac7/0x22a0 [ 294.134883][T14243] ? __local_bh_enable_ip+0x9e/0x120 [ 294.134917][T14243] mac80211_hwsim_new_radio+0x1e1/0x57d0 [ 294.134966][T14243] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 294.135011][T14243] ? __nla_validate_parse+0x1e7/0x28b0 [ 294.135041][T14243] ? __pfx_mac80211_hwsim_new_radio+0x10/0x10 [ 294.135087][T14243] hwsim_new_radio_nl+0xc1f/0x1340 [ 294.135123][T14243] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 294.135166][T14243] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1aa/0x290 [ 294.135203][T14243] ? genl_family_rcv_msg_attrs_parse.isra.0+0x1b4/0x290 [ 294.135246][T14243] genl_family_rcv_msg_doit+0x214/0x300 [ 294.135302][T14243] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 294.135334][T14243] ? genl_get_cmd+0x3ef/0x720 [ 294.135374][T14243] ? bpf_lsm_capable+0x9/0x10 [ 294.135414][T14243] ? security_capable+0x80/0x260 [ 294.135447][T14243] ? ns_capable+0xd2/0xf0 [ 294.135503][T14243] genl_rcv_msg+0x560/0x800 [ 294.135543][T14243] ? __pfx_genl_rcv_msg+0x10/0x10 [ 294.135579][T14243] ? __pfx_hwsim_new_radio_nl+0x10/0x10 [ 294.135624][T14243] netlink_rcv_skb+0x159/0x420 [ 294.135652][T14243] ? __pfx_genl_rcv_msg+0x10/0x10 [ 294.135690][T14243] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 294.135736][T14243] ? netlink_deliver_tap+0x1ae/0xcc0 [ 294.135790][T14243] genl_rcv+0x28/0x40 [ 294.135821][T14243] netlink_unicast+0x5aa/0x870 [ 294.135857][T14243] ? __pfx_netlink_unicast+0x10/0x10 [ 294.135903][T14243] netlink_sendmsg+0x8b0/0xda0 [ 294.135940][T14243] ? __pfx_netlink_sendmsg+0x10/0x10 [ 294.135968][T14243] ? __import_iovec+0x1d2/0x640 [ 294.136012][T14243] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 294.136052][T14243] ____sys_sendmsg+0xa54/0xc30 [ 294.136093][T14243] ? __pfx_____sys_sendmsg+0x10/0x10 [ 294.136147][T14243] ___sys_sendmsg+0x190/0x1e0 [ 294.136187][T14243] ? __pfx____sys_sendmsg+0x10/0x10 [ 294.136270][T14243] ? __pfx_vfs_write+0x10/0x10 [ 294.136309][T14243] ? do_sys_openat2+0x157/0x1e0 [ 294.136348][T14243] __sys_sendmsg+0x170/0x220 [ 294.136394][T14243] ? __pfx___sys_sendmsg+0x10/0x10 [ 294.136452][T14243] ? arch_syscall_is_vdso_sigreturn+0xb6/0x200 [ 294.136491][T14243] ? syscall_user_dispatch+0x76/0x130 [ 294.136535][T14243] do_syscall_64+0x106/0xf80 [ 294.136560][T14243] ? clear_bhb_loop+0x40/0x90 [ 294.136596][T14243] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 294.136625][T14243] RIP: 0033:0x7fafd4d9c139 [ 294.136650][T14243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 294.136678][T14243] RSP: 002b:00007fafd5ba1028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 294.136706][T14243] RAX: ffffffffffffffda RBX: 00007fafd5015fa0 RCX: 00007fafd4d9c139 [ 294.136725][T14243] RDX: 0000000000000000 RSI: 0000200000004240 RDI: 0000000000000003 [ 294.136742][T14243] RBP: 00007fafd5ba1090 R08: 0000000000000000 R09: 0000000000000000 [ 294.136758][T14243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 294.136774][T14243] R13: 00007fafd5016038 R14: 00007fafd5015fa0 R15: 00007fff41b40f98 [ 294.136815][T14243] [ 295.163900][T14275] ksmbd: Daemon and kernel module version mismatch. ksmbd: 0, kernel module: 1. User-space ksmbd should terminate. [ 296.402958][T14317] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 297.677694][T14374] FAULT_INJECTION: forcing a failure. [ 297.677694][T14374] name failslab, interval 1, probability 0, space 0, times 0 [ 297.700338][T14374] CPU: 0 UID: 7 PID: 14374 Comm: syz.1.916 Tainted: G L syzkaller #0 PREEMPT(full) [ 297.700391][T14374] Tainted: [L]=SOFTLOCKUP [ 297.700401][T14374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 297.700417][T14374] Call Trace: [ 297.700426][T14374] [ 297.700437][T14374] dump_stack_lvl+0x100/0x190 [ 297.700483][T14374] should_fail_ex.cold+0x5/0xa [ 297.700525][T14374] ? lsm_blob_alloc+0x68/0x90 [ 297.700553][T14374] should_failslab+0xc2/0x120 [ 297.700599][T14374] __kmalloc_noprof+0xe0/0x850 [ 297.700637][T14374] ? trace_kmalloc+0x101/0x130 [ 297.700686][T14374] lsm_blob_alloc+0x68/0x90 [ 297.700714][T14374] security_sk_alloc+0x2d/0x290 [ 297.700751][T14374] sk_prot_alloc+0x12a/0x2a0 [ 297.700788][T14374] sk_alloc+0x36/0xe80 [ 297.700833][T14374] __netlink_create+0x5e/0x2c0 [ 297.700874][T14374] ? __wake_up+0x3f/0x60 [ 297.700905][T14374] netlink_create+0x293/0x610 [ 297.700949][T14374] ? __pfx_nfnetlink_bind+0x10/0x10 [ 297.700984][T14374] ? __pfx_nfnetlink_unbind+0x10/0x10 [ 297.701025][T14374] __sock_create+0x339/0x860 [ 297.701066][T14374] __sys_socket+0x14d/0x260 [ 297.701100][T14374] ? __pfx___sys_socket+0x10/0x10 [ 297.701145][T14374] __x64_sys_socket+0x72/0xb0 [ 297.701177][T14374] ? lockdep_hardirqs_on+0x78/0x100 [ 297.701224][T14374] do_syscall_64+0x106/0xf80 [ 297.701249][T14374] ? clear_bhb_loop+0x40/0x90 [ 297.701285][T14374] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 297.701313][T14374] RIP: 0033:0x7f4085b9c139 [ 297.701337][T14374] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 297.701363][T14374] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 297.701390][T14374] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 297.701409][T14374] RDX: 000000000000000c RSI: 0000000000000002 RDI: 0000000000000010 [ 297.701424][T14374] RBP: 00007f4085c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 297.701440][T14374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 297.701456][T14374] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 297.701500][T14374] [ 298.265679][T14392] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 298.675218][T14415] bond0: option slaves: interface -] does not exist! [ 299.169381][T14449] FAULT_INJECTION: forcing a failure. [ 299.169381][T14449] name failslab, interval 1, probability 0, space 0, times 0 [ 299.195965][T14449] CPU: 0 UID: 0 PID: 14449 Comm: syz.0.926 Tainted: G L syzkaller #0 PREEMPT(full) [ 299.196012][T14449] Tainted: [L]=SOFTLOCKUP [ 299.196022][T14449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 299.196039][T14449] Call Trace: [ 299.196048][T14449] [ 299.196059][T14449] dump_stack_lvl+0x100/0x190 [ 299.196108][T14449] should_fail_ex.cold+0x5/0xa [ 299.196142][T14449] ? iter_file_splice_write+0x1d3/0x10a0 [ 299.196183][T14449] should_failslab+0xc2/0x120 [ 299.196225][T14449] __kmalloc_noprof+0xe0/0x850 [ 299.196271][T14449] iter_file_splice_write+0x1d3/0x10a0 [ 299.196321][T14449] ? lockdep_hardirqs_on+0x78/0x100 [ 299.196372][T14449] ? copy_splice_read+0x734/0xb90 [ 299.196408][T14449] ? kfree+0x1f6/0x6b0 [ 299.196448][T14449] ? __pfx_iter_file_splice_write+0x10/0x10 [ 299.196491][T14449] ? __lock_acquire+0x4a5/0x2630 [ 299.196530][T14449] ? __pfx_copy_splice_read+0x10/0x10 [ 299.196595][T14449] ? __pfx_iter_file_splice_write+0x10/0x10 [ 299.196640][T14449] direct_splice_actor+0x192/0x6c0 [ 299.196688][T14449] splice_direct_to_actor+0x345/0xa30 [ 299.196732][T14449] ? __pfx_direct_splice_actor+0x10/0x10 [ 299.196780][T14449] ? __pfx_splice_direct_to_actor+0x10/0x10 [ 299.196833][T14449] do_splice_direct+0x174/0x240 [ 299.196875][T14449] ? __pfx_do_splice_direct+0x10/0x10 [ 299.196913][T14449] ? common_file_perm+0x1ab/0x4f0 [ 299.196952][T14449] ? __pfx_direct_file_splice_eof+0x10/0x10 [ 299.196999][T14449] ? rw_verify_area+0xce/0x6d0 [ 299.197038][T14449] do_sendfile+0xadc/0xe20 [ 299.197084][T14449] ? __pfx_do_sendfile+0x10/0x10 [ 299.197142][T14449] ? __fget_files+0x21f/0x3d0 [ 299.197194][T14449] __x64_sys_sendfile64+0x1d8/0x220 [ 299.197238][T14449] ? ksys_write+0x1ac/0x250 [ 299.197276][T14449] ? __pfx___x64_sys_sendfile64+0x10/0x10 [ 299.197342][T14449] do_syscall_64+0x106/0xf80 [ 299.197368][T14449] ? clear_bhb_loop+0x40/0x90 [ 299.197404][T14449] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.197433][T14449] RIP: 0033:0x7fa5abb9c139 [ 299.197457][T14449] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.197484][T14449] RSP: 002b:00007fa5acb32028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028 [ 299.197512][T14449] RAX: ffffffffffffffda RBX: 00007fa5abe15fa0 RCX: 00007fa5abb9c139 [ 299.197531][T14449] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003 [ 299.197547][T14449] RBP: 00007fa5acb32090 R08: 0000000000000000 R09: 0000000000000000 [ 299.197563][T14449] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001 [ 299.197579][T14449] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 299.197618][T14449] [ 299.855653][T14460] FAULT_INJECTION: forcing a failure. [ 299.855653][T14460] name failslab, interval 1, probability 0, space 0, times 0 [ 299.894570][T14460] CPU: 1 UID: 0 PID: 14460 Comm: syz.4.929 Tainted: G L syzkaller #0 PREEMPT(full) [ 299.894618][T14460] Tainted: [L]=SOFTLOCKUP [ 299.894628][T14460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 299.894644][T14460] Call Trace: [ 299.894653][T14460] [ 299.894661][T14460] dump_stack_lvl+0x100/0x190 [ 299.894692][T14460] should_fail_ex.cold+0x5/0xa [ 299.894714][T14460] ? sock_kmalloc+0x111/0x170 [ 299.894734][T14460] should_failslab+0xc2/0x120 [ 299.894762][T14460] __kmalloc_noprof+0xe0/0x850 [ 299.894790][T14460] sock_kmalloc+0x111/0x170 [ 299.894813][T14460] ipv6_renew_options+0x3a2/0xbe0 [ 299.894837][T14460] ? __might_fault+0xc5/0x140 [ 299.894860][T14460] ? __pfx_ipv6_renew_options+0x10/0x10 [ 299.894891][T14460] do_ipv6_setsockopt+0x2271/0x4400 [ 299.894918][T14460] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 299.894943][T14460] ? futex_hash+0x2c5/0x380 [ 299.894973][T14460] ? __pfx___might_resched+0x10/0x10 [ 299.894999][T14460] ? __lock_acquire+0x4a5/0x2630 [ 299.895023][T14460] ? aa_sk_perm+0x2de/0xb40 [ 299.895050][T14460] ? __pfx_aa_sk_perm+0x10/0x10 [ 299.895076][T14460] ? find_held_lock+0x2b/0x80 [ 299.895107][T14460] ? ipv6_setsockopt+0xcb/0x170 [ 299.895126][T14460] ? sock_common_setsockopt+0x2e/0xf0 [ 299.895145][T14460] ipv6_setsockopt+0xcb/0x170 [ 299.895164][T14460] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 299.895187][T14460] do_sock_setsockopt+0xf3/0x1d0 [ 299.895210][T14460] __sys_setsockopt+0x119/0x190 [ 299.895250][T14460] __x64_sys_setsockopt+0xbd/0x160 [ 299.895276][T14460] ? do_syscall_64+0x95/0xf80 [ 299.895293][T14460] ? lockdep_hardirqs_on+0x78/0x100 [ 299.895335][T14460] do_syscall_64+0x106/0xf80 [ 299.895361][T14460] ? clear_bhb_loop+0x40/0x90 [ 299.895397][T14460] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 299.895429][T14460] RIP: 0033:0x7f81fa59c139 [ 299.895455][T14460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 299.895483][T14460] RSP: 002b:00007f81fb390028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 299.895512][T14460] RAX: ffffffffffffffda RBX: 00007f81fa815fa0 RCX: 00007f81fa59c139 [ 299.895531][T14460] RDX: 000000000000003b RSI: 0000000000000029 RDI: 0000000000000007 [ 299.895549][T14460] RBP: 00007f81fa6327e0 R08: 0000000000000110 R09: 0000000000000000 [ 299.895567][T14460] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000000 [ 299.895585][T14460] R13: 00007f81fa816038 R14: 00007f81fa815fa0 R15: 00007fff676fe5b8 [ 299.895627][T14460] [ 300.384600][T14464] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 302.378365][T14592] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined [ 302.672691][T14603] : entered promiscuous mode [ 302.686467][T14603] FAULT_INJECTION: forcing a failure. [ 302.686467][T14603] name failslab, interval 1, probability 0, space 0, times 0 [ 302.723211][T14603] CPU: 0 UID: 0 PID: 14603 Comm: syz.1.947 Tainted: G L syzkaller #0 PREEMPT(full) [ 302.723255][T14603] Tainted: [L]=SOFTLOCKUP [ 302.723265][T14603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 302.723280][T14603] Call Trace: [ 302.723290][T14603] [ 302.723301][T14603] dump_stack_lvl+0x100/0x190 [ 302.723348][T14603] should_fail_ex.cold+0x5/0xa [ 302.723382][T14603] should_failslab+0xc2/0x120 [ 302.723422][T14603] kmem_cache_alloc_noprof+0x7b/0x6e0 [ 302.723456][T14603] ? skb_clone+0x190/0x400 [ 302.723517][T14603] skb_clone+0x190/0x400 [ 302.723562][T14603] netlink_deliver_tap+0xaed/0xcc0 [ 302.723617][T14603] netlink_unicast+0x650/0x870 [ 302.723654][T14603] ? __pfx_netlink_unicast+0x10/0x10 [ 302.723701][T14603] netlink_sendmsg+0x8b0/0xda0 [ 302.723737][T14603] ? __pfx_netlink_sendmsg+0x10/0x10 [ 302.723767][T14603] ? __import_iovec+0x1d2/0x640 [ 302.723807][T14603] ? aa_sock_msg_perm.isra.0+0x100/0x1b0 [ 302.723845][T14603] ____sys_sendmsg+0xa54/0xc30 [ 302.723884][T14603] ? __pfx_____sys_sendmsg+0x10/0x10 [ 302.723937][T14603] ___sys_sendmsg+0x190/0x1e0 [ 302.723977][T14603] ? __pfx____sys_sendmsg+0x10/0x10 [ 302.724060][T14603] __sys_sendmsg+0x170/0x220 [ 302.724105][T14603] ? __pfx___sys_sendmsg+0x10/0x10 [ 302.724171][T14603] do_syscall_64+0x106/0xf80 [ 302.724199][T14603] ? clear_bhb_loop+0x40/0x90 [ 302.724234][T14603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 302.724263][T14603] RIP: 0033:0x7f4085b9c139 [ 302.724288][T14603] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 302.724315][T14603] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 302.724341][T14603] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 302.724359][T14603] RDX: 0000000020000008 RSI: 0000200000000200 RDI: 0000000000000003 [ 302.724376][T14603] RBP: 00007f4086a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 302.724392][T14603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 302.724409][T14603] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 302.724449][T14603] [ 304.442126][T14700] netlink: 334 bytes leftover after parsing attributes in process `syz.0.958'. [ 304.465088][T14700] netlink: 202 bytes leftover after parsing attributes in process `syz.0.958'. [ 304.566706][T14704] FAULT_INJECTION: forcing a failure. [ 304.566706][T14704] name failslab, interval 1, probability 0, space 0, times 0 [ 304.592795][T14704] CPU: 0 UID: 0 PID: 14704 Comm: syz.1.960 Tainted: G L syzkaller #0 PREEMPT(full) [ 304.592843][T14704] Tainted: [L]=SOFTLOCKUP [ 304.592853][T14704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 304.592870][T14704] Call Trace: [ 304.592881][T14704] [ 304.592892][T14704] dump_stack_lvl+0x100/0x190 [ 304.592941][T14704] should_fail_ex.cold+0x5/0xa [ 304.592974][T14704] should_failslab+0xc2/0x120 [ 304.593017][T14704] __kmalloc_cache_noprof+0x7a/0x6f0 [ 304.593050][T14704] ? append_filter_err+0xb8/0x620 [ 304.593088][T14704] ? process_preds+0x937/0x1e10 [ 304.593135][T14704] append_filter_err+0xb8/0x620 [ 304.593181][T14704] apply_subsystem_event_filter+0x73d/0x17d0 [ 304.593236][T14704] ? __pfx_apply_subsystem_event_filter+0x10/0x10 [ 304.593289][T14704] ? _copy_from_user+0x59/0xd0 [ 304.593333][T14704] ? __pfx_subsystem_filter_write+0x10/0x10 [ 304.593373][T14704] subsystem_filter_write+0x95/0x120 [ 304.593417][T14704] vfs_writev+0x5ea/0xe10 [ 304.593455][T14704] ? rcu_is_watching+0x12/0xc0 [ 304.593515][T14704] ? __pfx_vfs_writev+0x10/0x10 [ 304.593551][T14704] ? fdget_pos+0x2aa/0x380 [ 304.593596][T14704] ? find_held_lock+0x2b/0x80 [ 304.593668][T14704] ? __fget_files+0x21f/0x3d0 [ 304.593719][T14704] ? do_writev+0x13e/0x340 [ 304.593755][T14704] do_writev+0x13e/0x340 [ 304.593794][T14704] ? __pfx_do_writev+0x10/0x10 [ 304.593844][T14704] do_syscall_64+0x106/0xf80 [ 304.593872][T14704] ? clear_bhb_loop+0x40/0x90 [ 304.593909][T14704] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.593940][T14704] RIP: 0033:0x7f4085b9c139 [ 304.593966][T14704] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 304.593992][T14704] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000014 [ 304.594022][T14704] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 304.594041][T14704] RDX: 0000000000000005 RSI: 0000200000000140 RDI: 0000000000000004 [ 304.594059][T14704] RBP: 00007f4086a3e090 R08: 0000000000000000 R09: 0000000000000000 [ 304.594076][T14704] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 304.594092][T14704] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 304.594135][T14704] [ 307.393421][T14821] random: crng reseeded on system resumption [ 309.776592][T14900] ceph: Failed to parse sending metrics switch value '' [ 311.001238][T14966] can0: slcan on ttyS2. [ 311.147342][T14964] can0 (unregistered): slcan off ttyS2. [ 314.289125][T15118] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 314.354002][T15118] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 314.378521][T15118] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 314.406425][T15118] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 314.414098][T15118] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 314.428942][T15118] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 314.460972][T15118] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 315.156077][T15210] usb usb13: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 315.174804][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout [ 316.275155][T15259] [U] [ 316.318436][T15258] [U] [ 316.375399][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout [ 316.454698][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout [ 316.460863][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout [ 316.467628][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout [ 317.498288][ T1299] ieee802154 phy0 wpan0: encryption failed: -22 [ 317.505340][ T1299] ieee802154 phy1 wpan1: encryption failed: -22 [ 317.584058][T15314] random: crng reseeded on system resumption [ 317.681931][T15314] hub 1-0:1.0: USB hub found [ 317.749957][T15314] hub 1-0:1.0: 1 port detected [ 318.534741][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout [ 319.668360][T15429] netlink: 206 bytes leftover after parsing attributes in process `syz.2.1036'. [ 320.360390][T15445] [U] [ 320.363347][T15445] FAULT_INJECTION: forcing a failure. [ 320.363347][T15445] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 320.432073][T15445] CPU: 0 UID: 0 PID: 15445 Comm: syz.0.1038 Tainted: G L syzkaller #0 PREEMPT(full) [ 320.432119][T15445] Tainted: [L]=SOFTLOCKUP [ 320.432128][T15445] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 320.432144][T15445] Call Trace: [ 320.432154][T15445] [ 320.432165][T15445] dump_stack_lvl+0x100/0x190 [ 320.432211][T15445] should_fail_ex.cold+0x5/0xa [ 320.432243][T15445] _copy_to_user+0x32/0xd0 [ 320.432330][T15445] simple_read_from_buffer+0xcb/0x170 [ 320.432369][T15445] proc_fail_nth_read+0x1af/0x230 [ 320.432415][T15445] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 320.432458][T15445] ? rw_verify_area+0xce/0x6d0 [ 320.432480][T15445] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 320.432511][T15445] vfs_read+0x1e4/0xb30 [ 320.432537][T15445] ? __pfx_vfs_read+0x10/0x10 [ 320.432560][T15445] ? __fget_files+0x215/0x3d0 [ 320.432589][T15445] ? __fget_files+0x21f/0x3d0 [ 320.432619][T15445] ksys_read+0x12a/0x250 [ 320.432643][T15445] ? __pfx_ksys_read+0x10/0x10 [ 320.432673][T15445] do_syscall_64+0x106/0xf80 [ 320.432690][T15445] ? clear_bhb_loop+0x40/0x90 [ 320.432711][T15445] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 320.432730][T15445] RIP: 0033:0x7fa5abb5ca0e [ 320.432745][T15445] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08 [ 320.432762][T15445] RSP: 002b:00007fa5acb31fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 320.432779][T15445] RAX: ffffffffffffffda RBX: 00007fa5acb326c0 RCX: 00007fa5abb5ca0e [ 320.432790][T15445] RDX: 000000000000000f RSI: 00007fa5acb320a0 RDI: 000000000000000b [ 320.432800][T15445] RBP: 00007fa5acb32090 R08: 0000000000000000 R09: 0000000000000000 [ 320.432810][T15445] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 320.432821][T15445] R13: 00007fa5abe16038 R14: 00007fa5abe15fa0 R15: 00007ffcd5a17118 [ 320.432842][T15445] [ 320.650356][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout [ 320.942080][T15445] [U] [ 322.019954][T15518] input: jJǸ-9%vJ86 as /devices/virtual/input/input15 [ 325.661158][T15712] ================================================================== [ 325.661182][T15712] BUG: KASAN: stack-out-of-bounds in sys_fillrect+0x173d/0x1910 [ 325.661222][T15712] Write of size 8 at addr ffffc90003f7f798 by task syz.1.1063/15712 [ 325.661252][T15712] [ 325.661271][T15712] CPU: 1 UID: 0 PID: 15712 Comm: syz.1.1063 Tainted: G L syzkaller #0 PREEMPT(full) [ 325.661323][T15712] Tainted: [L]=SOFTLOCKUP [ 325.661337][T15712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 325.661357][T15712] Call Trace: [ 325.661367][T15712] [ 325.661379][T15712] dump_stack_lvl+0x100/0x190 [ 325.661427][T15712] print_report+0x156/0x4c9 [ 325.661482][T15712] ? _raw_spin_lock_irqsave+0x52/0x60 [ 325.661532][T15712] ? __virt_addr_valid+0x81/0x620 [ 325.661574][T15712] ? sys_fillrect+0x173d/0x1910 [ 325.661603][T15712] kasan_report+0xdf/0x1e0 [ 325.661652][T15712] ? sys_fillrect+0x173d/0x1910 [ 325.661687][T15712] sys_fillrect+0x173d/0x1910 [ 325.661724][T15712] drm_fbdev_shmem_defio_fillrect+0x22/0x140 [ 325.661766][T15712] bit_clear+0x17d/0x220 [ 325.661811][T15712] ? __pfx_bit_clear+0x10/0x10 [ 325.661855][T15712] ? fb_get_color_depth+0x120/0x250 [ 325.661897][T15712] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 325.661951][T15712] __fbcon_clear+0x633/0x760 [ 325.661991][T15712] ? __pfx_bit_clear+0x10/0x10 [ 325.662033][T15712] fbcon_scroll+0x48b/0x650 [ 325.662075][T15712] con_scroll+0x464/0x690 [ 325.662128][T15712] do_con_write+0x6883/0x8540 [ 325.662171][T15712] ? __pfx_do_con_write+0x10/0x10 [ 325.662211][T15712] con_write+0x23/0xb0 [ 325.662242][T15712] n_tty_write+0x44f/0x12d0 [ 325.662291][T15712] ? __pfx_n_tty_write+0x10/0x10 [ 325.662330][T15712] ? trace_kmalloc+0x101/0x130 [ 325.662379][T15712] ? __pfx_woken_wake_function+0x10/0x10 [ 325.662427][T15712] ? rcu_is_watching+0x12/0xc0 [ 325.662485][T15712] ? file_tty_write.isra.0+0x694/0x890 [ 325.662517][T15712] ? kfree+0x2ec/0x6b0 [ 325.662554][T15712] ? __pfx_n_tty_write+0x10/0x10 [ 325.662593][T15712] file_tty_write.isra.0+0x4d2/0x890 [ 325.662629][T15712] redirected_tty_write+0xd4/0x120 [ 325.662659][T15712] vfs_write+0x6ac/0x1070 [ 325.662701][T15712] ? __pfx_redirected_tty_write+0x10/0x10 [ 325.662734][T15712] ? __pfx_vfs_write+0x10/0x10 [ 325.662773][T15712] ? find_held_lock+0x2b/0x80 [ 325.662832][T15712] ksys_write+0x12a/0x250 [ 325.662874][T15712] ? __pfx_ksys_write+0x10/0x10 [ 325.662921][T15712] do_syscall_64+0x106/0xf80 [ 325.662950][T15712] ? clear_bhb_loop+0x40/0x90 [ 325.662986][T15712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.663019][T15712] RIP: 0033:0x7f4085b9c139 [ 325.663044][T15712] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 [ 325.663074][T15712] RSP: 002b:00007f4086a3e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 325.663103][T15712] RAX: ffffffffffffffda RBX: 00007f4085e15fa0 RCX: 00007f4085b9c139 [ 325.663124][T15712] RDX: 000000000000fdef RSI: 0000200000000000 RDI: 0000000000000003 [ 325.663143][T15712] RBP: 00007f4085c327e0 R08: 0000000000000000 R09: 0000000000000000 [ 325.663162][T15712] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 325.663180][T15712] R13: 00007f4085e16038 R14: 00007f4085e15fa0 R15: 00007fff6e140698 [ 325.663207][T15712] [ 325.663217][T15712] [ 325.663226][T15712] The buggy address belongs to a vmalloc virtual mapping [ 325.663249][T15712] The buggy address belongs to the physical page: [ 325.663262][T15712] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a747 [ 325.663289][T15712] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) [ 325.663327][T15712] raw: 00fff00000000000 dead000000000100 dead000000000122 0000000000000000 [ 325.663354][T15712] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 325.663373][T15712] page dumped because: kasan: bad access detected [ 325.663387][T15712] page_owner tracks the page as allocated [ 325.663398][T15712] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x29c2(GFP_NOWAIT|__GFP_HIGHMEM|__GFP_IO|__GFP_FS|__GFP_ZERO), pid 5172, tgid 5172 (start-stop-daem), ts 30576542313, free_ts 28444386422 [ 325.663449][T15712] post_alloc_hook+0x153/0x170 [ 325.663491][T15712] get_page_from_freelist+0x111d/0x3140 [ 325.663528][T15712] __alloc_frozen_pages_noprof+0x27c/0x2ba0 [ 325.663567][T15712] alloc_pages_mpol+0x1fb/0x550 [ 325.663611][T15712] alloc_pages_noprof+0x131/0x390 [ 325.663654][T15712] __vmalloc_node_range_noprof+0xe5c/0x1530 [ 325.663685][T15712] __vmalloc_node_noprof+0xad/0xf0 [ 325.663713][T15712] copy_process+0x5ec/0x7a10 [ 325.663744][T15712] kernel_clone+0xfc/0x9a0 [ 325.663774][T15712] __do_sys_vfork+0x9f/0xe0 [ 325.663808][T15712] do_syscall_64+0x106/0xf80 [ 325.663834][T15712] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.663864][T15712] page last free pid 1 tgid 1 stack trace: [ 325.663879][T15712] __free_frozen_pages+0x7ca/0x10a0 [ 325.663909][T15712] free_contig_range+0xde/0x1d0 [ 325.663939][T15712] destroy_args+0xa8/0x7a0 [ 325.663967][T15712] debug_vm_pgtable+0x1b66/0x34c0 [ 325.663997][T15712] do_one_initcall+0x11d/0x760 [ 325.664026][T15712] kernel_init_freeable+0x6e5/0x7a0 [ 325.664055][T15712] kernel_init+0x1f/0x1e0 [ 325.664089][T15712] ret_from_fork+0x754/0xd80 [ 325.664131][T15712] ret_from_fork_asm+0x1a/0x30 [ 325.664161][T15712] [ 325.664169][T15712] Memory state around the buggy address: [ 325.664184][T15712] ffffc90003f7f680: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 325.664205][T15712] ffffc90003f7f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 325.664226][T15712] >ffffc90003f7f780: 00 00 00 f1 f1 f1 f1 00 00 f3 f3 00 00 00 00 00 [ 325.664244][T15712] ^ [ 325.664260][T15712] ffffc90003f7f800: 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 [ 325.664282][T15712] ffffc90003f7f880: 00 00 00 00 00 00 00 00 00 f3 f3 f3 f3 f3 00 00 [ 325.664299][T15712] ================================================================== [ 325.666315][ T5173] BUG: kernel NULL pointer dereference, address: 0000000000000000 [ 325.666334][ T5173] #PF: supervisor instruction fetch in kernel mode [ 325.666349][ T5173] #PF: error_code(0x0010) - not-present page [ 325.666365][ T5173] PGD 0 P4D 0 [ 325.666388][ T5173] Oops: Oops: 0010 [#1] SMP KASAN PTI [ 325.666416][ T5173] CPU: 1 UID: 0 PID: 5173 Comm: syslogd Tainted: G L syzkaller #0 PREEMPT(full) [ 325.666463][ T5173] Tainted: [L]=SOFTLOCKUP [ 325.666473][ T5173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 [ 325.666490][ T5173] RIP: 0010:0x0 [ 325.666516][ T5173] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 325.666530][ T5173] RSP: 0018:ffffc90003f7f6c8 EFLAGS: 00010086 [ 325.666551][ T5173] RAX: ffff88807a739e40 RBX: 0000000000000000 RCX: ffffffff81a9e145 [ 325.666576][ T5173] RDX: ffff88807a73dac0 RSI: ffffffff81a9e1a4 RDI: ffff88807a73dac0 [ 325.666594][ T5173] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 325.666611][ T5173] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 325.666628][ T5173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 325.666645][ T5173] FS: 00007f65f2170c80(0000) GS:ffff888124454000(0000) knlGS:0000000000000000 [ 325.666672][ T5173] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 325.666690][ T5173] CR2: ffffffffffffffd6 CR3: 000000007a614000 CR4: 00000000003526f0 [ 325.666708][ T5173] Call Trace: [ 325.666717][ T5173] [ 325.666736][ T5173] ? __pfx___schedule+0x10/0x10 [ 325.666779][ T5173] ? find_held_lock+0x2b/0x80 [ 325.666820][ T5173] ? schedule+0x2bf/0x390 [ 325.666862][ T5173] ? schedule+0xdd/0x390 [ 325.666899][ T5173] ? schedule_timeout+0x1b2/0x280 [ 325.666934][ T5173] ? __pfx_schedule_timeout+0x10/0x10 [ 325.666975][ T5173] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 325.667016][ T5173] ? prepare_to_wait_exclusive+0xdc/0x2c0 [ 325.667050][ T5173] ? __skb_wait_for_more_packets+0x383/0x610 [ 325.667090][ T5173] ? __pfx___skb_wait_for_more_packets+0x10/0x10 [ 325.667128][ T5173] ? __pfx_sk_busy_loop_end+0x10/0x10 [ 325.667162][ T5173] ? __pfx_receiver_wake_function+0x10/0x10 [ 325.667203][ T5173] ? __unix_dgram_recvmsg+0x22e/0xc30 [ 325.667242][ T5173] ? __pfx___unix_dgram_recvmsg+0x10/0x10 [ 325.667280][ T5173] ? aa_file_perm+0x277/0x1530 [ 325.667324][ T5173] ? update_se+0x94/0x760 [ 325.667356][ T5173] ? unix_dgram_recvmsg+0xd0/0x110 [ 325.667391][ T5173] ? sock_recvmsg+0x1f9/0x250 [ 325.667422][ T5173] ? sock_read_iter+0x2c6/0x3c0 [ 325.667461][ T5173] ? __pfx_sock_read_iter+0x10/0x10 [ 325.667491][ T5173] ? __lock_acquire+0x4a5/0x2630 [ 325.667527][ T5173] ? bpf_lsm_file_permission+0x9/0x10 [ 325.667564][ T5173] ? security_file_permission+0x76/0x210 [ 325.667603][ T5173] ? rw_verify_area+0xce/0x6d0 [ 325.667636][ T5173] ? __pfx_sock_read_iter+0x10/0x10 [ 325.667668][ T5173] ? vfs_read+0x957/0xb30 [ 325.667704][ T5173] ? __pfx_vfs_read+0x10/0x10 [ 325.667742][ T5173] ? read_tsc+0x9/0x20 [ 325.667773][ T5173] ? kvm_sched_clock_read+0x11/0x20 [ 325.667814][ T5173] ? sched_clock+0x38/0x60 [ 325.667861][ T5173] ? sched_clock_cpu+0x6c/0x570 [ 325.667893][ T5173] ? ksys_read+0x1f8/0x250 [ 325.667937][ T5173] ? __pfx_ksys_read+0x10/0x10 [ 325.667986][ T5173] ? do_syscall_64+0x106/0xf80 [ 325.668010][ T5173] ? clear_bhb_loop+0x40/0x90 [ 325.668059][ T5173] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 325.668092][ T5173] [ 325.668101][ T5173] Modules linked in: [ 325.668117][ T5173] CR2: 0000000000000000 [ 325.668129][ T5173] ---[ end trace 0000000000000000 ]--- [ 325.668142][ T5173] RIP: 0010:0x0 [ 325.668164][ T5173] Code: Unable to access opcode bytes at 0xffffffffffffffd6. [ 325.668178][ T5173] RSP: 0018:ffffc90003f7f6c8 EFLAGS: 00010086 [ 325.668200][ T5173] RAX: ffff88807a739e40 RBX: 0000000000000000 RCX: ffffffff81a9e145 [ 325.668219][ T5173] RDX: ffff88807a73dac0 RSI: ffffffff81a9e1a4 RDI: ffff88807a73dac0 [ 325.668237][ T5173] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000000 [ 325.668253][ T5173] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000 [ 325.668270][ T5173] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 325.668287][ T5173] FS: 00007f65f2170c80(0000) GS:ffff888124454000(0000) knlGS:0000000000000000 [ 325.668314][ T5173] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 325.668332][ T5173] CR2: ffffffffffffffd6 CR3: 000000007a614000 CR4: 00000000003526f0 [ 325.668353][ T5173] Kernel panic - not syncing: Fatal exception [ 325.668724][ T5173] Kernel Offset: disabled